Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB35736A4B7611F08D262D93DAE4EC9C.roa
File:                     BB35736A4B7611F08D262D93DAE4EC9C.roa (raw, json)
Hash identifier:          JTyG+r547HCOuUVyiyiWoBqk+1kShmp6lzMh8gkruXY=
Subject key identifier:   29:33:A0:70:14:F6:D0:86:61:65:B3:33:39:9F:41:01:AD:BC:F6:DC
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01871D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB35736A4B7611F08D262D93DAE4EC9C.roa
Signing time:             Tue 17 Jun 2025 12:29:39 +0000
ROA not before:           Tue 17 Jun 2025 12:29:32 +0000
ROA not after:            Fri 25 Jul 2025 12:29:32 +0000
asID:                     20326
IP address blocks:        154.193.132.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 03 Jul 2025 11:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 100125 (0x1871d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jun 17 12:29:32 2025 GMT
            Not After : Jul 25 12:29:32 2025 GMT
        Subject: CN=68515fb3-8b69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f8:a1:16:f9:29:3c:9f:f2:78:c4:1b:00:9a:
                    a9:db:14:d2:33:07:8b:a9:a1:1e:f0:9c:ce:04:84:
                    0e:49:9b:ca:da:5a:39:9d:a4:fe:0b:bc:b1:23:75:
                    d0:67:7d:6d:8a:25:d5:b4:8b:6c:ba:e3:7b:cd:f7:
                    dc:1c:0d:8d:02:42:59:b0:9c:77:1a:29:0e:82:f5:
                    3b:4c:86:6e:de:34:47:ed:d8:95:31:9f:0e:b9:0c:
                    b6:92:0b:cd:be:b9:8e:48:82:9d:77:9a:94:12:1b:
                    70:02:fb:bf:3b:5c:a9:03:32:0e:8e:0f:7a:a6:a8:
                    f8:25:fc:05:7a:6c:d8:f4:a5:3c:3d:83:96:70:71:
                    84:08:60:b6:78:4f:51:05:bf:00:a2:98:8b:a2:1d:
                    ef:54:14:c4:a7:13:45:6d:33:47:8c:18:2d:f8:e1:
                    98:7b:3f:cb:fb:09:0d:2d:4d:89:38:ea:33:82:6b:
                    fa:c9:ce:ce:fe:48:61:2a:66:0b:3c:d2:d0:1d:b8:
                    08:41:26:d2:2c:7f:f3:5b:fe:c3:87:99:5a:31:7d:
                    a8:03:3f:c1:3d:63:b3:93:44:8f:83:dd:73:7c:c8:
                    ed:d1:e5:5d:fb:70:8b:7e:7b:9f:23:9f:5f:38:6e:
                    d1:62:f0:f9:f1:b1:87:6a:57:34:b6:5b:39:66:c4:
                    45:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:33:A0:70:14:F6:D0:86:61:65:B3:33:39:9F:41:01:AD:BC:F6:DC
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB35736A4B7611F08D262D93DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.193.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:2d:3b:a5:cd:a3:68:f5:c2:82:c9:7b:1a:80:26:38:4f:98:
         dc:3d:6e:ef:e4:23:49:fc:ee:67:db:2c:4b:6e:87:f5:ca:40:
         41:df:e6:7e:a1:3c:9d:88:51:62:eb:59:e7:a7:91:27:5f:96:
         6c:96:e9:ef:ad:98:b3:b6:1e:76:cb:a9:dc:db:cd:9d:42:6c:
         14:78:cb:4d:a8:c8:07:3a:ca:8d:78:4c:35:23:79:73:ef:a5:
         40:2c:f9:fe:78:d9:04:ec:d2:4e:97:1b:58:ab:84:da:f1:ac:
         5a:b0:17:25:c3:a7:5a:8a:de:bf:73:d6:f1:d8:f2:f2:50:a1:
         70:dd:50:80:99:03:ee:b6:fd:93:c8:9a:0f:c3:c5:a5:e1:ac:
         88:48:c5:bb:38:cf:88:84:cd:03:9f:63:69:f7:aa:36:41:08:
         5d:37:11:2b:8d:e2:a9:fb:df:1b:8b:f0:0c:0c:d2:5a:69:01:
         7d:c0:21:5e:d9:e6:d2:a6:80:f9:cc:28:8c:6f:8a:31:fa:c0:
         50:54:3f:fb:1a:c0:25:61:73:d2:29:ce:d1:28:b1:a4:f7:2b:
         cd:61:3f:96:45:a6:3b:81:32:91:06:79:e0:a9:bc:66:71:5d:
         46:a9:7a:5a:1c:cb:68:ef:81:15:a6:ff:47:c6:aa:fc:c2:98:
         e8:9e:46:e5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYcdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE3MTIyOTMyWhcNMjUwNzI1MTIyOTMyWjAYMRYw
FAYDVQQDEw02ODUxNWZiMy04YjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2fihFvkpPJ/yeMQbAJqp2xTSMweLqaEe8JzOBIQOSZvK2lo5naT+C7yx
I3XQZ31tiiXVtItsuuN7zffcHA2NAkJZsJx3GikOgvU7TIZu3jRH7diVMZ8OuQy2
kgvNvrmOSIKdd5qUEhtwAvu/O1ypAzIOjg96pqj4JfwFemzY9KU8PYOWcHGECGC2
eE9RBb8AopiLoh3vVBTEpxNFbTNHjBgt+OGYez/L+wkNLU2JOOozgmv6yc7O/khh
KmYLPNLQHbgIQSbSLH/zW/7Dh5laMX2oAz/BPWOzk0SPg91zfMjt0eVd+3CLfnuf
I59fOG7RYvD58bGHalc0tls5ZsRFZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCkz
oHAU9tCGYWWzMzmfQQGtvPbcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQjM1NzM2QTRCNzYxMUYwOEQyNjJEOTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGEMA0GCSqGSIb3DQEB
CwUAA4IBAQBiLTulzaNo9cKCyXsagCY4T5jcPW7v5CNJ/O5n2yxLbof1ykBB3+Z+
oTydiFFi61nnp5EnX5ZslunvrZizth52y6nc282dQmwUeMtNqMgHOsqNeEw1I3lz
76VALPn+eNkE7NJOlxtYq4Ta8axasBclw6dait6/c9bx2PLyUKFw3VCAmQPutv2T
yJoPw8Wl4ayISMW7OM+IhM0Dn2Np96o2QQhdNxErjeKp+98bi/AMDNJaaQF9wCFe
2ebSpoD5zCiMb4ox+sBQVD/7GsAlYXPSKc7RKLGk9yvNYT+WRaY7gTKRBnngqbxm
cV1GqXpaHMto74EVpv9Hxqr8wpjonkbl
-----END CERTIFICATE-----