Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/ECD59D2251F311F087499FD5DAE4EC9C.roa
File:                     ECD59D2251F311F087499FD5DAE4EC9C.roa (raw, json)
Hash identifier:          0MsoWeb7LdhgTsaU/otFN3VGsH6DtvCWEm/3VJQ4nvw=
Subject key identifier:   0F:8E:46:FF:ED:74:47:22:43:46:22:BC:67:7F:8F:36:76:A8:46:AB
Certificate issuer:       /CN=F3659F22AF/serialNumber=5556D637278A4D6987D448763BD3CAEBA058A50F
Certificate serial:       01D4
Authority key identifier: 55:56:D6:37:27:8A:4D:69:87:D4:48:76:3B:D3:CA:EB:A0:58:A5:0F
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/ECD59D2251F311F087499FD5DAE4EC9C.roa
Signing time:             Wed 25 Jun 2025 18:40:54 +0000
ROA not before:           Wed 25 Jun 2025 18:40:49 +0000
ROA not after:            Mon 01 Jun 2026 18:40:49 +0000
asID:                     37739
IP address blocks:        102.222.157.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.mft
                          rsync://rpki.afrinic.net/repository/afrinic/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 03 Jul 2025 04:30:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 468 (0x1d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3659F22AF, serialNumber=5556D637278A4D6987D448763BD3CAEBA058A50F
        Validity
            Not Before: Jun 25 18:40:49 2025 GMT
            Not After : Jun  1 18:40:49 2026 GMT
        Subject: CN=685c42b6-5e9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:30:32:1a:a1:66:79:6e:c4:6a:9a:ad:c9:07:
                    0c:2d:31:40:58:a4:47:1d:12:b7:03:8b:17:67:3b:
                    e4:60:ed:9f:a6:12:09:94:c4:68:78:0f:20:e3:53:
                    de:50:d2:27:36:44:7f:64:1f:e6:60:f5:40:67:6e:
                    d5:74:ca:32:ae:5a:7a:ae:60:89:74:a9:ab:70:28:
                    44:22:7f:4f:af:23:9a:f8:7a:72:92:47:88:bf:c9:
                    68:b4:b1:54:8a:3f:c1:19:80:ec:4e:3d:04:95:01:
                    0b:ee:8a:e1:bb:ff:85:5d:3f:dc:a9:77:81:67:19:
                    8f:85:19:fb:32:db:6d:e5:a3:89:83:41:9d:e5:34:
                    14:f2:ad:3b:41:2e:d9:e9:f5:c1:79:5c:d6:5e:80:
                    86:f5:69:06:28:bf:c3:7b:66:dc:15:fc:d4:a6:7e:
                    ce:56:77:2e:ff:7f:ef:0b:18:e9:58:00:50:bd:39:
                    51:77:f2:97:a0:76:4f:37:77:c4:0b:27:3b:d9:01:
                    25:42:2a:0b:69:5b:d9:e6:2b:d6:95:80:b1:f7:fd:
                    6e:56:7a:b1:15:6a:fb:fd:8f:c4:da:6a:0c:96:ae:
                    ef:cd:50:bd:06:04:95:44:27:f2:b4:8a:32:09:23:
                    78:59:80:89:a3:1d:e4:05:5a:dd:32:49:6b:c8:20:
                    c7:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:8E:46:FF:ED:74:47:22:43:46:22:BC:67:7F:8F:36:76:A8:46:AB
            X509v3 Authority Key Identifier:
                keyid:55:56:D6:37:27:8A:4D:69:87:D4:48:76:3B:D3:CA:EB:A0:58:A5:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/VVbWNyeKTWmH1Eh2O9PK66BYpQ8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F22/9A0832F6FCAB11EEA6901B3D017001B1/ECD59D2251F311F087499FD5DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.222.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:85:2c:e0:f1:3f:8c:5b:a4:08:ae:cc:d3:fb:7a:f7:88:81:
         2c:ff:87:34:bc:b0:b4:00:a7:e2:c0:d5:6c:a6:96:06:ca:0c:
         97:41:96:27:96:79:69:d6:aa:03:88:67:e8:bd:0d:50:25:58:
         d1:0f:5c:9f:72:fb:4c:b1:5e:de:76:17:e5:35:6f:22:30:b5:
         8b:bd:d3:4f:a3:56:e4:9f:2e:e6:9d:51:29:72:f8:50:63:c6:
         ed:65:1f:0b:4d:94:3e:88:48:e7:5d:6b:f6:7e:6e:fa:c7:35:
         43:53:b9:e6:f5:6e:09:60:2e:82:7b:d0:d1:a3:e7:91:37:24:
         98:bd:78:51:95:d5:f2:eb:d4:4b:06:5b:7f:50:8e:74:8e:9b:
         ac:cb:01:86:1b:1a:7e:f5:9d:ee:a3:ca:27:62:1a:7a:2b:1a:
         b0:ce:70:02:8c:f9:5b:70:71:d6:e2:f5:10:82:17:ad:19:7a:
         08:a7:ff:cc:57:14:d1:c2:94:c2:5b:7d:25:ba:56:67:51:51:
         a9:34:2d:87:1c:94:e5:82:ee:56:9d:2c:11:c6:40:a6:f7:ee:
         9d:12:57:52:bb:69:c6:57:74:0c:10:cf:35:60:7a:53:af:db:
         4c:c9:95:00:fa:ff:61:d2:d1:1d:18:78:be:4d:e0:20:4d:9b:
         05:42:31:e5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAdQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTlGMjJBRjExMC8GA1UEBRMoNTU1NkQ2MzcyNzhBNEQ2OTg3RDQ0ODc2M0JEM0NB
RUJBMDU4QTUwRjAeFw0yNTA2MjUxODQwNDlaFw0yNjA2MDExODQwNDlaMBgxFjAU
BgNVBAMTDTY4NWM0MmI2LTVlOWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6MDIaoWZ5bsRqmq3JBwwtMUBYpEcdErcDixdnO+Rg7Z+mEgmUxGh4DyDj
U95Q0ic2RH9kH+Zg9UBnbtV0yjKuWnquYIl0qatwKEQif0+vI5r4enKSR4i/yWi0
sVSKP8EZgOxOPQSVAQvuiuG7/4VdP9ypd4FnGY+FGfsy223lo4mDQZ3lNBTyrTtB
Ltnp9cF5XNZegIb1aQYov8N7ZtwV/NSmfs5Wdy7/f+8LGOlYAFC9OVF38pegdk83
d8QLJzvZASVCKgtpW9nmK9aVgLH3/W5WerEVavv9j8TaagyWru/NUL0GBJVEJ/K0
ijIJI3hZgImjHeQFWt0ySWvIIMchAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUD45G
/+10RyJDRiK8Z3+PNnaoRqswHwYDVR0jBBgwFoAUVVbWNyeKTWmH1Eh2O9PK66BY
pQ8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU5RjIyLzlBMDgzMkY2RkNBQjExRUVBNjkwMUIzRDAxNzAwMUIxL1ZWYldO
eWVLVFdtSDFFaDJPOVBLNjZCWXBROC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1ZWYldOeWVLVFdtSDFFaDJPOVBLNjZCWXBROC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU5RjIyLzlBMDgzMkY2RkNBQjExRUVBNjkwMUIzRDAx
NzAwMUIxL0VDRDU5RDIyNTFGMzExRjA4NzQ5OUZENURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm3p0wDQYJKoZIhvcNAQEL
BQADggEBADGFLODxP4xbpAiuzNP7eveIgSz/hzS8sLQAp+LA1WymlgbKDJdBlieW
eWnWqgOIZ+i9DVAlWNEPXJ9y+0yxXt52F+U1byIwtYu900+jVuSfLuadUSly+FBj
xu1lHwtNlD6ISOdda/Z+bvrHNUNTueb1bglgLoJ70NGj55E3JJi9eFGV1fLr1EsG
W39QjnSOm6zLAYYbGn71ne6jyidiGnorGrDOcAKM+Vtwcdbi9RCCF60Zegin/8xX
FNHClMJbfSW6VmdRUak0LYcclOWC7ladLBHGQKb37p0SV1K7acZXdAwQzzVgelOv
20zJlQD6/2HS0R0YeL5N4CBNmwVCMeU=
-----END CERTIFICATE-----