Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2223CB76C35511EF8F61C8B9762E951A.roa
File:                     2223CB76C35511EF8F61C8B9762E951A.roa (raw, json)
Hash identifier:          BrmhI+9iP9tgkZjGLxBgggO+lnDKRaNslOd1wf0fFM4=
Subject key identifier:   DB:37:0D:34:7F:2F:42:49:7C:81:42:FF:E7:E9:37:AD:E6:B1:C6:7F
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0125D5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2223CB76C35511EF8F61C8B9762E951A.roa
Signing time:             Thu 26 Dec 2024 06:46:28 +0000
ROA not before:           Thu 26 Dec 2024 06:46:25 +0000
ROA not after:            Sun 12 Dec 2027 06:46:25 +0000
asID:                     17561
IP address blocks:        154.88.46.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75221 (0x125d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Dec 26 06:46:25 2024 GMT
            Not After : Dec 12 06:46:25 2027 GMT
        Subject: CN=676cfbc4-092d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d1:6e:87:45:be:7c:72:da:bd:10:60:32:11:
                    f7:f3:91:c8:5c:a2:80:b5:48:11:ae:2c:b3:1d:7a:
                    1b:54:a2:0c:c0:c5:0f:6d:1b:b8:5a:7a:0b:e8:de:
                    b2:da:3e:8b:d1:33:15:25:9c:d7:af:44:26:85:ea:
                    6d:96:ff:56:e9:47:75:f1:4c:9d:7b:11:51:92:e4:
                    2f:d9:b4:4a:ec:94:33:9e:06:32:56:97:be:4c:ad:
                    de:b6:8d:25:5d:71:0e:c4:a0:78:c4:f7:43:08:1a:
                    e1:25:24:5d:f6:3f:1a:75:7a:2d:d4:d2:db:d6:51:
                    de:53:35:c3:f8:71:b2:69:35:2b:ad:21:0d:b0:24:
                    28:a9:66:96:84:56:66:42:23:69:77:92:f7:bf:eb:
                    83:e7:66:23:0a:c6:57:c6:73:32:b8:65:92:2a:45:
                    14:2c:c9:4f:c0:b1:c9:f1:48:9f:79:5a:db:b0:b1:
                    03:99:66:d7:15:92:36:92:2e:5b:cd:da:bc:05:95:
                    e1:70:05:0c:f4:20:16:c8:5e:f0:dd:3f:a8:a7:6b:
                    41:e1:c4:2a:13:19:e8:fb:9b:c0:b6:82:0f:e4:00:
                    a5:8d:30:66:7f:d6:bb:c6:41:e1:23:48:38:73:81:
                    f1:a1:a2:a5:14:62:f7:b9:2a:e3:ed:05:31:f7:bc:
                    a8:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:37:0D:34:7F:2F:42:49:7C:81:42:FF:E7:E9:37:AD:E6:B1:C6:7F
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2223CB76C35511EF8F61C8B9762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.88.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:5f:86:76:7a:96:36:1f:04:2c:c3:88:ab:11:d7:ba:4e:fa:
         11:54:a2:dc:fb:a3:b4:f4:37:e5:2c:85:32:4f:7b:f9:68:b7:
         c7:4e:12:36:7c:b9:82:cd:90:1b:82:1b:7f:62:71:b6:ac:61:
         4c:2e:4e:79:ce:5f:9c:f8:07:36:6c:61:46:70:74:ee:c1:ae:
         a5:2a:73:a9:6f:1e:2b:6b:37:dc:09:31:29:2a:b5:bf:11:95:
         bd:9d:a3:53:d3:3e:a0:00:f0:3c:b9:73:8a:ce:da:cd:ab:c2:
         60:ce:a8:2b:f7:cd:f0:5f:54:b4:49:34:9c:77:11:1f:5e:ef:
         af:2f:44:b2:1b:18:f5:e0:f7:71:fc:04:4a:9b:dc:4f:7b:51:
         07:09:e9:5c:48:b8:9d:1a:75:02:eb:26:27:a3:07:5d:b7:76:
         e8:02:5b:5f:ae:7e:82:20:92:26:e2:e3:be:f8:2f:10:74:69:
         39:ce:95:cd:4b:22:3b:3b:6c:df:d2:f2:80:aa:5a:3f:c0:37:
         5c:56:84:47:fb:e0:17:c3:07:95:2f:b4:03:24:c1:d0:f9:91:
         96:d5:55:9a:90:07:14:ff:74:83:41:25:ab:10:70:3a:5c:e3:
         fc:70:e4:bc:21:53:c4:06:0a:5e:c3:ae:dd:7d:91:aa:3e:9f:
         98:d0:29:74
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASXVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDY0NjI1WhcNMjcxMjEyMDY0NjI1WjAYMRYw
FAYDVQQDEw02NzZjZmJjNC0wOTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0NFuh0W+fHLavRBgMhH385HIXKKAtUgRriyzHXobVKIMwMUPbRu4WnoL
6N6y2j6L0TMVJZzXr0Qmheptlv9W6Ud18UydexFRkuQv2bRK7JQzngYyVpe+TK3e
to0lXXEOxKB4xPdDCBrhJSRd9j8adXot1NLb1lHeUzXD+HGyaTUrrSENsCQoqWaW
hFZmQiNpd5L3v+uD52YjCsZXxnMyuGWSKkUULMlPwLHJ8UifeVrbsLEDmWbXFZI2
ki5bzdq8BZXhcAUM9CAWyF7w3T+op2tB4cQqExno+5vAtoIP5ACljTBmf9a7xkHh
I0g4c4HxoaKlFGL3uSrj7QUx97yowQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNs3
DTR/L0JJfIFC/+fpN63mscZ/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMjIzQ0I3NkMzNTUxMUVGOEY2MUM4Qjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlguMA0GCSqGSIb3DQEB
CwUAA4IBAQAwX4Z2epY2HwQsw4irEde6TvoRVKLc+6O09DflLIUyT3v5aLfHThI2
fLmCzZAbght/YnG2rGFMLk55zl+c+Ac2bGFGcHTuwa6lKnOpbx4razfcCTEpKrW/
EZW9naNT0z6gAPA8uXOKztrNq8Jgzqgr983wX1S0STScdxEfXu+vL0SyGxj14Pdx
/ARKm9xPe1EHCelcSLidGnUC6yYnowddt3boAltfrn6CIJIm4uO++C8QdGk5zpXN
SyI7O2zf0vKAqlo/wDdcVoRH++AXwweVL7QDJMHQ+ZGW1VWakAcU/3SDQSWrEHA6
XOP8cOS8IVPEBgpew67dfZGqPp+Y0Cl0
-----END CERTIFICATE-----