Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C531980E6F9711F0B2227AB6DAE4EC9C.roa
File:                     C531980E6F9711F0B2227AB6DAE4EC9C.roa (raw, json)
Hash identifier:          RqDR/Kb1AknTxsK1XOvyIDo0AeUJ4AfpWbYTLr/dGGU=
Subject key identifier:   A3:0D:DA:A0:7F:CD:C0:60:64:3D:08:B8:B7:1F:89:16:A7:9F:F7:9F
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       019030
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C531980E6F9711F0B2227AB6DAE4EC9C.roa
Signing time:             Sat 02 Aug 2025 11:56:49 +0000
ROA not before:           Sat 02 Aug 2025 11:56:44 +0000
ROA not after:            Sat 06 Sep 2025 11:56:44 +0000
asID:                     139646
IP address blocks:        154.86.0.0/24 maxlen: 24
                          154.91.224.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 08 Aug 2025 00:06:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102448 (0x19030)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Aug  2 11:56:44 2025 GMT
            Not After : Sep  6 11:56:44 2025 GMT
        Subject: CN=688dfd01-cf1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ea:5e:d3:99:bd:63:60:a5:ff:09:69:53:ad:
                    3d:56:97:06:52:df:16:45:6e:ab:dc:dd:e4:5f:8b:
                    17:37:69:70:f2:67:03:34:e7:cf:00:36:ae:87:9d:
                    2f:62:4f:91:1c:cd:a3:96:04:e6:6f:74:7b:b9:d0:
                    8a:69:b6:df:89:1f:b2:7f:3e:af:a9:31:f3:7f:bc:
                    54:7a:db:48:ab:fe:21:78:ce:2d:91:99:7b:3d:6e:
                    70:c0:aa:3f:2c:ae:55:18:4c:95:fe:38:d0:1c:41:
                    b2:f6:44:95:e5:31:57:34:5a:67:f9:b7:34:de:a8:
                    0f:5f:76:aa:0d:06:8a:40:22:3d:31:1b:dc:96:1c:
                    53:c6:e5:84:0d:ca:0b:06:5a:7e:17:4a:f0:14:be:
                    a1:73:a0:ca:09:d7:62:63:b6:ba:fe:b1:8b:22:88:
                    be:72:3a:c3:26:e5:41:8a:3a:21:5a:33:9f:7b:aa:
                    fb:68:ee:d4:f7:83:73:ef:cc:27:bb:d1:67:5f:01:
                    30:33:f9:1a:e2:44:29:4a:0a:40:bc:1a:d2:f2:49:
                    40:a8:84:69:59:21:3f:f4:57:80:e2:03:fb:6d:53:
                    7d:d0:2d:a4:8a:4c:3b:4c:98:e6:11:d5:7b:b5:65:
                    04:cc:21:63:6f:fd:c4:e9:54:c6:f7:28:b9:6d:26:
                    e0:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:0D:DA:A0:7F:CD:C0:60:64:3D:08:B8:B7:1F:89:16:A7:9F:F7:9F
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C531980E6F9711F0B2227AB6DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.86.0.0/24
                  154.91.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         d1:69:c7:43:a5:9c:52:66:cb:82:c9:8b:f7:6f:a2:f3:dc:cc:
         b0:f5:1a:89:d1:4f:fc:ae:5b:7e:87:65:92:5b:92:31:c0:3b:
         36:d4:67:69:4b:86:f1:76:71:93:1c:6f:3f:8a:7e:57:c3:95:
         46:ee:54:e4:07:a3:52:6b:bf:84:98:ca:e3:7f:fa:81:b8:75:
         10:17:76:bb:61:1e:15:48:b3:e4:14:db:7b:39:b0:f0:c4:eb:
         cb:91:3c:3d:83:99:76:ac:03:ec:85:1b:22:08:e1:ee:f5:58:
         c6:c6:92:f7:af:fd:b4:78:12:c6:fd:a2:51:bd:6d:63:40:fd:
         57:82:a2:b6:a2:2a:8c:4a:bc:0e:94:56:3f:08:a8:e7:26:8e:
         52:a9:85:6e:b2:fc:89:8f:4c:17:bf:8b:63:27:f9:ac:09:cc:
         24:76:a7:5f:20:7d:8a:d9:f5:6d:bb:61:eb:fc:21:8c:c8:66:
         99:66:55:d7:6c:5f:61:e4:6d:a3:fc:ae:8c:3c:1c:bc:8a:63:
         c2:7c:bc:f4:b7:70:e2:1f:74:a7:31:1f:49:39:48:2e:dc:7b:
         ef:97:f0:80:77:e8:d2:6f:91:9d:23:34:7c:a0:29:c8:1e:92:
         4e:c8:7b:b2:c3:13:67:81:40:25:dd:59:db:a3:65:fb:49:13:
         7f:47:6b:25
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZAwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAyMTE1NjQ0WhcNMjUwOTA2MTE1NjQ0WjAYMRYw
FAYDVQQDEw02ODhkZmQwMS1jZjFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAk+pe05m9Y2Cl/wlpU609VpcGUt8WRW6r3N3kX4sXN2lw8mcDNOfPADau
h50vYk+RHM2jlgTmb3R7udCKabbfiR+yfz6vqTHzf7xUettIq/4heM4tkZl7PW5w
wKo/LK5VGEyV/jjQHEGy9kSV5TFXNFpn+bc03qgPX3aqDQaKQCI9MRvclhxTxuWE
DcoLBlp+F0rwFL6hc6DKCddiY7a6/rGLIoi+cjrDJuVBijohWjOfe6r7aO7U94Nz
78wnu9FnXwEwM/ka4kQpSgpAvBrS8klAqIRpWSE/9FeA4gP7bVN90C2kikw7TJjm
EdV7tWUEzCFjb/3E6VTG9yi5bSbgrwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFKMN
2qB/zcBgZD0IuLcfiRann/efMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNTMxOTgwRTZGOTcxMUYwQjIyMjdBQjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlYAAwQFmlvgMA0GCSqG
SIb3DQEBCwUAA4IBAQDRacdDpZxSZsuCyYv3b6Lz3Myw9RqJ0U/8rlt+h2WSW5Ix
wDs21GdpS4bxdnGTHG8/in5Xw5VG7lTkB6NSa7+EmMrjf/qBuHUQF3a7YR4VSLPk
FNt7ObDwxOvLkTw9g5l2rAPshRsiCOHu9VjGxpL3r/20eBLG/aJRvW1jQP1XgqK2
oiqMSrwOlFY/CKjnJo5SqYVusvyJj0wXv4tjJ/msCcwkdqdfIH2K2fVtu2Hr/CGM
yGaZZlXXbF9h5G2j/K6MPBy8imPCfLz0t3DiH3SnMR9JOUgu3Hvvl/CAd+jSb5Gd
IzR8oCnIHpJOyHuywxNngUAl3Vnbo2X7SRN/R2sl
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:14:54 2025 by rpki-client