Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/400DDB2ECCE011EFAAA9C462762E951A.roa
File:                     400DDB2ECCE011EFAAA9C462762E951A.roa (raw, json)
Hash identifier:          BVp+TIGKPqg4/XaTKkA235RZibO791XxEdVbLBsWnNI=
Subject key identifier:   93:90:8C:D8:49:CB:43:9C:AE:44:17:00:29:AA:3F:1F:6C:77:78:AE
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       FB9B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/400DDB2ECCE011EFAAA9C462762E951A.roa
Signing time:             Tue 07 Jan 2025 10:14:59 +0000
ROA not before:           Tue 07 Jan 2025 10:14:55 +0000
ROA not after:            Mon 13 Dec 2027 10:14:55 +0000
asID:                     17561
IP address blocks:        156.233.226.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64411 (0xfb9b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  7 10:14:55 2025 GMT
            Not After : Dec 13 10:14:55 2027 GMT
        Subject: CN=677cfea3-ef84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:80:79:3e:4a:32:0a:c4:c9:f8:1b:90:48:a8:
                    fa:b9:d9:e7:46:18:22:84:eb:89:e9:25:47:42:f6:
                    a8:f2:a1:79:bd:e4:3f:87:6b:95:11:0e:89:1e:2b:
                    55:9e:15:a8:cc:dc:86:6b:9e:24:52:92:6d:ac:3b:
                    e9:f7:ce:84:8c:d3:c1:a5:01:21:6a:b5:36:5b:c7:
                    62:76:1d:e8:9b:0a:2b:2d:f0:71:4f:4a:e9:1c:72:
                    39:3e:72:74:7a:0d:8d:58:06:ba:b5:57:93:79:21:
                    82:2e:5a:46:60:ce:c6:c2:17:98:0d:09:9c:90:19:
                    c8:03:e5:ba:24:a1:cb:03:5f:28:da:0e:09:ba:81:
                    a9:29:06:30:39:42:3e:92:fb:15:79:79:13:b8:d8:
                    7f:be:88:72:ba:79:ed:1f:df:f8:72:b9:dd:95:1c:
                    47:72:2f:62:f8:ab:c5:e1:9f:ec:48:07:cf:5a:eb:
                    2d:c8:2f:9b:62:c0:43:6d:26:f6:5c:76:d9:49:e6:
                    a0:96:63:a5:3f:f4:64:3e:b0:74:12:58:dd:57:8e:
                    3f:41:97:eb:a1:05:3e:82:06:46:7f:42:dc:5e:2b:
                    9a:30:63:db:08:2c:73:01:5e:90:fb:07:cf:69:be:
                    60:9d:63:bf:1a:a1:61:d1:f1:2d:c1:df:6f:af:d6:
                    71:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:90:8C:D8:49:CB:43:9C:AE:44:17:00:29:AA:3F:1F:6C:77:78:AE
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/400DDB2ECCE011EFAAA9C462762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.233.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:8b:40:ae:28:8d:d9:5a:ef:43:a8:1f:0b:6a:b9:8f:bc:93:
         9f:a3:37:35:1a:8f:7c:39:24:d7:8b:1d:37:f2:ab:17:d4:7d:
         77:87:5d:e0:7d:5a:c0:0a:01:fb:e4:54:6b:4f:81:c1:07:af:
         c6:75:59:59:08:2d:76:33:15:03:31:96:05:6f:00:ef:fa:b0:
         5e:e8:5d:fe:db:7d:c7:01:2c:05:7d:6e:e7:e7:67:05:a9:be:
         20:de:e9:a7:03:41:60:4e:83:b0:8e:61:ed:6a:3e:b3:b5:b3:
         25:99:82:62:c3:95:17:aa:63:27:fa:62:2f:44:dd:95:57:fe:
         d5:0c:f6:ca:61:80:ae:7a:93:32:4c:6a:70:b5:dd:1a:06:5a:
         33:0d:9f:18:77:da:18:cb:77:97:8d:9d:c9:68:44:b6:4b:91:
         a6:65:d7:97:91:9a:1c:7c:3c:61:06:06:99:d5:c8:8e:24:eb:
         c4:49:e7:23:11:d5:48:71:72:30:1d:76:0b:21:ae:ec:ee:1e:
         7d:be:fe:5a:78:90:e0:ad:4c:13:36:5d:f4:c5:5d:a1:a3:f0:
         68:a3:1a:21:55:d9:81:6f:4b:f5:1e:4d:e6:99:c0:12:2f:ec:
         c6:7d:63:1b:a8:19:f4:7b:94:e7:3b:ad:90:a9:67:d2:6d:ba:
         5d:e1:80:b6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPubMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTAxNDU1WhcNMjcxMjEzMTAxNDU1WjAYMRYw
FAYDVQQDEw02NzdjZmVhMy1lZjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAroB5PkoyCsTJ+BuQSKj6udnnRhgihOuJ6SVHQvao8qF5veQ/h2uVEQ6J
HitVnhWozNyGa54kUpJtrDvp986EjNPBpQEharU2W8didh3omworLfBxT0rpHHI5
PnJ0eg2NWAa6tVeTeSGCLlpGYM7GwheYDQmckBnIA+W6JKHLA18o2g4JuoGpKQYw
OUI+kvsVeXkTuNh/vohyunntH9/4crndlRxHci9i+KvF4Z/sSAfPWustyC+bYsBD
bSb2XHbZSeaglmOlP/RkPrB0EljdV44/QZfroQU+ggZGf0LcXiuaMGPbCCxzAV6Q
+wfPab5gnWO/GqFh0fEtwd9vr9ZxjwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJOQ
jNhJy0OcrkQXACmqPx9sd3iuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MDBEREIyRUNDRTAxMUVGQUFBOUM0NjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOniMA0GCSqGSIb3DQEBCwUA
A4IBAQCbi0CuKI3ZWu9DqB8LarmPvJOfozc1Go98OSTXix038qsX1H13h13gfVrA
CgH75FRrT4HBB6/GdVlZCC12MxUDMZYFbwDv+rBe6F3+233HASwFfW7n52cFqb4g
3umnA0FgToOwjmHtaj6ztbMlmYJiw5UXqmMn+mIvRN2VV/7VDPbKYYCuepMyTGpw
td0aBlozDZ8Yd9oYy3eXjZ3JaES2S5GmZdeXkZocfDxhBgaZ1ciOJOvESecjEdVI
cXIwHXYLIa7s7h59vv5aeJDgrUwTNl30xV2ho/BooxohVdmBb0v1Hk3mmcASL+zG
fWMbqBn0e5TnO62QqWfSbbpd4YC2
-----END CERTIFICATE-----