Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74F0917CE06F11EFAF0518AE762E951A.roa
File:                     74F0917CE06F11EFAF0518AE762E951A.roa (raw, json)
Hash identifier:          vQnKVyPT2SQ7PzMVl/Lapx99aHnAduO8v9Ycxgrb9i0=
Subject key identifier:   F8:9C:73:54:D5:BA:CE:0E:0F:41:29:99:CB:A7:81:76:B6:5C:CD:8E
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       014E92
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74F0917CE06F11EFAF0518AE762E951A.roa
Signing time:             Sat 01 Feb 2025 07:37:58 +0000
ROA not before:           Sat 01 Feb 2025 07:37:54 +0000
ROA not after:            Wed 09 Apr 2025 07:37:54 +0000
asID:                     25818
IP address blocks:        154.91.204.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 21 Feb 2025 11:13:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85650 (0x14e92)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Feb  1 07:37:54 2025 GMT
            Not After : Apr  9 07:37:54 2025 GMT
        Subject: CN=679dcf56-55b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:7c:62:4e:c0:0b:58:41:d6:6a:4a:3f:be:62:
                    2d:b1:c6:1b:15:ec:3e:45:6b:a5:de:b9:ba:14:40:
                    de:cb:cb:69:6c:8f:cb:13:b8:9b:0d:27:4d:46:b0:
                    66:87:09:09:e2:a9:5c:94:22:8d:4e:02:7b:9c:93:
                    b9:79:13:ba:d2:4f:a2:1a:fd:64:5b:88:69:71:74:
                    a7:28:d2:c8:4d:22:3c:da:38:5b:75:82:fd:53:bf:
                    e2:c8:9e:88:f0:34:1c:ed:a9:10:bc:a4:7e:2d:cf:
                    23:a6:89:97:a1:a7:8c:39:ac:73:3a:74:54:85:f9:
                    82:fc:1a:f2:5e:97:81:93:73:85:d0:b8:f0:ba:ea:
                    60:0b:ea:40:7c:28:eb:d3:15:5f:81:4e:d9:68:45:
                    53:00:d2:78:ff:98:4b:7c:78:0e:a8:88:d6:79:9b:
                    e7:40:b1:4f:76:99:0f:d1:2d:77:7a:2a:63:be:c7:
                    d5:9d:db:fa:ed:1a:c0:67:cc:91:fc:be:9e:88:2e:
                    a2:f3:29:54:25:00:2a:31:1c:67:f7:db:5b:f8:78:
                    14:64:3a:b8:f2:8c:5c:e1:39:22:09:68:6c:dc:34:
                    f5:d3:0a:97:3e:47:57:80:e6:0a:f6:8d:02:5d:70:
                    24:48:02:5d:fa:4f:13:46:78:27:e3:06:30:03:fe:
                    61:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:9C:73:54:D5:BA:CE:0E:0F:41:29:99:CB:A7:81:76:B6:5C:CD:8E
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74F0917CE06F11EFAF0518AE762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.91.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:56:6d:72:af:b4:35:56:0f:35:62:61:a5:5e:83:5c:e2:08:
         19:4b:cc:10:d3:8c:27:82:27:68:06:5d:bf:64:c4:7a:70:c6:
         d0:36:1a:8e:1d:0a:00:26:a6:8b:5a:15:de:21:1e:30:cc:5e:
         c4:32:73:81:64:79:64:91:f8:e0:f4:17:26:a1:db:f4:10:c7:
         eb:c9:a3:13:86:06:9d:a9:37:61:e5:74:69:30:62:f9:3e:37:
         af:01:02:c2:90:1d:7a:03:ee:cb:a0:1f:97:e1:6d:8e:c6:d0:
         84:16:cb:f7:d0:14:c7:04:1f:5a:66:5e:6e:84:33:3c:5c:ff:
         fe:80:f0:9f:e3:0f:91:b9:15:1c:7c:94:f6:d4:d2:72:ed:c7:
         44:e5:a1:d6:76:a5:2a:4c:db:13:b5:95:cb:68:67:ba:3e:39:
         9a:83:e3:02:cb:99:42:33:32:bf:43:d5:a7:49:e8:2d:d8:b1:
         6c:ac:88:0b:58:99:09:73:62:df:76:7b:a8:06:54:03:55:5f:
         11:7b:a2:68:cf:a0:86:d2:33:c5:d8:b5:c8:c7:52:d1:88:dd:
         0d:f8:2a:54:31:35:20:ce:8f:5b:c1:5c:e1:6e:1c:5e:1c:6b:
         5b:25:f6:f6:a1:96:0e:f7:be:1f:e5:27:c7:99:ef:4b:5f:c8:
         6d:63:b4:df
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU6SMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjAxMDczNzU0WhcNMjUwNDA5MDczNzU0WjAYMRYw
FAYDVQQDEw02NzlkY2Y1Ni01NWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuHxiTsALWEHWako/vmItscYbFew+RWul3rm6FEDey8tpbI/LE7ibDSdN
RrBmhwkJ4qlclCKNTgJ7nJO5eRO60k+iGv1kW4hpcXSnKNLITSI82jhbdYL9U7/i
yJ6I8DQc7akQvKR+Lc8jpomXoaeMOaxzOnRUhfmC/BryXpeBk3OF0LjwuupgC+pA
fCjr0xVfgU7ZaEVTANJ4/5hLfHgOqIjWeZvnQLFPdpkP0S13eipjvsfVndv67RrA
Z8yR/L6eiC6i8ylUJQAqMRxn99tb+HgUZDq48oxc4TkiCWhs3DT10wqXPkdXgOYK
9o0CXXAkSAJd+k8TRngn4wYwA/5hmwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPic
c1TVus4OD0EpmcungXa2XM2OMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NEYwOTE3Q0UwNkYxMUVGQUYwNTE4QUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlvMMA0GCSqGSIb3DQEB
CwUAA4IBAQB/Vm1yr7Q1Vg81YmGlXoNc4ggZS8wQ04wngidoBl2/ZMR6cMbQNhqO
HQoAJqaLWhXeIR4wzF7EMnOBZHlkkfjg9Bcmodv0EMfryaMThgadqTdh5XRpMGL5
PjevAQLCkB16A+7LoB+X4W2OxtCEFsv30BTHBB9aZl5uhDM8XP/+gPCf4w+RuRUc
fJT21NJy7cdE5aHWdqUqTNsTtZXLaGe6Pjmag+MCy5lCMzK/Q9WnSegt2LFsrIgL
WJkJc2LfdnuoBlQDVV8Re6Joz6CG0jPF2LXIx1LRiN0N+CpUMTUgzo9bwVzhbhxe
HGtbJfb2oZYO974f5SfHme9LX8htY7Tf
-----END CERTIFICATE-----