Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B33A4EECF2711EFB4B2CE6F762E951A.roa
File:                     5B33A4EECF2711EFB4B2CE6F762E951A.roa (raw, json)
Hash identifier:          Zzo4bgTE8iXo7qrQoV4+kOiljUxnKBaj7nsPT8Nmejk=
Subject key identifier:   F4:51:C8:CE:F2:58:D0:A6:CF:C2:FA:89:A9:9F:01:61:CF:08:1D:E2
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0139B3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B33A4EECF2711EFB4B2CE6F762E951A.roa
Signing time:             Fri 10 Jan 2025 07:49:01 +0000
ROA not before:           Fri 10 Jan 2025 07:48:58 +0000
ROA not after:            Fri 16 Jan 2026 07:48:58 +0000
asID:                     138965
IP address blocks:        154.222.52.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 80307 (0x139b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Jan 10 07:48:58 2025 GMT
            Not After : Jan 16 07:48:58 2026 GMT
        Subject: CN=6780d0ed-c331
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f5:a9:fa:88:8b:14:59:52:3b:de:31:dd:27:
                    be:95:6d:fe:a4:94:a4:48:90:57:3e:c0:e9:18:ab:
                    76:09:1c:95:f3:e7:14:04:d5:7f:e2:f8:14:91:df:
                    90:df:b0:df:34:34:50:8a:90:42:02:86:5f:75:b4:
                    51:ae:67:a5:5d:30:aa:69:ad:b8:43:ba:32:f1:a6:
                    c0:c1:30:61:fe:2e:a4:6b:46:aa:c1:9e:c2:39:f5:
                    d2:89:ed:3a:e1:eb:af:2b:f4:f1:ba:86:17:eb:b1:
                    8f:7d:75:3a:d7:5a:11:53:18:9b:51:e1:ae:7a:fa:
                    10:dc:02:d3:5e:cf:2c:92:0b:9d:1d:fb:46:5d:6d:
                    60:3d:23:90:ed:86:e4:2b:04:8a:cf:49:ba:e7:54:
                    bf:c0:4c:33:9a:9b:2e:64:c7:26:22:59:1c:0f:fd:
                    ac:59:73:28:08:4d:90:fa:8b:e0:08:92:7e:11:00:
                    67:d5:2b:24:15:89:aa:74:47:8f:35:03:28:82:b8:
                    6e:9c:a6:d2:fe:54:e1:71:c4:99:54:0b:ed:9f:fd:
                    34:9c:ec:13:2b:ec:d7:61:b5:da:1b:52:0c:f8:c1:
                    b8:99:a9:6a:f7:26:9a:1f:9d:29:5c:b4:ec:9d:57:
                    5f:21:16:22:dd:4b:12:41:b5:9e:da:b9:1e:c4:4c:
                    04:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:51:C8:CE:F2:58:D0:A6:CF:C2:FA:89:A9:9F:01:61:CF:08:1D:E2
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B33A4EECF2711EFB4B2CE6F762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.222.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a6:86:96:c0:43:cb:85:a6:fe:f1:1b:e1:b6:62:5c:6a:f0:8d:
         2d:91:7d:e1:c0:0e:7e:ba:5e:56:16:40:c8:32:c6:83:8e:13:
         df:7a:7a:0b:08:94:1a:36:c9:5a:33:df:90:cd:80:54:bd:42:
         ec:12:56:fe:76:ce:24:cd:80:94:dd:5f:c4:46:ea:f5:52:d3:
         1f:11:1f:44:7a:6a:44:cb:3c:7b:99:8d:ae:8a:0b:e2:67:13:
         1d:08:5a:bf:0d:7b:c8:a0:33:b1:8a:75:49:59:99:3a:20:03:
         64:25:82:02:db:00:ec:18:5a:c1:a6:ab:0e:29:08:52:41:16:
         24:d6:c8:ba:b1:f5:47:86:43:00:bc:56:1c:8e:dd:c7:59:64:
         f7:a9:6a:ec:49:83:1e:98:7a:ee:f9:fb:af:4e:25:2f:50:16:
         f6:af:14:33:e0:8b:1b:c5:a5:ac:ac:7b:d3:9d:f3:18:bc:89:
         ba:01:59:62:e2:c7:93:c7:aa:49:45:1a:ac:c1:d3:93:d1:92:
         6b:75:66:fc:57:16:f0:d5:93:c4:5d:69:79:34:f7:26:30:56:
         ec:8b:9c:80:e8:7c:ff:6c:3b:ce:2e:e7:86:4a:d2:51:63:28:
         da:94:4a:82:b9:e0:74:7a:7b:74:e9:11:01:ec:64:8e:e3:36:
         7b:e7:a7:74
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATmzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTEwMDc0ODU4WhcNMjYwMTE2MDc0ODU4WjAYMRYw
FAYDVQQDEw02NzgwZDBlZC1jMzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvvWp+oiLFFlSO94x3Se+lW3+pJSkSJBXPsDpGKt2CRyV8+cUBNV/4vgU
kd+Q37DfNDRQipBCAoZfdbRRrmelXTCqaa24Q7oy8abAwTBh/i6ka0aqwZ7COfXS
ie064euvK/TxuoYX67GPfXU611oRUxibUeGuevoQ3ALTXs8skgudHftGXW1gPSOQ
7YbkKwSKz0m651S/wEwzmpsuZMcmIlkcD/2sWXMoCE2Q+ovgCJJ+EQBn1SskFYmq
dEePNQMogrhunKbS/lThccSZVAvtn/00nOwTK+zXYbXaG1IM+MG4malq9yaaH50p
XLTsnVdfIRYi3UsSQbWe2rkexEwEtQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPRR
yM7yWNCmz8L6iamfAWHPCB3iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QjMzQTRFRUNGMjcxMUVGQjRCMkNFNkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt40MA0GCSqGSIb3DQEB
CwUAA4IBAQCmhpbAQ8uFpv7xG+G2Ylxq8I0tkX3hwA5+ul5WFkDIMsaDjhPfenoL
CJQaNslaM9+QzYBUvULsElb+ds4kzYCU3V/ERur1UtMfER9EempEyzx7mY2uigvi
ZxMdCFq/DXvIoDOxinVJWZk6IANkJYIC2wDsGFrBpqsOKQhSQRYk1si6sfVHhkMA
vFYcjt3HWWT3qWrsSYMemHru+fuvTiUvUBb2rxQz4IsbxaWsrHvTnfMYvIm6AVli
4seTx6pJRRqswdOT0ZJrdWb8Vxbw1ZPEXWl5NPcmMFbsi5yA6Hz/bDvOLueGStJR
YyjalEqCueB0ent06REB7GSO4zZ756d0
-----END CERTIFICATE-----