Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99F23A14E23D11EFA42D4F49762E951A.roa
File:                     99F23A14E23D11EFA42D4F49762E951A.roa (raw, json)
Hash identifier:          ihGdDwSwqzddourC4/8j4KNj6VV62HOnt3Nq8z7/WRU=
Subject key identifier:   60:21:E0:3B:ED:4C:72:BF:68:51:D4:EB:4D:72:77:C6:E0:11:3C:85
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       015018
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99F23A14E23D11EFA42D4F49762E951A.roa
Signing time:             Mon 03 Feb 2025 14:46:08 +0000
ROA not before:           Mon 03 Feb 2025 14:46:04 +0000
ROA not after:            Wed 30 Apr 2025 14:46:04 +0000
asID:                     46071
IP address blocks:        154.209.7.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 86040 (0x15018)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Feb  3 14:46:04 2025 GMT
            Not After : Apr 30 14:46:04 2025 GMT
        Subject: CN=67a0d6af-339c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:36:3c:7d:e4:ba:d4:6b:52:c9:a1:1d:41:3e:
                    f5:92:76:2f:c4:06:35:86:97:f2:f1:65:36:67:2f:
                    c5:82:65:e3:b6:4b:02:54:38:6b:0f:0e:97:36:7f:
                    59:1f:d2:45:f7:76:7a:c6:ff:d3:0f:cf:d5:1f:bb:
                    71:65:37:42:be:20:e2:0c:4e:53:d9:c2:6e:7d:40:
                    69:15:41:45:5b:d0:b1:ca:8a:c7:b3:8a:29:8c:0e:
                    95:db:fd:4d:73:66:89:85:2c:e4:bf:9d:a3:eb:28:
                    8b:3f:8c:2b:d1:6b:0b:20:d6:f2:b1:62:da:bd:07:
                    94:65:6c:da:fe:68:1c:76:77:11:73:70:62:1e:74:
                    27:20:13:bd:0a:93:ad:66:2e:95:e2:81:91:df:85:
                    82:cb:59:30:e7:71:59:71:f9:f0:16:2b:94:4b:d1:
                    9a:f0:aa:0b:17:84:9d:11:c4:6b:d5:0e:33:5e:62:
                    8e:62:cd:e6:2b:8a:63:7a:cb:a3:ec:2a:68:1a:0f:
                    08:5d:a1:61:e7:7e:bd:00:21:b5:81:c1:1f:20:04:
                    e7:99:ad:1b:e2:5e:90:97:20:01:97:d3:0e:45:3b:
                    5b:41:a9:04:be:db:fe:0d:26:a1:3a:95:94:20:2a:
                    7f:86:fc:23:83:88:78:e9:8a:67:5c:c0:3b:45:2a:
                    f3:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:21:E0:3B:ED:4C:72:BF:68:51:D4:EB:4D:72:77:C6:E0:11:3C:85
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99F23A14E23D11EFA42D4F49762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.209.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:bb:eb:08:1d:a8:5c:4a:a2:e7:45:c2:26:b6:29:f2:b0:03:
         52:41:e7:3a:fe:bf:ff:d3:4e:90:a9:a5:ee:ac:e7:8d:99:23:
         65:12:66:75:40:39:14:49:bb:e5:52:52:8b:d3:04:c6:d2:03:
         8d:b3:34:cd:d7:1f:41:61:c1:3c:fb:ec:19:81:b5:0c:c6:22:
         40:2c:de:ce:1c:92:db:8c:bd:06:d8:11:5e:cf:39:a2:8e:30:
         66:11:ce:af:73:8b:20:e6:94:7c:18:74:13:65:88:50:07:fa:
         3c:77:12:4a:ea:d3:b8:52:1a:d1:e9:c6:a3:09:31:d7:a8:96:
         de:3a:29:2e:da:c5:e0:65:62:1b:4d:27:9c:54:cb:a4:45:a0:
         cd:78:16:74:cd:ff:18:27:e5:cf:c0:9e:ec:16:bc:a1:d2:38:
         33:26:af:99:1b:4e:1b:f0:5b:78:ba:ff:73:26:cf:38:7f:7e:
         73:43:a7:c1:09:e3:a0:8a:a1:dc:b6:e2:ae:fd:e0:34:12:9e:
         b9:4d:4f:cf:c8:8e:de:15:af:1f:91:c3:30:a7:d5:79:73:31:
         0c:36:61:19:b9:39:fa:77:c6:91:b2:95:e7:a7:54:08:d5:44:
         cc:65:7b:33:e8:d1:97:36:12:35:56:32:d3:64:54:e1:1d:60:
         bb:e4:b4:2a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVAYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjAzMTQ0NjA0WhcNMjUwNDMwMTQ0NjA0WjAYMRYw
FAYDVQQDEw02N2EwZDZhZi0zMzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7TY8feS61GtSyaEdQT71knYvxAY1hpfy8WU2Zy/FgmXjtksCVDhrDw6X
Nn9ZH9JF93Z6xv/TD8/VH7txZTdCviDiDE5T2cJufUBpFUFFW9CxyorHs4opjA6V
2/1Nc2aJhSzkv52j6yiLP4wr0WsLINbysWLavQeUZWza/mgcdncRc3BiHnQnIBO9
CpOtZi6V4oGR34WCy1kw53FZcfnwFiuUS9Ga8KoLF4SdEcRr1Q4zXmKOYs3mK4pj
esuj7CpoGg8IXaFh5369ACG1gcEfIATnma0b4l6QlyABl9MORTtbQakEvtv+DSah
OpWUICp/hvwjg4h46YpnXMA7RSrz1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGAh
4DvtTHK/aFHU601yd8bgETyFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OUYyM0ExNEUyM0QxMUVGQTQyRDRGNDk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtEHMA0GCSqGSIb3DQEB
CwUAA4IBAQBvu+sIHahcSqLnRcImtinysANSQec6/r//006QqaXurOeNmSNlEmZ1
QDkUSbvlUlKL0wTG0gONszTN1x9BYcE8++wZgbUMxiJALN7OHJLbjL0G2BFezzmi
jjBmEc6vc4sg5pR8GHQTZYhQB/o8dxJK6tO4UhrR6cajCTHXqJbeOiku2sXgZWIb
TSecVMukRaDNeBZ0zf8YJ+XPwJ7sFryh0jgzJq+ZG04b8Ft4uv9zJs84f35zQ6fB
CeOgiqHctuKu/eA0Ep65TU/PyI7eFa8fkcMwp9V5czEMNmEZuTn6d8aRspXnp1QI
1UTMZXsz6NGXNhI1VjLTZFThHWC75LQq
-----END CERTIFICATE-----