Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9B78944C35511EF90951BBE762E951A.roa
File:                     D9B78944C35511EF90951BBE762E951A.roa (raw, json)
Hash identifier:          VjdiuRNriZSpdTig5QPgujMNz99IKEOOlRsFs5UoC7U=
Subject key identifier:   6C:1B:A5:BF:B6:93:43:3A:3D:9D:3E:63:FD:FA:B6:D8:53:F4:CF:4F
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0125DD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9B78944C35511EF90951BBE762E951A.roa
Signing time:             Thu 26 Dec 2024 06:51:36 +0000
ROA not before:           Thu 26 Dec 2024 06:51:33 +0000
ROA not after:            Sun 12 Dec 2027 06:51:33 +0000
asID:                     17561
IP address blocks:        154.88.50.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Apr 2025 00:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75229 (0x125dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF
        Validity
            Not Before: Dec 26 06:51:33 2024 GMT
            Not After : Dec 12 06:51:33 2027 GMT
        Subject: CN=676cfcf8-b09d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:91:68:7f:eb:e6:ab:53:b4:b4:18:0b:7d:ea:
                    08:34:68:33:75:7e:c0:e6:5e:7f:33:58:b7:ca:e3:
                    d1:87:80:e2:35:a3:c5:13:a2:06:97:ca:89:eb:47:
                    a0:d1:9c:41:1b:90:ea:09:33:58:a8:8a:ef:73:bc:
                    67:72:e7:b9:aa:00:16:58:f9:2f:90:65:f9:aa:85:
                    24:d9:a0:1f:be:dd:04:c9:2c:4f:b5:94:a8:9d:6a:
                    e3:ed:79:c5:ff:a7:83:cb:78:a1:3d:fb:c9:af:64:
                    50:0a:8c:d2:57:f5:fd:00:f9:60:43:27:08:ad:fc:
                    38:49:13:9e:0f:b6:16:86:58:1e:f8:fe:2b:f9:5c:
                    a5:96:51:7d:e8:58:4c:0a:70:a6:84:2b:9b:86:e0:
                    b7:d8:c4:97:68:88:80:90:24:9d:af:dc:39:c1:05:
                    c7:7b:34:cd:70:e7:52:e6:a6:24:a5:b3:3e:3c:7f:
                    03:52:45:66:42:96:94:2f:75:b3:08:11:2a:d4:94:
                    92:c5:a1:41:03:99:90:02:0d:de:64:c2:6c:21:22:
                    d9:31:68:bc:75:a9:ac:a7:cc:63:2c:dd:c7:b7:ac:
                    06:fc:4e:a8:76:d9:b9:ed:bb:1f:3b:36:f9:2d:28:
                    1d:df:81:0c:c1:85:36:72:0d:8e:66:55:a2:40:99:
                    2d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:1B:A5:BF:B6:93:43:3A:3D:9D:3E:63:FD:FA:B6:D8:53:F4:CF:4F
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9B78944C35511EF90951BBE762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.88.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:d9:0a:50:ac:16:b2:a3:6f:d0:10:53:a1:83:85:9e:1c:82:
         0e:ff:df:04:bf:9d:ac:40:0d:38:7b:33:e3:7e:46:71:3d:89:
         a6:3f:2a:cf:4a:39:97:0e:ae:d9:2e:48:cb:9c:d7:8e:cb:c2:
         96:fa:7d:ca:2d:41:46:fd:16:45:9c:0e:c6:fd:63:03:45:b1:
         04:7f:74:96:63:76:ba:c2:74:df:76:36:fa:f3:40:95:7f:76:
         52:90:44:9c:a1:39:e5:79:c1:ff:45:7b:18:23:f0:5b:06:7e:
         89:36:40:7c:65:28:af:f7:28:37:1a:ea:6b:bd:00:c1:fd:2c:
         a0:63:2d:18:87:22:c6:cb:9c:86:65:a1:85:b7:c4:f1:2f:e5:
         68:53:1f:16:38:dd:f3:88:72:ae:68:b9:58:fc:e4:80:6c:a6:
         fc:86:13:e7:a2:31:ca:03:06:9b:19:a9:ad:ca:08:77:6a:d1:
         a1:5b:ce:fc:73:f7:3f:37:9c:0a:ec:5c:fe:92:46:9e:19:fa:
         6a:93:b6:c7:4b:91:79:93:81:18:8c:2c:79:43:be:e2:46:b0:
         2b:4e:6c:5b:99:12:e8:0a:fb:41:c6:1d:bc:2e:93:65:7f:10:
         92:7e:12:54:cd:5a:1c:e0:e6:39:d5:81:c5:c2:64:15:d0:d4:
         de:0d:66:d7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASXdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDY1MTMzWhcNMjcxMjEyMDY1MTMzWjAYMRYw
FAYDVQQDEw02NzZjZmNmOC1iMDlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwZFof+vmq1O0tBgLfeoINGgzdX7A5l5/M1i3yuPRh4DiNaPFE6IGl8qJ
60eg0ZxBG5DqCTNYqIrvc7xncue5qgAWWPkvkGX5qoUk2aAfvt0EySxPtZSonWrj
7XnF/6eDy3ihPfvJr2RQCozSV/X9APlgQycIrfw4SROeD7YWhlge+P4r+VylllF9
6FhMCnCmhCubhuC32MSXaIiAkCSdr9w5wQXHezTNcOdS5qYkpbM+PH8DUkVmQpaU
L3WzCBEq1JSSxaFBA5mQAg3eZMJsISLZMWi8damsp8xjLN3Ht6wG/E6odtm57bsf
Ozb5LSgd34EMwYU2cg2OZlWiQJktKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGwb
pb+2k0M6PZ0+Y/36tthT9M9PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOUI3ODk0NEMzNTUxMUVGOTA5NTFCQkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlgyMA0GCSqGSIb3DQEB
CwUAA4IBAQBj2QpQrBayo2/QEFOhg4WeHIIO/98Ev52sQA04ezPjfkZxPYmmPyrP
SjmXDq7ZLkjLnNeOy8KW+n3KLUFG/RZFnA7G/WMDRbEEf3SWY3a6wnTfdjb680CV
f3ZSkEScoTnlecH/RXsYI/BbBn6JNkB8ZSiv9yg3GuprvQDB/SygYy0YhyLGy5yG
ZaGFt8TxL+VoUx8WON3ziHKuaLlY/OSAbKb8hhPnojHKAwabGamtygh3atGhW878
c/c/N5wK7Fz+kkaeGfpqk7bHS5F5k4EYjCx5Q77iRrArTmxbmRLoCvtBxh28LpNl
fxCSfhJUzVoc4OY51YHFwmQV0NTeDWbX
-----END CERTIFICATE-----