Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/041BA794C38111EF905DAE4F762E951A.roa
File:                     041BA794C38111EF905DAE4F762E951A.roa (raw, json)
Hash identifier:          7cIBjUwm6qSpbEUMj/ICDUwfNJpp73PjoXzAeeOhQoQ=
Subject key identifier:   8B:BA:CF:B2:E3:DF:2A:37:EE:41:EA:D7:F4:8A:70:7F:9C:95:C0:C1
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01275E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/041BA794C38111EF905DAE4F762E951A.roa
Signing time:             Thu 26 Dec 2024 12:00:36 +0000
ROA not before:           Thu 26 Dec 2024 12:00:32 +0000
ROA not after:            Sun 12 Dec 2027 12:00:32 +0000
asID:                     17561
IP address blocks:        154.94.198.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75614 (0x1275e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Dec 26 12:00:32 2024 GMT
            Not After : Dec 12 12:00:32 2027 GMT
        Subject: CN=676d4564-410f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:96:7e:bc:d7:d2:e1:8c:77:35:5c:04:00:14:
                    13:a8:14:8c:35:8d:fa:de:1a:d0:c2:28:b0:0c:42:
                    61:40:ae:22:91:dc:58:34:79:9b:d6:0d:84:7c:76:
                    79:b5:49:23:22:86:8d:29:a0:bc:34:94:96:3a:d2:
                    83:52:65:b8:f6:a8:d4:fa:6c:7d:d0:e4:e2:7e:49:
                    d8:35:56:3a:c4:d9:71:db:7c:08:26:2b:85:67:b3:
                    54:44:cc:89:70:4f:47:8f:80:d4:6c:db:f7:92:33:
                    70:c1:54:b3:bc:a9:03:90:ff:b0:12:f3:d8:06:41:
                    c1:c0:fc:7d:89:09:ba:ba:9c:c3:00:26:f4:74:70:
                    79:74:39:e9:f7:52:81:56:7a:c7:ac:74:a3:96:4d:
                    a5:15:9b:34:ad:4b:f2:85:88:35:4c:a6:56:09:59:
                    aa:21:60:db:16:4a:8f:79:e6:e9:86:30:0e:5d:2a:
                    58:9e:68:22:e5:f8:ec:39:5d:5c:d0:49:69:e3:ea:
                    c2:ec:73:f0:d5:78:d4:81:61:84:67:1c:83:94:77:
                    0b:87:7b:e7:cd:49:12:32:60:b7:53:fa:eb:c3:5d:
                    88:3e:7c:a6:f1:8c:d0:0b:17:ca:57:92:bb:26:b2:
                    e3:6f:17:2c:08:86:71:7f:73:0b:30:35:39:3e:8b:
                    74:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:BA:CF:B2:E3:DF:2A:37:EE:41:EA:D7:F4:8A:70:7F:9C:95:C0:C1
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/041BA794C38111EF905DAE4F762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.94.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:af:1f:7f:91:05:1d:c3:4d:7a:3e:3c:ea:49:50:c7:49:0f:
         77:b6:4d:e3:6a:93:64:8e:c9:86:1c:66:5a:2c:05:b3:b3:ec:
         10:d9:2c:51:93:16:11:fe:34:77:3a:b9:84:6d:4a:8e:dd:59:
         86:79:0e:af:c8:e1:90:03:da:70:92:bc:51:d9:04:b8:93:e4:
         b5:6f:e3:1d:1b:49:2c:67:be:8d:ea:d6:75:02:63:59:1c:f2:
         e9:2a:b8:41:de:ac:b8:d0:bd:6d:6f:86:14:9a:d3:cc:ec:57:
         a5:20:20:05:63:f9:21:e7:02:bb:23:a1:e3:28:9a:63:05:db:
         f5:6e:10:1e:fc:e6:37:f9:1f:df:68:f3:c0:ed:9e:de:93:ed:
         ec:7b:f8:a2:5b:6d:eb:35:e1:c7:77:4c:b0:4d:4f:ff:89:2d:
         33:22:2d:54:2f:14:fe:4e:9c:5f:7e:61:96:2f:0f:88:a9:02:
         3f:62:65:c0:e8:6f:a5:fa:15:ed:bd:de:12:32:45:68:05:be:
         db:d4:8e:64:a2:bf:8e:f1:17:01:25:d0:b6:bf:81:f6:94:57:
         d7:e6:ae:4c:50:dc:de:20:0d:3f:10:0a:8d:d7:86:c3:c2:a3:
         ee:c9:5c:f7:f9:94:4b:d6:c7:8a:01:78:26:ee:9b:c5:63:b5:
         c8:59:f4:99
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASdeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MTIwMDMyWhcNMjcxMjEyMTIwMDMyWjAYMRYw
FAYDVQQDEw02NzZkNDU2NC00MTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvZZ+vNfS4Yx3NVwEABQTqBSMNY363hrQwiiwDEJhQK4ikdxYNHmb1g2E
fHZ5tUkjIoaNKaC8NJSWOtKDUmW49qjU+mx90OTifknYNVY6xNlx23wIJiuFZ7NU
RMyJcE9Hj4DUbNv3kjNwwVSzvKkDkP+wEvPYBkHBwPx9iQm6upzDACb0dHB5dDnp
91KBVnrHrHSjlk2lFZs0rUvyhYg1TKZWCVmqIWDbFkqPeebphjAOXSpYnmgi5fjs
OV1c0Elp4+rC7HPw1XjUgWGEZxyDlHcLh3vnzUkSMmC3U/rrw12IPnym8YzQCxfK
V5K7JrLjbxcsCIZxf3MLMDU5Pot0WQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIu6
z7Lj3yo37kHq1/SKcH+clcDBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNDFCQTc5NEMzODExMUVGOTA1REFFNEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml7GMA0GCSqGSIb3DQEB
CwUAA4IBAQBVrx9/kQUdw016PjzqSVDHSQ93tk3japNkjsmGHGZaLAWzs+wQ2SxR
kxYR/jR3OrmEbUqO3VmGeQ6vyOGQA9pwkrxR2QS4k+S1b+MdG0ksZ76N6tZ1AmNZ
HPLpKrhB3qy40L1tb4YUmtPM7FelICAFY/kh5wK7I6HjKJpjBdv1bhAe/OY3+R/f
aPPA7Z7ek+3se/iiW23rNeHHd0ywTU//iS0zIi1ULxT+TpxffmGWLw+IqQI/YmXA
6G+l+hXtvd4SMkVoBb7b1I5kor+O8RcBJdC2v4H2lFfX5q5MUNzeIA0/EAqN14bD
wqPuyVz3+ZRL1seKAXgm7pvFY7XIWfSZ
-----END CERTIFICATE-----