Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/25448AB472DE11F0AFF50189DAE4EC9C.roa
File:                     25448AB472DE11F0AFF50189DAE4EC9C.roa (raw, json)
Hash identifier:          OUwQI8Wpq7YkfutxF3r2SbuF+hjD7BMye8Cgl6fS3Tw=
Subject key identifier:   13:E5:09:4A:05:2F:60:D7:9F:67:A8:E4:56:99:2D:BA:BB:EB:1A:B8
Certificate issuer:       /CN=F36F731FAF/serialNumber=F5C0B63BAA5E7AF7A4386B637FD1206A3682D0C3
Certificate serial:       02FB
Authority key identifier: F5:C0:B6:3B:AA:5E:7A:F7:A4:38:6B:63:7F:D1:20:6A:36:82:D0:C3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/9cC2O6peevekOGtjf9EgajaC0MM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/25448AB472DE11F0AFF50189DAE4EC9C.roa
Signing time:             Wed 06 Aug 2025 15:58:08 +0000
ROA not before:           Wed 06 Aug 2025 15:58:04 +0000
ROA not after:            Tue 06 Aug 2030 15:58:04 +0000
asID:                     29571
IP address blocks:        102.207.8.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/9cC2O6peevekOGtjf9EgajaC0MM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/9cC2O6peevekOGtjf9EgajaC0MM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/9cC2O6peevekOGtjf9EgajaC0MM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 25 Aug 2025 00:06:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 763 (0x2fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F731FAF, serialNumber=F5C0B63BAA5E7AF7A4386B637FD1206A3682D0C3
        Validity
            Not Before: Aug  6 15:58:04 2025 GMT
            Not After : Aug  6 15:58:04 2030 GMT
        Subject: CN=68937b90-2485
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a2:59:ed:31:76:14:1f:1d:d4:86:97:75:9c:
                    2f:b5:76:0e:60:84:f3:11:c7:7b:e8:02:41:43:42:
                    5d:4f:16:88:dd:1d:81:50:f4:b5:12:84:40:7b:73:
                    f1:7c:e0:cd:e9:34:7b:90:53:f9:67:0d:a9:a2:35:
                    7e:e8:d6:9f:28:e7:0d:96:c6:1d:53:02:36:83:74:
                    be:c8:aa:4e:85:f1:f0:36:35:77:ad:77:3f:f5:ec:
                    5a:88:bb:ec:37:02:68:ef:ef:b9:52:02:59:7c:ed:
                    01:0d:49:49:c2:ab:02:4f:c8:83:23:b2:7d:83:9b:
                    99:72:dc:bb:f0:ec:1a:c5:19:5a:4e:14:8a:0d:db:
                    84:96:54:98:ba:e2:f7:85:36:a8:a7:55:7d:be:24:
                    b3:dc:53:a5:30:d4:30:59:4b:17:24:19:00:85:e2:
                    a3:e5:a7:2d:13:11:74:cd:9d:d5:26:90:2b:8e:7d:
                    44:ad:32:22:28:db:ce:81:a4:0d:c2:47:f2:c4:46:
                    36:13:bc:69:f2:8a:45:67:12:9f:82:74:62:5c:7f:
                    f1:72:ad:0b:6e:d1:58:41:e0:25:2e:70:f6:03:cc:
                    c9:51:b9:e4:45:c9:22:ba:a1:c1:0d:5f:10:64:9a:
                    c7:39:19:b9:31:b2:3f:bf:70:2f:3d:a1:cf:88:87:
                    a0:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:E5:09:4A:05:2F:60:D7:9F:67:A8:E4:56:99:2D:BA:BB:EB:1A:B8
            X509v3 Authority Key Identifier:
                keyid:F5:C0:B6:3B:AA:5E:7A:F7:A4:38:6B:63:7F:D1:20:6A:36:82:D0:C3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/9cC2O6peevekOGtjf9EgajaC0MM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9cC2O6peevekOGtjf9EgajaC0MM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/25448AB472DE11F0AFF50189DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.207.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2e:a4:c7:90:39:e6:07:b5:f0:75:c5:8e:d4:18:47:ed:19:d6:
         63:a0:9a:73:2f:43:45:97:61:48:8d:39:fe:4b:f7:30:0e:71:
         05:54:02:74:27:79:54:64:71:45:5b:ea:71:a3:ca:6f:b7:85:
         63:64:b2:ce:d4:e5:6f:a6:7e:99:6b:ed:d8:41:85:c1:d6:58:
         a8:23:66:86:08:84:f0:78:b3:22:5a:a3:19:26:79:9a:a1:6d:
         78:92:1f:4c:a2:72:d2:99:4c:0a:ad:79:3d:be:8e:76:b7:47:
         e9:3e:f9:c4:89:a0:4b:ee:b2:cb:a5:88:24:e5:1c:86:f7:a2:
         ba:b5:d6:93:5f:6d:24:e6:7a:79:9c:ae:6e:05:54:8b:8c:c6:
         51:8b:4d:7d:b5:fd:8a:37:8b:09:ec:71:10:f6:1a:85:a7:d8:
         c7:53:67:28:d7:6a:f9:97:57:87:13:71:f7:14:95:72:c1:17:
         ef:15:07:ef:1f:e2:47:cc:8a:75:b3:f9:dc:0a:fc:11:54:57:
         cc:16:aa:a4:d1:d7:db:c0:91:4c:b8:9c:fe:ad:d0:39:77:53:
         63:f2:dc:af:d7:9e:48:fb:e3:da:9c:7b:2b:ad:6a:b2:3d:d1:
         bb:f9:7c:60:93:f8:2d:1f:7a:20:ff:66:08:0b:8a:e1:1a:b4:
         85:f0:6f:f7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAvswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjczMUZBRjExMC8GA1UEBRMoRjVDMEI2M0JBQTVFN0FGN0E0Mzg2QjYzN0ZEMTIw
NkEzNjgyRDBDMzAeFw0yNTA4MDYxNTU4MDRaFw0zMDA4MDYxNTU4MDRaMBgxFjAU
BgNVBAMTDTY4OTM3YjkwLTI0ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0olntMXYUHx3Uhpd1nC+1dg5ghPMRx3voAkFDQl1PFojdHYFQ9LUShEB7
c/F84M3pNHuQU/lnDamiNX7o1p8o5w2Wxh1TAjaDdL7Iqk6F8fA2NXetdz/17FqI
u+w3Amjv77lSAll87QENSUnCqwJPyIMjsn2Dm5ly3Lvw7BrFGVpOFIoN24SWVJi6
4veFNqinVX2+JLPcU6Uw1DBZSxckGQCF4qPlpy0TEXTNndUmkCuOfUStMiIo286B
pA3CR/LERjYTvGnyikVnEp+CdGJcf/FyrQtu0VhB4CUucPYDzMlRueRFySK6ocEN
XxBkmsc5Gbkxsj+/cC89oc+Ih6BbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUE+UJ
SgUvYNefZ6jkVpkturvrGrgwHwYDVR0jBBgwFoAU9cC2O6peevekOGtjf9EgajaC
0MMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY3MzFGL0ExODdERjkyMzc5NzExRUVBNEM0OTgzMTRBRDlFNkZDLzljQzJP
NnBlZXZla09HdGpmOUVnYWphQzBNTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzljQzJPNnBlZXZla09HdGpmOUVnYWphQzBNTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY3MzFGL0ExODdERjkyMzc5NzExRUVBNEM0OTgzMTRB
RDlFNkZDLzI1NDQ4QUI0NzJERTExRjBBRkY1MDE4OURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmzwgwDQYJKoZIhvcNAQEL
BQADggEBAC6kx5A55ge18HXFjtQYR+0Z1mOgmnMvQ0WXYUiNOf5L9zAOcQVUAnQn
eVRkcUVb6nGjym+3hWNkss7U5W+mfplr7dhBhcHWWKgjZoYIhPB4syJaoxkmeZqh
bXiSH0yictKZTAqteT2+jna3R+k++cSJoEvussuliCTlHIb3orq11pNfbSTmenmc
rm4FVIuMxlGLTX21/Yo3iwnscRD2GoWn2MdTZyjXavmXV4cTcfcUlXLBF+8VB+8f
4kfMinWz+dwK/BFUV8wWqqTR19vAkUy4nP6t0Dl3U2Py3K/Xnkj749qceyutarI9
0bv5fGCT+C0feiD/ZggLiuEatIXwb/c=
-----END CERTIFICATE-----