Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E1B70D8C29C211EE9E6B9E264AD9E6FC.roa
File:                     E1B70D8C29C211EE9E6B9E264AD9E6FC.roa (raw, json)
Hash identifier:          tY9pz6xBn2fjgmH6PfFAWNxaVLiasMPF4+LrgPT6Q6A=
Subject key identifier:   B9:77:DC:CD:D0:53:D0:F7:DA:FE:C5:38:18:BC:2D:9A:63:39:88:28
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       33D0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E1B70D8C29C211EE9E6B9E264AD9E6FC.roa
Signing time:             Mon 24 Jul 2023 01:39:08 +0000
ROA not before:           Mon 24 Jul 2023 01:39:05 +0000
ROA not after:            Wed 24 Jul 2024 01:39:05 +0000
asID:                     151196
IP address blocks:        154.204.50.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13264 (0x33d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 24 01:39:05 2023 GMT
            Not After : Jul 24 01:39:05 2024 GMT
        Subject: CN=64bdd63c-38bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b4:32:7a:1e:02:24:79:c5:80:35:a1:ed:e9:
                    47:97:7b:3d:b0:d5:ee:e6:d1:d4:2a:b5:b0:87:23:
                    c2:45:9a:6d:23:16:7d:e6:5b:ed:20:54:ee:25:be:
                    79:63:ad:d8:7d:1a:45:0c:fa:1f:79:d1:81:77:c3:
                    2d:48:84:cb:c9:7e:29:3e:df:bc:92:c8:b9:63:2a:
                    b4:83:a4:43:a7:27:1f:15:8b:03:82:29:39:7f:24:
                    4d:a9:38:34:a1:f5:94:1e:c5:66:65:7f:b1:c6:fe:
                    fb:34:d7:29:d9:ce:fe:a7:a1:be:26:41:08:f6:20:
                    68:c8:9a:da:3d:55:cb:e1:ca:4d:81:53:3b:f8:e8:
                    b4:32:b3:a1:06:1d:c4:73:f7:5e:79:81:e9:9d:d9:
                    59:5d:d2:38:22:51:96:d7:b8:3a:aa:c5:27:02:5b:
                    ad:ec:68:e0:32:4d:58:8c:3f:da:b3:b4:bd:34:81:
                    bb:8e:d9:04:3e:a4:2e:a2:13:de:41:36:1c:81:fe:
                    91:3b:cc:fa:85:94:2a:18:98:a1:25:ef:ff:61:56:
                    91:6b:6c:73:19:34:a0:e4:a3:9d:20:8e:ae:9c:95:
                    9e:7e:cf:d3:f1:c3:18:e3:6d:14:70:5f:d1:77:7c:
                    ec:fb:d1:90:f9:98:16:33:2c:bd:3f:c0:3c:77:f1:
                    67:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:77:DC:CD:D0:53:D0:F7:DA:FE:C5:38:18:BC:2D:9A:63:39:88:28
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E1B70D8C29C211EE9E6B9E264AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.204.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:9d:de:04:79:2f:ec:1e:fc:5b:a1:f3:82:27:d5:09:12:34:
         f1:89:f8:45:04:c7:ac:a9:0f:5b:8e:5b:ad:2b:3b:ac:5a:3e:
         95:30:55:16:46:5f:cc:d9:04:fe:31:fc:1f:b0:3f:94:af:33:
         aa:45:96:af:fa:3b:03:a0:df:c4:a6:f7:39:c9:9c:8b:7d:c0:
         ea:20:ac:ed:2f:7f:c0:0f:ae:11:3b:2e:aa:d7:f7:a4:84:4b:
         e9:7a:0b:27:4b:df:bf:b7:37:f7:13:8e:77:ad:b3:18:0e:f0:
         5f:7d:0d:ec:7e:4b:57:36:59:0a:c1:bb:40:18:f5:88:ba:eb:
         d9:29:2f:07:64:7b:86:f3:c1:b3:8e:d8:0c:be:71:1d:fd:9c:
         9b:03:e9:a2:28:b1:f2:61:e6:93:39:34:10:52:eb:67:57:89:
         73:77:a1:79:2e:3c:47:ef:e6:c9:83:66:c8:5d:1f:6a:49:d3:
         b2:99:0c:67:69:5b:75:07:a3:26:ed:c0:69:8e:d2:2f:4f:90:
         3e:3d:1d:49:e8:81:5a:f5:2f:b9:9c:5f:37:8b:8b:ca:16:13:
         de:8e:5f:eb:c4:15:e2:cd:37:34:ed:d9:6f:15:cf:81:b5:a7:
         d0:6e:ba:19:ed:5c:02:0e:85:10:14:c8:4f:93:94:ea:32:4f:
         f8:77:15:a5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICM9AwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA3MjQwMTM5MDVaFw0yNDA3MjQwMTM5MDVaMBgxFjAU
BgNVBAMTDTY0YmRkNjNjLTM4YmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDCtDJ6HgIkecWANaHt6UeXez2w1e7m0dQqtbCHI8JFmm0jFn3mW+0gVO4l
vnljrdh9GkUM+h950YF3wy1IhMvJfik+37ySyLljKrSDpEOnJx8ViwOCKTl/JE2p
ODSh9ZQexWZlf7HG/vs01ynZzv6nob4mQQj2IGjImto9Vcvhyk2BUzv46LQys6EG
HcRz9155gemd2Vld0jgiUZbXuDqqxScCW63saOAyTViMP9qztL00gbuO2QQ+pC6i
E95BNhyB/pE7zPqFlCoYmKEl7/9hVpFrbHMZNKDko50gjq6clZ5+z9PxwxjjbRRw
X9F3fOz70ZD5mBYzLL0/wDx38WdBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUuXfc
zdBT0Pfa/sU4GLwtmmM5iCgwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0UxQjcwRDhDMjlDMjExRUU5RTZCOUUyNjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACazDIwDQYJKoZIhvcNAQEL
BQADggEBACOd3gR5L+we/Fuh84In1QkSNPGJ+EUEx6ypD1uOW60rO6xaPpUwVRZG
X8zZBP4x/B+wP5SvM6pFlq/6OwOg38Sm9znJnIt9wOogrO0vf8APrhE7LqrX96SE
S+l6CydL37+3N/cTjnetsxgO8F99Dex+S1c2WQrBu0AY9Yi669kpLwdke4bzwbOO
2Ay+cR39nJsD6aIosfJh5pM5NBBS62dXiXN3oXkuPEfv5smDZshdH2pJ07KZDGdp
W3UHoybtwGmO0i9PkD49HUnogVr1L7mcXzeLi8oWE96OX+vEFeLNNzTt2W8Vz4G1
p9BuuhntXAIOhRAUyE+TlOoyT/h3FaU=
-----END CERTIFICATE-----