Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14D03096E0C811EF9DB77D7B762E951A.roa
File:                     14D03096E0C811EF9DB77D7B762E951A.roa (raw, json)
Hash identifier:          4fYveTz0d/iQw95b2HJp07tyRItvUGCkaIDvq7/hZdA=
Subject key identifier:   7D:7A:75:CE:96:0C:FE:81:93:78:58:EA:58:BF:19:47:1E:29:ED:B9
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       014F1A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14D03096E0C811EF9DB77D7B762E951A.roa
Signing time:             Sat 01 Feb 2025 18:12:22 +0000
ROA not before:           Sat 01 Feb 2025 18:12:16 +0000
ROA not after:            Sun 01 Feb 2026 18:12:16 +0000
asID:                     7018
IP address blocks:        154.197.30.0/24 maxlen: 24
                          154.197.31.0/24 maxlen: 24
                          154.200.164.0/24 maxlen: 24
                          154.200.165.0/24 maxlen: 24
                          154.200.166.0/24 maxlen: 24
                          154.200.167.0/24 maxlen: 24
                          154.222.8.0/24 maxlen: 24
                          154.222.9.0/24 maxlen: 24
                          154.222.10.0/24 maxlen: 24
                          154.222.11.0/24 maxlen: 24
                          154.223.192.0/24 maxlen: 24
                          154.223.193.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85786 (0x14f1a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Feb  1 18:12:16 2025 GMT
            Not After : Feb  1 18:12:16 2026 GMT
        Subject: CN=679e6406-765b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d5:03:57:cb:9c:c0:16:8e:a9:a3:42:e1:6a:
                    d6:49:58:d7:7b:81:0a:f0:5d:25:49:75:ee:e0:b5:
                    e1:0b:3d:ef:30:af:88:8f:c3:f5:96:51:ff:02:9d:
                    dd:26:99:77:2f:52:6d:ef:85:7c:04:e6:54:a6:13:
                    ea:1d:c3:f2:33:5b:f8:f2:c5:3b:b6:7c:61:48:9c:
                    84:1e:8d:0d:c5:b6:d7:7f:20:37:af:64:d1:84:b2:
                    97:b8:52:50:8e:7c:a5:b1:7e:8b:f5:a7:06:3e:93:
                    02:ee:74:46:82:c7:b3:23:b0:26:9d:93:93:94:0e:
                    08:64:8f:6f:1c:a6:00:20:0a:e4:41:cd:a5:f6:ba:
                    7d:eb:57:18:c2:b1:db:6f:64:83:4c:f9:f1:db:7d:
                    dc:04:5c:06:2d:af:81:03:a7:8f:83:2a:48:f7:de:
                    a6:91:b4:e9:1a:e2:67:1e:81:86:cf:c9:2c:78:e7:
                    1f:5c:c8:6b:48:fa:71:bf:2a:8a:13:f8:ae:e9:2a:
                    28:64:ae:e2:30:ca:09:38:1b:be:06:db:a8:39:ab:
                    d2:3f:aa:98:ea:bb:7e:66:e2:bc:aa:15:ae:3a:7b:
                    e5:b3:fd:d5:7a:a7:b2:ad:80:2a:95:27:eb:46:17:
                    a4:1b:57:95:a8:8c:a4:cc:73:06:1a:5c:d3:59:36:
                    b8:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:7A:75:CE:96:0C:FE:81:93:78:58:EA:58:BF:19:47:1E:29:ED:B9
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14D03096E0C811EF9DB77D7B762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.197.30.0/23
                  154.200.164.0/22
                  154.222.8.0/22
                  154.223.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         95:b5:d7:e3:96:c3:92:f1:06:d9:90:77:8b:ab:8d:5a:c1:4d:
         04:7b:33:60:b5:be:19:c9:e8:74:6d:9a:3f:78:e2:66:cf:3c:
         20:3a:96:b6:28:01:07:7e:13:73:20:28:5d:cd:7e:86:60:89:
         8f:79:ad:c8:5d:af:e1:6d:9e:e3:ef:bb:eb:3c:1b:6c:f5:a5:
         21:1d:ca:30:ec:b8:a8:86:c7:a0:43:85:4e:ca:f0:0f:f9:15:
         5b:c3:bf:cf:6d:f4:99:d8:61:bb:72:b3:4a:da:69:1b:7f:95:
         bf:f0:5c:10:c2:f7:bb:c5:f1:b0:c0:c9:3b:8e:08:2b:a7:a2:
         51:02:fa:1f:5b:5d:d6:43:f4:fe:0c:99:db:df:c4:5d:e6:a0:
         00:94:e7:c2:1d:6b:9a:aa:26:88:e8:14:a7:9a:80:46:78:23:
         8f:42:2f:70:dc:34:4e:72:b3:a0:ab:c6:1e:3f:63:43:ac:2e:
         4a:88:3d:96:58:74:6d:81:68:9e:c9:ba:72:10:9d:42:56:90:
         47:14:f1:57:1d:96:52:e2:ad:d2:02:5d:fd:7c:d8:51:74:c5:
         76:2c:1e:7e:7f:04:c2:f6:27:f6:af:91:99:a8:01:bf:83:d2:
         8d:b0:64:26:02:f9:85:f6:b7:bd:b0:1e:3e:07:ca:e6:b4:32:
         32:02:1c:c2
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAU8aMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjAxMTgxMjE2WhcNMjYwMjAxMTgxMjE2WjAYMRYw
FAYDVQQDEw02NzllNjQwNi03NjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo9UDV8ucwBaOqaNC4WrWSVjXe4EK8F0lSXXu4LXhCz3vMK+Ij8P1llH/
Ap3dJpl3L1Jt74V8BOZUphPqHcPyM1v48sU7tnxhSJyEHo0NxbbXfyA3r2TRhLKX
uFJQjnylsX6L9acGPpMC7nRGgsezI7AmnZOTlA4IZI9vHKYAIArkQc2l9rp961cY
wrHbb2SDTPnx233cBFwGLa+BA6ePgypI996mkbTpGuJnHoGGz8kseOcfXMhrSPpx
vyqKE/iu6SooZK7iMMoJOBu+BtuoOavSP6qY6rt+ZuK8qhWuOnvls/3VeqeyrYAq
lSfrRhekG1eVqIykzHMGGlzTWTa4KwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFH16
dc6WDP6Bk3hY6li/GUceKe25MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNEQwMzA5NkUwQzgxMUVGOURCNzdEN0I3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBmsUeAwQCmsikAwQCmt4I
AwQBmt/AMA0GCSqGSIb3DQEBCwUAA4IBAQCVtdfjlsOS8QbZkHeLq41awU0EezNg
tb4Zyeh0bZo/eOJmzzwgOpa2KAEHfhNzIChdzX6GYImPea3IXa/hbZ7j77vrPBts
9aUhHcow7LiohsegQ4VOyvAP+RVbw7/PbfSZ2GG7crNK2mkbf5W/8FwQwve7xfGw
wMk7jggrp6JRAvofW13WQ/T+DJnb38Rd5qAAlOfCHWuaqiaI6BSnmoBGeCOPQi9w
3DROcrOgq8YeP2NDrC5KiD2WWHRtgWieybpyEJ1CVpBHFPFXHZZS4q3SAl39fNhR
dMV2LB5+fwTC9if2r5GZqAG/g9KNsGQmAvmF9re9sB4+B8rmtDIyAhzC
-----END CERTIFICATE-----