Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/E85D3C24DD5D11EF9F43C972762E951A.roa
File:                     E85D3C24DD5D11EF9F43C972762E951A.roa (raw, json)
Hash identifier:          pGLOjm7GcbhVCAv4nSzg8/IEawOYrqF7wFQJVytsdnk=
Subject key identifier:   85:44:4C:11:1A:49:73:9A:EF:7E:E7:2B:4A:96:B0:68:37:58:04:E2
Certificate issuer:       /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial:       14
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/E85D3C24DD5D11EF9F43C972762E951A.roa
Signing time:             Tue 28 Jan 2025 09:54:47 +0000
ROA not before:           Tue 28 Jan 2025 09:54:44 +0000
ROA not after:            Wed 31 Jan 2035 09:54:44 +0000
asID:                     30992
IP address blocks:        129.0.105.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
                          rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 14 Apr 2025 00:26:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20 (0x14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
        Validity
            Not Before: Jan 28 09:54:44 2025 GMT
            Not After : Jan 31 09:54:44 2035 GMT
        Subject: CN=6798a967-f786
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:c4:0a:c8:4f:a9:89:b2:f1:80:31:6f:bc:ff:
                    30:92:c4:7e:fa:99:f2:57:20:02:28:37:55:f3:56:
                    88:1a:ec:81:33:86:9d:fd:92:47:17:73:39:d6:63:
                    25:5e:00:98:0d:63:ce:d6:12:ea:4f:9c:c5:61:34:
                    ac:10:34:82:bc:13:6d:68:3b:53:12:70:c8:12:ef:
                    a4:a9:2b:f5:8a:1f:51:73:72:31:8d:40:1c:d6:a8:
                    2c:d5:6b:ee:ad:e5:02:b7:c9:c7:93:ca:a4:0d:cc:
                    11:37:65:13:43:19:c8:04:c7:94:fd:f0:9a:5f:23:
                    e6:cc:a0:13:b5:ce:74:66:b5:36:1e:e4:6d:3e:97:
                    ad:05:79:2d:f8:2f:38:3b:36:25:1e:f6:7e:71:3c:
                    78:6d:4c:d7:b4:96:a9:f5:4d:10:af:c7:6e:15:08:
                    7f:e6:02:ba:b4:e5:7f:98:3a:32:a5:da:cc:29:85:
                    38:77:97:41:66:db:ad:73:9d:66:f9:4a:b2:8e:f2:
                    b3:73:0f:ce:d3:de:02:b0:e8:17:ea:92:57:de:9f:
                    8d:cb:92:fa:50:94:7b:30:1b:ea:7e:a7:a7:6e:20:
                    fa:20:fc:0f:89:92:eb:d1:00:65:3e:2a:07:90:f5:
                    a1:61:38:8a:0d:de:43:c2:7f:3a:94:98:e2:90:ec:
                    4d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:44:4C:11:1A:49:73:9A:EF:7E:E7:2B:4A:96:B0:68:37:58:04:E2
            X509v3 Authority Key Identifier:
                keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/E85D3C24DD5D11EF9F43C972762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  129.0.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:0d:12:ee:37:c5:7b:57:da:52:58:38:50:e8:60:2b:fb:80:
         9b:21:ed:bf:ec:dc:a0:ee:57:7a:22:aa:52:5e:46:b1:d6:8a:
         17:30:2a:b0:b1:f1:94:73:d7:a1:4e:b6:25:08:51:51:08:68:
         82:0a:aa:65:99:97:24:1a:78:60:35:ec:91:8e:cf:e3:5e:2b:
         99:bd:a0:8f:8d:d7:02:b6:e3:42:56:7e:94:aa:78:c6:f5:da:
         03:f4:0d:14:4c:56:9e:3b:2b:3f:2d:ee:a5:60:3b:91:38:55:
         b5:04:90:5d:aa:26:d3:8e:69:f6:d1:55:a7:bb:ef:2b:cf:e2:
         0c:a8:e0:3b:cd:2e:bb:f1:17:d1:7c:19:e0:02:30:39:cc:50:
         04:71:aa:c3:68:48:76:dd:eb:9b:64:bd:9f:1d:ce:7c:be:3b:
         33:81:44:8b:4f:b9:e4:4a:82:28:d5:76:59:d8:b8:9e:d6:48:
         1d:4e:04:92:8d:a7:8a:6f:ae:e9:4a:66:4e:0b:6a:5a:ed:6e:
         5a:a7:a6:13:00:f7:82:99:b7:8d:7e:5b:ab:4f:b2:bd:21:09:
         56:23:93:26:0a:b6:da:e8:74:af:b9:ab:f5:2f:b4:64:ea:c4:
         ef:3b:b1:0b:11:1d:9d:6e:1c:f3:56:3b:ae:a2:76:fe:cb:ec:
         12:0c:a3:ed
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBFDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDEyODA5NTQ0NFoXDTM1MDEzMTA5NTQ0NFowGDEWMBQG
A1UEAxMNNjc5OGE5NjctZjc4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOPECshPqYmy8YAxb7z/MJLEfvqZ8lcgAig3VfNWiBrsgTOGnf2SRxdzOdZj
JV4AmA1jztYS6k+cxWE0rBA0grwTbWg7UxJwyBLvpKkr9YofUXNyMY1AHNaoLNVr
7q3lArfJx5PKpA3METdlE0MZyATHlP3wml8j5sygE7XOdGa1Nh7kbT6XrQV5Lfgv
ODs2JR72fnE8eG1M17SWqfVNEK/HbhUIf+YCurTlf5g6MqXazCmFOHeXQWbbrXOd
ZvlKso7ys3MPztPeArDoF+qSV96fjcuS+lCUezAb6n6np24g+iD8D4mS69EAZT4q
B5D1oWE4ig3eQ8J/OpSY4pDsTVECAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSFREwR
Gklzmu9+5ytKlrBoN1gE4jAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvRTg1RDNDMjRERDVEMTFFRjlGNDNDOTcyNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEAaTANBgkqhkiG9w0BAQsFAAOC
AQEAxw0S7jfFe1faUlg4UOhgK/uAmyHtv+zcoO5XeiKqUl5GsdaKFzAqsLHxlHPX
oU62JQhRUQhoggqqZZmXJBp4YDXskY7P414rmb2gj43XArbjQlZ+lKp4xvXaA/QN
FExWnjsrPy3upWA7kThVtQSQXaom045p9tFVp7vvK8/iDKjgO80uu/EX0XwZ4AIw
OcxQBHGqw2hIdt3rm2S9nx3OfL47M4FEi0+55EqCKNV2Wdi4ntZIHU4Eko2nim+u
6UpmTgtqWu1uWqemEwD3gpm3jX5bq0+yvSEJViOTJgq22uh0r7mr9S+0ZOrE7zux
CxEdnW4c81Y7rqJ2/svsEgyj7Q==
-----END CERTIFICATE-----