Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2684ECC0FDC911EDB5B008594AD9E6FC.roa
File:                     2684ECC0FDC911EDB5B008594AD9E6FC.roa (raw, json)
Hash identifier:          FyNKp9Xc0ybZo1Dt7ePwbzJ8EuGs4OuEoP+Jat7+aUU=
Subject key identifier:   5D:F8:E3:A0:72:70:E6:EB:02:A0:B7:7E:30:F8:BB:9A:DF:DB:93:C8
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       281A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2684ECC0FDC911EDB5B008594AD9E6FC.roa
Signing time:             Mon 29 May 2023 02:33:09 +0000
ROA not before:           Mon 29 May 2023 02:33:06 +0000
ROA not after:            Wed 15 May 2024 02:33:06 +0000
asID:                     63888
IP address blocks:        154.207.77.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10266 (0x281a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 29 02:33:06 2023 GMT
            Not After : May 15 02:33:06 2024 GMT
        Subject: CN=64740ee5-335d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:3d:3b:b3:4b:9c:2e:a2:af:6b:b9:1a:e5:e2:
                    a0:ad:7b:50:be:15:4e:28:f5:5a:60:96:c2:a5:68:
                    cb:ef:f3:60:d8:45:11:87:93:79:0c:ce:86:9f:1c:
                    2a:2d:d2:64:ad:1b:b1:50:23:c5:23:db:a3:9b:bb:
                    31:ad:6c:1d:d6:19:f3:b5:80:97:0d:85:25:3a:52:
                    b1:a2:0c:b4:a1:98:a4:2a:7a:63:5c:4c:43:2f:96:
                    da:68:ba:f0:39:c9:5b:9b:c8:76:62:7e:8c:f6:da:
                    e5:ba:4b:e2:a5:e2:eb:d8:93:3a:c9:eb:ad:47:4d:
                    f8:94:49:44:61:d5:14:f0:0d:40:62:5e:0b:9f:82:
                    89:ac:f7:f8:dc:fa:e8:a6:41:81:d5:e5:6f:cf:4d:
                    61:12:9a:46:1b:1c:a1:81:fa:d3:4c:10:a3:75:40:
                    fa:32:64:10:08:1e:94:6f:d6:26:f8:6f:aa:47:04:
                    e5:3e:06:37:87:a2:f2:d9:a2:a0:9e:61:94:63:cd:
                    aa:fd:75:17:2c:80:82:bf:4f:85:47:25:9f:f2:48:
                    7c:74:11:bd:0f:10:ac:37:cb:54:9b:e0:2b:1e:51:
                    1b:8f:2e:c3:19:e4:2e:52:b2:d1:6a:80:07:b6:4b:
                    51:e0:25:be:03:f8:30:55:32:f4:a3:87:ed:8f:b5:
                    bd:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:F8:E3:A0:72:70:E6:EB:02:A0:B7:7E:30:F8:BB:9A:DF:DB:93:C8
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2684ECC0FDC911EDB5B008594AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.207.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:0f:e6:b4:34:60:01:46:e8:88:06:3e:b4:76:ea:a4:c2:20:
         c7:a6:b7:2c:a5:3c:1c:61:7b:eb:86:46:d0:61:e0:36:2c:06:
         b3:d5:fb:ea:ab:b1:dd:d5:d2:bd:ce:ac:2f:7e:39:fa:43:55:
         c6:25:a6:1d:aa:ae:ed:13:6e:79:fe:5f:ee:bc:bc:81:dd:b1:
         87:44:04:a4:93:98:e5:25:2b:59:a2:1a:38:d4:c6:d6:6a:ac:
         30:50:18:7a:30:de:55:ae:d3:d9:1b:73:5d:07:d2:53:39:20:
         8f:4b:9f:7d:85:3b:26:4c:b2:9c:a9:cb:88:d9:da:9c:31:49:
         ab:1d:6e:9c:1e:79:ef:6f:29:56:86:aa:67:ed:44:73:42:f7:
         57:53:f8:04:a3:96:d0:20:7e:86:ac:cb:fa:03:78:3f:bd:72:
         16:d7:28:a7:0d:0e:3c:ed:1b:b8:e6:76:fe:97:0a:a3:29:45:
         fc:b1:da:8a:b3:e7:23:f5:f8:49:2f:f1:60:4d:7d:b5:a0:47:
         f1:fb:d7:e4:36:7d:f8:50:9b:95:49:c7:50:88:01:cb:3e:39:
         b9:7a:3e:3f:10:6e:71:ed:b2:2e:20:67:75:2d:62:b6:75:dd:
         e7:d2:3b:28:ef:6a:b7:a8:94:d0:58:9b:78:f8:ed:4a:03:f3:
         f9:ed:41:79
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICKBowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA1MjkwMjMzMDZaFw0yNDA1MTUwMjMzMDZaMBgxFjAU
BgNVBAMTDTY0NzQwZWU1LTMzNWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/PTuzS5wuoq9ruRrl4qCte1C+FU4o9VpglsKlaMvv82DYRRGHk3kMzoaf
HCot0mStG7FQI8Uj26ObuzGtbB3WGfO1gJcNhSU6UrGiDLShmKQqemNcTEMvltpo
uvA5yVubyHZifoz22uW6S+Kl4uvYkzrJ661HTfiUSURh1RTwDUBiXgufgoms9/jc
+uimQYHV5W/PTWESmkYbHKGB+tNMEKN1QPoyZBAIHpRv1ib4b6pHBOU+BjeHovLZ
oqCeYZRjzar9dRcsgIK/T4VHJZ/ySHx0Eb0PEKw3y1Sb4CseURuPLsMZ5C5SstFq
gAe2S1HgJb4D+DBVMvSjh+2Ptb29AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUXfjj
oHJw5usCoLd+MPi7mt/bk8gwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzI2ODRFQ0MwRkRDOTExRURCNUIwMDg1OTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaz00wDQYJKoZIhvcNAQEL
BQADggEBADYP5rQ0YAFG6IgGPrR26qTCIMemtyylPBxhe+uGRtBh4DYsBrPV++qr
sd3V0r3OrC9+OfpDVcYlph2qru0Tbnn+X+68vIHdsYdEBKSTmOUlK1miGjjUxtZq
rDBQGHow3lWu09kbc10H0lM5II9Ln32FOyZMspypy4jZ2pwxSasdbpweee9vKVaG
qmftRHNC91dT+ASjltAgfoasy/oDeD+9chbXKKcNDjztG7jmdv6XCqMpRfyx2oqz
5yP1+Ekv8WBNfbWgR/H71+Q2ffhQm5VJx1CIAcs+Obl6Pj8QbnHtsi4gZ3UtYrZ1
3efSOyjvareolNBYm3j47UoD8/ntQXk=
-----END CERTIFICATE-----