Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C00A63CC3D711EFBF30026B762E951A.roa
File:                     2C00A63CC3D711EFBF30026B762E951A.roa (raw, json)
Hash identifier:          rWHdm9b+kyUExTLbKsj0WUlS+Ij8x7FwKIDDbffTWWc=
Subject key identifier:   11:56:7F:FA:B4:BC:09:61:E1:97:7A:29:D8:21:62:A9:2A:65:E2:78
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01287E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C00A63CC3D711EFBF30026B762E951A.roa
Signing time:             Thu 26 Dec 2024 22:17:19 +0000
ROA not before:           Thu 26 Dec 2024 22:17:16 +0000
ROA not after:            Fri 12 Dec 2025 22:17:16 +0000
asID:                     984
IP address blocks:        154.84.174.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75902 (0x1287e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Dec 26 22:17:16 2024 GMT
            Not After : Dec 12 22:17:16 2025 GMT
        Subject: CN=676dd5ef-6259
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:1f:ed:a1:eb:cc:92:6f:39:d7:61:93:c1:21:
                    2c:52:df:f8:42:cd:a8:07:45:63:50:97:62:15:6b:
                    fe:12:f4:71:19:80:bb:4d:eb:ef:03:60:e7:6d:d3:
                    45:63:c7:7e:70:64:e8:b1:6b:40:52:6c:5a:c7:b2:
                    f8:74:61:96:84:81:65:f7:22:9d:64:3c:d9:77:18:
                    ca:5a:a7:07:b2:54:52:75:cf:b6:0e:34:59:da:cf:
                    49:65:7c:7f:d9:80:bc:7e:98:00:39:d0:3e:6a:98:
                    f4:c8:b2:27:67:ee:0e:71:5f:a6:55:ef:24:ff:d9:
                    7e:e8:4f:2a:a8:bb:5a:99:39:4f:92:6a:63:6f:52:
                    81:dd:8b:51:f0:ac:b8:32:6c:ac:09:d7:11:eb:4c:
                    20:8e:6a:c2:64:33:68:52:42:87:17:68:f3:61:5b:
                    a0:f2:04:93:c5:21:11:a8:2a:80:a5:96:56:79:28:
                    9a:8c:f5:8b:db:ed:86:8b:95:4f:33:94:a7:92:a3:
                    d9:85:76:33:df:78:76:be:cc:78:08:d7:2b:ca:ad:
                    74:2d:e6:e3:d0:58:0e:86:46:55:70:3a:4e:dd:af:
                    04:7f:dc:ad:a8:43:15:31:82:2b:0e:5c:d9:7a:66:
                    02:04:c8:b8:54:58:96:dc:35:bc:c8:ab:c8:56:a8:
                    76:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:56:7F:FA:B4:BC:09:61:E1:97:7A:29:D8:21:62:A9:2A:65:E2:78
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C00A63CC3D711EFBF30026B762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.84.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:e9:1d:b6:9d:ff:fa:07:79:b1:ae:a1:07:71:a9:b0:76:42:
         49:dd:0f:04:06:85:01:a3:a1:1e:fc:09:51:60:84:f0:00:0a:
         00:ae:c1:91:82:ed:94:ca:34:99:55:97:0f:2d:cf:b1:ce:0a:
         0c:0c:87:9e:8d:5f:86:2b:d3:54:f3:e3:7d:1f:43:33:43:6c:
         e0:70:fb:6a:aa:d4:3c:5a:29:3e:f8:8c:72:96:de:c5:a7:8c:
         04:de:b3:be:be:ef:4b:c2:9c:6b:9d:8e:08:96:85:c5:01:78:
         0b:50:a5:38:2e:f1:27:a3:b4:cc:ef:bb:78:bd:f4:32:a7:51:
         b7:bd:cf:28:27:16:07:22:59:99:67:22:3b:2f:0f:20:87:a6:
         66:8b:cf:22:d2:ab:0d:85:e8:02:6c:30:59:37:43:2b:43:14:
         cc:4d:df:21:c4:a5:59:3e:96:dc:c7:d3:3b:2c:a3:b1:8d:4c:
         d2:ac:0b:6b:00:55:2b:cd:36:2b:e2:e8:f9:a0:0f:c3:fc:cf:
         a0:81:83:ec:63:5f:e0:c9:0e:3f:5d:70:ec:ab:88:47:3a:30:
         08:04:02:2f:1e:0a:b2:a0:ce:c3:67:7f:25:7d:18:62:29:8f:
         77:99:fc:c0:fb:37:8b:c5:7c:d6:bf:79:d7:3f:c5:4a:75:41:
         bb:90:f3:0c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASh+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjIxNzE2WhcNMjUxMjEyMjIxNzE2WjAYMRYw
FAYDVQQDEw02NzZkZDVlZi02MjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5R/toevMkm8512GTwSEsUt/4Qs2oB0VjUJdiFWv+EvRxGYC7TevvA2Dn
bdNFY8d+cGTosWtAUmxax7L4dGGWhIFl9yKdZDzZdxjKWqcHslRSdc+2DjRZ2s9J
ZXx/2YC8fpgAOdA+apj0yLInZ+4OcV+mVe8k/9l+6E8qqLtamTlPkmpjb1KB3YtR
8Ky4MmysCdcR60wgjmrCZDNoUkKHF2jzYVug8gSTxSERqCqApZZWeSiajPWL2+2G
i5VPM5SnkqPZhXYz33h2vsx4CNcryq10Lebj0FgOhkZVcDpO3a8Ef9ytqEMVMYIr
DlzZemYCBMi4VFiW3DW8yKvIVqh2HQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBFW
f/q0vAlh4Zd6KdghYqkqZeJ4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQzAwQTYzQ0MzRDcxMUVGQkYzMDAyNkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSuMA0GCSqGSIb3DQEB
CwUAA4IBAQCI6R22nf/6B3mxrqEHcamwdkJJ3Q8EBoUBo6Ee/AlRYITwAAoArsGR
gu2UyjSZVZcPLc+xzgoMDIeejV+GK9NU8+N9H0MzQ2zgcPtqqtQ8Wik++Ixylt7F
p4wE3rO+vu9LwpxrnY4IloXFAXgLUKU4LvEno7TM77t4vfQyp1G3vc8oJxYHIlmZ
ZyI7Lw8gh6Zmi88i0qsNhegCbDBZN0MrQxTMTd8hxKVZPpbcx9M7LKOxjUzSrAtr
AFUrzTYr4uj5oA/D/M+ggYPsY1/gyQ4/XXDsq4hHOjAIBAIvHgqyoM7DZ38lfRhi
KY93mfzA+zeLxXzWv3nXP8VKdUG7kPMM
-----END CERTIFICATE-----