Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76C8FD48696711EE8A783F3F4AD9E6FC.roa
File:                     76C8FD48696711EE8A783F3F4AD9E6FC.roa (raw, json)
Hash identifier:          OSd7Pm1vekAAM/MrIb6OvnTdV5c6iwzXw16IhauQtfA=
Subject key identifier:   18:EF:AA:19:86:00:4B:B4:15:17:E9:B7:B9:86:83:6A:40:C2:CB:1E
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       45B7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76C8FD48696711EE8A783F3F4AD9E6FC.roa
Signing time:             Fri 13 Oct 2023 01:25:59 +0000
ROA not before:           Fri 13 Oct 2023 01:25:56 +0000
ROA not after:            Mon 30 Sep 2024 01:25:56 +0000
asID:                     136897
IP address blocks:        154.210.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17847 (0x45b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Oct 13 01:25:56 2023 GMT
            Not After : Sep 30 01:25:56 2024 GMT
        Subject: CN=65289ca7-8e66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:12:9b:6d:a9:30:33:f8:cb:e3:6d:f0:f2:7c:
                    ec:73:1f:f7:70:71:53:45:73:bd:49:de:0d:fa:82:
                    66:fe:80:61:b0:0d:de:59:bf:25:a1:18:51:4d:2b:
                    74:ed:e7:c7:97:fd:a5:b1:60:b8:74:da:80:aa:e5:
                    fa:62:da:18:3e:91:b5:a9:e3:3a:33:e2:4a:fc:5b:
                    9f:a6:a8:35:44:c6:82:99:91:8c:60:6c:d0:1f:56:
                    c2:ab:1b:0c:f9:15:6c:74:49:6d:31:fa:3e:a5:0f:
                    71:30:da:2f:4e:7d:a6:dc:09:76:b8:be:5f:da:80:
                    ae:1d:3b:5e:46:86:4f:30:b0:ec:54:da:85:52:aa:
                    12:28:4d:d0:ed:9d:51:cd:b8:d3:3e:40:38:83:98:
                    9b:9c:84:83:fe:64:23:66:d8:02:f8:24:a3:6f:c4:
                    e8:14:af:dd:30:67:75:8b:3e:60:ba:95:0c:1f:8f:
                    32:60:59:6f:6a:bb:90:1c:73:48:8e:92:51:29:d5:
                    0d:bc:d1:96:8c:4b:5a:a6:06:f4:ea:0e:61:7e:7c:
                    d0:ac:24:06:0b:56:8e:40:18:04:25:a7:a7:b8:cd:
                    1b:ae:0b:4c:53:0b:a7:3d:24:7d:35:ee:d7:e5:46:
                    cd:60:2a:cb:b6:66:bc:cf:b7:97:5c:8c:9c:63:15:
                    18:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:EF:AA:19:86:00:4B:B4:15:17:E9:B7:B9:86:83:6A:40:C2:CB:1E
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76C8FD48696711EE8A783F3F4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.210.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:3e:5c:70:a7:67:15:f2:24:6c:8d:a4:56:ab:e5:98:7d:c9:
         9f:89:95:88:73:29:ef:51:7e:b7:ec:b7:c2:6d:85:23:b1:16:
         26:a6:28:f2:a9:75:b4:84:04:02:45:d7:c2:d0:76:ab:35:8d:
         01:08:3d:f8:b3:f5:0a:9d:66:6b:22:a2:24:bf:e2:41:38:69:
         79:d9:28:98:0c:90:c2:1a:b7:db:13:e0:31:11:16:04:f3:e5:
         ec:1d:af:bf:75:90:19:ca:f5:1f:91:ac:ac:8f:58:86:af:4d:
         90:e4:b8:78:47:83:52:78:14:ee:40:9b:c2:1d:a7:50:d9:4e:
         3b:35:a7:50:f3:f2:08:25:6d:cb:b2:ba:d6:3c:05:c0:f9:1e:
         9b:63:69:37:45:89:94:43:08:83:bc:da:c9:68:82:10:e0:63:
         c8:a7:0c:b9:1c:86:b8:c3:ab:81:00:b8:1c:8c:2f:e7:3e:fd:
         9b:59:33:e3:23:40:83:22:96:81:3f:d9:11:b2:1f:d2:dc:aa:
         98:8d:50:17:ec:99:79:f0:e7:ae:0f:a3:43:35:dd:74:78:c5:
         a3:60:1e:0c:3d:e6:17:dd:68:9b:26:71:1b:07:3e:76:ec:96:
         51:a8:63:bd:bd:8c:a2:af:d7:41:4a:25:8e:64:fd:79:01:cb:
         a4:63:d3:54
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICRbcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzEwMTMwMTI1NTZaFw0yNDA5MzAwMTI1NTZaMBgxFjAU
BgNVBAMTDTY1Mjg5Y2E3LThlNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDgEpttqTAz+MvjbfDyfOxzH/dwcVNFc71J3g36gmb+gGGwDd5ZvyWhGFFN
K3Tt58eX/aWxYLh02oCq5fpi2hg+kbWp4zoz4kr8W5+mqDVExoKZkYxgbNAfVsKr
Gwz5FWx0SW0x+j6lD3Ew2i9OfabcCXa4vl/agK4dO15Ghk8wsOxU2oVSqhIoTdDt
nVHNuNM+QDiDmJuchIP+ZCNm2AL4JKNvxOgUr90wZ3WLPmC6lQwfjzJgWW9qu5Ac
c0iOklEp1Q280ZaMS1qmBvTqDmF+fNCsJAYLVo5AGAQlp6e4zRuuC0xTC6c9JH01
7tflRs1gKsu2ZrzPt5dcjJxjFRiTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUGO+q
GYYAS7QVF+m3uYaDakDCyx4wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4Lzc2QzhGRDQ4Njk2NzExRUU4QTc4M0YzRjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa0gcwDQYJKoZIhvcNAQEL
BQADggEBACU+XHCnZxXyJGyNpFar5Zh9yZ+JlYhzKe9Rfrfst8JthSOxFiamKPKp
dbSEBAJF18LQdqs1jQEIPfiz9QqdZmsioiS/4kE4aXnZKJgMkMIat9sT4DERFgTz
5ewdr791kBnK9R+RrKyPWIavTZDkuHhHg1J4FO5Am8Idp1DZTjs1p1Dz8gglbcuy
utY8BcD5HptjaTdFiZRDCIO82sloghDgY8inDLkchrjDq4EAuByML+c+/ZtZM+Mj
QIMiloE/2RGyH9LcqpiNUBfsmXnw564Po0M13XR4xaNgHgw95hfdaJsmcRsHPnbs
llGoY729jKKv10FKJY5k/XkBy6Rj01Q=
-----END CERTIFICATE-----