Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/26B22E76B0FA11EEB23D2A52775412E6.roa
File:                     26B22E76B0FA11EEB23D2A52775412E6.roa (raw, json)
Hash identifier:          WQz51sx2ReRlkShq8XzL+WMdyTAv72gm1MgxACyzQSc=
Subject key identifier:   CB:D1:0D:FB:A5:7E:F6:4B:A2:36:2A:D6:9D:F9:02:3E:EF:2F:17:1A
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       5FE6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/26B22E76B0FA11EEB23D2A52775412E6.roa
Signing time:             Fri 12 Jan 2024 03:24:53 +0000
ROA not before:           Fri 12 Jan 2024 03:24:50 +0000
ROA not after:            Thu 09 Jan 2025 03:24:50 +0000
asID:                     151206
IP address blocks:        156.240.74.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24550 (0x5fe6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jan 12 03:24:50 2024 GMT
            Not After : Jan  9 03:24:50 2025 GMT
        Subject: CN=65a0b105-5816
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e6:64:e7:ef:61:65:57:8e:c5:bf:17:80:54:
                    e6:d0:31:b3:46:fb:6f:6b:c3:1a:46:20:8e:4f:53:
                    c8:8e:fe:75:90:8e:57:85:5a:a6:35:3a:4f:b7:85:
                    94:2d:40:2a:be:d2:5f:88:88:15:50:36:91:90:09:
                    a9:fd:b5:af:21:de:f3:f7:57:e4:37:d3:95:50:84:
                    52:96:97:0d:62:f2:40:de:9f:4f:45:a1:fd:28:96:
                    70:03:7d:25:25:6e:cd:16:de:1c:63:fe:bc:e6:e4:
                    3c:6d:06:32:a2:4f:d7:f1:3c:44:6b:4a:6d:85:46:
                    a5:7b:e6:9a:ec:18:06:80:75:86:9e:30:f9:f7:8e:
                    6c:a7:ef:45:8c:33:17:29:ed:b3:fd:fb:a3:a2:42:
                    9e:af:c4:d4:32:0d:f1:49:47:51:41:f9:fd:b6:81:
                    a5:e1:cc:6a:a2:f6:97:fe:0f:ac:b4:4f:23:03:8a:
                    c7:17:7d:0b:36:fc:32:fa:30:ae:b7:a7:a5:c9:79:
                    68:65:6b:5c:d4:75:51:0e:fa:6d:d4:3e:69:b2:9a:
                    69:02:43:1b:da:6b:3b:95:98:39:20:f5:33:f6:6f:
                    53:43:2e:86:9e:b7:cf:90:f9:fe:66:1e:76:da:aa:
                    0e:a5:d4:89:c6:f5:0c:8b:b8:4a:cb:97:89:cc:8a:
                    02:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:D1:0D:FB:A5:7E:F6:4B:A2:36:2A:D6:9D:F9:02:3E:EF:2F:17:1A
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/26B22E76B0FA11EEB23D2A52775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.240.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:5a:42:4f:60:c9:4f:1c:1a:90:bc:1d:6c:b4:27:f7:5a:f6:
         11:ac:e3:0d:60:da:84:9c:91:6c:c3:e0:42:5b:4f:15:fd:87:
         6f:f4:b4:5e:2f:0c:a9:f5:ac:18:63:90:1c:a9:7e:e4:46:58:
         04:0b:56:12:f9:38:fb:f2:f3:c5:9b:ce:b6:3e:00:bf:4e:cc:
         37:f2:a7:c7:17:4b:1f:0d:27:3d:83:83:8f:3a:c6:5b:88:79:
         e8:a9:9c:be:26:80:48:2c:a8:e4:95:11:3d:76:e4:4d:f4:6d:
         8c:65:9f:4e:25:07:ff:46:fe:5a:a7:c7:74:bd:d6:48:e1:df:
         cd:18:f6:f2:1d:fc:83:33:77:82:5f:3e:b9:0f:3a:6d:fd:aa:
         70:f8:3f:f5:92:58:4f:1a:3b:39:b1:9c:aa:20:58:94:cb:bb:
         9f:2e:0e:c3:ee:82:42:3b:79:45:72:74:a0:3c:d5:4f:5d:ee:
         eb:6e:50:7c:2e:a6:85:f4:46:71:a2:93:1b:c7:e5:38:79:66:
         3b:f9:52:42:4d:7c:a0:a9:29:33:2e:72:57:0f:e0:bb:3f:c2:
         6f:b1:4c:75:08:b9:c0:fb:59:a6:3e:e9:10:17:7f:8f:f1:dc:
         5a:eb:fb:59:07:9f:00:89:a0:83:b6:0b:f0:0f:54:73:c1:c6:
         fa:68:80:3a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICX+YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yNDAxMTIwMzI0NTBaFw0yNTAxMDkwMzI0NTBaMBgxFjAU
BgNVBAMTDTY1YTBiMTA1LTU4MTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCe5mTn72FlV47FvxeAVObQMbNG+29rwxpGII5PU8iO/nWQjleFWqY1Ok+3
hZQtQCq+0l+IiBVQNpGQCan9ta8h3vP3V+Q305VQhFKWlw1i8kDen09Fof0olnAD
fSUlbs0W3hxj/rzm5DxtBjKiT9fxPERrSm2FRqV75prsGAaAdYaeMPn3jmyn70WM
Mxcp7bP9+6OiQp6vxNQyDfFJR1FB+f22gaXhzGqi9pf+D6y0TyMDiscXfQs2/DL6
MK63p6XJeWhla1zUdVEO+m3UPmmymmkCQxvaazuVmDkg9TP2b1NDLoaet8+Q+f5m
Hnbaqg6l1InG9QyLuErLl4nMigKJAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUy9EN
+6V+9kuiNirWnfkCPu8vFxowHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzI2QjIyRTc2QjBGQTExRUVCMjNEMkE1Mjc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc8EowDQYJKoZIhvcNAQELBQAD
ggEBALpaQk9gyU8cGpC8HWy0J/da9hGs4w1g2oSckWzD4EJbTxX9h2/0tF4vDKn1
rBhjkBypfuRGWAQLVhL5OPvy88WbzrY+AL9OzDfyp8cXSx8NJz2Dg486xluIeeip
nL4mgEgsqOSVET125E30bYxln04lB/9G/lqnx3S91kjh380Y9vId/IMzd4JfPrkP
Om39qnD4P/WSWE8aOzmxnKogWJTLu58uDsPugkI7eUVydKA81U9d7utuUHwupoX0
RnGikxvH5Th5Zjv5UkJNfKCpKTMuclcP4Ls/wm+xTHUIucD7WaY+6RAXf4/x3Frr
+1kHnwCJoIO2C/APVHPBxvpogDo=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:22 2024 by rpki-client on console-fra.rpki-client.org