Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/EDBDFADAF8FD11EF927E2BB0762E951A.roa
File:                     EDBDFADAF8FD11EF927E2BB0762E951A.roa (raw, json)
Hash identifier:          29ZGFjzgiIWdNA7ACTkdC4L4LIJWuqj3OaMhgmoWl8U=
Subject key identifier:   B7:21:16:A6:47:36:8F:72:68:3E:07:C1:02:62:22:B7:D4:83:B2:D4
Certificate issuer:       /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial:       0BEE
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access:    rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/EDBDFADAF8FD11EF927E2BB0762E951A.roa
Signing time:             Tue 04 Mar 2025 13:38:17 +0000
ROA not before:           Tue 04 Mar 2025 13:38:13 +0000
ROA not after:            Tue 06 Mar 2035 13:38:13 +0000
asID:                     210636
IP address blocks:        192.142.19.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
                          rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 07 Apr 2025 00:26:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3054 (0xbee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3669D6BAR
        Validity
            Not Before: Mar  4 13:38:13 2025 GMT
            Not After : Mar  6 13:38:13 2035 GMT
        Subject: CN=67c70249-94f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:2e:36:0c:2c:4a:30:11:e3:9f:95:4f:ad:40:
                    8e:08:d5:4c:6d:a6:51:13:e8:7b:db:82:9a:07:a6:
                    8b:94:2e:7e:6c:75:e3:1f:37:5a:bd:ab:46:d9:0a:
                    ea:f1:f9:67:48:f8:f1:67:73:e6:57:d4:2a:9d:29:
                    83:ee:21:3d:35:0c:77:57:5f:93:1a:bb:f1:93:32:
                    4e:1d:19:e0:84:07:08:09:ed:1d:13:de:0d:2f:20:
                    32:bf:7d:e8:26:1d:cb:ec:6e:7a:fa:99:48:22:7a:
                    26:fc:9c:da:a4:61:5c:4f:e5:3d:f6:ad:14:12:a8:
                    f7:41:e5:40:cf:be:37:74:67:4d:08:a7:e6:84:ae:
                    5d:98:70:e2:c6:d7:28:31:51:e8:c3:91:77:51:86:
                    11:5e:3e:cd:40:66:1c:57:bb:f7:6e:85:1f:31:e3:
                    a0:62:7c:63:ea:8f:9a:fe:9a:02:1d:63:4b:4a:bf:
                    11:cd:41:63:aa:81:c1:28:7c:e1:ec:59:ae:2d:3b:
                    a4:ff:31:3e:8d:ab:d4:52:81:e8:cc:42:2e:94:9d:
                    be:c2:f3:8e:de:87:90:1b:c4:f9:31:33:8b:fb:c5:
                    a7:ed:f2:9f:91:32:0d:d6:88:5f:03:5e:b6:0f:22:
                    1d:d7:4b:0b:f6:45:34:33:c5:fb:62:c4:17:53:ab:
                    dd:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:21:16:A6:47:36:8F:72:68:3E:07:C1:02:62:22:B7:D4:83:B2:D4
            X509v3 Authority Key Identifier:
                keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/EDBDFADAF8FD11EF927E2BB0762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.142.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:83:a5:33:ac:3b:ec:dc:08:9a:b9:fd:c8:1a:9e:e8:e5:52:
         d4:25:cb:1c:0e:85:d5:f9:41:dd:1d:8c:7c:84:29:8e:5d:51:
         db:bb:87:10:82:ae:8a:c1:24:00:13:a5:d1:45:81:8c:cc:94:
         8d:7b:bd:48:c2:16:8b:cc:70:f3:fc:f1:ff:af:68:be:6b:b8:
         54:ae:22:b9:45:44:6e:fe:88:c0:37:49:30:34:c8:64:75:a9:
         7e:da:c3:b8:0e:65:69:cf:31:77:34:d0:f2:ac:65:65:b9:08:
         02:08:7f:0a:45:c8:df:7a:08:c9:75:95:0f:5c:8e:2e:de:89:
         e5:89:5b:dd:84:03:8e:37:34:f2:4d:12:ce:34:7b:99:0a:b9:
         b6:d2:d7:90:0d:aa:dd:31:6b:11:49:1c:63:91:5a:2a:0b:aa:
         79:f4:58:99:6a:12:5a:19:b9:b6:ac:ef:5e:7f:69:5c:32:66:
         16:9e:07:3e:c6:c6:1c:dc:84:33:50:53:61:3c:26:94:5f:12:
         f7:ca:7b:cb:5b:9d:05:bf:63:a9:d7:6b:51:26:d5:27:b3:b7:
         b5:00:03:56:c1:f9:2b:63:ab:07:36:a5:24:dc:a2:34:fb:28:
         53:7a:c0:6b:c8:97:40:66:8f:c3:f0:be:ce:05:b2:dc:b9:c1:
         ed:86:6a:b4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC+4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNTAzMDQxMzM4MTNaFw0zNTAzMDYxMzM4MTNaMBgxFjAU
BgNVBAMTDTY3YzcwMjQ5LTk0ZjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWLjYMLEowEeOflU+tQI4I1UxtplET6HvbgpoHpouULn5sdeMfN1q9q0bZ
Curx+WdI+PFnc+ZX1CqdKYPuIT01DHdXX5Mau/GTMk4dGeCEBwgJ7R0T3g0vIDK/
fegmHcvsbnr6mUgieib8nNqkYVxP5T32rRQSqPdB5UDPvjd0Z00Ip+aErl2YcOLG
1ygxUejDkXdRhhFePs1AZhxXu/duhR8x46BifGPqj5r+mgIdY0tKvxHNQWOqgcEo
fOHsWa4tO6T/MT6Nq9RSgejMQi6Unb7C847eh5AbxPkxM4v7xaft8p+RMg3WiF8D
XrYPIh3XSwv2RTQzxftixBdTq92NAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUtyEW
pkc2j3JoPgfBAmIit9SDstQwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4L0VEQkRGQURBRjhGRDExRUY5MjdFMkJCMDc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjhMwDQYJKoZIhvcNAQELBQAD
ggEBACaDpTOsO+zcCJq5/cganujlUtQlyxwOhdX5Qd0djHyEKY5dUdu7hxCCrorB
JAATpdFFgYzMlI17vUjCFovMcPP88f+vaL5ruFSuIrlFRG7+iMA3STA0yGR1qX7a
w7gOZWnPMXc00PKsZWW5CAIIfwpFyN96CMl1lQ9cji7eieWJW92EA443NPJNEs40
e5kKubbS15ANqt0xaxFJHGORWioLqnn0WJlqEloZubas715/aVwyZhaeBz7Gxhzc
hDNQU2E8JpRfEvfKe8tbnQW/Y6nXa1Em1Sezt7UAA1bB+Stjqwc2pSTcojT7KFN6
wGvIl0Bmj8Pwvs4Fsty5we2GarQ=
-----END CERTIFICATE-----