Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD32F28ED99011EFABDC9248762E951A.roa
File:                     CD32F28ED99011EFABDC9248762E951A.roa (raw, json)
Hash identifier:          DC1NrlEMVLJiFC3+1YmGlssMNy1g5LkTf6NeeyQsa7Y=
Subject key identifier:   E4:CB:D2:2C:87:0F:E5:D6:76:72:67:DF:25:E1:12:9A:43:5B:45:A0
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01428E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD32F28ED99011EFABDC9248762E951A.roa
Signing time:             Thu 23 Jan 2025 13:49:01 +0000
ROA not before:           Thu 23 Jan 2025 13:48:58 +0000
ROA not after:            Tue 13 May 2025 13:48:58 +0000
asID:                     138915
IP address blocks:        154.205.151.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82574 (0x1428e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Jan 23 13:48:58 2025 GMT
            Not After : May 13 13:48:58 2025 GMT
        Subject: CN=679248cd-5d41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:b0:f1:ca:90:08:28:c6:c7:73:44:58:c1:f8:
                    12:5d:4f:20:8a:7b:7e:4c:b3:99:8d:fc:1f:d0:74:
                    f0:0c:44:b0:3a:f5:53:15:9c:42:3b:1c:de:d3:43:
                    41:4d:1b:c1:78:50:a5:47:60:89:05:cf:6f:64:10:
                    88:20:74:fa:b1:33:03:fc:69:b3:5d:7b:eb:d7:b0:
                    4d:b7:10:9a:7c:fb:bf:94:0b:79:50:d5:6b:bd:c8:
                    2c:5d:95:54:59:3c:a9:3f:71:7a:4b:d3:66:02:77:
                    ab:32:93:b5:a4:d5:fe:1c:81:7f:37:a2:34:ef:71:
                    f5:ef:04:f2:7b:f4:15:2b:98:3f:e9:5b:4e:92:21:
                    14:8a:fe:a2:26:a1:58:da:20:34:ba:f1:7f:f0:2d:
                    2a:da:a3:41:12:8d:a2:8f:26:cd:f7:9c:9d:5d:43:
                    1a:b1:6a:b0:3c:53:a1:1c:a9:fd:b3:4b:5d:c0:9d:
                    61:fe:5f:d0:e0:9d:9c:ac:5d:10:2a:9c:e8:da:4c:
                    cf:78:dc:b9:c9:bb:17:e0:73:e0:d8:3f:b5:1a:63:
                    63:a8:13:e0:01:bd:ed:f7:8b:1e:4a:48:ac:96:89:
                    69:95:5f:df:b0:aa:15:c9:98:24:22:c9:28:73:04:
                    e5:b0:b7:34:1d:c9:c5:5e:3f:f4:00:af:11:b3:3b:
                    23:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:CB:D2:2C:87:0F:E5:D6:76:72:67:DF:25:E1:12:9A:43:5B:45:A0
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD32F28ED99011EFABDC9248762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.205.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:4c:9e:d2:37:c3:c0:84:38:30:f0:ae:48:b8:84:73:08:dd:
         57:0b:b6:d5:fb:3a:cd:20:b5:48:f0:3d:eb:7e:cf:6c:18:c4:
         68:9b:d9:7f:a6:34:67:2a:d8:55:5a:63:8f:50:d8:0d:ca:0d:
         57:f2:bf:5b:51:91:4e:5b:fc:5a:d2:81:7e:31:3e:d8:b5:4c:
         e2:e5:77:ba:4f:fd:7e:96:f4:5b:b5:ab:10:6a:9d:d0:0d:f6:
         bf:ac:23:4b:aa:ec:d8:e3:be:10:0e:3e:a6:63:65:06:87:da:
         9f:39:c0:3b:f8:75:76:f3:3d:dd:b8:1d:0e:23:4f:c5:88:bb:
         58:3d:a7:e8:f7:85:25:3d:72:66:27:41:87:19:bf:e7:ba:c2:
         ef:6b:47:d4:4b:84:a2:ba:3b:f6:1b:93:29:55:47:5e:c3:ea:
         07:fe:10:a8:e1:12:0f:fe:6a:bb:18:87:24:ed:7c:32:7e:a3:
         b3:ff:0a:15:13:1b:bd:89:13:c1:2b:6d:c3:52:2f:9f:03:7b:
         41:49:0b:97:47:9c:14:55:ce:9a:9c:1a:d9:8a:72:01:19:c3:
         e8:7d:cf:e6:bf:85:eb:53:26:bf:64:eb:8b:9c:17:58:a3:5b:
         32:fd:b2:3e:4b:8a:cf:f0:4f:3f:b8:7f:79:f9:a8:6b:a4:09:
         21:81:bb:c5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUKOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTM0ODU4WhcNMjUwNTEzMTM0ODU4WjAYMRYw
FAYDVQQDEw02NzkyNDhjZC01ZDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1bDxypAIKMbHc0RYwfgSXU8gint+TLOZjfwf0HTwDESwOvVTFZxCOxze
00NBTRvBeFClR2CJBc9vZBCIIHT6sTMD/GmzXXvr17BNtxCafPu/lAt5UNVrvcgs
XZVUWTypP3F6S9NmAnerMpO1pNX+HIF/N6I073H17wTye/QVK5g/6VtOkiEUiv6i
JqFY2iA0uvF/8C0q2qNBEo2ijybN95ydXUMasWqwPFOhHKn9s0tdwJ1h/l/Q4J2c
rF0QKpzo2kzPeNy5ybsX4HPg2D+1GmNjqBPgAb3t94seSkislolplV/fsKoVyZgk
IskocwTlsLc0HcnFXj/0AK8RszsjdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOTL
0iyHD+XWdnJn3yXhEppDW0WgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDMyRjI4RUQ5OTAxMUVGQUJEQzkyNDg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2XMA0GCSqGSIb3DQEB
CwUAA4IBAQCnTJ7SN8PAhDgw8K5IuIRzCN1XC7bV+zrNILVI8D3rfs9sGMRom9l/
pjRnKthVWmOPUNgNyg1X8r9bUZFOW/xa0oF+MT7YtUzi5Xe6T/1+lvRbtasQap3Q
Dfa/rCNLquzY474QDj6mY2UGh9qfOcA7+HV28z3duB0OI0/FiLtYPafo94UlPXJm
J0GHGb/nusLva0fUS4Siujv2G5MpVUdew+oH/hCo4RIP/mq7GIck7XwyfqOz/woV
Exu9iRPBK23DUi+fA3tBSQuXR5wUVc6anBrZinIBGcPofc/mv4XrUya/ZOuLnBdY
o1sy/bI+S4rP8E8/uH95+ahrpAkhgbvF
-----END CERTIFICATE-----