Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/452328D02B1811F092BE24CDDAE4EC9C.roa
File:                     452328D02B1811F092BE24CDDAE4EC9C.roa (raw, json)
Hash identifier:          ulGhTR9oRC76TzkSb9Kgp77OJ00qH+enbT22+LhLgRw=
Subject key identifier:   A8:DC:0F:BD:8D:4F:42:D0:D2:A2:F9:AE:0E:28:DF:E6:2D:4B:12:2C
Certificate issuer:       /CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Certificate serial:       09E0
Authority key identifier: 6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/452328D02B1811F092BE24CDDAE4EC9C.roa
Signing time:             Wed 07 May 2025 07:52:49 +0000
ROA not before:           Wed 07 May 2025 07:52:44 +0000
ROA not after:            Thu 01 Jan 2026 07:52:44 +0000
asID:                     213659
IP address blocks:        102.135.31.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 12 May 2025 00:07:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2528 (0x9e0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363BA19AF, serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
        Validity
            Not Before: May  7 07:52:44 2025 GMT
            Not After : Jan  1 07:52:44 2026 GMT
        Subject: CN=681b1151-3d31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:ef:3e:aa:ed:49:60:03:e7:27:47:95:3f:5b:
                    a8:43:53:44:f1:ac:7c:bd:6d:74:67:dc:2d:bd:81:
                    25:e2:b7:17:69:75:ac:5f:f0:6e:67:29:e3:6d:fe:
                    e3:1d:d7:e8:d6:49:36:7b:3d:82:b5:51:3c:3d:e8:
                    a3:18:e1:a6:a7:b8:92:b7:e3:d5:2a:e5:81:20:50:
                    b0:b9:a6:5f:e4:d1:e9:a5:96:fb:ef:9c:4a:ec:00:
                    ca:57:36:c6:e0:c9:d5:7d:99:37:8b:b2:cd:90:43:
                    07:a6:ff:4f:42:9e:38:1e:a0:fd:ee:c2:eb:a4:c6:
                    f1:e4:01:c9:7a:e5:43:d6:d9:be:42:42:46:43:77:
                    b5:a8:af:78:a8:46:c0:ac:55:f0:f9:50:a0:e2:14:
                    b8:3b:65:9c:d1:fc:26:e8:86:32:e5:71:47:c8:1d:
                    09:5e:21:44:6e:ae:38:bf:1c:8a:44:67:d6:76:26:
                    90:f9:96:7f:2e:37:78:76:fe:9d:f7:cf:c1:b0:4a:
                    2b:4a:94:23:44:99:9d:61:db:25:22:dd:46:9b:d4:
                    8d:02:07:77:65:c7:93:85:7c:cf:9f:88:a3:a7:04:
                    96:d8:70:25:4d:b0:ef:0a:a4:31:26:b8:ad:22:fb:
                    ce:13:1b:43:26:1e:c5:b7:46:93:d2:8c:38:fe:6e:
                    13:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:DC:0F:BD:8D:4F:42:D0:D2:A2:F9:AE:0E:28:DF:E6:2D:4B:12:2C
            X509v3 Authority Key Identifier:
                keyid:6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/452328D02B1811F092BE24CDDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.135.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:dd:a1:2b:72:5d:02:c0:6c:4f:0b:ed:79:df:4b:dc:e1:59:
         aa:dc:38:cb:9e:61:29:45:fc:93:4e:2e:49:ff:b4:2c:93:ab:
         36:e3:e6:24:66:b3:3e:80:0a:3a:5d:55:f3:44:8e:9a:37:25:
         d5:11:6a:ec:98:2a:2a:de:f3:5e:8a:71:98:c9:9d:a3:ba:dc:
         41:0a:26:0c:ab:3f:a6:b3:7e:9b:e7:ad:4c:d0:52:58:44:b6:
         fd:e3:97:29:44:0e:d8:f4:83:4e:5f:fb:58:e5:12:f1:1a:8f:
         72:77:8f:7a:28:88:89:11:80:ca:93:99:37:f0:2e:34:26:60:
         9d:25:93:83:47:64:df:94:6f:82:49:ce:3d:4f:5a:da:5a:3b:
         0a:14:f4:21:b0:6a:51:50:15:1c:75:91:e6:da:fa:83:12:4c:
         06:62:02:11:3b:99:c9:54:a3:79:aa:7e:ca:95:61:43:60:77:
         83:8c:20:49:c8:f4:20:8e:1d:9e:90:00:4f:e7:8f:ef:70:1d:
         d3:03:f2:f8:78:49:93:00:8c:82:d2:ca:b6:bb:1e:68:69:71:
         14:5b:b0:e4:24:67:c2:d3:51:a3:cc:84:da:d6:bd:b6:27:b8:
         ce:04:91:39:e2:05:fc:66:2d:53:8a:9e:57:46:15:13:f5:f2:
         25:5b:aa:c0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCeAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBRjExMC8GA1UEBRMoNkFFQTI0QjA5OUMzMkIyMkU0RTQ4QkI5RjI2Q0Y1
NzhCRUY2QkZGMzAeFw0yNTA1MDcwNzUyNDRaFw0yNjAxMDEwNzUyNDRaMBgxFjAU
BgNVBAMTDTY4MWIxMTUxLTNkMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDE7z6q7UlgA+cnR5U/W6hDU0TxrHy9bXRn3C29gSXitxdpdaxf8G5nKeNt
/uMd1+jWSTZ7PYK1UTw96KMY4aanuJK349Uq5YEgULC5pl/k0emllvvvnErsAMpX
NsbgydV9mTeLss2QQwem/09CnjgeoP3uwuukxvHkAcl65UPW2b5CQkZDd7Wor3io
RsCsVfD5UKDiFLg7ZZzR/CbohjLlcUfIHQleIURurji/HIpEZ9Z2JpD5ln8uN3h2
/p33z8GwSitKlCNEmZ1h2yUi3Uab1I0CB3dlx5OFfM+fiKOnBJbYcCVNsO8KpDEm
uK0i+84TG0MmHsW3RpPSjDj+bhOpAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUqNwP
vY1PQtDSovmuDijf5i1LEiwwHwYDVR0jBBgwFoAUauoksJnDKyLk5Iu58mz1eL72
v/MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVBNDBENTc3L2F1b2tz
Sm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2F1b2tzSm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVB
NDBENTc3LzQ1MjMyOEQwMkIxODExRjA5MkJFMjRDRERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmhx8wDQYJKoZIhvcNAQEL
BQADggEBAJLdoStyXQLAbE8L7XnfS9zhWarcOMueYSlF/JNOLkn/tCyTqzbj5iRm
sz6ACjpdVfNEjpo3JdURauyYKire816KcZjJnaO63EEKJgyrP6azfpvnrUzQUlhE
tv3jlylEDtj0g05f+1jlEvEaj3J3j3ooiIkRgMqTmTfwLjQmYJ0lk4NHZN+Ub4JJ
zj1PWtpaOwoU9CGwalFQFRx1keba+oMSTAZiAhE7mclUo3mqfsqVYUNgd4OMIEnI
9CCOHZ6QAE/nj+9wHdMD8vh4SZMAjILSyra7HmhpcRRbsOQkZ8LTUaPMhNrWvbYn
uM4EkTniBfxmLVOKnldGFRP18iVbqsA=
-----END CERTIFICATE-----