Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D11BC04AC42511EF8BAA6971762E951A.roa
File:                     D11BC04AC42511EF8BAA6971762E951A.roa (raw, json)
Hash identifier:          ps0Yv+S9Ow1skD9WHom+fmL1bZXysf5pbHplAbR8kow=
Subject key identifier:   4F:00:8A:E0:69:0C:38:84:CA:AF:00:1C:F8:5E:B0:92:DB:B4:71:9E
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0129F5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D11BC04AC42511EF8BAA6971762E951A.roa
Signing time:             Fri 27 Dec 2024 07:40:17 +0000
ROA not before:           Fri 27 Dec 2024 07:40:14 +0000
ROA not after:            Sun 12 Dec 2027 07:40:14 +0000
asID:                     17561
IP address blocks:        154.202.102.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 08 Apr 2025 00:06:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 76277 (0x129f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Dec 27 07:40:14 2024 GMT
            Not After : Dec 12 07:40:14 2027 GMT
        Subject: CN=676e59e1-1a40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:19:5e:48:d8:c6:e6:e6:9f:fc:b2:e9:ae:13:
                    e4:5b:15:8b:d3:a5:1f:09:45:a2:2f:95:b4:dd:1a:
                    2f:44:39:15:b1:2f:d2:84:5d:6d:82:69:67:61:23:
                    d7:7d:48:31:48:ed:52:b4:9e:e5:c3:76:d4:e1:1d:
                    2a:35:35:bc:34:97:54:92:cf:08:39:4f:39:c9:24:
                    76:14:c1:56:9b:45:38:51:92:cc:18:14:f8:77:42:
                    a0:22:28:f4:59:9a:97:73:6b:6c:f5:03:31:9f:cf:
                    c8:3c:f6:8a:18:11:74:93:83:6b:e2:00:b5:20:09:
                    ac:70:cd:dc:c7:0c:ee:f1:7f:36:33:46:86:06:31:
                    f9:a4:03:79:b9:94:b0:b3:67:6c:bd:bb:e0:dc:fa:
                    cd:9f:53:db:00:1f:b7:e9:7f:3d:ff:c1:e2:d4:63:
                    d8:8d:78:ad:9e:c5:2e:ed:99:da:39:5f:f4:88:99:
                    eb:9f:6a:91:2f:f5:7e:e5:c0:17:92:43:98:e7:f3:
                    29:d5:56:1d:eb:c2:ad:40:e9:b2:1a:66:e1:68:92:
                    83:5b:c8:4c:3d:32:c9:63:33:fc:01:df:e0:65:6f:
                    46:7f:08:45:f6:cb:33:bb:a2:d7:8d:e7:71:bf:91:
                    c7:5b:d9:8a:25:e6:98:ba:4f:5c:61:35:3b:b0:35:
                    7a:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:00:8A:E0:69:0C:38:84:CA:AF:00:1C:F8:5E:B0:92:DB:B4:71:9E
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D11BC04AC42511EF8BAA6971762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.202.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:89:f6:21:92:11:83:45:7c:89:15:81:b0:7b:48:aa:6c:86:
         0a:ec:02:94:5b:54:51:fe:e7:03:c2:09:64:4e:7c:96:85:ec:
         de:03:48:e7:19:bd:a5:06:3f:3c:08:0c:6a:dd:55:37:be:4c:
         75:e4:e3:42:9d:30:c0:b5:33:17:fb:e1:33:be:21:3d:43:63:
         3f:bf:b2:a8:c8:f4:84:cd:25:17:f4:dd:69:f9:ce:22:51:d0:
         85:9a:db:b4:64:d4:27:31:1a:47:d6:c3:b1:8a:62:3e:96:b3:
         c9:e5:32:27:a8:7e:4e:a9:de:b5:de:af:4a:b5:a0:3e:e9:2b:
         68:2f:42:aa:1c:06:85:b6:6a:84:0c:05:49:45:b8:3b:84:e1:
         60:24:25:b4:3e:e4:bd:3f:d3:cb:94:59:f8:3d:2e:43:11:10:
         09:16:89:ae:80:40:8f:11:bb:fc:d4:48:00:b0:55:bb:6a:ea:
         b9:aa:84:52:d1:5d:90:50:7c:86:de:de:76:b3:09:29:9b:cb:
         b2:eb:91:e6:99:69:e8:de:44:07:22:d3:dd:8d:ad:ed:d1:d1:
         7b:d6:4a:e1:03:9b:a3:6d:7c:ef:1a:d9:35:b0:ea:c1:0f:60:
         87:96:e8:2b:0a:e8:83:c2:5e:12:4b:7d:d1:4c:a3:af:f5:4d:
         32:64:c5:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASn1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDc0MDE0WhcNMjcxMjEyMDc0MDE0WjAYMRYw
FAYDVQQDEw02NzZlNTllMS0xYTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtRleSNjG5uaf/LLprhPkWxWL06UfCUWiL5W03RovRDkVsS/ShF1tgmln
YSPXfUgxSO1StJ7lw3bU4R0qNTW8NJdUks8IOU85ySR2FMFWm0U4UZLMGBT4d0Kg
Iij0WZqXc2ts9QMxn8/IPPaKGBF0k4Nr4gC1IAmscM3cxwzu8X82M0aGBjH5pAN5
uZSws2dsvbvg3PrNn1PbAB+36X89/8Hi1GPYjXitnsUu7ZnaOV/0iJnrn2qRL/V+
5cAXkkOY5/Mp1VYd68KtQOmyGmbhaJKDW8hMPTLJYzP8Ad/gZW9GfwhF9sszu6LX
jedxv5HHW9mKJeaYuk9cYTU7sDV60QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE8A
iuBpDDiEyq8AHPhesJLbtHGeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMTFCQzA0QUM0MjUxMUVGOEJBQTY5NzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmspmMA0GCSqGSIb3DQEB
CwUAA4IBAQAnifYhkhGDRXyJFYGwe0iqbIYK7AKUW1RR/ucDwglkTnyWhezeA0jn
Gb2lBj88CAxq3VU3vkx15ONCnTDAtTMX++EzviE9Q2M/v7KoyPSEzSUX9N1p+c4i
UdCFmtu0ZNQnMRpH1sOximI+lrPJ5TInqH5Oqd613q9KtaA+6StoL0KqHAaFtmqE
DAVJRbg7hOFgJCW0PuS9P9PLlFn4PS5DERAJFomugECPEbv81EgAsFW7auq5qoRS
0V2QUHyG3t52swkpm8uy65HmmWno3kQHItPdja3t0dF71krhA5ujbXzvGtk1sOrB
D2CHlugrCuiDwl4SS33RTKOv9U0yZMU/
-----END CERTIFICATE-----