Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71785CAE3D4A11F0A73D88DEDAE4EC9C.roa
File:                     71785CAE3D4A11F0A73D88DEDAE4EC9C.roa (raw, json)
Hash identifier:          lQxg5qWw7E27Elzq2lNbASNm59Xw/f2G43TJ+DgVG9s=
Subject key identifier:   A9:9F:08:5F:36:6B:7A:EB:1B:89:E9:AD:76:CE:A9:38:0E:8D:EC:F4
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0183C7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71785CAE3D4A11F0A73D88DEDAE4EC9C.roa
Signing time:             Fri 30 May 2025 11:37:19 +0000
ROA not before:           Fri 30 May 2025 11:37:14 +0000
ROA not after:            Mon 09 Jun 2025 11:37:14 +0000
asID:                     4809
IP address blocks:        154.83.28.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 08 Jun 2025 00:06:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99271 (0x183c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 30 11:37:14 2025 GMT
            Not After : Jun  9 11:37:14 2025 GMT
        Subject: CN=6839986f-c646
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:56:a1:50:ba:e1:bc:17:4f:80:3f:3f:76:ca:
                    50:41:eb:c8:f5:fd:22:42:f3:1b:f9:fc:bb:85:70:
                    2f:29:b5:96:cd:11:07:0b:ee:65:a8:cd:56:b3:1a:
                    54:1a:f1:d6:7a:49:e7:c3:07:8f:08:a1:40:a4:58:
                    97:d0:cd:0c:d6:1a:dd:ba:75:09:25:44:30:22:07:
                    cd:c4:6c:01:af:63:7b:14:ec:17:f6:6d:4d:f3:1e:
                    f6:50:f2:c7:7c:df:e9:71:31:74:4b:55:a8:5b:4f:
                    8a:86:b4:6d:2f:86:18:ce:4b:b8:19:40:d8:aa:e5:
                    01:6c:09:dd:9a:3e:62:a5:3a:57:dc:16:8a:97:92:
                    a7:54:c5:d7:fa:2b:df:08:ba:80:32:78:c6:98:8e:
                    aa:d7:3d:ff:4f:20:d5:3d:b8:42:bd:0e:a6:5f:aa:
                    40:8f:38:7b:53:11:25:2e:00:ab:43:21:55:f2:80:
                    f9:cc:b5:02:5b:20:54:38:73:71:31:77:1f:ae:da:
                    50:1b:40:bb:9a:54:71:27:28:6d:40:57:83:a0:d5:
                    fe:77:82:03:34:11:a3:86:49:e0:26:40:93:da:02:
                    20:ba:6f:2e:c6:2c:0c:7b:c2:01:b6:67:db:63:c6:
                    77:e8:28:45:10:ca:d1:89:fd:9a:8d:fb:22:c1:b2:
                    ce:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:9F:08:5F:36:6B:7A:EB:1B:89:E9:AD:76:CE:A9:38:0E:8D:EC:F4
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71785CAE3D4A11F0A73D88DEDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.83.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:9c:e5:07:99:f6:d1:3b:ca:1c:e1:5d:08:7c:d1:34:b5:fc:
         f8:4b:3d:d7:fc:aa:d3:9a:a6:c3:c1:91:7b:1c:b3:58:3e:ce:
         ce:5b:99:de:9f:a5:d0:42:f1:95:e4:ed:31:db:ad:30:f1:ce:
         07:df:ab:0e:7b:f9:7f:91:61:9f:f0:ba:bc:43:ac:54:09:94:
         56:19:8a:dc:fd:b0:26:06:9d:4e:2a:8d:71:62:46:91:8b:93:
         22:a6:39:5e:ee:94:66:f1:39:bf:78:5c:84:2f:47:87:d3:25:
         9a:ef:7f:3e:f9:9b:ae:4e:38:2b:8d:53:f4:7f:af:e2:58:ea:
         36:71:f8:06:66:e3:ef:ea:90:94:7f:b8:86:a9:fb:37:a4:a8:
         17:1a:de:5b:e7:e5:b9:ec:d1:42:96:5d:b9:8b:8d:d3:b6:ea:
         4e:10:09:40:b0:60:dc:c5:6e:ef:a1:7a:b1:72:a0:34:4f:cc:
         9e:8a:08:73:8d:46:7a:25:bf:f2:24:e7:f2:eb:57:c9:84:39:
         58:eb:1d:87:dc:ca:d2:34:34:92:fb:ca:4b:bb:40:e6:09:2a:
         2b:d0:fb:34:00:81:f0:38:14:ec:54:e8:a9:30:9e:05:c7:4c:
         75:42:6e:95:7b:bd:2d:e5:f4:f4:86:17:0f:09:6e:9b:65:03:
         5e:39:ef:4a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYPHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTMwMTEzNzE0WhcNMjUwNjA5MTEzNzE0WjAYMRYw
FAYDVQQDEw02ODM5OTg2Zi1jNjQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwVahULrhvBdPgD8/dspQQevI9f0iQvMb+fy7hXAvKbWWzREHC+5lqM1W
sxpUGvHWeknnwwePCKFApFiX0M0M1hrdunUJJUQwIgfNxGwBr2N7FOwX9m1N8x72
UPLHfN/pcTF0S1WoW0+KhrRtL4YYzku4GUDYquUBbAndmj5ipTpX3BaKl5KnVMXX
+ivfCLqAMnjGmI6q1z3/TyDVPbhCvQ6mX6pAjzh7UxElLgCrQyFV8oD5zLUCWyBU
OHNxMXcfrtpQG0C7mlRxJyhtQFeDoNX+d4IDNBGjhkngJkCT2gIgum8uxiwMe8IB
tmfbY8Z36ChFEMrRif2ajfsiwbLOdQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKmf
CF82a3rrG4nprXbOqTgOjez0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MTc4NUNBRTNENEExMUYwQTczRDg4REVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlMcMA0GCSqGSIb3DQEB
CwUAA4IBAQBNnOUHmfbRO8oc4V0IfNE0tfz4Sz3X/KrTmqbDwZF7HLNYPs7OW5ne
n6XQQvGV5O0x260w8c4H36sOe/l/kWGf8Lq8Q6xUCZRWGYrc/bAmBp1OKo1xYkaR
i5Mipjle7pRm8Tm/eFyEL0eH0yWa738++ZuuTjgrjVP0f6/iWOo2cfgGZuPv6pCU
f7iGqfs3pKgXGt5b5+W57NFCll25i43TtupOEAlAsGDcxW7voXqxcqA0T8yeighz
jUZ6Jb/yJOfy61fJhDlY6x2H3MrSNDSS+8pLu0DmCSor0Ps0AIHwOBTsVOipMJ4F
x0x1Qm6Ve70t5fT0hhcPCW6bZQNeOe9K
-----END CERTIFICATE-----