Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/26DC6A86C91011EFA88545A3762E951A.roa
File:                     26DC6A86C91011EFA88545A3762E951A.roa (raw, json)
Hash identifier:          LMSnCBdM9a86tk1w9h0/GlJDdKqSQBvol3qnepyigbI=
Subject key identifier:   00:F3:FB:A5:74:B6:DD:79:CD:A2:A6:97:B8:3C:8E:1D:96:B5:1A:49
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0132A1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/26DC6A86C91011EFA88545A3762E951A.roa
Signing time:             Thu 02 Jan 2025 13:47:48 +0000
ROA not before:           Thu 02 Jan 2025 13:47:44 +0000
ROA not after:            Sat 13 Dec 2025 13:47:44 +0000
asID:                     984
IP address blocks:        154.221.221.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 07 Apr 2025 00:06:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 78497 (0x132a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Jan  2 13:47:44 2025 GMT
            Not After : Dec 13 13:47:44 2025 GMT
        Subject: CN=67769904-df75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:32:3d:68:7f:30:4a:21:04:99:99:32:f2:37:
                    54:ff:4b:31:ac:99:0d:92:ed:49:e2:02:f7:a7:96:
                    03:68:75:c0:c1:f3:03:23:0d:06:51:d5:1d:b9:be:
                    8c:f8:11:a8:10:48:bf:49:09:31:75:8f:9f:29:3c:
                    00:70:ab:ed:d8:75:76:72:04:ba:c5:9b:13:79:3f:
                    b3:f4:8e:e0:a7:c2:a3:13:f9:63:35:ba:1c:61:5f:
                    b2:d2:51:c4:f4:9f:77:b5:e5:61:d8:f3:85:85:0b:
                    42:d4:65:38:3d:4f:95:dd:2c:c1:00:14:6f:2c:49:
                    0b:c1:20:07:5d:12:a5:c4:77:a3:a9:9f:df:ee:7b:
                    3a:dc:be:47:e4:08:e1:0b:b5:70:ad:e1:10:78:1d:
                    03:4e:35:31:92:4c:35:c9:29:c8:dc:f9:70:79:d6:
                    92:69:d5:4e:48:83:8d:db:24:e6:b1:49:f9:63:fd:
                    a6:e3:a0:b4:9a:e6:77:ba:15:0e:bd:ca:eb:17:3c:
                    f3:85:8f:55:32:e3:ae:ad:ca:40:65:6b:f3:2e:66:
                    d7:49:12:9f:df:f2:49:1b:ab:63:42:7b:fc:06:d5:
                    ed:86:ea:c9:94:e0:81:25:0c:c3:36:16:8a:df:50:
                    77:33:fe:90:a8:0b:cb:e6:4b:3c:86:6b:71:73:9d:
                    99:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:F3:FB:A5:74:B6:DD:79:CD:A2:A6:97:B8:3C:8E:1D:96:B5:1A:49
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/26DC6A86C91011EFA88545A3762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.221.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:47:7c:8a:6b:1a:81:cf:93:91:2c:b4:e1:2d:f9:aa:0c:1e:
         12:33:2e:38:b1:92:03:e1:ad:97:5c:61:24:09:96:68:83:ea:
         96:02:c0:4a:2b:aa:fd:74:07:99:60:8b:d6:86:af:b0:60:18:
         fc:69:10:0a:68:b5:9d:a4:66:55:d5:b7:90:65:a3:c1:13:ee:
         9c:68:63:ce:95:a3:26:b5:79:b8:21:b1:9c:c5:9c:0b:3a:b4:
         e3:9e:5f:8a:c6:3d:8c:7e:01:27:5f:75:5a:51:d1:60:94:e4:
         ac:71:bb:70:ec:11:81:71:a1:c3:de:bc:f2:64:3d:1e:85:ab:
         da:d1:d4:31:a9:f1:4d:fc:31:c4:92:86:76:1d:32:90:c3:3a:
         d8:2b:90:4b:36:0a:31:ec:f9:53:9b:df:a1:af:91:22:0f:91:
         8e:68:69:f5:67:fb:91:30:c6:7e:08:dc:b9:2a:ff:1a:19:0c:
         b0:dd:c6:49:9a:00:27:31:2f:78:2c:61:8c:bd:14:70:40:8b:
         17:48:ce:5d:33:3c:44:d5:5b:84:31:76:1d:a1:38:32:28:f0:
         29:31:3f:67:05:2d:39:d6:7e:d5:cc:5a:81:73:18:c4:b3:d3:
         85:9f:5d:4c:57:c7:14:2a:5f:f9:56:73:ab:b5:a2:a9:78:92:
         5a:24:82:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATKhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTM0NzQ0WhcNMjUxMjEzMTM0NzQ0WjAYMRYw
FAYDVQQDEw02Nzc2OTkwNC1kZjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwDI9aH8wSiEEmZky8jdU/0sxrJkNku1J4gL3p5YDaHXAwfMDIw0GUdUd
ub6M+BGoEEi/SQkxdY+fKTwAcKvt2HV2cgS6xZsTeT+z9I7gp8KjE/ljNbocYV+y
0lHE9J93teVh2POFhQtC1GU4PU+V3SzBABRvLEkLwSAHXRKlxHejqZ/f7ns63L5H
5AjhC7VwreEQeB0DTjUxkkw1ySnI3PlwedaSadVOSION2yTmsUn5Y/2m46C0muZ3
uhUOvcrrFzzzhY9VMuOurcpAZWvzLmbXSRKf3/JJG6tjQnv8BtXthurJlOCBJQzD
NhaK31B3M/6QqAvL5ks8hmtxc52ZwQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFADz
+6V0tt15zaKml7g8jh2WtRpJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNkRDNkE4NkM5MTAxMUVGQTg4NTQ1QTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3dMA0GCSqGSIb3DQEB
CwUAA4IBAQAJR3yKaxqBz5ORLLThLfmqDB4SMy44sZID4a2XXGEkCZZog+qWAsBK
K6r9dAeZYIvWhq+wYBj8aRAKaLWdpGZV1beQZaPBE+6caGPOlaMmtXm4IbGcxZwL
OrTjnl+Kxj2MfgEnX3VaUdFglOSscbtw7BGBcaHD3rzyZD0ehava0dQxqfFN/DHE
koZ2HTKQwzrYK5BLNgox7PlTm9+hr5EiD5GOaGn1Z/uRMMZ+CNy5Kv8aGQyw3cZJ
mgAnMS94LGGMvRRwQIsXSM5dMzxE1VuEMXYdoTgyKPApMT9nBS051n7VzFqBcxjE
s9OFn11MV8cUKl/5VnOrtaKpeJJaJILT
-----END CERTIFICATE-----