Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9EBF322EC3C311EFA6F80470762E951A.roa
File:                     9EBF322EC3C311EFA6F80470762E951A.roa (raw, json)
Hash identifier:          ZrhD4hGToGUsPrvz2tkue0Bjw/c+ZJZdYE6IbrgQ4fs=
Subject key identifier:   8C:90:71:2E:5A:32:92:20:E8:74:56:C0:FD:A6:CE:95:FF:27:23:71
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0127B8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9EBF322EC3C311EFA6F80470762E951A.roa
Signing time:             Thu 26 Dec 2024 19:57:22 +0000
ROA not before:           Thu 26 Dec 2024 19:57:18 +0000
ROA not after:            Fri 12 Dec 2025 19:57:18 +0000
asID:                     984
IP address blocks:        154.82.17.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75704 (0x127b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Dec 26 19:57:18 2024 GMT
            Not After : Dec 12 19:57:18 2025 GMT
        Subject: CN=676db522-d5fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:06:3c:c1:eb:f7:8b:5a:74:59:94:a2:6e:3d:
                    6a:ca:1e:80:eb:f0:d2:d4:a3:f8:c7:82:c9:ab:80:
                    30:1f:b9:59:8d:43:05:db:90:cf:d4:3d:9a:f2:b0:
                    0b:ca:51:04:e7:e0:56:43:37:b3:0a:98:6c:c3:c1:
                    95:cc:c8:bd:2e:04:61:bd:81:a3:ac:50:ec:32:6a:
                    1b:68:29:8b:79:a8:70:ad:0f:bf:a2:5a:d0:2b:e6:
                    04:53:27:dd:91:13:7e:de:43:5d:33:f3:75:27:47:
                    92:80:78:82:f5:b2:ff:ea:8e:45:bc:d9:c9:14:0e:
                    3f:fd:8b:06:e1:8b:e8:50:01:67:6d:1c:8f:f9:9e:
                    e9:8e:1d:7b:34:31:6d:2e:bf:52:63:bc:79:d1:8d:
                    11:b3:98:8e:7e:ca:31:76:dc:14:c0:e8:5d:23:c7:
                    02:1d:f2:3f:af:5a:28:59:a0:73:1f:83:2d:77:85:
                    17:45:e2:e4:dd:9d:7e:2b:0b:07:72:0f:02:0a:10:
                    27:6c:3a:de:11:88:e1:3d:c3:d1:44:0f:b8:93:11:
                    9a:f7:27:e2:63:39:6a:53:09:cc:03:b8:b1:71:b8:
                    42:b7:f7:06:f5:b8:c4:42:12:ea:34:fb:24:f3:07:
                    b6:47:f6:17:9f:80:a4:4e:78:b1:1f:35:ab:a6:a3:
                    05:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:90:71:2E:5A:32:92:20:E8:74:56:C0:FD:A6:CE:95:FF:27:23:71
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9EBF322EC3C311EFA6F80470762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.82.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:e8:54:21:62:cb:4a:dc:a7:22:3f:9e:31:a9:46:f1:c6:51:
         04:80:dd:4b:52:7a:43:8f:cd:4c:5e:8a:e5:6e:8d:48:12:22:
         11:07:de:ab:cc:9c:d6:94:27:05:42:ba:a2:31:d9:eb:ea:e5:
         9d:46:18:2d:25:d6:bd:08:4d:8f:62:93:b9:dc:32:f0:2e:ad:
         f1:35:e1:d2:b9:36:1a:9b:ed:83:bf:61:99:e7:e3:d6:86:36:
         fb:9c:dc:53:b3:08:b9:fa:06:20:71:f4:43:da:23:3c:d5:0e:
         53:e3:e7:cf:de:4b:39:ec:ed:10:a8:12:0f:75:75:aa:fb:27:
         6c:4c:a0:4c:ef:7b:e9:a7:99:b2:cf:c3:73:f1:4b:c4:fc:1b:
         4b:42:67:3a:f2:fb:8d:7c:89:60:fd:32:41:cb:15:30:64:9a:
         cb:e7:01:87:44:86:36:85:ab:d8:b1:e3:47:fe:82:7e:ee:2b:
         61:eb:46:7c:65:58:86:31:f7:f2:50:1c:25:ab:62:c6:4a:6c:
         fe:bd:42:12:df:13:72:88:b8:00:16:c2:b5:d6:0f:e6:f2:d5:
         6b:28:17:ae:a2:ed:d6:ce:9b:ee:d1:00:62:16:2c:3f:b4:5b:
         4f:c4:c4:46:db:89:44:d9:d5:bb:e0:6f:eb:1d:d4:5d:37:59:
         a0:c4:7b:94
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASe4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MTk1NzE4WhcNMjUxMjEyMTk1NzE4WjAYMRYw
FAYDVQQDEw02NzZkYjUyMi1kNWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxAY8wev3i1p0WZSibj1qyh6A6/DS1KP4x4LJq4AwH7lZjUMF25DP1D2a
8rALylEE5+BWQzezCphsw8GVzMi9LgRhvYGjrFDsMmobaCmLeahwrQ+/olrQK+YE
UyfdkRN+3kNdM/N1J0eSgHiC9bL/6o5FvNnJFA4//YsG4YvoUAFnbRyP+Z7pjh17
NDFtLr9SY7x50Y0Rs5iOfsoxdtwUwOhdI8cCHfI/r1ooWaBzH4Mtd4UXReLk3Z1+
KwsHcg8CChAnbDreEYjhPcPRRA+4kxGa9yfiYzlqUwnMA7ixcbhCt/cG9bjEQhLq
NPsk8we2R/YXn4CkTnixHzWrpqMFIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIyQ
cS5aMpIg6HRWwP2mzpX/JyNxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RUJGMzIyRUMzQzMxMUVGQTZGODA0NzA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlIRMA0GCSqGSIb3DQEB
CwUAA4IBAQAh6FQhYstK3KciP54xqUbxxlEEgN1LUnpDj81MXorlbo1IEiIRB96r
zJzWlCcFQrqiMdnr6uWdRhgtJda9CE2PYpO53DLwLq3xNeHSuTYam+2Dv2GZ5+PW
hjb7nNxTswi5+gYgcfRD2iM81Q5T4+fP3ks57O0QqBIPdXWq+ydsTKBM73vpp5my
z8Nz8UvE/BtLQmc68vuNfIlg/TJByxUwZJrL5wGHRIY2havYseNH/oJ+7ith60Z8
ZViGMffyUBwlq2LGSmz+vUIS3xNyiLgAFsK11g/m8tVrKBeuou3Wzpvu0QBiFiw/
tFtPxMRG24lE2dW74G/rHdRdN1mgxHuU
-----END CERTIFICATE-----