Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7585C420BC4511EFA6BEB39F762E951A.roa
File:                     7585C420BC4511EFA6BEB39F762E951A.roa (raw, json)
Hash identifier:          aegO21878xQHXnXWv5tx98v67oYB3JTG1MtzFWd5Iq4=
Subject key identifier:   C2:91:6C:5D:33:62:27:6D:A2:AA:DD:A8:F1:D1:25:B5:83:52:C7:74
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       011BB9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7585C420BC4511EFA6BEB39F762E951A.roa
Signing time:             Tue 17 Dec 2024 07:06:38 +0000
ROA not before:           Tue 17 Dec 2024 07:06:35 +0000
ROA not after:            Sat 08 Nov 2025 07:06:35 +0000
asID:                     213736
IP address blocks:        154.92.31.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 10:39:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 72633 (0x11bb9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Dec 17 07:06:35 2024 GMT
            Not After : Nov  8 07:06:35 2025 GMT
        Subject: CN=676122fe-462d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:cb:81:8b:5a:4e:b7:90:79:c8:bb:cc:da:53:
                    d5:a4:c2:c9:b4:7f:58:08:0b:a5:f1:bb:15:95:65:
                    04:57:76:10:1d:c7:16:c2:88:c9:97:e8:07:3d:ad:
                    d1:4e:69:c4:71:5a:1b:58:2b:33:00:66:e6:12:c7:
                    1b:96:9e:39:cc:ce:72:4f:f1:13:20:d5:73:5b:f4:
                    fa:05:c1:e4:88:dd:e8:7b:36:b7:de:ab:cb:db:33:
                    3e:d3:a7:55:a3:57:44:2e:c4:3f:15:17:e6:f5:d0:
                    85:02:7b:34:eb:b3:0f:aa:f8:5f:a9:89:8d:03:06:
                    55:c2:af:fa:3e:56:73:79:0b:29:a5:1a:d9:72:e5:
                    63:98:30:76:4c:0c:bf:bd:90:84:dc:d9:9d:53:1d:
                    00:5a:b9:5e:8f:a1:7d:dc:95:d5:cd:eb:d4:f3:47:
                    d1:6a:11:36:33:f7:20:6c:90:ac:47:78:fe:70:3e:
                    c4:48:22:20:67:e6:3f:b4:cb:5c:ac:92:93:5c:e9:
                    be:f1:3d:35:a8:e5:6f:bd:c8:ea:57:28:18:52:d5:
                    62:ff:70:d1:cd:65:d5:53:2f:2d:a3:b5:a9:fb:bc:
                    48:36:a6:81:63:af:33:01:c6:d2:94:1a:3e:bd:bb:
                    cc:70:4f:50:bc:cc:03:ff:8b:67:38:61:9b:2c:99:
                    4d:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:91:6C:5D:33:62:27:6D:A2:AA:DD:A8:F1:D1:25:B5:83:52:C7:74
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7585C420BC4511EFA6BEB39F762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.92.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:b6:95:8f:26:11:c7:04:52:45:2a:d0:84:80:f1:a2:ad:34:
         6e:7c:3b:fd:1e:73:dc:e0:8b:cf:2d:16:6c:2d:4d:bb:9c:fe:
         1a:bf:43:bd:0e:57:b4:d1:83:da:11:da:9b:c7:17:17:d7:29:
         db:54:6a:d2:31:2a:4c:05:81:8d:0a:5e:69:4e:12:a0:06:77:
         06:3b:eb:cf:00:f5:a0:db:ac:2c:d8:01:85:54:a7:1e:39:87:
         c5:a1:10:74:cc:c8:25:88:4b:5b:45:0f:37:f3:64:87:e0:d7:
         1c:09:ae:9a:06:e0:4b:ab:23:f2:da:f0:2b:f7:d2:7b:c3:53:
         d9:50:ee:6d:76:eb:41:ea:ae:72:2d:42:dd:66:c8:a0:2c:8c:
         86:fb:0b:3c:0f:aa:71:d7:5c:0b:8f:ae:17:4d:3a:cb:32:26:
         98:74:ca:53:a7:c7:0d:14:52:d8:f0:78:ec:17:3a:d2:98:65:
         36:5c:ea:e6:aa:96:87:a2:5c:30:b9:fa:4f:c7:1d:fd:97:f4:
         7b:cb:df:11:3e:7f:bc:d8:58:ff:d5:42:f6:8e:e3:43:67:3f:
         32:46:1a:29:fd:e5:d4:f4:25:e4:b0:d9:2b:de:0a:e7:d6:7b:
         c7:cf:fe:6c:52:05:62:dc:6a:15:1c:51:98:5f:5a:c1:86:b1:
         cb:56:f0:5b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARu5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjE3MDcwNjM1WhcNMjUxMTA4MDcwNjM1WjAYMRYw
FAYDVQQDEw02NzYxMjJmZS00NjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxsuBi1pOt5B5yLvM2lPVpMLJtH9YCAul8bsVlWUEV3YQHccWwojJl+gH
Pa3RTmnEcVobWCszAGbmEscblp45zM5yT/ETINVzW/T6BcHkiN3oeza33qvL2zM+
06dVo1dELsQ/FRfm9dCFAns067MPqvhfqYmNAwZVwq/6PlZzeQsppRrZcuVjmDB2
TAy/vZCE3NmdUx0AWrlej6F93JXVzevU80fRahE2M/cgbJCsR3j+cD7ESCIgZ+Y/
tMtcrJKTXOm+8T01qOVvvcjqVygYUtVi/3DRzWXVUy8to7Wp+7xINqaBY68zAcbS
lBo+vbvMcE9QvMwD/4tnOGGbLJlNEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMKR
bF0zYidtoqrdqPHRJbWDUsd0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NTg1QzQyMEJDNDUxMUVGQTZCRUIzOUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlwfMA0GCSqGSIb3DQEB
CwUAA4IBAQCctpWPJhHHBFJFKtCEgPGirTRufDv9HnPc4IvPLRZsLU27nP4av0O9
Dle00YPaEdqbxxcX1ynbVGrSMSpMBYGNCl5pThKgBncGO+vPAPWg26ws2AGFVKce
OYfFoRB0zMgliEtbRQ8382SH4NccCa6aBuBLqyPy2vAr99J7w1PZUO5tdutB6q5y
LULdZsigLIyG+ws8D6px11wLj64XTTrLMiaYdMpTp8cNFFLY8HjsFzrSmGU2XOrm
qpaHolwwufpPxx39l/R7y98RPn+82Fj/1UL2juNDZz8yRhop/eXU9CXksNkr3grn
1nvHz/5sUgVi3GoVHFGYX1rBhrHLVvBb
-----END CERTIFICATE-----