Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D513F00AFB8611EDA81D93804AD9E6FC.roa
File:                     D513F00AFB8611EDA81D93804AD9E6FC.roa (raw, json)
Hash identifier:          3zjC078GNmm6M6CyNayjgGvXnE1n9zJbv/rXxWizYjw=
Subject key identifier:   61:96:7E:5D:14:C4:60:F2:CB:F8:0C:B3:69:2D:DF:E3:BA:91:05:92
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       27F2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D513F00AFB8611EDA81D93804AD9E6FC.roa
Signing time:             Fri 26 May 2023 05:33:24 +0000
ROA not before:           Fri 26 May 2023 05:33:20 +0000
ROA not after:            Sun 30 Jun 2024 05:33:20 +0000
asID:                     984
IP address blocks:        154.193.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10226 (0x27f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 26 05:33:20 2023 GMT
            Not After : Jun 30 05:33:20 2024 GMT
        Subject: CN=647044a4-24df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b8:51:9a:61:c2:5f:df:02:e0:b9:b4:1d:3c:
                    80:ca:5a:a9:1b:24:de:ba:91:db:92:66:72:86:2b:
                    a0:30:09:a8:a7:b6:c0:0d:98:62:54:be:fe:4a:88:
                    f2:0b:3b:29:72:e9:59:1f:1b:e3:40:a5:71:40:d8:
                    c1:d6:cd:74:37:23:38:e6:da:f6:0f:fb:0d:59:9f:
                    5a:3f:e5:f8:70:2b:ed:bd:89:d5:37:41:43:fa:f2:
                    e0:cf:d2:08:fc:1d:87:4e:d8:b3:a7:65:1f:46:c2:
                    68:5f:12:d5:70:8c:47:47:77:07:8a:b4:82:20:b5:
                    1f:5a:7d:6b:85:71:74:e0:94:d1:2a:a9:5f:fe:fb:
                    ae:11:0a:70:19:5c:27:df:92:10:65:b2:79:aa:e7:
                    48:0a:a1:27:43:ba:39:85:8a:9b:ef:56:25:8b:1d:
                    c4:9b:c9:36:e2:87:7a:03:4c:82:ea:a4:78:c7:bb:
                    09:28:60:a3:d6:92:c1:c8:84:06:bc:c7:e5:0b:25:
                    41:42:01:70:44:cf:dc:89:a0:98:b2:18:50:65:0f:
                    70:6c:d1:ee:7b:3d:5b:ea:1a:29:f9:53:66:45:ce:
                    82:32:7b:67:5a:a2:e7:dc:61:4c:2a:2f:d5:f9:cc:
                    c5:62:74:98:79:fd:6a:50:88:31:d7:0d:6b:22:a6:
                    57:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:96:7E:5D:14:C4:60:F2:CB:F8:0C:B3:69:2D:DF:E3:BA:91:05:92
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D513F00AFB8611EDA81D93804AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.193.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         20:05:3f:e2:af:a9:1c:24:cb:b4:6c:58:5f:38:bc:62:4f:97:
         c3:2b:25:d4:24:f9:da:ce:7f:54:af:51:d1:d8:c6:55:fe:78:
         25:20:1a:90:b1:32:3e:d4:63:4a:a9:cb:f7:94:17:04:65:44:
         58:38:e4:e1:e1:92:b7:72:c8:d6:4a:af:3a:22:1f:35:b8:2b:
         84:a1:0b:12:a6:7e:98:8e:47:df:ee:3b:c7:c7:39:12:4d:1c:
         66:8f:32:97:b1:70:48:0c:da:c0:e1:d7:c0:72:d8:ea:00:39:
         3d:73:da:f9:8f:5d:7f:ed:31:e2:72:17:88:da:0e:59:04:3f:
         f2:da:91:57:59:95:44:24:54:74:74:8e:d6:c2:92:72:17:c8:
         f3:3d:8b:c1:6d:53:32:d4:1e:96:5e:a6:cb:97:a3:cf:e3:75:
         60:72:38:01:ee:81:c1:31:0d:7f:fe:e9:8a:14:95:2d:b2:2f:
         f8:3c:ad:d8:c5:1a:66:d6:fd:81:c4:1e:83:8d:70:4c:f6:36:
         b0:f9:5e:69:73:6c:40:92:86:38:55:73:57:2c:70:1c:26:d9:
         30:87:70:84:7d:81:97:86:62:6f:bd:e5:7a:ba:6d:f1:2f:80:
         6a:a3:3b:9a:fb:d6:9e:4f:f8:92:72:8e:c7:15:6b:ac:40:2f:
         be:21:c8:e4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICJ/IwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA1MjYwNTMzMjBaFw0yNDA2MzAwNTMzMjBaMBgxFjAU
BgNVBAMTDTY0NzA0NGE0LTI0ZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDSuFGaYcJf3wLgubQdPIDKWqkbJN66kduSZnKGK6AwCaintsANmGJUvv5K
iPILOyly6VkfG+NApXFA2MHWzXQ3Izjm2vYP+w1Zn1o/5fhwK+29idU3QUP68uDP
0gj8HYdO2LOnZR9GwmhfEtVwjEdHdweKtIIgtR9afWuFcXTglNEqqV/++64RCnAZ
XCffkhBlsnmq50gKoSdDujmFipvvViWLHcSbyTbih3oDTILqpHjHuwkoYKPWksHI
hAa8x+ULJUFCAXBEz9yJoJiyGFBlD3Bs0e57PVvqGin5U2ZFzoIye2daoufcYUwq
L9X5zMVidJh5/WpQiDHXDWsipld7AgMBAAGjggKkMIICoDAdBgNVHQ4EFgQUYZZ+
XRTEYPLL+AyzaS3f47qRBZIwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0Q1MTNGMDBBRkI4NjExRURBODFEOTM4MDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwCawTANBgkqhkiG9w0BAQsF
AAOCAQEAIAU/4q+pHCTLtGxYXzi8Yk+Xwysl1CT52s5/VK9R0djGVf54JSAakLEy
PtRjSqnL95QXBGVEWDjk4eGSt3LI1kqvOiIfNbgrhKELEqZ+mI5H3+47x8c5Ek0c
Zo8yl7FwSAzawOHXwHLY6gA5PXPa+Y9df+0x4nIXiNoOWQQ/8tqRV1mVRCRUdHSO
1sKSchfI8z2LwW1TMtQell6my5ejz+N1YHI4Ae6BwTENf/7pihSVLbIv+Dyt2MUa
Ztb9gcQeg41wTPY2sPleaXNsQJKGOFVzVyxwHCbZMIdwhH2Bl4Zib73lerpt8S+A
aqM7mvvWnk/4knKOxxVrrEAvviHI5A==
-----END CERTIFICATE-----