Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D44FBF26F86111EFB3502986762E951A.roa
File:                     D44FBF26F86111EFB3502986762E951A.roa (raw, json)
Hash identifier:          tzEPgVix/tSd7oWAaZ9tCeRyq1rWWHnGHXVNFmEiaUQ=
Subject key identifier:   C0:51:D8:1D:C7:98:39:5B:2D:F2:FE:09:7B:90:DC:CD:76:36:30:C9
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       017115
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D44FBF26F86111EFB3502986762E951A.roa
Signing time:             Mon 03 Mar 2025 19:00:53 +0000
ROA not before:           Mon 03 Mar 2025 19:00:49 +0000
ROA not after:            Mon 31 Mar 2025 19:00:49 +0000
asID:                     48031
IP address blocks:        154.216.1.0/24 maxlen: 24
                          154.218.1.0/24 maxlen: 24
                          154.218.16.0/24 maxlen: 24
                          154.218.18.0/24 maxlen: 24
                          154.218.19.0/24 maxlen: 24
                          154.222.220.0/24 maxlen: 24
                          154.222.221.0/24 maxlen: 24
                          154.222.222.0/24 maxlen: 24
                          154.222.223.0/24 maxlen: 24
                          154.222.247.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 94485 (0x17115)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Mar  3 19:00:49 2025 GMT
            Not After : Mar 31 19:00:49 2025 GMT
        Subject: CN=67c5fc65-6e99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:90:99:5e:93:3d:4f:ea:fb:e3:e5:ab:07:3f:
                    8e:58:80:4f:94:e8:84:cb:2c:d5:90:07:12:8e:28:
                    9b:3a:a7:de:d2:05:e3:96:9f:23:4c:d4:66:74:98:
                    85:b1:65:e4:80:21:00:d8:da:47:3c:7b:b5:bd:0a:
                    a5:41:42:24:fc:9b:9f:e9:39:c5:c9:af:97:8e:8e:
                    e0:62:66:a1:1a:57:3d:a5:72:10:b5:20:cd:40:de:
                    07:1a:84:e2:2e:c9:79:50:db:69:5f:99:ff:9e:5b:
                    99:ec:67:6e:fd:27:73:19:d5:54:70:80:01:a3:38:
                    79:63:e4:ca:fc:06:63:a4:4c:19:8b:08:fe:96:21:
                    33:cc:21:50:5e:f2:38:c3:59:1f:fc:55:e3:a8:9d:
                    48:4a:10:28:78:bb:2b:65:b1:ed:47:35:bd:b8:62:
                    c9:be:20:4b:1f:5c:f3:53:9e:89:6b:f6:de:a0:31:
                    0e:6a:3c:a3:ba:38:9a:26:ca:9b:f0:75:6d:5e:b8:
                    3e:58:0e:0a:9f:a6:0b:be:d5:6d:d9:7d:97:d7:05:
                    2b:9a:0e:40:a7:b7:ba:18:e1:bd:a7:53:26:db:e1:
                    52:fe:b7:d8:3f:9e:60:f8:c1:47:59:ba:3c:79:6e:
                    1a:8a:64:0e:46:84:b0:e5:1b:85:7c:18:3d:3d:b8:
                    a4:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:51:D8:1D:C7:98:39:5B:2D:F2:FE:09:7B:90:DC:CD:76:36:30:C9
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D44FBF26F86111EFB3502986762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.216.1.0/24
                  154.218.1.0/24
                  154.218.16.0/24
                  154.218.18.0/23
                  154.222.220.0/22
                  154.222.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:5e:ba:e0:b6:bb:a6:18:64:c0:a8:c9:94:9b:49:db:9b:1b:
         0d:4e:69:6e:9a:eb:cf:51:a2:32:1f:ba:64:05:e6:17:8c:89:
         97:3e:6c:db:77:50:da:78:74:b7:b3:d8:68:80:7f:5b:36:39:
         08:e3:0e:0d:e0:4c:ad:28:1e:43:6e:34:21:aa:c8:b4:61:46:
         20:f1:ca:48:fb:30:47:ee:a6:8c:ad:a4:e7:3d:40:bd:ec:91:
         4a:2f:70:af:71:80:f2:f2:b9:09:8b:b7:97:7f:b7:39:45:15:
         c1:91:2c:93:09:b3:44:65:bd:85:12:c0:fe:99:f2:d2:c8:56:
         f3:b7:4e:08:68:32:e5:95:b1:5e:77:85:cb:fa:09:33:a2:95:
         a3:dd:9a:5d:b7:59:e4:b8:6d:7d:57:89:2f:f4:1e:c0:98:13:
         62:91:bf:5f:4e:01:7e:b0:8c:13:c5:a2:35:08:35:74:7d:17:
         02:34:70:20:95:c9:b1:fa:c8:99:70:4b:7e:e2:d8:dc:df:55:
         f7:10:ec:09:3a:ff:08:ad:c6:6a:fd:c9:d4:8e:c5:20:26:3d:
         0d:91:c1:b9:5b:4a:cd:87:be:78:b1:f4:fe:af:53:7d:a4:ff:
         e2:67:f4:b2:ba:59:ca:f8:44:67:d5:e4:b1:b7:8f:e8:e7:19:
         28:bc:43:72
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIDAXEVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMTkwMDQ5WhcNMjUwMzMxMTkwMDQ5WjAYMRYw
FAYDVQQDEw02N2M1ZmM2NS02ZTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArpCZXpM9T+r74+WrBz+OWIBPlOiEyyzVkAcSjiibOqfe0gXjlp8jTNRm
dJiFsWXkgCEA2NpHPHu1vQqlQUIk/Juf6TnFya+Xjo7gYmahGlc9pXIQtSDNQN4H
GoTiLsl5UNtpX5n/nluZ7Gdu/SdzGdVUcIABozh5Y+TK/AZjpEwZiwj+liEzzCFQ
XvI4w1kf/FXjqJ1IShAoeLsrZbHtRzW9uGLJviBLH1zzU56Ja/beoDEOajyjujia
Jsqb8HVtXrg+WA4Kn6YLvtVt2X2X1wUrmg5Ap7e6GOG9p1Mm2+FS/rfYP55g+MFH
Wbo8eW4aimQORoSw5RuFfBg9PbikLQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFMBR
2B3HmDlbLfL+CXuQ3M12NjDJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENDRGQkYyNkY4NjExMUVGQjM1MDI5ODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAmtgBAwQAmtoBAwQAmtoQ
AwQBmtoSAwQCmt7cAwQAmt73MA0GCSqGSIb3DQEBCwUAA4IBAQBYXrrgtrumGGTA
qMmUm0nbmxsNTmlumuvPUaIyH7pkBeYXjImXPmzbd1DaeHS3s9hogH9bNjkI4w4N
4EytKB5DbjQhqsi0YUYg8cpI+zBH7qaMraTnPUC97JFKL3CvcYDy8rkJi7eXf7c5
RRXBkSyTCbNEZb2FEsD+mfLSyFbzt04IaDLllbFed4XL+gkzopWj3Zpdt1nkuG19
V4kv9B7AmBNikb9fTgF+sIwTxaI1CDV0fRcCNHAglcmx+siZcEt+4tjc31X3EOwJ
Ov8IrcZq/cnUjsUgJj0NkcG5W0rNh754sfT+r1N9pP/iZ/SyulnK+ERn1eSxt4/o
5xkovENy
-----END CERTIFICATE-----