Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A8A7A82C6CF11EFB6AAEB47762E951A.roa
File:                     0A8A7A82C6CF11EFB6AAEB47762E951A.roa (raw, json)
Hash identifier:          EInL6KGnyz5E2YR6RczV5x9oTdtVvCWcC/ApUq9EFu8=
Subject key identifier:   1C:A6:D5:D5:DE:2E:EC:F4:C1:26:E8:9B:BC:9A:18:A8:3B:82:F7:F2
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       F287
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A8A7A82C6CF11EFB6AAEB47762E951A.roa
Signing time:             Mon 30 Dec 2024 16:56:41 +0000
ROA not before:           Mon 30 Dec 2024 16:56:37 +0000
ROA not after:            Sat 10 Jan 2026 16:56:37 +0000
asID:                     136907
IP address blocks:        156.240.128.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62087 (0xf287)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Dec 30 16:56:37 2024 GMT
            Not After : Jan 10 16:56:37 2026 GMT
        Subject: CN=6772d0c9-804e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:04:40:00:2c:62:d4:ab:78:d0:7a:fe:6d:3f:
                    3d:44:c3:49:61:9a:37:cb:48:2f:8b:96:9e:37:4b:
                    23:1e:9b:0d:35:0a:c0:c9:da:a9:2a:e9:61:f6:c0:
                    ab:7a:57:9a:17:6d:30:33:0b:54:96:45:1a:14:31:
                    8e:30:0f:ee:a9:1b:88:19:f4:44:86:1f:85:b9:88:
                    c6:02:e3:6e:1f:fd:e6:e5:b5:16:6c:c0:85:f8:a0:
                    cb:3b:a8:3d:81:ba:d4:6e:52:68:fa:6b:43:d0:bb:
                    e7:cd:f9:c5:0c:53:5b:c1:b9:1c:85:19:52:97:47:
                    63:32:76:a1:a8:f4:a5:d3:b4:79:3d:3a:92:96:70:
                    a2:39:3e:6c:d3:ec:63:21:b1:03:4b:df:ab:eb:9f:
                    08:c4:95:13:43:99:80:4b:56:bd:8e:7c:a6:27:55:
                    c4:63:e2:7c:c8:af:68:e9:f7:da:c7:ad:ef:15:1a:
                    7d:cd:53:cb:49:cb:f6:e2:b2:df:2d:a7:12:35:f7:
                    ee:c9:9d:76:67:92:a2:1c:10:0a:44:92:4f:7b:6c:
                    df:24:80:df:f5:9b:a2:d6:8c:ab:6e:c7:de:fc:98:
                    22:26:fe:33:f8:2f:95:f5:79:89:fb:70:1e:bf:6b:
                    24:1d:44:d3:13:2e:af:be:f9:e3:c7:fc:29:f2:ec:
                    d9:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:A6:D5:D5:DE:2E:EC:F4:C1:26:E8:9B:BC:9A:18:A8:3B:82:F7:F2
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A8A7A82C6CF11EFB6AAEB47762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.240.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         28:bd:20:f1:40:33:65:9d:76:59:4c:99:fb:3c:60:3c:26:60:
         c8:f6:e2:39:f8:13:3c:d2:18:1b:ba:f4:55:db:63:9d:10:f9:
         3e:db:07:d2:4b:33:80:f7:48:d8:09:65:8d:16:97:6e:48:ad:
         e8:9d:8b:a0:96:2d:29:78:b3:73:d0:82:e0:cb:d9:4b:5b:f6:
         d4:fe:de:c1:67:0b:40:0e:ab:2f:da:7d:7d:de:63:47:5d:af:
         5b:85:cd:ca:97:43:a5:ee:77:39:40:2c:95:51:af:23:c1:e3:
         60:32:2a:2a:ad:a3:ea:a7:93:81:c0:dc:45:55:f1:d8:81:8d:
         c7:af:a4:5b:6d:91:a1:85:01:ed:49:d5:32:df:b7:47:84:d1:
         c7:9f:43:88:43:11:9c:19:8b:94:b8:26:ee:ef:67:ad:8d:e9:
         4b:ff:e0:ea:94:30:7b:c9:f3:71:c3:31:eb:d0:91:4c:d2:17:
         55:47:4e:61:4c:06:31:eb:43:45:e1:1f:9d:9d:41:88:ac:be:
         da:9e:37:30:29:b2:d6:bd:fe:28:a6:2e:2a:0e:c9:45:80:21:
         05:ae:e5:b5:f3:33:f6:af:fe:7a:0e:4e:2a:b8:f7:4a:84:a6:
         50:91:db:e1:9d:73:c6:54:02:aa:64:dc:e3:e6:42:13:f1:aa:
         11:a7:89:09
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPKHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjMwMTY1NjM3WhcNMjYwMTEwMTY1NjM3WjAYMRYw
FAYDVQQDEw02NzcyZDBjOS04MDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1wRAACxi1Kt40Hr+bT89RMNJYZo3y0gvi5aeN0sjHpsNNQrAydqpKulh
9sCreleaF20wMwtUlkUaFDGOMA/uqRuIGfREhh+FuYjGAuNuH/3m5bUWbMCF+KDL
O6g9gbrUblJo+mtD0LvnzfnFDFNbwbkchRlSl0djMnahqPSl07R5PTqSlnCiOT5s
0+xjIbEDS9+r658IxJUTQ5mAS1a9jnymJ1XEY+J8yK9o6ffax63vFRp9zVPLScv2
4rLfLacSNffuyZ12Z5KiHBAKRJJPe2zfJIDf9Zui1oyrbsfe/JgiJv4z+C+V9XmJ
+3Aev2skHUTTEy6vvvnjx/wp8uzZoQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBym
1dXeLuz0wSbom7yaGKg7gvfyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQThBN0E4MkM2Q0YxMUVGQjZBQUVCNDc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnPCAMA0GCSqGSIb3DQEBCwUA
A4IBAQAovSDxQDNlnXZZTJn7PGA8JmDI9uI5+BM80hgbuvRV22OdEPk+2wfSSzOA
90jYCWWNFpduSK3onYugli0peLNz0ILgy9lLW/bU/t7BZwtADqsv2n193mNHXa9b
hc3Kl0Ol7nc5QCyVUa8jweNgMioqraPqp5OBwNxFVfHYgY3Hr6RbbZGhhQHtSdUy
37dHhNHHn0OIQxGcGYuUuCbu72etjelL/+DqlDB7yfNxwzHr0JFM0hdVR05hTAYx
60NF4R+dnUGIrL7anjcwKbLWvf4opi4qDslFgCEFruW18zP2r/56Dk4quPdKhKZQ
kdvhnXPGVAKqZNzj5kIT8aoRp4kJ
-----END CERTIFICATE-----