Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/996C4DD8C3C411EF90044776762E951A.roa
File:                     996C4DD8C3C411EF90044776762E951A.roa (raw, json)
Hash identifier:          oQ09VVhyzLIDy/95CBnW8NZx+qCtNvf2yMirBJ4klY4=
Subject key identifier:   5B:7C:F1:30:73:7A:83:3B:72:F4:00:BF:9B:72:6F:C6:6B:19:37:B8
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0127C2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/996C4DD8C3C411EF90044776762E951A.roa
Signing time:             Thu 26 Dec 2024 20:04:23 +0000
ROA not before:           Thu 26 Dec 2024 20:04:19 +0000
ROA not after:            Fri 12 Dec 2025 20:04:19 +0000
asID:                     984
IP address blocks:        154.83.5.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75714 (0x127c2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Dec 26 20:04:19 2024 GMT
            Not After : Dec 12 20:04:19 2025 GMT
        Subject: CN=676db6c7-47d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a4:58:a5:fd:fa:62:b1:5e:77:9b:f3:66:72:
                    be:14:bd:70:8e:13:c9:23:f7:5b:cc:0e:f0:11:54:
                    5e:d9:09:89:94:c7:04:ba:e9:7b:46:c8:0c:a9:a9:
                    a1:d7:b7:d1:49:1a:f6:fe:a3:a8:aa:75:10:14:3a:
                    60:42:77:a1:f7:43:15:84:69:e7:ad:98:87:43:14:
                    b0:31:a8:ad:49:fa:09:e0:4c:9b:7f:a3:de:dc:e0:
                    5b:26:60:ce:84:9a:ac:23:c0:6a:04:fe:ed:ad:e5:
                    31:92:78:aa:55:16:5e:c4:a0:f6:8f:64:8b:fa:0c:
                    bb:c8:ba:ae:7c:fa:5f:82:cc:6d:23:af:c2:f0:c4:
                    98:1a:19:1b:f4:10:3f:cd:c6:b3:a8:f9:1d:50:6c:
                    a8:8f:93:40:5c:7a:6b:dd:f2:db:92:e9:35:a8:c8:
                    8d:92:2a:66:05:56:66:81:22:0c:8a:20:fb:e4:a4:
                    c6:cf:f3:e7:31:0a:ec:3b:93:ea:23:0d:03:0a:7e:
                    f1:5a:8d:a8:80:70:6a:c6:1a:1d:7d:0f:94:3d:30:
                    d1:ce:6a:d8:33:45:61:f5:b0:19:84:26:1b:65:57:
                    e6:2e:35:30:aa:74:e3:ed:53:07:60:1c:a7:e7:89:
                    41:10:68:b4:e0:cf:cc:74:a5:77:20:6c:11:bd:36:
                    11:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:7C:F1:30:73:7A:83:3B:72:F4:00:BF:9B:72:6F:C6:6B:19:37:B8
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/996C4DD8C3C411EF90044776762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.83.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:bf:d4:f2:27:0c:75:68:eb:d6:16:7d:71:2b:4c:db:07:f5:
         70:7b:fb:c6:4c:08:19:4a:27:a3:13:b9:8b:0c:ef:80:eb:ee:
         59:2e:a9:6a:0f:98:cc:a3:de:c7:86:2f:a7:ee:8c:31:87:f3:
         44:eb:1f:d9:4b:56:5f:60:93:c0:2a:35:c0:48:c5:c9:db:ad:
         eb:f9:a6:a5:41:58:4a:9f:f1:db:f9:7d:2e:82:98:1f:09:e6:
         19:ac:8c:7b:fd:7a:fd:27:dc:2f:67:81:96:9f:e3:99:c7:fa:
         3c:36:99:5b:07:f3:fc:3b:4b:c5:70:78:fc:db:29:58:3f:c9:
         f4:da:74:dd:f1:40:dd:07:e8:b3:30:7a:f8:fe:dd:ae:4e:4e:
         05:ac:48:01:68:75:ef:d4:36:93:58:60:d1:8d:d2:96:95:b3:
         eb:36:25:88:8a:44:71:2a:52:09:66:c4:74:6f:54:cb:09:d3:
         69:12:fd:17:2b:1b:ed:4e:6a:96:a6:c7:55:70:7d:2b:a3:13:
         39:2b:8d:f7:f0:e5:a4:99:5f:d8:76:4d:1d:ff:43:e2:b8:81:
         c6:68:93:63:b4:03:cb:34:29:4e:80:24:52:5f:30:7c:94:bb:
         78:7d:48:31:ac:20:6c:e0:58:44:92:97:1b:6a:b5:f5:7a:28:
         c4:ee:1f:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASfCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjAwNDE5WhcNMjUxMjEyMjAwNDE5WjAYMRYw
FAYDVQQDEw02NzZkYjZjNy00N2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArKRYpf36YrFed5vzZnK+FL1wjhPJI/dbzA7wEVRe2QmJlMcEuul7RsgM
qamh17fRSRr2/qOoqnUQFDpgQneh90MVhGnnrZiHQxSwMaitSfoJ4Eybf6Pe3OBb
JmDOhJqsI8BqBP7treUxkniqVRZexKD2j2SL+gy7yLqufPpfgsxtI6/C8MSYGhkb
9BA/zcazqPkdUGyoj5NAXHpr3fLbkuk1qMiNkipmBVZmgSIMiiD75KTGz/PnMQrs
O5PqIw0DCn7xWo2ogHBqxhodfQ+UPTDRzmrYM0Vh9bAZhCYbZVfmLjUwqnTj7VMH
YByn54lBEGi04M/MdKV3IGwRvTYRiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFt8
8TBzeoM7cvQAv5tyb8ZrGTe4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OTZDNEREOEMzQzQxMUVGOTAwNDQ3NzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlMFMA0GCSqGSIb3DQEB
CwUAA4IBAQAOv9TyJwx1aOvWFn1xK0zbB/Vwe/vGTAgZSiejE7mLDO+A6+5ZLqlq
D5jMo97Hhi+n7owxh/NE6x/ZS1ZfYJPAKjXASMXJ263r+aalQVhKn/Hb+X0ugpgf
CeYZrIx7/Xr9J9wvZ4GWn+OZx/o8NplbB/P8O0vFcHj82ylYP8n02nTd8UDdB+iz
MHr4/t2uTk4FrEgBaHXv1DaTWGDRjdKWlbPrNiWIikRxKlIJZsR0b1TLCdNpEv0X
KxvtTmqWpsdVcH0roxM5K4338OWkmV/Ydk0d/0PiuIHGaJNjtAPLNClOgCRSXzB8
lLt4fUgxrCBs4FhEkpcbarX1eijE7h/n
-----END CERTIFICATE-----