Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3EAED2F2C39811EFAC7C7060762E951A.roa
File:                     3EAED2F2C39811EFAC7C7060762E951A.roa (raw, json)
Hash identifier:          SeHwhllDQxNwTtSgDedL6mkmYuNgutp0VvU49VJvqsI=
Subject key identifier:   24:1D:A8:CF:4F:8C:EF:17:A7:84:FB:DB:64:41:CD:97:C6:37:24:26
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       ED39
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3EAED2F2C39811EFAC7C7060762E951A.roa
Signing time:             Thu 26 Dec 2024 14:46:53 +0000
ROA not before:           Thu 26 Dec 2024 14:46:49 +0000
ROA not after:            Sun 12 Dec 2027 14:46:49 +0000
asID:                     17561
IP address blocks:        45.197.131.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60729 (0xed39)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Dec 26 14:46:49 2024 GMT
            Not After : Dec 12 14:46:49 2027 GMT
        Subject: CN=676d6c5c-e474
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:fb:74:70:f7:d7:b0:dd:e2:3f:7a:33:c1:f2:
                    ec:3e:71:7e:12:b7:00:49:ee:a4:85:5d:e8:03:1f:
                    8a:1f:c6:4e:3b:4a:0b:4a:d9:0d:7b:a7:be:12:7c:
                    51:33:a4:cc:f1:69:88:02:d9:37:f8:bc:0e:92:0a:
                    b1:f1:df:16:a0:b8:88:15:24:df:c5:52:b5:4b:c5:
                    b3:fa:d5:e0:cb:0b:9d:81:cf:36:9c:25:53:14:75:
                    4d:ba:c6:8d:a5:b3:fd:96:2c:ec:40:7f:1c:c8:29:
                    f3:3d:d8:24:94:9b:39:31:8f:b2:84:82:ae:56:77:
                    26:0d:20:dc:d3:f4:e4:18:b1:1f:ab:9a:e0:fa:f1:
                    59:43:7a:94:b2:52:6d:79:e9:69:a6:c8:d7:02:b9:
                    7a:09:78:2a:56:8e:3a:70:b6:1c:7f:e3:fd:93:93:
                    48:80:82:b5:24:dc:f8:25:30:db:da:89:08:a6:6f:
                    af:35:f6:b4:57:e1:fd:f7:9e:d2:0d:42:82:7f:34:
                    87:51:99:eb:5d:82:49:6a:88:d1:ce:a0:a2:da:a6:
                    6f:c1:35:fc:70:87:9c:6e:e0:4f:9c:41:08:5a:97:
                    5e:e3:e3:ad:7c:11:2a:84:eb:e2:0c:a2:7e:f8:b7:
                    db:be:02:37:8c:62:3b:e3:2c:11:86:1f:cc:31:e4:
                    33:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:1D:A8:CF:4F:8C:EF:17:A7:84:FB:DB:64:41:CD:97:C6:37:24:26
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3EAED2F2C39811EFAC7C7060762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.197.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:77:a9:c2:e0:e4:ce:fa:7f:69:e4:9e:50:90:30:5b:3c:b7:
         fc:88:71:4e:5e:9b:51:92:26:c5:63:84:04:bb:71:30:4a:7a:
         af:e8:e5:6e:1f:1b:6f:f1:00:5b:1a:0c:9a:64:af:97:89:00:
         d7:52:e0:ac:ff:0e:24:4b:39:af:a1:a6:94:5b:6a:5e:39:15:
         99:58:d2:23:9a:b3:63:ff:6c:ee:e9:ee:8e:29:d5:2e:d6:ba:
         a6:9d:4b:42:80:80:f2:a8:0d:67:dd:b6:0c:0a:fd:c2:28:0f:
         56:78:41:2b:85:ad:67:d4:70:c8:83:ee:9b:50:f4:bb:fd:e4:
         ce:3e:32:38:0c:83:0d:fb:6a:8b:e2:27:a4:02:bb:3a:a0:d2:
         a8:a3:77:43:c0:2c:df:dc:8b:e3:f8:3c:f0:77:d2:e4:bc:54:
         f2:93:5d:8f:0e:44:3f:b7:fa:9f:ff:63:f5:37:74:b2:d7:fb:
         f3:3a:38:00:ee:64:ae:f3:71:a7:28:d0:88:f8:21:d6:e2:62:
         39:15:b3:f3:23:1c:e7:eb:a8:90:10:42:c3:b0:1a:fd:3f:78:
         3f:7f:54:7d:66:2a:5c:a8:77:6f:18:88:8d:e1:ca:b2:be:e1:
         df:f2:de:fc:44:09:b4:e6:9b:ee:1c:3f:e0:25:24:22:1a:8b:
         9e:fc:7b:c1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO05MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTQ0NjQ5WhcNMjcxMjEyMTQ0NjQ5WjAYMRYw
FAYDVQQDEw02NzZkNmM1Yy1lNDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4ft0cPfXsN3iP3ozwfLsPnF+ErcASe6khV3oAx+KH8ZOO0oLStkNe6e+
EnxRM6TM8WmIAtk3+LwOkgqx8d8WoLiIFSTfxVK1S8Wz+tXgywudgc82nCVTFHVN
usaNpbP9lizsQH8cyCnzPdgklJs5MY+yhIKuVncmDSDc0/TkGLEfq5rg+vFZQ3qU
slJteelppsjXArl6CXgqVo46cLYcf+P9k5NIgIK1JNz4JTDb2okIpm+vNfa0V+H9
957SDUKCfzSHUZnrXYJJaojRzqCi2qZvwTX8cIecbuBPnEEIWpde4+OtfBEqhOvi
DKJ++LfbvgI3jGI74ywRhh/MMeQzyQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCQd
qM9PjO8Xp4T722RBzZfGNyQmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRUFFRDJGMkMzOTgxMUVGQUM3QzcwNjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcWDMA0GCSqGSIb3DQEBCwUA
A4IBAQBcd6nC4OTO+n9p5J5QkDBbPLf8iHFOXptRkibFY4QEu3EwSnqv6OVuHxtv
8QBbGgyaZK+XiQDXUuCs/w4kSzmvoaaUW2peORWZWNIjmrNj/2zu6e6OKdUu1rqm
nUtCgIDyqA1n3bYMCv3CKA9WeEErha1n1HDIg+6bUPS7/eTOPjI4DIMN+2qL4iek
Ars6oNKoo3dDwCzf3Ivj+Dzwd9LkvFTyk12PDkQ/t/qf/2P1N3Sy1/vzOjgA7mSu
83GnKNCI+CHW4mI5FbPzIxzn66iQEELDsBr9P3g/f1R9ZipcqHdvGIiN4cqyvuHf
8t78RAm05pvuHD/gJSQiGoue/HvB
-----END CERTIFICATE-----