Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5ED0DE425F9711EE90AAF5104AD9E6FC.roa
File:                     5ED0DE425F9711EE90AAF5104AD9E6FC.roa (raw, json)
Hash identifier:          Lifr6Lhwxr89OgKQfHteupUXu/GTh6CgkPKtqJmyo/o=
Subject key identifier:   E5:68:96:4C:F4:51:E7:CC:46:9D:EA:3F:E7:90:3C:9C:64:30:A8:BE
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       442F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5ED0DE425F9711EE90AAF5104AD9E6FC.roa
Signing time:             Sat 30 Sep 2023 13:43:43 +0000
ROA not before:           Sat 30 Sep 2023 13:43:40 +0000
ROA not after:            Mon 30 Sep 2024 13:43:40 +0000
asID:                     211392
IP address blocks:        154.84.20.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17455 (0x442f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Sep 30 13:43:40 2023 GMT
            Not After : Sep 30 13:43:40 2024 GMT
        Subject: CN=6518260f-04d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a2:64:84:e2:10:a8:58:ae:e5:93:94:08:2b:
                    91:f8:02:59:8b:92:97:46:9e:78:b9:75:ed:13:64:
                    4c:0f:3a:ae:e0:d4:72:c9:12:6f:12:61:a8:d5:6a:
                    ff:7e:36:91:32:0a:da:1e:09:e7:0a:cd:e3:d6:2d:
                    ce:f3:b2:25:87:eb:32:29:cd:24:01:56:77:b4:5b:
                    53:01:d0:60:ac:4b:0b:3e:0a:5e:c2:6b:f6:65:c5:
                    6a:53:ef:1b:1a:2a:8c:44:bc:e7:cd:ce:ff:f7:46:
                    c0:c6:90:1a:89:19:de:49:9a:fa:6f:9e:b3:38:9e:
                    92:6f:8a:6f:20:3e:57:56:5e:68:07:af:0e:fd:b3:
                    fb:05:03:93:da:23:e7:b3:81:d9:40:b1:bb:12:f2:
                    9d:2f:5a:ec:78:aa:81:09:cf:84:15:91:10:cc:4b:
                    73:f2:2c:d9:74:13:c7:25:0d:f0:f8:05:a7:0a:b6:
                    99:f4:fc:44:47:1a:41:ce:9b:4f:d8:59:bc:f0:01:
                    17:b1:e8:d6:d3:17:78:86:cb:65:84:0a:a0:3c:eb:
                    ce:66:ff:ae:94:44:d2:b3:83:47:b9:c4:f4:50:2e:
                    aa:89:dc:f1:93:ad:c9:98:02:29:c2:e9:87:50:d0:
                    4c:d3:95:3d:a1:9d:76:7a:f6:eb:05:b1:23:90:b0:
                    97:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:68:96:4C:F4:51:E7:CC:46:9D:EA:3F:E7:90:3C:9C:64:30:A8:BE
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5ED0DE425F9711EE90AAF5104AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.84.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:5e:59:7b:c4:0e:f7:72:2a:7a:38:69:49:3e:39:34:86:5f:
         e5:77:b0:c1:bb:5d:ba:ea:59:6a:9f:f2:08:22:8c:23:79:a1:
         af:d0:4a:bf:6c:32:2f:76:c3:66:68:e7:76:bb:e8:33:0b:0f:
         1c:d7:90:3c:20:10:79:e9:5d:44:d3:d1:15:bd:4a:cd:18:59:
         ff:d5:e5:d0:b4:36:e3:96:90:51:41:bb:12:d9:be:8e:55:ba:
         40:52:50:2c:19:72:00:df:8f:98:de:be:ef:7e:7f:01:d0:a8:
         cb:5a:e5:b1:80:5c:f1:cb:ae:2e:33:dd:30:e1:96:7a:16:6c:
         4e:5f:4c:0d:fd:97:e8:7f:8d:74:b9:a3:53:21:24:39:a9:81:
         a7:7c:2f:75:51:10:c5:3c:39:73:aa:e6:c9:a4:2b:75:b1:a6:
         8c:d7:62:0d:59:e2:55:cd:c5:11:c8:52:7a:2d:bd:03:2e:05:
         c1:49:56:a8:bf:8e:2b:6f:e8:22:c7:c4:4e:50:3f:05:91:68:
         55:bf:84:c5:4f:f1:e6:0b:38:c5:90:a2:1a:84:d4:09:f2:48:
         6a:db:1b:a4:6f:24:4b:51:3b:0a:ad:df:c6:87:bc:0b:c8:bb:
         d2:3b:1f:93:cc:07:b4:53:87:6b:20:93:84:2b:50:88:1e:61:
         d8:66:f1:03
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICRC8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA5MzAxMzQzNDBaFw0yNDA5MzAxMzQzNDBaMBgxFjAU
BgNVBAMTDTY1MTgyNjBmLTA0ZDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFomSE4hCoWK7lk5QIK5H4AlmLkpdGnni5de0TZEwPOq7g1HLJEm8SYajV
av9+NpEyCtoeCecKzePWLc7zsiWH6zIpzSQBVne0W1MB0GCsSws+Cl7Ca/ZlxWpT
7xsaKoxEvOfNzv/3RsDGkBqJGd5JmvpvnrM4npJvim8gPldWXmgHrw79s/sFA5Pa
I+ezgdlAsbsS8p0vWux4qoEJz4QVkRDMS3PyLNl0E8clDfD4BacKtpn0/ERHGkHO
m0/YWbzwARex6NbTF3iGy2WECqA8685m/66URNKzg0e5xPRQLqqJ3PGTrcmYAinC
6YdQ0EzTlT2hnXZ69usFsSOQsJfBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU5WiW
TPRR58xGneo/55A8nGQwqL4wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzVFRDBERTQyNUY5NzExRUU5MEFBRjUxMDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVBQwDQYJKoZIhvcNAQEL
BQADggEBACJeWXvEDvdyKno4aUk+OTSGX+V3sMG7XbrqWWqf8ggijCN5oa/QSr9s
Mi92w2Zo53a76DMLDxzXkDwgEHnpXUTT0RW9Ss0YWf/V5dC0NuOWkFFBuxLZvo5V
ukBSUCwZcgDfj5jevu9+fwHQqMta5bGAXPHLri4z3TDhlnoWbE5fTA39l+h/jXS5
o1MhJDmpgad8L3VREMU8OXOq5smkK3WxpozXYg1Z4lXNxRHIUnotvQMuBcFJVqi/
jitv6CLHxE5QPwWRaFW/hMVP8eYLOMWQohqE1AnySGrbG6RvJEtROwqt38aHvAvI
u9I7H5PMB7RTh2sgk4QrUIgeYdhm8QM=
-----END CERTIFICATE-----