Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B780226C99311EFA2640074762E951A.roa
File:                     1B780226C99311EFA2640074762E951A.roa (raw, json)
Hash identifier:          ixDE14RzdN4KDQw1Mhk9bykULLLR0c5PYkVIMqVXnfM=
Subject key identifier:   C9:1C:4F:1E:8F:D2:06:AC:6A:2D:0B:5A:20:17:81:91:28:77:F2:B0
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       F5F7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B780226C99311EFA2640074762E951A.roa
Signing time:             Fri 03 Jan 2025 05:25:13 +0000
ROA not before:           Fri 03 Jan 2025 05:25:09 +0000
ROA not after:            Mon 13 Dec 2027 05:25:09 +0000
asID:                     17561
IP address blocks:        156.233.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62967 (0xf5f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  3 05:25:09 2025 GMT
            Not After : Dec 13 05:25:09 2027 GMT
        Subject: CN=677774b9-fd72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:dc:c6:4e:b7:b9:a3:c4:2f:11:20:ef:88:89:
                    b7:bc:0b:d1:05:e4:5a:0f:e2:fc:9e:7a:63:a5:5a:
                    54:e6:f7:ae:50:9b:4e:e4:08:05:35:ec:a0:0d:ab:
                    ea:31:87:ef:c7:73:4d:67:bc:70:90:46:bc:2d:e4:
                    58:de:0c:2e:6c:a8:62:30:cf:3c:6d:96:a1:f1:4a:
                    3a:2c:39:71:ab:f2:94:1a:a7:18:8d:14:1a:a8:25:
                    55:d8:58:90:1f:b9:59:fa:7f:d4:8b:02:5f:52:99:
                    71:e0:e2:4a:01:e0:0e:e4:76:9a:96:69:ce:a1:f8:
                    c0:64:7e:21:e7:8f:cc:d9:f2:18:f9:3c:eb:47:c0:
                    23:3d:04:a2:0d:e8:f9:43:2b:2c:c7:86:78:65:45:
                    cd:98:d9:cb:7c:48:e4:fe:fd:56:5e:ab:5c:df:45:
                    74:ef:42:67:ae:d5:bc:68:76:76:3b:99:1e:41:82:
                    8d:73:71:96:64:98:d6:c4:79:6e:15:12:40:3f:30:
                    3c:c8:8a:d0:cb:f0:13:f1:85:de:96:88:3b:36:e6:
                    13:49:2a:5d:6b:46:3e:bf:a5:5f:17:77:5f:68:93:
                    96:6c:b1:a4:e3:cd:ca:66:22:e5:df:da:e7:ae:33:
                    3f:d6:40:39:23:34:92:ad:dd:81:b1:17:1c:ed:5e:
                    07:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:1C:4F:1E:8F:D2:06:AC:6A:2D:0B:5A:20:17:81:91:28:77:F2:B0
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B780226C99311EFA2640074762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.233.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:05:20:e6:c9:8e:35:0c:18:87:e3:e9:aa:b3:4f:66:0f:62:
         56:80:b7:02:cd:83:15:c3:30:e2:7b:2e:97:ed:de:05:80:66:
         7f:43:c6:cc:5e:3d:ab:89:9b:7f:bc:82:f5:c1:29:92:38:bd:
         72:b9:6c:9b:eb:89:59:33:09:a6:51:ab:98:27:a0:be:6f:dd:
         e6:f0:93:b5:cf:b5:b0:c6:2e:3c:af:2d:2d:14:a0:bb:f4:79:
         35:68:56:66:96:49:f5:af:cc:c8:f5:d1:8b:60:97:2e:db:dc:
         4f:08:3c:c1:03:52:01:9b:14:78:38:e8:e1:6e:06:c7:20:1a:
         4b:cf:8b:74:41:d7:d7:c5:30:1f:38:e3:95:1b:c8:da:11:77:
         cf:ab:84:af:6e:34:f4:18:54:a7:c2:8b:71:65:30:ea:11:e7:
         87:91:07:19:ea:67:db:77:ab:14:53:16:8e:c3:05:bb:17:be:
         45:4d:90:ec:62:9b:4f:2e:41:af:70:b8:20:32:58:05:21:ff:
         96:58:6e:b6:5c:85:90:37:5a:59:25:ac:5b:ac:fd:53:8f:01:
         9f:71:23:d5:7e:94:3e:c5:ab:1d:ed:63:ee:db:a5:9b:10:6d:
         64:e6:f8:f8:eb:84:33:56:3b:27:76:39:d6:68:f1:23:fc:c8:
         a4:90:fd:e0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPX3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDUyNTA5WhcNMjcxMjEzMDUyNTA5WjAYMRYw
FAYDVQQDEw02Nzc3NzRiOS1mZDcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3dzGTre5o8QvESDviIm3vAvRBeRaD+L8nnpjpVpU5veuUJtO5AgFNeyg
DavqMYfvx3NNZ7xwkEa8LeRY3gwubKhiMM88bZah8Uo6LDlxq/KUGqcYjRQaqCVV
2FiQH7lZ+n/UiwJfUplx4OJKAeAO5HaalmnOofjAZH4h54/M2fIY+TzrR8AjPQSi
Dej5Qyssx4Z4ZUXNmNnLfEjk/v1WXqtc30V070JnrtW8aHZ2O5keQYKNc3GWZJjW
xHluFRJAPzA8yIrQy/AT8YXelog7NuYTSSpda0Y+v6VfF3dfaJOWbLGk483KZiLl
39rnrjM/1kA5IzSSrd2BsRcc7V4HkwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMkc
Tx6P0gasai0LWiAXgZEod/KwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQjc4MDIyNkM5OTMxMUVGQTI2NDAwNzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmAMA0GCSqGSIb3DQEBCwUA
A4IBAQCwBSDmyY41DBiH4+mqs09mD2JWgLcCzYMVwzDiey6X7d4FgGZ/Q8bMXj2r
iZt/vIL1wSmSOL1yuWyb64lZMwmmUauYJ6C+b93m8JO1z7Wwxi48ry0tFKC79Hk1
aFZmlkn1r8zI9dGLYJcu29xPCDzBA1IBmxR4OOjhbgbHIBpLz4t0QdfXxTAfOOOV
G8jaEXfPq4SvbjT0GFSnwotxZTDqEeeHkQcZ6mfbd6sUUxaOwwW7F75FTZDsYptP
LkGvcLggMlgFIf+WWG62XIWQN1pZJaxbrP1TjwGfcSPVfpQ+xasd7WPu26WbEG1k
5vj464QzVjsndjnWaPEj/MikkP3g
-----END CERTIFICATE-----