Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6F2E40EAA29311F080C94DEBDAE4EC9C.roa
File:                     6F2E40EAA29311F080C94DEBDAE4EC9C.roa (raw, json)
Hash identifier:          GipPOfQrelIpGf5BjN4Gi0gQ20xYh0Zed5oEbcrURqk=
Subject key identifier:   00:9D:15:96:73:CA:DF:11:2B:63:D8:45:87:44:D5:AC:52:0A:CF:DF
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01A26B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6F2E40EAA29311F080C94DEBDAE4EC9C.roa
Signing time:             Mon 06 Oct 2025 09:04:16 +0000
ROA not before:           Mon 06 Oct 2025 09:04:11 +0000
ROA not after:            Wed 12 Nov 2025 09:04:11 +0000
asID:                     328608
IP address blocks:        154.88.0.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 21 Oct 2025 00:06:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107115 (0x1a26b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Oct  6 09:04:11 2025 GMT
            Not After : Nov 12 09:04:11 2025 GMT
        Subject: CN=68e38610-d075
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:72:5e:e7:38:bd:78:6b:63:f2:86:6b:f0:c7:
                    9e:8e:8c:17:b6:5b:f0:df:ca:7a:f1:d0:eb:8a:74:
                    7d:07:39:a2:bf:02:d3:76:c0:86:96:3d:3a:ea:26:
                    38:6c:81:e8:2a:54:9b:17:38:94:98:5f:7f:57:8c:
                    36:90:73:34:97:3b:ae:d9:39:75:e9:c9:d0:1d:b8:
                    5c:d0:81:7b:5f:31:a0:c7:78:c1:2d:04:72:66:89:
                    98:be:e7:2f:51:1a:35:77:f5:12:8b:cb:e4:8d:cc:
                    57:36:a3:ae:d2:2a:14:e9:f9:58:e9:e5:04:7b:b0:
                    b5:3e:5d:5c:07:b9:d3:7a:8d:38:47:11:4e:7f:cb:
                    d2:2a:6b:4b:15:8b:33:1a:77:22:1c:b1:60:af:ef:
                    81:3a:e0:78:b1:08:e9:da:41:f5:76:c1:d2:9f:08:
                    09:a7:a7:77:4f:fd:57:6a:71:3c:b1:7d:e7:5f:30:
                    59:e0:51:e6:a5:eb:1a:f9:1e:cc:0a:c8:1e:57:a0:
                    90:7d:f0:91:72:ed:89:87:4d:4f:a5:c9:3d:21:17:
                    f8:84:fd:20:2e:84:9f:e0:7d:f2:37:45:b8:83:c7:
                    d7:f0:40:5d:75:4e:54:a8:dd:62:ea:b8:41:f7:76:
                    18:57:f4:93:1e:77:4a:66:00:1a:bb:6d:21:b0:10:
                    df:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:9D:15:96:73:CA:DF:11:2B:63:D8:45:87:44:D5:AC:52:0A:CF:DF
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6F2E40EAA29311F080C94DEBDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.88.0.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c2:d9:87:9c:5b:e9:46:1a:e9:39:8e:c1:3c:de:21:6c:61:cb:
         a4:ec:d8:0e:e0:3d:e0:d8:3b:6d:25:83:bd:24:b8:f5:a6:c9:
         29:fb:b7:e2:15:85:44:45:52:ba:3e:82:e2:a3:e5:0e:31:7d:
         d1:e6:e9:0f:a4:65:dd:27:bb:82:10:f6:4d:97:15:cc:8b:0c:
         9a:74:d5:b8:8d:dc:a0:29:95:d0:40:77:a7:31:89:46:63:fb:
         46:26:cf:88:5a:48:be:84:75:c1:05:56:e2:2d:af:e2:72:e9:
         d7:dc:96:e9:55:a8:1c:37:87:cb:af:41:b9:f6:f3:b0:16:05:
         0a:8f:68:97:ef:b1:87:d5:22:94:ad:ba:cb:22:78:98:50:50:
         ef:20:3e:e3:e7:4e:05:5b:b5:27:38:5e:f1:a5:d2:b0:cf:22:
         2e:0e:16:61:1d:cf:03:33:14:7f:12:53:3c:f2:a4:ae:be:27:
         67:18:d8:97:1a:ca:3b:c1:8f:70:3e:1d:98:d2:2a:54:9d:5c:
         8f:af:b2:3a:c9:ca:8e:09:62:dc:00:db:0c:78:13:a4:f0:72:
         fa:ff:af:bd:8a:cf:53:4c:a6:f6:a0:f7:1b:dd:54:d0:04:5a:
         2f:f2:cc:e3:65:d5:a8:ff:a4:c4:88:4c:b1:e7:41:ba:18:d7:
         5f:a5:62:22
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaJrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDA2MDkwNDExWhcNMjUxMTEyMDkwNDExWjAYMRYw
FAYDVQQDEw02OGUzODYxMC1kMDc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsXJe5zi9eGtj8oZr8MeejowXtlvw38p68dDrinR9BzmivwLTdsCGlj06
6iY4bIHoKlSbFziUmF9/V4w2kHM0lzuu2Tl16cnQHbhc0IF7XzGgx3jBLQRyZomY
vucvURo1d/USi8vkjcxXNqOu0ioU6flY6eUEe7C1Pl1cB7nTeo04RxFOf8vSKmtL
FYszGnciHLFgr++BOuB4sQjp2kH1dsHSnwgJp6d3T/1XanE8sX3nXzBZ4FHmpesa
+R7MCsgeV6CQffCRcu2Jh01Ppck9IRf4hP0gLoSf4H3yN0W4g8fX8EBddU5UqN1i
6rhB93YYV/STHndKZgAau20hsBDfHQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFACd
FZZzyt8RK2PYRYdE1axSCs/fMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RjJFNDBFQUEyOTMxMUYwODBDOTRERUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlgAMA0GCSqGSIb3DQEB
CwUAA4IBAQDC2YecW+lGGuk5jsE83iFsYcuk7NgO4D3g2DttJYO9JLj1pskp+7fi
FYVERVK6PoLio+UOMX3R5ukPpGXdJ7uCEPZNlxXMiwyadNW4jdygKZXQQHenMYlG
Y/tGJs+IWki+hHXBBVbiLa/icunX3JbpVagcN4fLr0G59vOwFgUKj2iX77GH1SKU
rbrLIniYUFDvID7j504FW7UnOF7xpdKwzyIuDhZhHc8DMxR/ElM88qSuvidnGNiX
Gso7wY9wPh2Y0ipUnVyPr7I6ycqOCWLcANsMeBOk8HL6/6+9is9TTKb2oPcb3VTQ
BFov8szjZdWo/6TEiEyx50G6GNdfpWIi
-----END CERTIFICATE-----