Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB71667E10DA11EEACA6B8244AD9E6FC.roa
File:                     FB71667E10DA11EEACA6B8244AD9E6FC.roa (raw, json)
Hash identifier:          nw6rmCR8Yp9gK66Yyn0vd6VMoB8ZsMGbHAzEi0mqxYQ=
Subject key identifier:   B0:EA:BA:14:67:BD:6C:A2:56:12:C6:3A:85:29:15:BF:FB:E0:97:04
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       2D4C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB71667E10DA11EEACA6B8244AD9E6FC.roa
Signing time:             Thu 22 Jun 2023 08:58:40 +0000
ROA not before:           Thu 22 Jun 2023 08:58:37 +0000
ROA not after:            Fri 05 Jul 2024 08:58:37 +0000
asID:                     210334
IP address blocks:        154.89.42.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 05 May 2024 00:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11596 (0x2d4c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jun 22 08:58:37 2023 GMT
            Not After : Jul  5 08:58:37 2024 GMT
        Subject: CN=64940d40-ebf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e3:65:17:82:e8:6b:b0:42:2d:ab:e7:b2:fc:
                    d7:ce:47:2e:02:f5:8a:a1:31:9d:0f:6c:da:dd:8e:
                    01:d5:8e:89:ca:99:51:e5:be:50:23:68:70:a7:0f:
                    cb:9a:78:a6:31:b3:a5:5f:cb:39:7c:2f:cb:d0:5c:
                    a0:15:b3:d5:b6:b4:f5:a0:a8:e8:d8:2e:91:a6:c8:
                    37:ec:84:89:9b:4d:2f:e1:5a:b6:7f:ea:0a:fd:a6:
                    31:e9:a0:0b:eb:af:3e:c3:9c:58:6b:bf:93:86:b4:
                    d6:9f:1a:e0:80:8a:87:5b:21:1e:33:7d:19:db:69:
                    06:e2:6a:62:66:db:7f:b3:fb:5f:88:18:7d:e2:99:
                    5c:1f:8e:01:af:61:ee:67:f0:f5:4d:1c:5c:d2:c7:
                    ca:78:3b:0e:22:c0:3f:87:47:31:83:98:dc:25:fe:
                    f8:b2:32:5e:78:7c:ca:45:b7:d4:02:6a:00:48:25:
                    0c:16:9f:79:d7:6c:81:cf:b7:1f:23:8c:aa:fd:a3:
                    6a:3c:28:b1:08:55:6d:6a:37:52:ce:6d:9f:c1:31:
                    b8:ad:0c:9a:a9:f8:94:b9:fe:bf:c6:05:8e:07:c3:
                    00:9c:ff:1e:89:bf:45:56:a1:cd:48:58:c3:5b:53:
                    16:3e:14:f1:97:f5:77:c0:4a:44:5f:af:a0:37:5a:
                    4e:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:EA:BA:14:67:BD:6C:A2:56:12:C6:3A:85:29:15:BF:FB:E0:97:04
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB71667E10DA11EEACA6B8244AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.89.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:70:96:fb:04:57:97:1b:c4:5f:38:e9:3b:56:55:2b:04:4f:
         fc:1d:55:39:ba:25:16:87:0b:da:69:82:39:7e:b0:f2:bf:31:
         76:97:ef:16:35:61:4d:82:b9:a7:c7:e4:56:8b:a2:5c:84:c4:
         7a:e0:71:7b:63:2d:bf:19:67:c5:d5:52:14:8f:e7:16:0e:76:
         02:15:26:2e:0d:70:0f:a8:ab:c6:b4:0c:de:39:22:53:54:a4:
         55:c7:7f:18:52:2f:11:b0:5d:0c:23:97:0c:c7:50:74:65:c6:
         4e:0c:71:b6:29:12:3e:97:3e:6d:31:4a:a3:32:b9:6b:ca:1d:
         97:52:e5:fe:eb:3b:eb:25:14:28:fc:10:ba:53:6d:cd:dc:8e:
         e4:2d:fe:2d:81:0d:77:8a:d7:7a:96:8f:93:fe:8e:e1:10:bd:
         e6:0a:19:8d:e2:6a:d0:07:2a:c7:7f:e9:c2:a8:5e:b8:e8:52:
         00:3e:27:de:bd:ac:89:cb:81:58:5f:9c:ff:41:d3:b6:a7:25:
         bc:c3:41:5a:f9:f6:c5:09:07:3b:e1:29:c2:73:a9:49:4d:f3:
         6e:c9:e3:82:80:f8:06:36:3b:77:f3:83:01:34:c2:2c:c9:24:
         c1:c1:7f:31:2f:c4:a5:61:1d:5a:c4:86:cb:e0:22:2a:f7:13:
         d2:0a:04:24
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICLUwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA2MjIwODU4MzdaFw0yNDA3MDUwODU4MzdaMBgxFjAU
BgNVBAMTDTY0OTQwZDQwLWViZjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCj42UXguhrsEItq+ey/NfORy4C9YqhMZ0PbNrdjgHVjonKmVHlvlAjaHCn
D8uaeKYxs6Vfyzl8L8vQXKAVs9W2tPWgqOjYLpGmyDfshImbTS/hWrZ/6gr9pjHp
oAvrrz7DnFhrv5OGtNafGuCAiodbIR4zfRnbaQbiamJm23+z+1+IGH3imVwfjgGv
Ye5n8PVNHFzSx8p4Ow4iwD+HRzGDmNwl/viyMl54fMpFt9QCagBIJQwWn3nXbIHP
tx8jjKr9o2o8KLEIVW1qN1LObZ/BMbitDJqp+JS5/r/GBY4HwwCc/x6Jv0VWoc1I
WMNbUxY+FPGX9XfASkRfr6A3Wk6bAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUsOq6
FGe9bKJWEsY6hSkVv/vglwQwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0ZCNzE2NjdFMTBEQTExRUVBQ0E2QjgyNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaWSowDQYJKoZIhvcNAQEL
BQADggEBAHVwlvsEV5cbxF846TtWVSsET/wdVTm6JRaHC9ppgjl+sPK/MXaX7xY1
YU2CuafH5FaLolyExHrgcXtjLb8ZZ8XVUhSP5xYOdgIVJi4NcA+oq8a0DN45IlNU
pFXHfxhSLxGwXQwjlwzHUHRlxk4McbYpEj6XPm0xSqMyuWvKHZdS5f7rO+slFCj8
ELpTbc3cjuQt/i2BDXeK13qWj5P+juEQveYKGY3iatAHKsd/6cKoXrjoUgA+J969
rInLgVhfnP9B07anJbzDQVr59sUJBzvhKcJzqUlN827J44KA+AY2O3fzgwE0wizJ
JMHBfzEvxKVhHVrEhsvgIir3E9IKBCQ=
-----END CERTIFICATE-----