Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9662AB12430711EE9C03467D4AD9E6FC.roa
File:                     9662AB12430711EE9C03467D4AD9E6FC.roa (raw, json)
Hash identifier:          0hJG6VTwshN+ShHWnoLR4fUkQsUrq5HzWqTPazUagHE=
Subject key identifier:   A5:C3:39:91:B3:C8:6C:7F:C3:41:7E:0C:6C:E2:03:45:F4:C5:F3:55
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       37BE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9662AB12430711EE9C03467D4AD9E6FC.roa
Signing time:             Fri 25 Aug 2023 05:23:56 +0000
ROA not before:           Fri 25 Aug 2023 05:23:53 +0000
ROA not after:            Sat 15 Jun 2024 05:23:53 +0000
asID:                     5065
IP address blocks:        154.93.16.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14270 (0x37be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Aug 25 05:23:53 2023 GMT
            Not After : Jun 15 05:23:53 2024 GMT
        Subject: CN=64e83aec-022b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:8c:0a:e6:ac:80:36:82:4e:e0:b2:b1:3c:5a:
                    fe:9d:24:7a:90:1a:5f:0d:7b:c3:cf:80:73:fe:96:
                    04:0f:60:70:5d:68:a7:60:ce:69:77:49:a9:c4:86:
                    18:ae:17:ee:99:96:f2:64:b7:e7:21:64:96:d0:39:
                    93:4e:b8:b1:d7:08:a0:24:7b:d5:c9:95:ec:b5:8f:
                    98:41:3a:8d:c5:e1:73:b8:93:29:25:8f:fb:40:01:
                    d0:e2:12:8f:b2:85:c5:64:d9:ef:09:47:89:d3:42:
                    6b:aa:60:4f:c6:8b:7b:8d:16:cc:33:eb:5f:83:59:
                    0f:2a:c1:7b:db:33:ce:79:38:b7:7a:34:d8:20:26:
                    fd:28:a5:8e:9b:c8:57:59:34:38:3c:ea:33:38:9f:
                    80:75:c5:a3:1f:80:4c:41:df:9b:36:f3:4c:c3:04:
                    02:40:3a:ae:90:b1:c7:38:77:33:7f:2a:9b:a9:38:
                    d7:22:9e:6b:cf:4e:b4:9c:21:ec:5b:5d:89:51:bc:
                    52:c9:02:c7:d4:6d:ef:1c:76:65:31:d2:a0:9f:b2:
                    95:d7:ea:bd:61:dd:8a:c3:41:26:4d:fc:67:89:ee:
                    b6:9b:f6:41:df:4e:13:bc:ab:d1:02:ab:ab:c1:c2:
                    be:e3:b5:c4:72:78:78:b7:e0:0b:4a:df:f7:8d:f9:
                    b3:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:C3:39:91:B3:C8:6C:7F:C3:41:7E:0C:6C:E2:03:45:F4:C5:F3:55
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9662AB12430711EE9C03467D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.93.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         d7:88:7f:15:39:67:fd:c0:d9:ab:ee:97:e1:a6:7a:fe:c3:22:
         ba:64:71:30:2f:9f:4e:0e:44:3d:d1:1e:d8:bb:5b:9d:43:0f:
         d9:77:45:8a:61:e7:bc:25:01:c5:6a:75:55:06:84:55:5b:d7:
         66:4b:40:10:02:d0:b2:9c:1c:54:1d:81:f3:67:fd:54:0e:40:
         6c:8a:a3:93:76:1e:6e:e1:7e:c0:6c:f7:22:d7:62:88:f2:1e:
         f8:68:c6:b1:42:51:8f:65:41:38:f0:8a:3c:5f:0d:3e:be:dc:
         ff:e9:a0:10:fd:58:3b:44:78:e8:89:41:54:40:03:01:f7:16:
         3d:55:fe:f2:39:d8:23:3f:f4:3b:55:5d:43:be:42:da:c3:c9:
         8d:f0:3c:c0:a7:a8:e7:be:3f:f8:3e:f9:40:46:f8:e9:0a:f0:
         5d:ca:53:fc:b9:42:a1:db:4e:a9:81:bc:e0:fb:dc:f8:16:88:
         3b:b1:c5:d6:87:bf:ea:34:c7:3e:e4:a1:63:17:62:5f:be:93:
         de:1f:03:17:24:7a:1a:cb:13:92:a0:f5:d7:73:05:a0:d1:2e:
         86:7f:8a:09:9b:6a:c7:99:cc:3d:81:7c:fb:dc:df:68:21:69:
         ed:f8:1a:ac:e3:64:4e:90:3a:37:f7:65:82:5c:d7:58:a0:49:
         87:f6:3e:6d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICN74wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA4MjUwNTIzNTNaFw0yNDA2MTUwNTIzNTNaMBgxFjAU
BgNVBAMTDTY0ZTgzYWVjLTAyMmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCVjArmrIA2gk7gsrE8Wv6dJHqQGl8Ne8PPgHP+lgQPYHBdaKdgzml3SanE
hhiuF+6ZlvJkt+chZJbQOZNOuLHXCKAke9XJley1j5hBOo3F4XO4kyklj/tAAdDi
Eo+yhcVk2e8JR4nTQmuqYE/Gi3uNFswz61+DWQ8qwXvbM855OLd6NNggJv0opY6b
yFdZNDg86jM4n4B1xaMfgExB35s280zDBAJAOq6Qscc4dzN/KpupONcinmvPTrSc
IexbXYlRvFLJAsfUbe8cdmUx0qCfspXX6r1h3YrDQSZN/GeJ7rab9kHfThO8q9EC
q6vBwr7jtcRyeHi34AtK3/eN+bODAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpcM5
kbPIbH/DQX4MbOIDRfTF81UwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4Lzk2NjJBQjEyNDMwNzExRUU5QzAzNDY3RDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKaXRAwDQYJKoZIhvcNAQEL
BQADggEBANeIfxU5Z/3A2avul+Gmev7DIrpkcTAvn04ORD3RHti7W51DD9l3RYph
57wlAcVqdVUGhFVb12ZLQBAC0LKcHFQdgfNn/VQOQGyKo5N2Hm7hfsBs9yLXYojy
HvhoxrFCUY9lQTjwijxfDT6+3P/poBD9WDtEeOiJQVRAAwH3Fj1V/vI52CM/9DtV
XUO+QtrDyY3wPMCnqOe+P/g++UBG+OkK8F3KU/y5QqHbTqmBvOD73PgWiDuxxdaH
v+o0xz7koWMXYl++k94fAxckehrLE5Kg9ddzBaDRLoZ/igmbaseZzD2BfPvc32gh
ae34GqzjZE6QOjf3ZYJc11igSYf2Pm0=
-----END CERTIFICATE-----