Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/54BC0162533711F08DE8B397DAE4EC9C.roa
File:                     54BC0162533711F08DE8B397DAE4EC9C.roa (raw, json)
Hash identifier:          OIO3ylMU40aM2mfH3BaKtD/f8GaaZzKVfB3mErSuFNQ=
Subject key identifier:   BA:4A:73:85:5A:93:58:DD:FE:C1:EA:F3:59:D4:B2:63:91:F3:2E:BC
Certificate issuer:       /CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Certificate serial:       0BFF
Authority key identifier: 6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/54BC0162533711F08DE8B397DAE4EC9C.roa
Signing time:             Fri 27 Jun 2025 09:15:56 +0000
ROA not before:           Fri 27 Jun 2025 09:15:52 +0000
ROA not after:            Wed 24 Jun 2026 09:15:52 +0000
asID:                     18811
IP address blocks:        196.251.78.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 01 Jul 2025 02:50:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3071 (0xbff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363BA19AF, serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
        Validity
            Not Before: Jun 27 09:15:52 2025 GMT
            Not After : Jun 24 09:15:52 2026 GMT
        Subject: CN=685e614c-0b2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d6:67:6f:77:e8:b8:97:e4:a0:7b:4a:4a:f3:
                    c5:f4:bf:c8:b2:80:85:97:97:7e:e1:f4:1b:71:53:
                    87:ae:79:2a:e2:d7:59:11:ec:a0:30:ac:00:8f:7a:
                    9d:dd:55:a6:af:28:8e:9d:98:cb:6d:f8:5f:74:82:
                    af:39:08:53:f5:3d:8e:8e:4c:e1:86:1c:90:a0:0f:
                    db:25:37:86:26:3c:1a:d2:30:27:4c:5e:14:33:2e:
                    42:6b:73:1e:ac:9b:a0:65:f0:9f:d0:bb:8c:4e:ed:
                    d4:9f:a0:b2:b5:46:b1:10:5b:63:32:50:5b:ed:55:
                    24:a6:b1:cd:26:67:07:af:31:f5:12:2d:5a:b2:b9:
                    48:fc:13:c8:ee:87:1f:68:96:be:a7:63:23:29:c8:
                    de:b7:65:86:ff:7f:ea:96:c2:83:5c:37:e0:b4:2e:
                    69:ae:11:4e:0e:7f:3a:dc:c3:57:7c:4f:ae:64:31:
                    88:0c:6c:c6:e4:98:fc:f6:c6:ac:b6:c8:b7:38:09:
                    ad:11:ba:04:9f:5b:9a:9a:bd:b0:f4:6d:e8:21:82:
                    4f:6e:cc:eb:d9:11:13:f2:90:9f:f5:7f:1f:bc:91:
                    63:fa:d7:92:ff:e0:8b:ed:37:3a:24:01:e3:a6:49:
                    1f:1c:44:5d:73:98:bb:6e:bc:0d:74:ab:d4:f4:ea:
                    dd:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:4A:73:85:5A:93:58:DD:FE:C1:EA:F3:59:D4:B2:63:91:F3:2E:BC
            X509v3 Authority Key Identifier:
                keyid:6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/54BC0162533711F08DE8B397DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.251.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:0e:5f:44:2b:6e:2e:a8:0e:f4:52:f2:cf:77:96:e4:dd:2d:
         99:21:c7:b9:a4:eb:f3:f7:50:7b:fa:d0:83:1d:f2:58:1a:80:
         e4:45:84:7a:7f:62:fd:a4:8b:4f:cf:bf:b5:81:72:8d:c3:08:
         34:4a:81:e6:60:c7:97:cb:96:34:43:05:59:31:41:10:01:37:
         cf:08:3d:91:96:f2:43:af:a0:1a:83:36:46:6a:cc:af:24:ae:
         6d:63:14:83:c7:75:2a:b2:1b:df:23:81:ff:cf:68:9a:20:d1:
         43:03:a2:2f:61:51:0d:37:34:91:25:86:42:95:71:78:b5:bd:
         3b:8b:03:b6:6c:9f:4a:cb:43:86:f1:bd:0d:21:bc:01:07:10:
         a1:57:97:02:18:76:34:d6:cd:ca:41:68:a6:c3:d2:ae:28:67:
         c1:dc:07:50:38:a0:40:52:9c:fc:58:74:ed:11:50:8e:ad:7f:
         bc:a5:f4:65:e9:01:89:3d:01:52:a8:9e:68:8e:49:39:96:85:
         ab:c5:e4:8e:80:1d:be:dd:99:a3:04:8b:7d:13:a0:e5:f1:74:
         a7:a2:4d:d7:c4:28:ae:9a:d6:e4:da:1d:b5:bf:20:6f:f6:6d:
         58:fe:e3:c0:65:e5:74:49:c2:95:a3:4a:f9:f5:c8:7a:d0:ed:
         4b:a0:43:5f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC/8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBRjExMC8GA1UEBRMoNkFFQTI0QjA5OUMzMkIyMkU0RTQ4QkI5RjI2Q0Y1
NzhCRUY2QkZGMzAeFw0yNTA2MjcwOTE1NTJaFw0yNjA2MjQwOTE1NTJaMBgxFjAU
BgNVBAMTDTY4NWU2MTRjLTBiMmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCd1mdvd+i4l+Sge0pK88X0v8iygIWXl37h9BtxU4eueSri11kR7KAwrACP
ep3dVaavKI6dmMtt+F90gq85CFP1PY6OTOGGHJCgD9slN4YmPBrSMCdMXhQzLkJr
cx6sm6Bl8J/Qu4xO7dSfoLK1RrEQW2MyUFvtVSSmsc0mZwevMfUSLVqyuUj8E8ju
hx9olr6nYyMpyN63ZYb/f+qWwoNcN+C0LmmuEU4Ofzrcw1d8T65kMYgMbMbkmPz2
xqy2yLc4Ca0RugSfW5qavbD0beghgk9uzOvZERPykJ/1fx+8kWP615L/4IvtNzok
AeOmSR8cRF1zmLtuvA10q9T06t3FAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUukpz
hVqTWN3+werzWdSyY5HzLrwwHwYDVR0jBBgwFoAUauoksJnDKyLk5Iu58mz1eL72
v/MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVBNDBENTc3L2F1b2tz
Sm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2F1b2tzSm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVB
NDBENTc3LzU0QkMwMTYyNTMzNzExRjA4REU4QjM5N0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADE+04wDQYJKoZIhvcNAQEL
BQADggEBAHAOX0Qrbi6oDvRS8s93luTdLZkhx7mk6/P3UHv60IMd8lgagORFhHp/
Yv2ki0/Pv7WBco3DCDRKgeZgx5fLljRDBVkxQRABN88IPZGW8kOvoBqDNkZqzK8k
rm1jFIPHdSqyG98jgf/PaJog0UMDoi9hUQ03NJElhkKVcXi1vTuLA7Zsn0rLQ4bx
vQ0hvAEHEKFXlwIYdjTWzcpBaKbD0q4oZ8HcB1A4oEBSnPxYdO0RUI6tf7yl9GXp
AYk9AVKonmiOSTmWhavF5I6AHb7dmaMEi30ToOXxdKeiTdfEKK6a1uTaHbW/IG/2
bVj+48Bl5XRJwpWjSvn1yHrQ7UugQ18=
-----END CERTIFICATE-----