Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B2B231A82B611EEA78AB0244AD9E6FC.roa
File:                     9B2B231A82B611EEA78AB0244AD9E6FC.roa (raw, json)
Hash identifier:          9vcDBpYR/thAiC6Sl/CxRO85o+MVXDbtj+RYFhTCpTE=
Subject key identifier:   66:9F:D6:A9:11:EC:C9:56:DE:BA:22:E0:BB:DA:33:D1:B7:0C:2C:47
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       4FB4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B2B231A82B611EEA78AB0244AD9E6FC.roa
Signing time:             Tue 14 Nov 2023 06:25:30 +0000
ROA not before:           Tue 14 Nov 2023 06:25:26 +0000
ROA not after:            Tue 12 Nov 2024 06:25:26 +0000
asID:                     397630
IP address blocks:        154.201.60.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20404 (0x4fb4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Nov 14 06:25:26 2023 GMT
            Not After : Nov 12 06:25:26 2024 GMT
        Subject: CN=655312d9-19c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ee:11:1d:fb:1e:87:9e:8e:dc:cc:45:4c:a6:
                    ff:0a:e6:ba:6e:31:c1:32:5a:f7:9f:12:5f:b0:0c:
                    54:08:b1:59:48:16:bf:74:4b:c4:51:af:0f:7a:70:
                    98:c0:57:f0:b1:4e:6a:ae:1b:e8:63:fb:3c:f0:99:
                    c6:3e:0c:b7:6c:eb:7d:b8:57:e7:23:6f:ca:e3:cf:
                    3b:f3:e7:f0:13:ea:fd:87:98:19:10:fc:9d:ee:bf:
                    59:78:ea:9c:03:e9:2c:b5:55:10:e0:25:f0:5d:91:
                    91:5f:ad:3d:a2:62:77:93:10:85:de:18:24:44:c2:
                    49:8a:92:32:4d:e7:08:c6:fb:3d:db:0b:ed:78:55:
                    87:5f:06:9b:84:96:e7:7b:9f:ca:bc:a4:fc:74:d1:
                    69:ba:bf:29:a7:4e:dd:fc:c2:f0:14:c1:43:3a:0f:
                    32:eb:f2:22:af:38:ab:46:22:7f:67:bd:c6:6a:e3:
                    63:7b:76:5f:08:b1:65:6c:04:81:c1:80:60:b7:eb:
                    bc:00:75:ff:f7:15:d7:22:72:72:7e:29:8e:71:0b:
                    dd:cf:24:d8:8c:14:c6:52:43:66:26:59:b9:5b:2b:
                    e2:7c:5b:0e:62:0a:33:ab:70:ad:79:75:cb:e3:46:
                    e9:37:b9:d9:e0:30:7d:27:c5:10:cd:cc:78:f5:1f:
                    9e:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:9F:D6:A9:11:EC:C9:56:DE:BA:22:E0:BB:DA:33:D1:B7:0C:2C:47
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B2B231A82B611EEA78AB0244AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.201.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:63:52:eb:3c:d4:f6:8a:38:95:0c:3f:bf:bc:0a:05:3a:00:
         9c:85:f7:69:2b:a9:fb:a5:50:3b:25:9e:c1:44:b3:dc:1c:ad:
         43:2f:75:ad:fb:37:33:66:09:9d:32:45:8a:47:a5:79:58:5e:
         ec:b4:94:d1:0a:80:18:ad:7b:f0:a6:69:98:00:1e:9a:f9:3e:
         e0:d7:00:30:b9:e6:84:74:b0:d8:37:fa:ef:88:c5:7a:b2:e2:
         b4:5c:75:6b:62:31:a5:a2:1e:5c:05:cd:c9:bf:31:71:39:98:
         da:ec:50:d5:93:d4:15:5f:22:ff:2d:74:b7:a0:f5:57:83:54:
         53:be:ed:ac:13:04:97:d9:4e:a0:2a:09:0c:f7:d0:b7:ad:69:
         c8:52:37:60:c5:c3:ee:e0:fa:a3:dd:e4:1c:31:80:06:d2:74:
         2c:4b:4e:d9:99:ab:dc:72:c0:06:6f:17:ba:6e:47:ee:a7:9b:
         03:12:93:88:e0:e8:af:0e:96:17:fe:43:06:b3:7d:26:bf:05:
         38:c9:ef:92:a8:d0:75:f8:c8:fc:d5:26:12:24:37:8c:04:b4:
         36:bc:9e:8d:60:9c:41:f9:3e:b9:38:99:64:7a:be:67:ce:35:
         51:7d:54:1d:da:6f:d8:1d:7e:71:18:d2:93:6e:c1:d1:af:de:
         c2:e0:9f:c6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICT7QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMTQwNjI1MjZaFw0yNDExMTIwNjI1MjZaMBgxFjAU
BgNVBAMTDTY1NTMxMmQ5LTE5YzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCw7hEd+x6Hno7czEVMpv8K5rpuMcEyWvefEl+wDFQIsVlIFr90S8RRrw96
cJjAV/CxTmquG+hj+zzwmcY+DLds6324V+cjb8rjzzvz5/AT6v2HmBkQ/J3uv1l4
6pwD6Sy1VRDgJfBdkZFfrT2iYneTEIXeGCREwkmKkjJN5wjG+z3bC+14VYdfBpuE
lud7n8q8pPx00Wm6vymnTt38wvAUwUM6DzLr8iKvOKtGIn9nvcZq42N7dl8IsWVs
BIHBgGC367wAdf/3FdcicnJ+KY5xC93PJNiMFMZSQ2YmWblbK+J8Ww5iCjOrcK15
dcvjRuk3udngMH0nxRDNzHj1H549AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZp/W
qRHsyVbeuiLgu9oz0bcMLEcwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzlCMkIyMzFBODJCNjExRUVBNzhBQjAyNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACayTwwDQYJKoZIhvcNAQEL
BQADggEBAIZjUus81PaKOJUMP7+8CgU6AJyF92krqfulUDslnsFEs9wcrUMvda37
NzNmCZ0yRYpHpXlYXuy0lNEKgBite/CmaZgAHpr5PuDXADC55oR0sNg3+u+IxXqy
4rRcdWtiMaWiHlwFzcm/MXE5mNrsUNWT1BVfIv8tdLeg9VeDVFO+7awTBJfZTqAq
CQz30LetachSN2DFw+7g+qPd5BwxgAbSdCxLTtmZq9xywAZvF7puR+6nmwMSk4jg
6K8Olhf+QwazfSa/BTjJ75Ko0HX4yPzVJhIkN4wEtDa8no1gnEH5Prk4mWR6vmfO
NVF9VB3ab9gdfnEY0pNuwdGv3sLgn8Y=
-----END CERTIFICATE-----