Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B418624C1CE11EFAA8A0776762E951A.roa
File:                     0B418624C1CE11EFAA8A0776762E951A.roa (raw, json)
Hash identifier:          lUNCw96BlsM0FVAb3axJSpOJDu+OCBJcYB74xnN1HCg=
Subject key identifier:   C5:32:22:E0:BA:89:E7:DF:20:B9:4A:1C:37:25:60:7B:AB:BE:0B:BE
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01227F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B418624C1CE11EFAA8A0776762E951A.roa
Signing time:             Tue 24 Dec 2024 08:06:57 +0000
ROA not before:           Tue 24 Dec 2024 08:06:53 +0000
ROA not after:            Wed 10 Dec 2025 08:06:53 +0000
asID:                     984
IP address blocks:        154.193.223.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74367 (0x1227f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Dec 24 08:06:53 2024 GMT
            Not After : Dec 10 08:06:53 2025 GMT
        Subject: CN=676a6ba1-b7bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:75:4f:30:8f:0f:d5:73:e8:69:46:f1:ee:37:
                    9a:55:a9:06:5d:d7:6f:dd:ba:0d:da:59:0c:07:44:
                    47:5e:56:d9:c7:a2:77:6e:25:c7:5c:a2:92:ee:6b:
                    c8:76:44:a1:6b:32:f0:e6:e2:d9:61:bb:c9:1a:51:
                    b5:ee:74:94:8c:39:e2:cc:5e:5c:37:8f:49:35:fd:
                    45:40:fe:67:6b:60:c7:e8:97:56:44:f2:e5:4c:bb:
                    8b:f2:ab:81:0e:5f:ca:21:ce:09:fd:ac:5a:d0:89:
                    17:fd:b8:b1:da:f0:3d:95:a3:08:2e:75:35:fa:c2:
                    11:43:e9:7a:07:1c:fd:ea:63:c7:7c:54:df:17:f8:
                    eb:f3:54:db:91:b5:81:bb:0c:7f:03:a1:3a:c9:cc:
                    db:42:d8:a2:4c:16:c0:b1:f7:85:8c:08:bf:bb:be:
                    23:00:c6:0b:bc:51:41:0d:1c:1f:f1:2d:7c:8b:0f:
                    82:f1:15:55:48:4a:08:29:c8:0b:3f:63:38:2e:1a:
                    69:98:34:0c:c7:88:d9:1c:87:10:0a:6c:c6:06:b7:
                    ed:72:c3:93:a3:ad:53:02:18:a1:60:a3:cf:08:23:
                    36:07:a8:94:18:50:a4:ba:0e:a9:6d:11:76:67:b2:
                    28:50:67:ce:88:17:05:7e:ec:1a:d4:ee:26:65:d1:
                    96:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:32:22:E0:BA:89:E7:DF:20:B9:4A:1C:37:25:60:7B:AB:BE:0B:BE
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B418624C1CE11EFAA8A0776762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.193.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:d6:fe:bb:ae:ff:35:0e:60:0a:ad:b1:1a:43:01:96:1b:ed:
         75:bc:20:88:b8:90:2a:ee:32:69:25:6c:4d:5c:2e:49:c8:29:
         46:43:83:b7:07:0d:5b:0a:13:37:5e:47:f8:3b:a5:fb:7b:47:
         0c:a3:7f:aa:7d:7d:1f:40:4d:2d:74:1f:bf:a4:8d:55:4d:c5:
         57:9c:71:63:f3:dd:cf:8b:f4:66:49:03:89:d4:af:ed:1e:b2:
         ba:40:00:cb:cf:59:3c:0f:91:a8:74:9e:89:57:5c:5e:6c:98:
         f5:0c:e3:f6:a4:53:49:f5:cf:9b:dc:7c:b4:48:59:0c:7f:fa:
         5f:18:98:e0:9b:e4:00:8b:a2:fc:5f:59:9e:11:3a:9f:6a:45:
         76:5f:26:da:79:58:6d:e9:93:c8:65:d4:45:d1:6c:f2:cd:72:
         22:ff:c6:e5:27:ed:6d:d5:05:6c:e7:3f:70:74:80:d7:eb:b1:
         8f:b2:ad:03:46:df:22:51:17:f9:10:6e:72:2f:a5:13:2e:c3:
         58:6d:98:f1:6b:cc:2a:f7:9c:23:2e:13:83:ed:d1:d2:40:9d:
         f5:ed:0e:46:e6:64:34:3f:a3:77:88:ee:ae:b1:5f:ac:ab:19:
         10:40:3e:5a:7b:84:21:39:0c:df:e4:76:2b:6c:8f:d3:58:6b:
         52:4c:32:33
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASJ/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDgwNjUzWhcNMjUxMjEwMDgwNjUzWjAYMRYw
FAYDVQQDEw02NzZhNmJhMS1iN2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz3VPMI8P1XPoaUbx7jeaVakGXddv3boN2lkMB0RHXlbZx6J3biXHXKKS
7mvIdkShazLw5uLZYbvJGlG17nSUjDnizF5cN49JNf1FQP5na2DH6JdWRPLlTLuL
8quBDl/KIc4J/axa0IkX/bix2vA9laMILnU1+sIRQ+l6Bxz96mPHfFTfF/jr81Tb
kbWBuwx/A6E6yczbQtiiTBbAsfeFjAi/u74jAMYLvFFBDRwf8S18iw+C8RVVSEoI
KcgLP2M4LhppmDQMx4jZHIcQCmzGBrftcsOTo61TAhihYKPPCCM2B6iUGFCkug6p
bRF2Z7IoUGfOiBcFfuwa1O4mZdGWRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMUy
IuC6ieffILlKHDclYHurvgu+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQjQxODYyNEMxQ0UxMUVGQUE4QTA3NzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsHfMA0GCSqGSIb3DQEB
CwUAA4IBAQBD1v67rv81DmAKrbEaQwGWG+11vCCIuJAq7jJpJWxNXC5JyClGQ4O3
Bw1bChM3Xkf4O6X7e0cMo3+qfX0fQE0tdB+/pI1VTcVXnHFj893Pi/RmSQOJ1K/t
HrK6QADLz1k8D5GodJ6JV1xebJj1DOP2pFNJ9c+b3Hy0SFkMf/pfGJjgm+QAi6L8
X1meETqfakV2XybaeVht6ZPIZdRF0WzyzXIi/8blJ+1t1QVs5z9wdIDX67GPsq0D
Rt8iURf5EG5yL6UTLsNYbZjxa8wq95wjLhOD7dHSQJ317Q5G5mQ0P6N3iO6usV+s
qxkQQD5ae4QhOQzf5HYrbI/TWGtSTDIz
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:00:13 2025 by rpki-client