Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/150B9B92C34D11EF84F95487762E951A.roa
File:                     150B9B92C34D11EF84F95487762E951A.roa (raw, json)
Hash identifier:          EGHY6rxF3PQUC7MDoM1p5cwAwUbhphvJuzdslEAbZ9Y=
Subject key identifier:   6C:5A:24:23:0E:13:CE:5C:CB:FF:00:8D:0D:71:4B:EB:41:73:8C:BA
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       EC4B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/150B9B92C34D11EF84F95487762E951A.roa
Signing time:             Thu 26 Dec 2024 05:48:51 +0000
ROA not before:           Thu 26 Dec 2024 05:48:47 +0000
ROA not after:            Thu 11 Dec 2025 05:48:47 +0000
asID:                     984
IP address blocks:        156.228.197.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60491 (0xec4b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Dec 26 05:48:47 2024 GMT
            Not After : Dec 11 05:48:47 2025 GMT
        Subject: CN=676cee42-acca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:6a:d4:1d:f3:17:59:f8:82:36:88:26:11:89:
                    70:77:f8:bb:53:70:70:51:8b:f2:a5:c0:93:93:f7:
                    b5:a1:81:d9:85:11:83:4a:48:ce:34:60:bb:93:82:
                    4b:a3:4a:7c:db:f2:39:ef:d7:62:79:db:47:6d:6b:
                    ee:3e:d9:29:76:04:45:5c:71:85:56:9d:42:21:bd:
                    04:13:03:b5:62:00:ab:0b:cf:5a:98:e7:3b:30:2d:
                    a4:b5:46:62:7a:b4:30:b8:fe:f2:86:30:fe:9e:d5:
                    42:9b:2c:ef:50:4d:8e:53:fc:d2:04:cb:57:5d:4c:
                    07:95:00:fa:45:f3:7f:bc:6b:1d:fb:fb:1c:0e:94:
                    04:a2:65:43:61:60:86:4c:8b:60:10:50:87:d2:31:
                    9e:2e:bc:8e:4f:a8:41:40:4f:d4:f3:6c:e6:07:45:
                    59:49:15:6d:dc:81:fe:56:00:7f:32:c1:9c:1d:79:
                    b5:a5:b6:14:99:73:a8:63:80:b0:51:4f:10:d7:81:
                    2d:b3:b0:db:55:33:5e:5a:15:39:dc:57:6b:6f:b8:
                    71:f5:67:e4:9a:2f:de:27:31:8e:67:c3:13:47:f7:
                    4a:38:e1:f4:78:49:48:d5:63:7a:96:47:fe:60:7c:
                    56:91:78:0c:2f:58:a5:38:06:c1:d5:31:a5:47:d0:
                    62:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:5A:24:23:0E:13:CE:5C:CB:FF:00:8D:0D:71:4B:EB:41:73:8C:BA
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/150B9B92C34D11EF84F95487762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.228.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:ae:3c:7c:3e:a6:37:b6:dd:1a:f1:9e:8a:fb:e8:0f:60:e2:
         91:5d:98:65:8e:63:35:3a:59:27:41:82:f4:78:84:32:97:cb:
         d2:ef:80:e6:5b:68:ce:62:c9:9c:2f:00:fe:59:73:40:93:20:
         29:93:d1:8c:33:38:06:12:1b:22:59:fa:64:6b:ef:f8:e3:06:
         40:45:5b:b1:79:aa:4c:2b:8a:b5:8e:de:f3:7a:71:ff:d8:2b:
         77:f0:e4:3f:3e:35:4c:82:3f:c6:22:27:a2:3f:8c:79:a4:3b:
         f7:97:38:04:5e:b5:b4:85:6b:6d:ab:0d:52:3a:8e:e1:cc:c6:
         77:a9:88:9e:36:65:dd:44:d2:65:52:32:e1:b8:bd:2a:4f:b9:
         70:67:c1:7d:c1:3a:0e:66:15:82:f6:84:51:78:7e:7d:61:71:
         3b:c3:39:34:63:b0:e1:b7:39:2e:fb:0a:aa:d9:34:1d:b8:c0:
         e5:93:79:c9:a2:c1:94:b6:6d:69:63:38:3e:f5:0d:9c:22:ec:
         dc:fc:79:05:39:74:ee:96:8a:a9:aa:32:de:bf:e0:5b:9a:3d:
         a1:79:16:8e:8f:df:1c:f5:67:0b:29:34:17:d4:0f:5f:28:69:
         c6:95:bc:31:98:14:b0:12:e6:b7:55:29:34:a6:38:31:cb:2c:
         22:06:63:14
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOxLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDU0ODQ3WhcNMjUxMjExMDU0ODQ3WjAYMRYw
FAYDVQQDEw02NzZjZWU0Mi1hY2NhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx2rUHfMXWfiCNogmEYlwd/i7U3BwUYvypcCTk/e1oYHZhRGDSkjONGC7
k4JLo0p82/I579diedtHbWvuPtkpdgRFXHGFVp1CIb0EEwO1YgCrC89amOc7MC2k
tUZierQwuP7yhjD+ntVCmyzvUE2OU/zSBMtXXUwHlQD6RfN/vGsd+/scDpQEomVD
YWCGTItgEFCH0jGeLryOT6hBQE/U82zmB0VZSRVt3IH+VgB/MsGcHXm1pbYUmXOo
Y4CwUU8Q14Ets7DbVTNeWhU53Fdrb7hx9Wfkmi/eJzGOZ8MTR/dKOOH0eElI1WN6
lkf+YHxWkXgML1ilOAbB1TGlR9BiqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGxa
JCMOE85cy/8AjQ1xS+tBc4y6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNTBCOUI5MkMzNEQxMUVGODRGOTU0ODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTFMA0GCSqGSIb3DQEBCwUA
A4IBAQB7rjx8PqY3tt0a8Z6K++gPYOKRXZhljmM1OlknQYL0eIQyl8vS74DmW2jO
YsmcLwD+WXNAkyApk9GMMzgGEhsiWfpka+/44wZARVuxeapMK4q1jt7zenH/2Ct3
8OQ/PjVMgj/GIieiP4x5pDv3lzgEXrW0hWttqw1SOo7hzMZ3qYieNmXdRNJlUjLh
uL0qT7lwZ8F9wToOZhWC9oRReH59YXE7wzk0Y7Dhtzku+wqq2TQduMDlk3nJosGU
tm1pYzg+9Q2cIuzc/HkFOXTuloqpqjLev+Bbmj2heRaOj98c9WcLKTQX1A9fKGnG
lbwxmBSwEua3VSk0pjgxyywiBmMU
-----END CERTIFICATE-----