Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/11B766EE5F9711EE9A72E70F4AD9E6FC.roa
File:                     11B766EE5F9711EE9A72E70F4AD9E6FC.roa (raw, json)
Hash identifier:          VGqDlqbQUsG7o1Qye6+GE66OOwLJpSFuSq2D2u5gMIQ=
Subject key identifier:   B0:C9:47:05:66:43:2B:85:EE:86:4D:17:4C:C0:62:CE:03:2C:3B:39
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       442B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/11B766EE5F9711EE9A72E70F4AD9E6FC.roa
Signing time:             Sat 30 Sep 2023 13:41:34 +0000
ROA not before:           Sat 30 Sep 2023 13:41:31 +0000
ROA not after:            Mon 30 Sep 2024 13:41:31 +0000
asID:                     211392
IP address blocks:        154.84.27.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17451 (0x442b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Sep 30 13:41:31 2023 GMT
            Not After : Sep 30 13:41:31 2024 GMT
        Subject: CN=6518258e-afd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:9f:06:99:25:e7:98:a9:29:5b:12:e5:43:4a:
                    14:f6:87:69:17:ac:82:22:33:87:bb:26:d5:da:a8:
                    d1:f8:7b:17:16:ec:b2:9f:ee:79:3f:55:9b:ab:6a:
                    92:b9:b6:45:63:1a:cb:13:6d:e9:79:74:f8:b0:36:
                    14:57:cb:54:97:cb:a8:f0:16:e7:e7:5f:d4:83:c1:
                    68:3b:71:4e:2f:a6:57:a1:38:51:d9:e5:0d:be:c4:
                    32:82:72:22:1c:a4:b8:17:9d:02:0e:45:90:c9:94:
                    3f:6a:b0:ca:e2:bf:4d:99:ff:2e:d6:42:66:c8:ff:
                    7f:dc:7f:a0:b9:35:68:f3:3a:18:12:0f:f4:27:07:
                    c7:09:22:0d:7e:b0:57:30:01:75:4d:54:04:b3:fa:
                    39:3c:2a:14:2b:1d:f7:5d:7c:4c:42:3a:b5:ab:62:
                    25:2f:cc:cf:43:a0:f3:63:78:85:27:52:44:c8:d9:
                    5a:6d:94:8c:4b:7f:f3:14:3f:f3:b8:2d:7e:ec:23:
                    c7:ae:c3:a8:f6:3c:e1:14:3e:72:9a:6c:c6:b8:e6:
                    6b:2a:da:d0:c3:80:1f:ab:34:40:a3:07:13:c8:cf:
                    4d:4b:ca:2e:65:10:12:fc:bd:5c:b0:ca:e4:d9:9a:
                    18:a3:17:c1:3b:21:2b:04:3d:bf:32:6c:a7:79:fe:
                    4c:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:C9:47:05:66:43:2B:85:EE:86:4D:17:4C:C0:62:CE:03:2C:3B:39
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/11B766EE5F9711EE9A72E70F4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.84.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c9:b9:7f:d7:49:e3:35:86:a4:98:93:b7:3c:b4:d4:c7:91:61:
         a2:44:21:66:9f:54:9a:13:3f:e7:72:30:2e:1d:cf:47:b0:74:
         89:bd:09:7c:f2:a0:6e:9e:ca:56:5d:ea:63:ab:30:8b:a6:7e:
         f9:a5:c5:ab:98:77:37:95:29:6a:b1:a5:f3:ec:4d:e9:55:e1:
         e2:6d:f7:c2:5f:1a:b6:ac:48:fb:6c:8e:a3:09:dc:a1:4a:7b:
         b9:e5:6c:0b:57:4b:8b:14:b3:16:7e:3f:10:37:4d:6c:26:58:
         cc:12:6a:ab:1e:94:c3:d1:10:93:46:f5:f5:1e:bd:49:39:b2:
         7f:96:da:24:03:30:9c:3a:d2:c2:56:c2:b0:3b:dd:8b:d8:92:
         52:97:d2:7f:52:8c:86:18:40:76:ad:ed:48:ce:34:ac:94:57:
         65:f8:68:e4:df:c5:6b:65:1f:3f:89:56:1d:68:b4:f0:2c:e6:
         b7:4f:a5:ee:a3:42:49:5a:d9:35:ae:1b:01:ce:29:f9:62:df:
         48:c1:91:23:03:7c:1b:24:ba:6f:21:ba:24:12:63:0f:45:a4:
         d2:05:a6:d9:a3:fc:ef:f4:ee:fb:55:eb:38:58:49:c7:92:d5:
         12:d3:d4:42:2c:36:58:73:fb:66:61:df:fa:51:0e:f8:bd:a2:
         63:7e:e8:9c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICRCswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA5MzAxMzQxMzFaFw0yNDA5MzAxMzQxMzFaMBgxFjAU
BgNVBAMTDTY1MTgyNThlLWFmZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDTnwaZJeeYqSlbEuVDShT2h2kXrIIiM4e7JtXaqNH4excW7LKf7nk/VZur
apK5tkVjGssTbel5dPiwNhRXy1SXy6jwFufnX9SDwWg7cU4vplehOFHZ5Q2+xDKC
ciIcpLgXnQIORZDJlD9qsMriv02Z/y7WQmbI/3/cf6C5NWjzOhgSD/QnB8cJIg1+
sFcwAXVNVASz+jk8KhQrHfddfExCOrWrYiUvzM9DoPNjeIUnUkTI2VptlIxLf/MU
P/O4LX7sI8euw6j2POEUPnKabMa45msq2tDDgB+rNECjBxPIz01Lyi5lEBL8vVyw
yuTZmhijF8E7ISsEPb8ybKd5/kzDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUsMlH
BWZDK4Xuhk0XTMBizgMsOzkwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzExQjc2NkVFNUY5NzExRUU5QTcyRTcwRjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVBswDQYJKoZIhvcNAQEL
BQADggEBAMm5f9dJ4zWGpJiTtzy01MeRYaJEIWafVJoTP+dyMC4dz0ewdIm9CXzy
oG6eylZd6mOrMIumfvmlxauYdzeVKWqxpfPsTelV4eJt98JfGrasSPtsjqMJ3KFK
e7nlbAtXS4sUsxZ+PxA3TWwmWMwSaqselMPREJNG9fUevUk5sn+W2iQDMJw60sJW
wrA73YvYklKX0n9SjIYYQHat7UjONKyUV2X4aOTfxWtlHz+JVh1otPAs5rdPpe6j
Qkla2TWuGwHOKfli30jBkSMDfBskum8huiQSYw9FpNIFptmj/O/07vtV6zhYSceS
1RLT1EIsNlhz+2Zh3/pRDvi9omN+6Jw=
-----END CERTIFICATE-----