Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9320D704B22D11EE87726774775412E6.roa
File:                     9320D704B22D11EE87726774775412E6.roa (raw, json)
Hash identifier:          VP6sq1CUCHLmj0J5kHNH/lYiVTMOHC5C1Ga77Ld/fDE=
Subject key identifier:   9B:50:DC:3B:CD:CD:CC:4A:84:1E:E2:99:1A:E6:CD:0E:23:67:C9:E5
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       74FE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9320D704B22D11EE87726774775412E6.roa
Signing time:             Sat 13 Jan 2024 16:05:31 +0000
ROA not before:           Sat 13 Jan 2024 16:05:27 +0000
ROA not after:            Fri 13 Dec 2024 16:05:27 +0000
asID:                     140227
IP address blocks:        154.205.219.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29950 (0x74fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jan 13 16:05:27 2024 GMT
            Not After : Dec 13 16:05:27 2024 GMT
        Subject: CN=65a2b4cb-bee6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:80:0d:68:8a:b2:ee:21:d9:ae:59:ad:9e:7b:
                    50:3d:3b:f4:4e:6c:1d:e5:cd:85:fb:1c:66:3b:d2:
                    d7:35:ef:80:95:60:a1:25:09:c3:c0:ab:35:33:88:
                    9d:d1:85:a5:0d:93:fa:10:95:a0:ab:3d:3b:37:78:
                    db:7f:66:67:cb:68:5f:2e:03:5c:85:c9:b1:db:72:
                    d1:80:3b:21:89:54:e0:ab:38:b6:29:6e:96:63:ce:
                    20:23:57:06:0e:09:55:ff:3e:01:35:35:51:af:66:
                    31:ef:e8:2d:bf:61:e6:e3:63:38:f9:ff:68:51:39:
                    03:19:f4:7e:65:97:d8:ad:08:e1:56:d9:7a:70:bb:
                    cd:29:5b:50:cf:78:ec:ee:17:57:af:ca:58:a2:e4:
                    56:ca:e5:22:22:8b:5f:cc:96:5b:f1:fe:31:37:3a:
                    dd:c8:22:6b:17:d1:c4:9c:da:6c:f3:83:8f:da:e5:
                    af:47:54:3e:2c:b4:d8:7f:eb:41:9f:2b:09:bb:25:
                    21:4d:87:ce:15:65:3b:45:f2:3b:4f:90:c3:10:5f:
                    54:ed:7a:ff:8a:40:99:1c:0b:37:65:dc:d1:f8:57:
                    04:3a:8c:c2:06:c4:d5:d0:f0:25:2a:cd:90:10:75:
                    80:e9:8f:4b:f9:c3:a2:6d:d7:4a:31:8c:5c:1d:b2:
                    54:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:50:DC:3B:CD:CD:CC:4A:84:1E:E2:99:1A:E6:CD:0E:23:67:C9:E5
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9320D704B22D11EE87726774775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:1d:41:61:11:cc:f7:41:a0:dd:41:fd:d8:b2:c4:b6:2f:42:
         54:56:7f:e6:04:50:99:c2:b6:58:fc:a2:48:12:07:b8:b3:8e:
         a8:39:ad:06:58:3c:26:e4:ae:43:ed:30:55:c1:de:3f:fd:1a:
         5d:2c:97:13:bb:0b:f3:da:6d:4a:f6:a0:42:f6:a8:ab:01:04:
         36:bb:2a:e8:15:63:62:6b:eb:bb:80:ad:79:5a:db:cb:87:fb:
         8f:12:e7:1f:3c:e4:b6:ef:84:cb:00:ae:ed:42:57:3a:c4:6c:
         9e:83:d7:e2:98:a1:c2:ed:77:7c:89:23:81:bd:ca:54:8f:4d:
         15:52:d6:27:fd:df:33:19:64:35:79:b3:9f:c8:c2:99:e0:ab:
         b6:2b:c0:13:ca:0d:87:65:4f:56:89:b9:db:51:70:ae:60:0e:
         ea:90:76:43:b6:e2:e8:46:0f:b4:15:4c:fd:54:50:5a:f4:d5:
         93:83:5c:c9:c0:1d:ee:6b:a3:a0:fb:bb:4f:ad:96:e8:3a:ba:
         95:78:3b:57:59:26:c2:a4:91:22:80:3c:78:20:9b:f4:75:30:
         52:4e:27:dd:12:aa:cb:b0:f2:5b:e0:39:f5:81:2e:92:ad:c4:
         72:9f:7c:c0:80:f7:e9:72:9d:99:59:48:70:31:c5:86:19:0a:
         74:13:1c:2f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICdP4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMTMxNjA1MjdaFw0yNDEyMTMxNjA1MjdaMBgxFjAU
BgNVBAMTDTY1YTJiNGNiLWJlZTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7gA1oirLuIdmuWa2ee1A9O/RObB3lzYX7HGY70tc174CVYKElCcPAqzUz
iJ3RhaUNk/oQlaCrPTs3eNt/ZmfLaF8uA1yFybHbctGAOyGJVOCrOLYpbpZjziAj
VwYOCVX/PgE1NVGvZjHv6C2/YebjYzj5/2hROQMZ9H5ll9itCOFW2Xpwu80pW1DP
eOzuF1evylii5FbK5SIii1/Mllvx/jE3Ot3IImsX0cSc2mzzg4/a5a9HVD4stNh/
60GfKwm7JSFNh84VZTtF8jtPkMMQX1Ttev+KQJkcCzdl3NH4VwQ6jMIGxNXQ8CUq
zZAQdYDpj0v5w6Jt10oxjFwdslT3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUm1Dc
O83NzEqEHuKZGubNDiNnyeUwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzkzMjBENzA0QjIyRDExRUU4NzcyNjc3NDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazdswDQYJKoZIhvcNAQEL
BQADggEBAHQdQWERzPdBoN1B/diyxLYvQlRWf+YEUJnCtlj8okgSB7izjqg5rQZY
PCbkrkPtMFXB3j/9Gl0slxO7C/PabUr2oEL2qKsBBDa7KugVY2Jr67uArXla28uH
+48S5x885LbvhMsAru1CVzrEbJ6D1+KYocLtd3yJI4G9ylSPTRVS1if93zMZZDV5
s5/Iwpngq7YrwBPKDYdlT1aJudtRcK5gDuqQdkO24uhGD7QVTP1UUFr01ZODXMnA
He5ro6D7u0+tlug6upV4O1dZJsKkkSKAPHggm/R1MFJOJ90Sqsuw8lvgOfWBLpKt
xHKffMCA9+lynZlZSHAxxYYZCnQTHC8=
-----END CERTIFICATE-----