Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5BC5B62DB1711EF8DC5579D762E951A.roa
File:                     B5BC5B62DB1711EF8DC5579D762E951A.roa (raw, json)
Hash identifier:          ABBrW5VTeQ0As/uiLSpNi/w/Gl6bLk9V+qUVbdAZKPc=
Subject key identifier:   42:80:D1:D1:03:4C:A0:43:CE:92:ED:C1:04:28:D2:8D:61:D8:C2:85
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       014944
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5BC5B62DB1711EF8DC5579D762E951A.roa
Signing time:             Sat 25 Jan 2025 12:27:15 +0000
ROA not before:           Sat 25 Jan 2025 12:27:10 +0000
ROA not after:            Mon 02 Feb 2026 12:27:10 +0000
asID:                     132839
IP address blocks:        154.216.64.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 84292 (0x14944)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Jan 25 12:27:10 2025 GMT
            Not After : Feb  2 12:27:10 2026 GMT
        Subject: CN=6794d8a3-1129
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:04:51:9a:41:f6:b6:5f:ed:b1:e0:3e:9a:eb:
                    37:a1:c1:11:56:df:b7:13:b5:b0:e9:5a:f7:89:47:
                    05:54:8a:39:17:43:6a:78:88:41:c0:c2:09:33:13:
                    c7:9e:b3:38:24:6a:1f:84:59:68:05:41:c7:2e:0c:
                    2b:3b:2f:90:38:75:e8:97:16:ea:40:de:18:0d:c4:
                    5f:d3:52:8f:31:90:22:2b:5b:7e:c9:c3:14:01:2b:
                    bf:29:8f:64:31:2d:08:8d:d0:92:92:f9:6f:76:72:
                    39:41:5b:a0:94:3e:fa:66:47:4d:04:ec:6c:cf:d0:
                    62:ad:36:16:00:dd:82:b3:c1:2e:b2:ed:cc:72:f5:
                    74:13:df:7a:ce:4a:c3:30:e7:3c:77:20:31:20:46:
                    b1:04:a5:0e:b4:ab:de:85:ff:80:61:41:8d:cc:37:
                    15:3b:e0:18:68:6f:06:e0:50:dd:7f:36:90:25:83:
                    6e:9f:a5:eb:bb:c7:6f:9c:5a:b7:81:e6:29:15:8f:
                    e0:c1:ca:b6:be:4c:30:4d:b9:46:61:88:b4:ec:40:
                    7a:84:2d:57:32:fc:5e:cf:5b:a4:49:09:86:58:58:
                    fa:c3:bb:d8:33:e6:95:78:a3:d3:07:4b:f9:f8:44:
                    9b:fc:f5:40:e9:0b:ce:c0:50:ab:08:e9:2f:94:95:
                    12:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:80:D1:D1:03:4C:A0:43:CE:92:ED:C1:04:28:D2:8D:61:D8:C2:85
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5BC5B62DB1711EF8DC5579D762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.216.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         71:45:e9:61:92:26:41:5b:cf:d3:39:d6:ad:f6:6b:09:76:1c:
         98:15:98:e4:64:59:f1:62:6a:8e:85:e3:15:90:d3:46:ff:4b:
         ec:e8:9a:72:b0:19:0e:d5:85:b3:1f:a9:37:1a:f9:a8:e5:49:
         8c:07:40:4a:23:95:d1:f8:e2:df:26:cb:d1:55:23:fe:4d:51:
         d5:21:b4:e2:2c:d5:69:aa:7e:52:a2:ac:f4:e7:95:ed:68:f5:
         d2:1a:49:d5:a8:ea:b5:3c:e5:fc:f4:13:10:40:43:a3:49:90:
         62:1c:59:8c:e2:a3:5b:ad:f1:33:a8:c3:b3:e7:52:95:c3:e8:
         bc:33:73:2a:9b:75:1a:d0:8f:23:bf:5a:4a:99:c0:d8:4b:2f:
         04:08:17:db:e3:24:ea:08:e1:56:c7:7d:6e:48:2d:cb:c8:c2:
         f2:64:60:55:64:49:3e:54:55:cc:88:b7:05:e5:ee:76:52:04:
         55:9b:41:15:91:39:75:d4:b3:cd:23:4b:a4:52:4d:fd:76:cc:
         43:a9:5e:e6:70:fd:d3:99:dd:79:57:1a:77:c5:0f:7f:1c:7a:
         80:57:61:bb:9e:9f:f1:6f:29:53:01:96:48:3c:ee:c5:c5:32:
         72:e1:11:dd:8a:c9:77:5e:2b:ea:c1:d5:c1:ef:4e:76:6c:d4:
         16:42:5f:40
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUlEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTIyNzEwWhcNMjYwMjAyMTIyNzEwWjAYMRYw
FAYDVQQDEw02Nzk0ZDhhMy0xMTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3ARRmkH2tl/tseA+mus3ocERVt+3E7Ww6Vr3iUcFVIo5F0NqeIhBwMIJ
MxPHnrM4JGofhFloBUHHLgwrOy+QOHXolxbqQN4YDcRf01KPMZAiK1t+ycMUASu/
KY9kMS0IjdCSkvlvdnI5QVuglD76ZkdNBOxsz9BirTYWAN2Cs8Eusu3McvV0E996
zkrDMOc8dyAxIEaxBKUOtKvehf+AYUGNzDcVO+AYaG8G4FDdfzaQJYNun6Xru8dv
nFq3geYpFY/gwcq2vkwwTblGYYi07EB6hC1XMvxez1ukSQmGWFj6w7vYM+aVeKPT
B0v5+ESb/PVA6QvOwFCrCOkvlJUSkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEKA
0dEDTKBDzpLtwQQo0o1h2MKFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNUJDNUI2MkRCMTcxMUVGOERDNTU3OUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmthAMA0GCSqGSIb3DQEB
CwUAA4IBAQBxRelhkiZBW8/TOdat9msJdhyYFZjkZFnxYmqOheMVkNNG/0vs6Jpy
sBkO1YWzH6k3Gvmo5UmMB0BKI5XR+OLfJsvRVSP+TVHVIbTiLNVpqn5Soqz055Xt
aPXSGknVqOq1POX89BMQQEOjSZBiHFmM4qNbrfEzqMOz51KVw+i8M3Mqm3Ua0I8j
v1pKmcDYSy8ECBfb4yTqCOFWx31uSC3LyMLyZGBVZEk+VFXMiLcF5e52UgRVm0EV
kTl11LPNI0ukUk39dsxDqV7mcP3Tmd15Vxp3xQ9/HHqAV2G7np/xbylTAZZIPO7F
xTJy4RHdisl3XivqwdXB7052bNQWQl9A
-----END CERTIFICATE-----