Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44977538C92F11EFB73ED066762E951A.roa
File:                     44977538C92F11EFB73ED066762E951A.roa (raw, json)
Hash identifier:          owc0WpKOLztIrXMnLKPAYXHkV3TCYn0BFSwoTPd9jvk=
Subject key identifier:   B4:4A:5C:9D:F2:08:FF:BB:69:8A:CE:01:5F:4B:67:3A:BA:E4:19:76
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01339D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44977538C92F11EFB73ED066762E951A.roa
Signing time:             Thu 02 Jan 2025 17:30:32 +0000
ROA not before:           Thu 02 Jan 2025 17:30:29 +0000
ROA not after:            Mon 13 Dec 2027 17:30:29 +0000
asID:                     17561
IP address blocks:        154.222.155.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 07 Apr 2025 00:06:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 78749 (0x1339d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Jan  2 17:30:29 2025 GMT
            Not After : Dec 13 17:30:29 2027 GMT
        Subject: CN=6776cd38-8e65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:e5:9c:81:47:4e:2e:04:cc:d1:77:56:f6:f4:
                    23:54:11:fe:89:5b:bf:3d:31:21:b3:43:a7:2b:d8:
                    cf:91:60:00:41:29:2f:db:85:11:ab:37:f7:da:e1:
                    bd:25:2e:63:fd:9e:4e:06:da:f0:c5:05:45:c3:b7:
                    28:42:37:d7:03:74:5a:3b:34:f8:fa:86:09:a8:51:
                    8d:da:18:62:4a:5b:11:85:e9:7e:f9:fb:73:4a:6d:
                    cc:86:0d:6b:be:cf:2f:93:2b:2b:f7:29:e7:a8:08:
                    cc:42:43:ae:4a:a8:8d:b7:4c:d0:71:ae:c2:ad:ac:
                    5f:86:d0:dc:1a:75:c9:e3:4d:fa:a9:e3:8f:e4:33:
                    a7:8d:45:fd:c4:f8:ef:d2:50:f1:06:fd:17:ae:f6:
                    df:64:2a:f6:34:95:9e:c4:b5:62:ed:cb:0a:3b:d8:
                    c8:94:31:a2:1e:70:cf:13:89:1c:7c:95:e3:d9:96:
                    17:99:0a:88:78:ca:2a:e7:7c:43:10:be:c8:a8:23:
                    f5:d1:f2:76:43:29:70:8c:61:6f:b3:89:ee:dd:f7:
                    8a:6c:b2:41:37:9d:21:c8:d0:49:5a:74:7b:18:0c:
                    2e:b1:e0:61:79:08:65:04:35:11:06:82:da:90:45:
                    0d:64:2e:df:e8:87:da:92:6a:e2:36:9d:9d:07:e8:
                    9d:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:4A:5C:9D:F2:08:FF:BB:69:8A:CE:01:5F:4B:67:3A:BA:E4:19:76
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44977538C92F11EFB73ED066762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.222.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:54:81:c1:1e:2c:7e:1f:7e:5b:b2:97:f5:2a:53:ff:e8:f7:
         4d:50:bd:ed:24:73:e7:91:0b:a3:30:6b:a4:a0:94:55:e2:a7:
         c2:8b:c9:31:d8:ff:a1:21:b2:d8:d8:f2:b8:76:8c:5b:0c:f9:
         e4:ad:67:98:c2:68:bc:92:9d:3e:4d:05:c1:3d:33:80:1b:fd:
         76:c4:2f:58:7b:5c:5b:72:55:1b:e5:e5:be:78:f7:3c:47:b4:
         65:3c:e5:a9:d1:dd:dc:aa:92:18:22:53:0c:94:eb:ea:f1:94:
         d9:b7:fc:ba:78:ee:75:6b:24:6c:a4:60:87:62:d6:d3:5c:32:
         21:ed:d0:d7:e6:13:24:77:ae:5e:93:fc:d0:65:24:62:eb:0b:
         6f:00:b7:a8:2d:f0:39:c5:eb:c7:13:27:bf:fd:12:94:96:79:
         df:1b:5e:9a:6b:46:8a:4f:64:df:99:99:cd:b6:6f:3f:d2:22:
         2d:72:ad:86:39:46:dc:71:0f:bf:42:79:57:90:99:88:41:ce:
         34:a7:a5:e2:8e:07:c4:4a:55:a9:e5:59:de:5c:65:69:53:12:
         3e:86:34:84:1d:ec:48:44:da:90:8a:2d:ac:a9:80:20:da:ff:
         ad:f0:3a:61:38:e1:38:eb:30:31:c6:6f:28:f0:70:6c:c5:f7:
         91:05:7b:e9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATOdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTczMDI5WhcNMjcxMjEzMTczMDI5WjAYMRYw
FAYDVQQDEw02Nzc2Y2QzOC04ZTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6OWcgUdOLgTM0XdW9vQjVBH+iVu/PTEhs0OnK9jPkWAAQSkv24URqzf3
2uG9JS5j/Z5OBtrwxQVFw7coQjfXA3RaOzT4+oYJqFGN2hhiSlsRhel++ftzSm3M
hg1rvs8vkysr9ynnqAjMQkOuSqiNt0zQca7CraxfhtDcGnXJ4036qeOP5DOnjUX9
xPjv0lDxBv0XrvbfZCr2NJWexLVi7csKO9jIlDGiHnDPE4kcfJXj2ZYXmQqIeMoq
53xDEL7IqCP10fJ2QylwjGFvs4nu3feKbLJBN50hyNBJWnR7GAwuseBheQhlBDUR
BoLakEUNZC7f6IfakmriNp2dB+idlwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLRK
XJ3yCP+7aYrOAV9LZzq65Bl2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NDk3NzUzOEM5MkYxMUVGQjczRUQwNjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6bMA0GCSqGSIb3DQEB
CwUAA4IBAQAcVIHBHix+H35bspf1KlP/6PdNUL3tJHPnkQujMGukoJRV4qfCi8kx
2P+hIbLY2PK4doxbDPnkrWeYwmi8kp0+TQXBPTOAG/12xC9Ye1xbclUb5eW+ePc8
R7RlPOWp0d3cqpIYIlMMlOvq8ZTZt/y6eO51ayRspGCHYtbTXDIh7dDX5hMkd65e
k/zQZSRi6wtvALeoLfA5xevHEye//RKUlnnfG16aa0aKT2TfmZnNtm8/0iItcq2G
OUbccQ+/QnlXkJmIQc40p6XijgfESlWp5VneXGVpUxI+hjSEHexIRNqQii2sqYAg
2v+t8DphOOE46zAxxm8o8HBsxfeRBXvp
-----END CERTIFICATE-----