Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27D566C8C93C11EFB43132B7762E951A.roa
File:                     27D566C8C93C11EFB43132B7762E951A.roa (raw, json)
Hash identifier:          HjTV98Zl78rMdYIlhV/HLaMNUJONyM5U07Xx2uDwbYE=
Subject key identifier:   13:18:F8:D3:E8:32:E7:F1:FF:4E:09:B7:87:E8:C6:58:A9:94:D5:B0
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       013403
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27D566C8C93C11EFB43132B7762E951A.roa
Signing time:             Thu 02 Jan 2025 19:02:48 +0000
ROA not before:           Thu 02 Jan 2025 19:02:44 +0000
ROA not after:            Sat 13 Dec 2025 19:02:44 +0000
asID:                     984
IP address blocks:        154.223.229.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 13 Apr 2025 00:12:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 78851 (0x13403)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Jan  2 19:02:44 2025 GMT
            Not After : Dec 13 19:02:44 2025 GMT
        Subject: CN=6776e2d7-941a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:3e:74:ef:d7:58:1e:0f:f9:16:09:94:9b:12:
                    97:0e:97:7b:21:b2:fc:4f:39:e5:a3:c8:44:6b:ca:
                    df:55:66:eb:73:d1:be:33:ca:86:c8:1d:2d:95:9b:
                    0d:2c:ae:52:c4:78:4d:e5:a4:4c:a9:dc:56:44:70:
                    48:35:ea:94:21:23:5c:6c:5d:b7:db:3b:6f:b6:0d:
                    60:76:79:23:99:4c:d2:16:b2:6e:6e:a8:cf:30:1e:
                    a6:e9:8a:a0:04:0f:ee:c3:c5:f6:10:a3:47:6b:42:
                    ee:04:a1:d8:b1:07:c5:b7:f6:54:5d:f8:83:80:7c:
                    6b:bb:fc:2a:65:ee:0f:5e:22:25:79:f2:19:f4:77:
                    85:8f:ae:49:3f:45:a5:c4:45:7e:a1:de:8f:fc:61:
                    71:6b:55:4a:4f:7a:b7:99:ec:d1:a3:25:53:f7:6f:
                    03:23:cd:ee:9f:42:41:f9:f3:f9:c9:31:5d:e3:6d:
                    e1:74:b0:af:f5:08:f3:3f:e7:58:e3:12:b0:33:97:
                    d0:46:e2:18:86:62:08:ca:72:db:4e:c7:a7:0e:b0:
                    74:95:be:39:99:51:09:5d:8e:a8:8f:73:8b:bf:23:
                    fc:a3:f5:b4:cc:53:49:a7:23:d5:d2:92:21:ca:b6:
                    31:20:59:8f:19:c5:41:c8:d8:66:c1:66:e4:fe:53:
                    55:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:18:F8:D3:E8:32:E7:F1:FF:4E:09:B7:87:E8:C6:58:A9:94:D5:B0
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27D566C8C93C11EFB43132B7762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.223.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:b3:23:57:64:55:57:ab:2f:06:aa:13:39:e2:f7:64:20:16:
         c3:41:11:86:1c:4e:35:9b:00:88:51:0d:bd:bc:44:20:89:67:
         c4:d9:eb:f4:c3:00:da:94:82:a3:c5:30:cf:be:b3:c4:4a:6d:
         6a:42:4f:42:64:62:7d:ab:13:74:0e:f2:5c:05:40:a8:b3:cc:
         46:cc:f0:d5:f7:90:80:d0:30:d9:5a:18:54:85:1c:ec:7c:20:
         34:0a:57:ce:c1:34:06:e1:a2:6e:5b:e9:7f:4b:4f:12:1a:69:
         17:bb:63:b6:47:4a:9b:b9:35:7a:06:54:be:24:80:35:e7:b3:
         8a:59:33:a0:64:fb:55:73:57:c0:23:1f:76:ce:00:d2:92:16:
         c2:7d:62:46:fc:84:3c:86:0f:92:30:c9:b6:e7:f2:b1:db:0a:
         6e:c3:01:92:49:76:ac:a2:05:d6:3c:a9:fe:24:5a:e4:72:06:
         73:56:c6:ac:b8:3f:43:4f:07:ec:c8:24:08:aa:c7:2e:fa:41:
         e3:5b:b6:e9:f7:b9:3e:c4:7a:9a:e3:d0:1d:9a:c0:27:4e:c3:
         19:08:16:e7:76:ff:88:df:5f:e6:63:41:a3:a2:21:8a:6c:dc:
         3c:9a:d4:e5:1e:98:ae:b8:81:79:af:bc:5a:c9:25:a7:a9:98:
         c5:c0:02:ca
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATQDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTkwMjQ0WhcNMjUxMjEzMTkwMjQ0WjAYMRYw
FAYDVQQDEw02Nzc2ZTJkNy05NDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3z5079dYHg/5FgmUmxKXDpd7IbL8Tznlo8hEa8rfVWbrc9G+M8qGyB0t
lZsNLK5SxHhN5aRMqdxWRHBINeqUISNcbF232ztvtg1gdnkjmUzSFrJubqjPMB6m
6YqgBA/uw8X2EKNHa0LuBKHYsQfFt/ZUXfiDgHxru/wqZe4PXiIlefIZ9HeFj65J
P0WlxEV+od6P/GFxa1VKT3q3mezRoyVT928DI83un0JB+fP5yTFd423hdLCv9Qjz
P+dY4xKwM5fQRuIYhmIIynLbTsenDrB0lb45mVEJXY6oj3OLvyP8o/W0zFNJpyPV
0pIhyrYxIFmPGcVByNhmwWbk/lNVMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBMY
+NPoMufx/04Jt4foxliplNWwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yN0Q1NjZDOEM5M0MxMUVGQjQzMTMyQjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/lMA0GCSqGSIb3DQEB
CwUAA4IBAQCksyNXZFVXqy8GqhM54vdkIBbDQRGGHE41mwCIUQ29vEQgiWfE2ev0
wwDalIKjxTDPvrPESm1qQk9CZGJ9qxN0DvJcBUCos8xGzPDV95CA0DDZWhhUhRzs
fCA0ClfOwTQG4aJuW+l/S08SGmkXu2O2R0qbuTV6BlS+JIA157OKWTOgZPtVc1fA
Ix92zgDSkhbCfWJG/IQ8hg+SMMm25/Kx2wpuwwGSSXasogXWPKn+JFrkcgZzVsas
uD9DTwfsyCQIqscu+kHjW7bp97k+xHqa49AdmsAnTsMZCBbndv+I31/mY0GjoiGK
bNw8mtTlHpiuuIF5r7xaySWnqZjFwALK
-----END CERTIFICATE-----