Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4540C420C1DD11EFA2BDEA56762E951A.roa
File:                     4540C420C1DD11EFA2BDEA56762E951A.roa (raw, json)
Hash identifier:          CuczFY6XkN5p01evSjhS6MuFmxP9dURf2eigvk9XiKI=
Subject key identifier:   6B:CB:F3:7E:C2:D0:82:C8:3B:C0:D0:9B:47:B0:CE:23:F7:94:AB:E9
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01231B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4540C420C1DD11EFA2BDEA56762E951A.roa
Signing time:             Tue 24 Dec 2024 09:55:57 +0000
ROA not before:           Tue 24 Dec 2024 09:55:53 +0000
ROA not after:            Wed 10 Dec 2025 09:55:53 +0000
asID:                     984
IP address blocks:        154.199.30.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74523 (0x1231b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Dec 24 09:55:53 2024 GMT
            Not After : Dec 10 09:55:53 2025 GMT
        Subject: CN=676a852c-f86b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:13:ec:72:dd:4c:25:9f:92:4b:a7:e7:9a:c8:
                    5a:e7:05:da:07:f8:32:fb:18:2f:ba:4d:39:a9:ea:
                    99:cb:1a:5a:d3:76:3e:81:f0:48:47:80:c2:f5:b6:
                    fe:c9:7d:23:fe:0f:d8:70:fb:39:f3:f2:ee:50:07:
                    46:4e:3f:bc:72:f5:79:79:44:56:d0:bd:d4:be:41:
                    e5:1d:bf:bd:03:c4:0e:ac:70:b0:45:af:68:d2:b6:
                    e4:c6:ca:32:72:a7:5a:bf:df:51:cb:f7:c8:f1:59:
                    de:3a:d7:d6:3f:6d:13:1c:ca:de:a6:9f:c5:86:5c:
                    12:88:ce:78:87:82:83:a7:60:1c:96:b6:b4:85:15:
                    11:a9:77:3a:aa:a5:5e:4c:52:88:e1:1e:16:cc:1e:
                    ae:4c:c0:60:6d:b1:23:7c:01:0f:31:17:e0:9b:06:
                    40:a6:ec:de:1d:96:0f:eb:f1:2c:6d:22:b2:8f:96:
                    f2:fa:1d:8c:05:99:99:e3:e5:dc:7e:63:84:5b:0b:
                    e9:6c:c6:53:86:ac:ec:be:0e:d7:31:ad:f7:84:42:
                    d2:11:37:6e:4b:68:90:40:17:d1:9c:3f:9c:71:ea:
                    4b:15:c1:57:92:f4:34:f6:56:c3:c1:24:c6:3f:44:
                    8d:dc:50:6b:32:5e:1b:7f:d9:7d:ad:34:99:24:64:
                    30:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:CB:F3:7E:C2:D0:82:C8:3B:C0:D0:9B:47:B0:CE:23:F7:94:AB:E9
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4540C420C1DD11EFA2BDEA56762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.199.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:32:2e:42:bb:3f:e9:49:27:71:a9:73:9f:4e:41:05:4a:45:
         32:0c:3e:17:c7:2a:62:b4:50:a2:5f:25:aa:77:e7:67:59:c2:
         12:40:b7:2e:29:d2:89:c7:39:a8:86:8a:b4:e0:d5:30:19:12:
         0a:7b:e6:91:42:de:91:62:e3:fa:03:4e:80:2f:ba:55:7f:bc:
         81:a4:56:02:cf:86:7a:50:25:89:2c:cd:ae:65:4e:19:e7:70:
         88:f7:dd:c1:21:72:d9:3d:f5:2f:2c:0d:22:ec:98:e4:d3:97:
         a3:69:be:57:3e:b3:f7:b8:3c:b9:76:67:8f:b7:c8:73:ad:2d:
         5c:4a:1a:1a:a1:89:49:bb:70:9f:8b:06:88:76:35:f0:77:f1:
         db:9d:5a:eb:e9:67:69:a0:d4:c3:82:91:38:6b:0d:34:9a:a9:
         fe:55:6e:96:77:da:99:8b:bc:6d:49:b4:35:52:a6:ec:55:08:
         36:35:be:26:10:2c:6f:17:76:97:28:32:f0:d8:7f:d0:27:e7:
         91:51:ea:4c:a5:4b:ba:e3:c4:81:77:9b:5e:c9:f7:17:62:e1:
         db:79:31:73:01:9d:5e:27:fa:ac:e3:f7:f6:61:5f:0f:ae:9e:
         86:df:a6:65:20:26:30:ec:30:f9:29:7f:02:fa:31:bb:51:d4:
         03:80:09:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASMbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDk1NTUzWhcNMjUxMjEwMDk1NTUzWjAYMRYw
FAYDVQQDEw02NzZhODUyYy1mODZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAohPsct1MJZ+SS6fnmsha5wXaB/gy+xgvuk05qeqZyxpa03Y+gfBIR4DC
9bb+yX0j/g/YcPs58/LuUAdGTj+8cvV5eURW0L3UvkHlHb+9A8QOrHCwRa9o0rbk
xsoycqdav99Ry/fI8VneOtfWP20THMrepp/FhlwSiM54h4KDp2Aclra0hRURqXc6
qqVeTFKI4R4WzB6uTMBgbbEjfAEPMRfgmwZApuzeHZYP6/EsbSKyj5by+h2MBZmZ
4+XcfmOEWwvpbMZThqzsvg7XMa33hELSETduS2iQQBfRnD+ccepLFcFXkvQ09lbD
wSTGP0SN3FBrMl4bf9l9rTSZJGQwQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGvL
837C0ILIO8DQm0ewziP3lKvpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NTQwQzQyMEMxREQxMUVGQTJCREVBNTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsceMA0GCSqGSIb3DQEB
CwUAA4IBAQAXMi5Cuz/pSSdxqXOfTkEFSkUyDD4XxypitFCiXyWqd+dnWcISQLcu
KdKJxzmohoq04NUwGRIKe+aRQt6RYuP6A06AL7pVf7yBpFYCz4Z6UCWJLM2uZU4Z
53CI993BIXLZPfUvLA0i7Jjk05ejab5XPrP3uDy5dmePt8hzrS1cShoaoYlJu3Cf
iwaIdjXwd/HbnVrr6WdpoNTDgpE4aw00mqn+VW6Wd9qZi7xtSbQ1UqbsVQg2Nb4m
ECxvF3aXKDLw2H/QJ+eRUepMpUu648SBd5teyfcXYuHbeTFzAZ1eJ/qs4/f2YV8P
rp6G36ZlICYw7DD5KX8C+jG7UdQDgAl4
-----END CERTIFICATE-----