Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/234C5A8843ED11EE8E95215B4AD9E6FC.roa
File:                     234C5A8843ED11EE8E95215B4AD9E6FC.roa (raw, json)
Hash identifier:          cdo73YFQ4hQGV9t4gbbL/xgt/N/Gup7Amq8iLJwCBGc=
Subject key identifier:   7C:2D:8B:98:33:08:B5:FA:53:92:A2:D5:EE:CD:6A:C1:C2:08:82:6A
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       39D8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/234C5A8843ED11EE8E95215B4AD9E6FC.roa
Signing time:             Sat 26 Aug 2023 08:47:07 +0000
ROA not before:           Sat 26 Aug 2023 08:47:04 +0000
ROA not after:            Thu 11 Jul 2024 08:47:04 +0000
asID:                     136950
IP address blocks:        154.91.195.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14808 (0x39d8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Aug 26 08:47:04 2023 GMT
            Not After : Jul 11 08:47:04 2024 GMT
        Subject: CN=64e9bc0b-abbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:2d:66:21:3e:44:cd:b7:c7:f0:a7:90:92:3e:
                    ec:de:01:f1:31:0b:86:38:15:61:44:f1:0c:84:ab:
                    34:67:36:7b:dd:f4:a4:ab:f8:eb:4a:97:d3:0f:ba:
                    88:d3:6d:c3:80:f5:e8:6d:4b:93:3f:94:e2:2e:a7:
                    bc:7c:92:48:bf:45:51:41:e6:47:a4:a0:82:8a:c1:
                    33:dd:a8:aa:57:71:17:cd:9d:39:8d:58:60:60:69:
                    f0:8a:8c:ea:10:9e:58:dd:de:3d:16:10:c6:bb:51:
                    80:50:0d:46:fb:f0:a6:22:4d:0a:35:7e:f7:7d:ee:
                    72:c6:24:72:5e:80:3b:99:51:85:d9:79:51:60:64:
                    bb:67:85:ac:88:c1:73:82:d5:18:72:aa:8c:ef:c7:
                    f1:c8:7b:ac:7c:aa:97:63:47:95:ec:45:97:90:5a:
                    0f:ad:73:fa:77:f5:ca:8a:42:a3:93:ec:ca:40:68:
                    b8:91:07:03:29:79:9a:be:11:f3:ff:a4:35:a9:59:
                    07:d1:82:03:9d:82:74:bf:d1:4f:b7:25:6a:df:5d:
                    c5:db:ae:f2:8f:6c:7b:3f:a8:38:16:f2:9f:29:25:
                    3a:46:f2:72:77:d2:1a:78:fa:91:26:ab:a3:25:2b:
                    96:b6:88:5a:b7:2c:ac:0e:cf:cf:17:56:3a:e6:f3:
                    65:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:2D:8B:98:33:08:B5:FA:53:92:A2:D5:EE:CD:6A:C1:C2:08:82:6A
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/234C5A8843ED11EE8E95215B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.91.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:48:b8:04:2a:d9:82:ed:96:ad:bd:1f:88:c0:81:19:9a:d9:
         82:ac:4a:fa:5c:db:4a:36:9a:77:af:4f:3f:a2:64:8a:b8:17:
         6e:62:ae:6b:42:ec:b4:f8:83:3a:ed:5b:8c:a6:f8:54:76:f8:
         da:21:bc:71:b5:cf:8b:e0:1c:cc:9a:5f:06:28:5b:4a:4b:c4:
         56:33:d0:a9:b7:57:2b:b5:30:2f:16:f1:65:35:74:7b:3a:93:
         c5:4f:77:a9:7c:43:14:2e:fb:42:b4:92:17:40:72:4a:3a:a0:
         85:7a:99:f2:97:54:2e:64:f5:98:22:fe:35:f9:42:67:63:4e:
         6d:6f:b0:f8:92:55:ff:c8:6c:20:4e:c1:c5:69:14:c1:f4:cc:
         ed:a5:d2:01:33:69:d6:94:fd:cb:d3:36:40:37:4e:ae:5f:5d:
         96:0f:b6:83:93:20:29:3d:e2:c5:d6:b0:2d:52:f4:a9:d3:01:
         5f:ef:b9:b8:81:62:f9:ea:98:13:cc:46:3b:d1:c4:52:e2:b4:
         52:43:71:31:07:72:c7:4a:aa:4a:1a:6a:48:88:cf:3d:11:80:
         18:d1:2d:75:6d:56:be:03:b4:5b:91:08:35:10:38:65:bd:ec:
         29:32:92:5a:95:20:45:65:cc:00:af:71:93:de:44:4e:9b:bc:
         f6:c8:b0:12
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICOdgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA4MjYwODQ3MDRaFw0yNDA3MTEwODQ3MDRaMBgxFjAU
BgNVBAMTDTY0ZTliYzBiLWFiYmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkLWYhPkTNt8fwp5CSPuzeAfExC4Y4FWFE8QyEqzRnNnvd9KSr+OtKl9MP
uojTbcOA9ehtS5M/lOIup7x8kki/RVFB5kekoIKKwTPdqKpXcRfNnTmNWGBgafCK
jOoQnljd3j0WEMa7UYBQDUb78KYiTQo1fvd97nLGJHJegDuZUYXZeVFgZLtnhayI
wXOC1Rhyqozvx/HIe6x8qpdjR5XsRZeQWg+tc/p39cqKQqOT7MpAaLiRBwMpeZq+
EfP/pDWpWQfRggOdgnS/0U+3JWrfXcXbrvKPbHs/qDgW8p8pJTpG8nJ30hp4+pEm
q6MlK5a2iFq3LKwOz88XVjrm82WbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUfC2L
mDMItfpTkqLV7s1qwcIIgmowHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzIzNEM1QTg4NDNFRDExRUU4RTk1MjE1QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaW8MwDQYJKoZIhvcNAQEL
BQADggEBAFRIuAQq2YLtlq29H4jAgRma2YKsSvpc20o2mnevTz+iZIq4F25irmtC
7LT4gzrtW4ym+FR2+NohvHG1z4vgHMyaXwYoW0pLxFYz0Km3Vyu1MC8W8WU1dHs6
k8VPd6l8QxQu+0K0khdAcko6oIV6mfKXVC5k9Zgi/jX5QmdjTm1vsPiSVf/IbCBO
wcVpFMH0zO2l0gEzadaU/cvTNkA3Tq5fXZYPtoOTICk94sXWsC1S9KnTAV/vubiB
YvnqmBPMRjvRxFLitFJDcTEHcsdKqkoaakiIzz0RgBjRLXVtVr4DtFuRCDUQOGW9
7CkyklqVIEVlzACvcZPeRE6bvPbIsBI=
-----END CERTIFICATE-----