Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1513924277F11EE93116D174AD9E6FC.roa
File:                     F1513924277F11EE93116D174AD9E6FC.roa (raw, json)
Hash identifier:          +oBNTw7JQWaS3MWxtMFv1O/VXALl7ylCuQMEVfOyuJE=
Subject key identifier:   E0:6C:40:E8:9F:9B:39:86:9A:F4:8D:AE:25:41:62:D8:C6:98:33:BB
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       3385
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1513924277F11EE93116D174AD9E6FC.roa
Signing time:             Fri 21 Jul 2023 04:34:56 +0000
ROA not before:           Fri 21 Jul 2023 04:34:53 +0000
ROA not after:            Thu 13 Jun 2024 04:34:53 +0000
asID:                     22773
IP address blocks:        154.212.27.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13189 (0x3385)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 21 04:34:53 2023 GMT
            Not After : Jun 13 04:34:53 2024 GMT
        Subject: CN=64ba0af0-f27b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:89:79:2f:3e:fb:27:14:bb:3b:3a:0c:25:e0:
                    05:35:db:9c:86:34:4e:19:9b:9e:82:8a:25:de:cf:
                    5e:15:ce:bf:43:6e:aa:76:9e:35:22:ea:7c:d3:26:
                    d4:43:5e:b8:cd:3e:31:8b:b2:1c:d7:e3:b5:f6:20:
                    dc:d7:44:85:c5:e4:9b:ad:4a:3e:3a:7c:fd:45:93:
                    18:52:4e:20:07:d4:5b:88:a0:9b:36:0f:d9:85:16:
                    75:15:0a:c7:77:a6:01:b2:f9:1d:bb:ed:da:d0:66:
                    b5:22:91:6d:59:41:ab:00:50:79:c5:f2:79:0e:6c:
                    47:91:9f:30:0f:25:0d:3c:15:6b:68:15:c5:91:3d:
                    76:30:c9:b8:2c:38:03:62:56:48:fa:a3:56:67:64:
                    14:c3:40:a3:cf:11:d0:1e:cd:96:8d:ae:84:82:08:
                    0c:c6:c5:12:f6:97:bc:7e:3e:e4:55:04:4c:71:3e:
                    5b:be:a2:61:b4:03:60:4f:86:5d:dc:fe:f8:41:8d:
                    e2:15:f1:9b:f7:c1:89:c7:ef:4e:f7:72:65:62:38:
                    23:99:2e:ce:ad:23:86:d2:55:35:eb:15:71:77:b3:
                    97:8e:80:db:26:b7:a9:e6:05:52:09:0e:b2:b4:4e:
                    6f:7c:c4:b1:49:2f:c8:5a:3e:17:9c:86:6f:b2:4d:
                    f3:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:6C:40:E8:9F:9B:39:86:9A:F4:8D:AE:25:41:62:D8:C6:98:33:BB
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1513924277F11EE93116D174AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.212.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:f0:ab:85:20:cd:66:65:d0:22:35:4e:ab:bf:ff:d8:4d:8d:
         4a:74:3c:c2:3f:93:72:c8:54:c8:f7:d6:dc:cc:92:b8:41:8e:
         3e:37:8c:72:c3:fe:f5:04:bb:d5:df:88:55:c9:49:17:f8:7b:
         69:fe:0e:1b:95:6c:71:ca:10:a7:d6:11:59:5b:2e:f2:59:92:
         0a:48:fd:b2:18:82:98:7a:30:a8:80:e0:cf:a6:d4:31:c1:fc:
         41:53:86:8a:3b:b2:bb:cc:dc:b7:85:ec:b3:20:57:60:8c:8f:
         de:e7:9b:47:ab:65:66:af:7c:3c:84:76:a1:1e:a0:5a:dc:75:
         99:ba:61:dd:07:6f:d9:da:75:8d:c0:75:4c:25:2e:78:79:fe:
         1d:b2:ff:1e:da:28:5a:fb:3d:d7:de:97:a4:c9:6c:e8:fc:79:
         60:0d:dc:72:34:48:7b:d4:8f:08:a3:4c:9b:9c:7c:7c:e9:7f:
         e1:65:40:4c:46:5d:0d:7b:73:59:88:76:8e:58:39:64:58:01:
         f5:54:03:c0:c3:d5:ee:48:7a:f1:a2:7b:51:34:0d:e7:57:75:
         9b:76:bc:b5:02:47:53:25:8c:e3:0a:3c:68:83:fd:37:8c:a8:
         8a:45:4c:cf:89:8f:33:77:34:8c:ae:79:17:df:39:2f:8f:c0:
         1c:f0:41:45
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICM4UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA3MjEwNDM0NTNaFw0yNDA2MTMwNDM0NTNaMBgxFjAU
BgNVBAMTDTY0YmEwYWYwLWYyN2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDtiXkvPvsnFLs7Ogwl4AU125yGNE4Zm56CiiXez14Vzr9Dbqp2njUi6nzT
JtRDXrjNPjGLshzX47X2INzXRIXF5JutSj46fP1FkxhSTiAH1FuIoJs2D9mFFnUV
Csd3pgGy+R277drQZrUikW1ZQasAUHnF8nkObEeRnzAPJQ08FWtoFcWRPXYwybgs
OANiVkj6o1ZnZBTDQKPPEdAezZaNroSCCAzGxRL2l7x+PuRVBExxPlu+omG0A2BP
hl3c/vhBjeIV8Zv3wYnH7073cmViOCOZLs6tI4bSVTXrFXF3s5eOgNsmt6nmBVIJ
DrK0Tm98xLFJL8haPhechm+yTfNHAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU4GxA
6J+bOYaa9I2uJUFi2MaYM7swHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0YxNTEzOTI0Mjc3RjExRUU5MzExNkQxNzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa1BswDQYJKoZIhvcNAQEL
BQADggEBAK/wq4UgzWZl0CI1Tqu//9hNjUp0PMI/k3LIVMj31tzMkrhBjj43jHLD
/vUEu9XfiFXJSRf4e2n+DhuVbHHKEKfWEVlbLvJZkgpI/bIYgph6MKiA4M+m1DHB
/EFThoo7srvM3LeF7LMgV2CMj97nm0erZWavfDyEdqEeoFrcdZm6Yd0Hb9nadY3A
dUwlLnh5/h2y/x7aKFr7Pdfel6TJbOj8eWAN3HI0SHvUjwijTJucfHzpf+FlQExG
XQ17c1mIdo5YOWRYAfVUA8DD1e5IevGie1E0DedXdZt2vLUCR1MljOMKPGiD/TeM
qIpFTM+JjzN3NIyueRffOS+PwBzwQUU=
-----END CERTIFICATE-----