Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/072D1082576311F088413DABDAE4EC9C.roa
File:                     072D1082576311F088413DABDAE4EC9C.roa (raw, json)
Hash identifier:          kdbBEJRsB56bxxE6rksSixZh/DLbv8XJMoYIBLPc8/g=
Subject key identifier:   97:20:6F:53:C4:10:74:77:6E:79:43:C8:E9:B5:29:5C:D3:F1:C9:8B
Certificate issuer:       /CN=F369591CRI/serialNumber=DCFEA3847722D2FEC7A039E99038F7538259D031
Certificate serial:       0378
Authority key identifier: DC:FE:A3:84:77:22:D2:FE:C7:A0:39:E9:90:38:F7:53:82:59:D0:31
Authority info access:    rsync://rpki.afrinic.net/repository/ripe/3P6jhHci0v7HoDnpkDj3U4JZ0DE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/072D1082576311F088413DABDAE4EC9C.roa
Signing time:             Wed 02 Jul 2025 16:38:49 +0000
ROA not before:           Wed 02 Jul 2025 16:38:43 +0000
ROA not after:            Tue 31 Dec 2030 16:38:43 +0000
asID:                     15964
IP address blocks:        195.24.196.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/3P6jhHci0v7HoDnpkDj3U4JZ0DE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/3P6jhHci0v7HoDnpkDj3U4JZ0DE.mft
                          rsync://rpki.afrinic.net/repository/ripe/3P6jhHci0v7HoDnpkDj3U4JZ0DE.cer
                          rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.crl
                          rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/ripe-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Jul 2025 00:45:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 888 (0x378)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369591CRI, serialNumber=DCFEA3847722D2FEC7A039E99038F7538259D031
        Validity
            Not Before: Jul  2 16:38:43 2025 GMT
            Not After : Dec 31 16:38:43 2030 GMT
        Subject: CN=68656098-28c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:9e:b1:8a:90:2a:e0:43:7a:58:e5:40:5e:35:
                    8b:31:bd:12:04:01:1f:11:34:50:35:f8:eb:22:01:
                    bc:de:bf:41:75:5b:30:a4:92:c6:75:c7:0d:1c:77:
                    92:7c:64:ef:82:77:e9:95:11:f8:da:d1:88:38:0a:
                    22:f0:28:79:27:02:cc:33:51:80:90:62:d3:fb:5e:
                    b5:a3:2c:d2:43:74:4a:b5:7f:c8:f1:1d:94:45:21:
                    2f:46:15:a9:77:98:1a:75:1e:a6:77:8f:71:75:8f:
                    62:81:a9:23:76:1b:44:f1:53:92:3d:30:77:4f:d3:
                    d9:b4:3a:16:91:0d:f0:e0:dc:be:1d:15:0f:10:34:
                    c5:b3:5e:02:1b:cc:d3:05:0c:ad:ac:74:21:d6:af:
                    b2:5c:b1:88:8f:57:52:ef:d7:d0:7c:b5:f5:ea:24:
                    bb:96:cd:9e:b1:fe:04:0a:8c:f8:50:9d:cc:d8:8f:
                    a0:26:d8:d5:58:85:7f:7f:c3:3c:db:c1:b8:00:cf:
                    e4:7b:c5:38:e5:20:6c:01:73:52:2e:cb:9c:61:b9:
                    93:31:e1:e8:84:fc:f1:44:d3:ed:2b:11:6f:01:2e:
                    e1:16:e8:fa:a5:43:b5:e2:dc:75:51:84:31:d3:c8:
                    5d:fd:28:c8:bc:61:1c:75:7e:2d:22:f1:fa:a9:df:
                    f5:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:20:6F:53:C4:10:74:77:6E:79:43:C8:E9:B5:29:5C:D3:F1:C9:8B
            X509v3 Authority Key Identifier:
                keyid:DC:FE:A3:84:77:22:D2:FE:C7:A0:39:E9:90:38:F7:53:82:59:D0:31

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/3P6jhHci0v7HoDnpkDj3U4JZ0DE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/ripe/3P6jhHci0v7HoDnpkDj3U4JZ0DE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/672357D4C24711ED959790A0F1222468/072D1082576311F088413DABDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.24.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:f3:1a:70:31:e2:00:70:a7:8b:74:de:9e:b6:37:d8:21:62:
         03:99:6c:30:ee:88:0c:ef:d1:32:ab:8a:77:e9:3b:48:b0:55:
         5b:b5:f2:f2:9f:de:7b:43:99:d9:14:35:31:4f:05:4f:0e:84:
         00:cb:5d:fc:f9:25:10:95:8d:de:51:23:8c:a8:50:d3:5d:89:
         ee:2b:42:ff:2b:82:2b:53:3e:ce:c5:b8:d5:75:70:32:11:5e:
         77:de:47:41:24:bf:c9:22:f5:a0:83:00:43:00:12:80:79:d8:
         67:d2:62:ec:13:ad:6b:a4:01:55:8c:cb:ac:24:b1:69:6b:1d:
         d9:79:fd:8e:1b:00:4b:fb:33:66:c5:39:bc:7c:9e:8d:3f:1b:
         e0:67:47:4f:6f:c6:42:eb:20:98:34:0b:b1:63:c5:57:70:f0:
         88:bb:48:a5:29:5f:dc:3f:8d:4b:20:a8:33:5f:05:2d:17:f9:
         19:76:d4:48:75:79:58:ce:4c:7e:2e:4e:8f:80:b7:36:32:45:
         87:5a:dc:49:c6:5c:24:f9:60:c2:78:44:34:64:d6:f8:de:e2:
         1f:31:fb:90:4e:bb:5e:c0:04:2f:b8:58:d1:63:17:89:2f:a8:
         f1:78:15:11:f6:7b:21:21:ec:7a:ba:b0:77:84:be:7a:14:f5:
         3d:df:88:6b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA3gwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTU5MUNSSTExMC8GA1UEBRMoRENGRUEzODQ3NzIyRDJGRUM3QTAzOUU5OTAzOEY3
NTM4MjU5RDAzMTAeFw0yNTA3MDIxNjM4NDNaFw0zMDEyMzExNjM4NDNaMBgxFjAU
BgNVBAMTDTY4NjU2MDk4LTI4YzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDXnrGKkCrgQ3pY5UBeNYsxvRIEAR8RNFA1+OsiAbzev0F1WzCkksZ1xw0c
d5J8ZO+Cd+mVEfja0Yg4CiLwKHknAswzUYCQYtP7XrWjLNJDdEq1f8jxHZRFIS9G
Fal3mBp1HqZ3j3F1j2KBqSN2G0TxU5I9MHdP09m0OhaRDfDg3L4dFQ8QNMWzXgIb
zNMFDK2sdCHWr7JcsYiPV1Lv19B8tfXqJLuWzZ6x/gQKjPhQnczYj6Am2NVYhX9/
wzzbwbgAz+R7xTjlIGwBc1Iuy5xhuZMx4eiE/PFE0+0rEW8BLuEW6PqlQ7Xi3HVR
hDHTyF39KMi8YRx1fi0i8fqp3/UbAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUlyBv
U8QQdHdueUPI6bUpXNPxyYswHwYDVR0jBBgwFoAU3P6jhHci0v7HoDnpkDj3U4JZ
0DEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzY3MjM1N0Q0QzI0NzExRUQ5NTk3OTBBMEYxMjIyNDY4LzNQNmpo
SGNpMHY3SG9EbnBrRGozVTRKWjBERS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9yaXBl
LzNQNmpoSGNpMHY3SG9EbnBrRGozVTRKWjBERS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjk1OTFDLzY3MjM1N0Q0QzI0NzExRUQ5NTk3OTBBMEYxMjIy
NDY4LzA3MkQxMDgyNTc2MzExRjA4ODQxM0RBQkRBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDGMQwDQYJKoZIhvcNAQELBQAD
ggEBALbzGnAx4gBwp4t03p62N9ghYgOZbDDuiAzv0TKrinfpO0iwVVu18vKf3ntD
mdkUNTFPBU8OhADLXfz5JRCVjd5RI4yoUNNdie4rQv8rgitTPs7FuNV1cDIRXnfe
R0Ekv8ki9aCDAEMAEoB52GfSYuwTrWukAVWMy6wksWlrHdl5/Y4bAEv7M2bFObx8
no0/G+BnR09vxkLrIJg0C7FjxVdw8Ii7SKUpX9w/jUsgqDNfBS0X+Rl21Eh1eVjO
TH4uTo+AtzYyRYda3EnGXCT5YMJ4RDRk1vje4h8x+5BOu17ABC+4WNFjF4kvqPF4
FRH2eyEh7Hq6sHeEvnoU9T3fiGs=
-----END CERTIFICATE-----