Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A36AF89C9C1A11EF91472F74762E951A.roa
File:                     A36AF89C9C1A11EF91472F74762E951A.roa (raw, json)
Hash identifier:          mtw7IZnvo6S+/w/tv5L8mz4QsTLkY/FeUVjoYdYyFZo=
Subject key identifier:   D3:66:C4:CE:19:5C:11:57:C3:E9:A1:BB:C9:C8:5E:1A:A4:2E:38:2D
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       010858
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A36AF89C9C1A11EF91472F74762E951A.roa
Signing time:             Wed 06 Nov 2024 08:39:30 +0000
ROA not before:           Wed 06 Nov 2024 08:39:26 +0000
ROA not after:            Mon 30 Dec 2024 08:39:26 +0000
asID:                     55320
IP address blocks:        154.93.98.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67672 (0x10858)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Nov  6 08:39:26 2024 GMT
            Not After : Dec 30 08:39:26 2024 GMT
        Subject: CN=672b2b42-6f6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a4:9e:e6:8b:c2:3a:89:4b:cc:25:9f:e1:fd:
                    df:bf:80:b6:3b:98:41:f4:7a:db:e4:50:63:6e:95:
                    14:e9:20:80:aa:79:f2:6c:14:74:6c:e5:79:d6:2d:
                    ab:66:3f:c2:65:30:c9:e3:de:24:d6:24:64:fe:99:
                    de:bb:92:4a:85:b9:bb:55:5b:3e:ca:07:40:d8:01:
                    96:bf:b0:63:55:91:59:9d:d2:54:42:5f:66:f6:72:
                    f4:c8:87:7e:78:a1:b7:17:46:96:8f:39:35:52:31:
                    cb:bc:2b:ed:9b:f2:96:87:f3:09:30:f6:b5:ac:bb:
                    5e:a8:d1:92:2d:9c:9f:d3:b0:1f:8b:96:f3:9e:0a:
                    75:ff:9a:d0:c9:a1:99:a3:39:19:4a:90:ac:8e:2b:
                    e2:0f:15:8d:33:f6:c7:c3:6d:13:c7:fb:af:e0:04:
                    af:80:bb:29:ab:1b:9f:82:c5:9e:5a:8f:af:94:12:
                    5e:9a:fa:81:f9:82:d4:45:54:5f:7a:80:15:9b:06:
                    ca:db:cc:ce:9e:4b:bf:60:2d:de:ea:61:48:ab:53:
                    a8:39:cf:be:5e:a8:9b:65:51:17:73:8e:e7:e7:c1:
                    26:e1:2d:52:41:96:65:31:47:97:f6:50:a6:fa:41:
                    62:31:bb:19:a9:1f:7f:4d:6d:9a:fa:b9:68:bf:25:
                    e9:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:66:C4:CE:19:5C:11:57:C3:E9:A1:BB:C9:C8:5E:1A:A4:2E:38:2D
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A36AF89C9C1A11EF91472F74762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.93.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:c2:26:81:81:d0:ea:16:4d:a2:6c:89:1b:e4:5b:16:8b:66:
         74:ac:f3:e4:e3:72:d9:08:ba:75:b0:61:e9:6e:af:25:85:4b:
         a8:36:7d:9d:75:06:f5:0d:d3:a6:66:30:f6:a1:8d:ed:ef:3b:
         a9:62:13:06:83:ee:eb:a0:f0:4a:44:d6:43:b3:83:ff:83:15:
         bc:78:24:db:74:30:c0:24:4f:eb:ec:b2:63:00:94:3a:39:1b:
         f0:df:d3:10:a7:75:9d:b6:97:a6:3d:05:3f:cb:54:1c:7d:65:
         f3:2a:60:0c:c3:f7:1e:bf:86:59:b3:da:45:0d:c1:7e:4a:2f:
         96:09:7d:dc:05:ae:0d:15:4b:89:b9:0c:2f:19:17:9c:b3:09:
         0b:a8:0b:32:9a:42:26:b1:7d:6c:64:02:9d:73:4c:ed:ed:91:
         a9:d0:13:b7:6f:e7:b3:65:25:0d:70:58:b2:36:75:8e:19:12:
         9c:a1:af:b9:7a:e9:fc:bd:05:69:df:5b:31:9c:ae:98:df:d2:
         ff:15:78:73:4b:16:90:a0:75:ec:b0:4e:ec:bd:99:55:b5:6e:
         c2:9a:41:5d:d1:42:65:79:90:3e:c6:f3:77:90:74:c3:39:0e:
         1f:8a:8d:00:fb:cf:e2:55:e5:e9:50:57:9a:c7:2a:b3:43:91:
         85:da:4d:02
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQhYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA2MDgzOTI2WhcNMjQxMjMwMDgzOTI2WjAYMRYw
FAYDVQQDEw02NzJiMmI0Mi02ZjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwKSe5ovCOolLzCWf4f3fv4C2O5hB9Hrb5FBjbpUU6SCAqnnybBR0bOV5
1i2rZj/CZTDJ494k1iRk/pneu5JKhbm7VVs+ygdA2AGWv7BjVZFZndJUQl9m9nL0
yId+eKG3F0aWjzk1UjHLvCvtm/KWh/MJMPa1rLteqNGSLZyf07Afi5bzngp1/5rQ
yaGZozkZSpCsjiviDxWNM/bHw20Tx/uv4ASvgLspqxufgsWeWo+vlBJemvqB+YLU
RVRfeoAVmwbK28zOnku/YC3e6mFIq1OoOc++XqibZVEXc47n58Em4S1SQZZlMUeX
9lCm+kFiMbsZqR9/TW2a+rlovyXp5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNNm
xM4ZXBFXw+mhu8nIXhqkLjgtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMzZBRjg5QzlDMUExMUVGOTE0NzJGNzQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml1iMA0GCSqGSIb3DQEB
CwUAA4IBAQCJwiaBgdDqFk2ibIkb5FsWi2Z0rPPk43LZCLp1sGHpbq8lhUuoNn2d
dQb1DdOmZjD2oY3t7zupYhMGg+7roPBKRNZDs4P/gxW8eCTbdDDAJE/r7LJjAJQ6
ORvw39MQp3WdtpemPQU/y1QcfWXzKmAMw/cev4ZZs9pFDcF+Si+WCX3cBa4NFUuJ
uQwvGRecswkLqAsymkImsX1sZAKdc0zt7ZGp0BO3b+ezZSUNcFiyNnWOGRKcoa+5
eun8vQVp31sxnK6Y39L/FXhzSxaQoHXssE7svZlVtW7CmkFd0UJleZA+xvN3kHTD
OQ4fio0A+8/iVeXpUFeaxyqzQ5GF2k0C
-----END CERTIFICATE-----