Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/503B1EA6CCEC11EFAD0045AD762E951A.roa
File:                     503B1EA6CCEC11EFAD0045AD762E951A.roa (raw, json)
Hash identifier:          I4o32MBtu0NgaVwtjh3LH5s5oGYxoCU/axaq6rd4Bfc=
Subject key identifier:   DD:25:D4:E7:CE:3C:8E:01:A3:5C:7E:87:42:4A:DC:96:F0:D9:59:6E
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       FC05
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/503B1EA6CCEC11EFAD0045AD762E951A.roa
Signing time:             Tue 07 Jan 2025 11:41:20 +0000
ROA not before:           Tue 07 Jan 2025 11:41:16 +0000
ROA not after:            Mon 13 Dec 2027 11:41:16 +0000
asID:                     17561
IP address blocks:        156.236.24.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64517 (0xfc05)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  7 11:41:16 2025 GMT
            Not After : Dec 13 11:41:16 2027 GMT
        Subject: CN=677d12e0-37eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d2:55:ee:96:3c:1c:ec:2e:db:6b:41:e1:a4:
                    67:a1:28:4b:cb:70:ed:19:c9:ea:dc:f9:e3:0f:eb:
                    28:3b:13:2f:72:67:15:77:7d:81:10:35:c6:80:ab:
                    9d:9d:a7:dd:11:d3:59:61:98:83:16:2d:0f:29:3b:
                    46:e6:f7:c1:41:92:ae:8e:64:6a:62:7b:f6:2d:2d:
                    a2:64:0f:91:9d:d8:44:4c:3e:98:21:8f:45:5c:e1:
                    bc:8c:4a:d0:2b:23:44:0e:8e:8d:d4:4b:e0:47:97:
                    9c:f3:b3:27:d3:4f:95:ca:79:d8:d8:41:fc:3f:39:
                    42:33:ce:1e:c1:36:39:93:03:d2:53:16:86:23:75:
                    7d:a5:3a:20:3b:8f:b4:a2:71:b0:05:1c:19:24:9a:
                    d2:5d:bb:4b:6d:80:4b:ed:14:a6:94:8b:6b:10:da:
                    70:10:22:ad:cf:d3:0d:db:6f:a6:84:dc:7c:1b:08:
                    a9:7c:ff:7e:f9:b1:54:49:ab:80:a3:82:c5:8c:b7:
                    94:be:ef:0c:7b:6f:f2:f8:31:b5:6f:11:ca:d8:d2:
                    a5:a2:81:e4:c0:d3:ba:f5:9d:23:56:5f:0b:5d:7e:
                    40:ca:58:f2:d7:8c:a4:8f:a2:ab:62:11:8c:be:23:
                    27:2f:fc:e3:83:c2:9d:35:73:10:5a:de:78:20:8d:
                    43:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:25:D4:E7:CE:3C:8E:01:A3:5C:7E:87:42:4A:DC:96:F0:D9:59:6E
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/503B1EA6CCEC11EFAD0045AD762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.236.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:52:22:69:cf:10:42:27:61:89:ec:05:64:f0:14:07:76:67:
         43:fa:aa:0d:20:8c:c8:ad:06:46:9f:b0:63:a4:79:11:90:08:
         77:7a:07:90:1b:7c:92:cb:a9:af:3d:8f:3b:44:92:0e:b3:cd:
         33:81:0d:f5:7e:fa:6c:d9:4f:e7:9a:5b:bb:00:b3:15:d1:b5:
         df:1c:b4:57:fa:46:1d:e4:c5:19:c9:4f:95:24:14:e3:30:cc:
         13:c5:44:d6:d5:8b:27:de:79:1d:e1:d8:d6:23:f5:5e:d2:f8:
         9b:b0:87:d9:11:5f:32:ee:b7:2a:2a:ce:77:fb:e9:b7:1e:85:
         87:db:ef:5c:0e:d3:df:82:fb:81:bf:0e:f2:4f:60:59:a1:e0:
         4e:d1:ba:b1:78:32:8d:8d:bf:9a:7b:4c:0a:7a:52:c3:c6:f6:
         c7:2f:10:fb:a2:32:86:a1:3e:cd:72:61:13:51:44:4f:26:58:
         95:42:44:95:4d:04:b4:5f:9d:16:f8:ea:a8:10:8f:79:db:6f:
         83:17:5c:4d:ee:f6:d0:a7:98:d7:da:6a:79:73:f9:2c:78:b9:
         a3:49:93:f5:5d:38:3d:95:84:1a:a4:21:36:6b:56:5f:e7:f9:
         b2:52:5f:c4:52:a8:22:a5:35:a2:13:e6:3b:1e:77:25:8b:a3:
         d6:9c:95:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPwFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTE0MTE2WhcNMjcxMjEzMTE0MTE2WjAYMRYw
FAYDVQQDEw02NzdkMTJlMC0zN2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwdJV7pY8HOwu22tB4aRnoShLy3DtGcnq3PnjD+soOxMvcmcVd32BEDXG
gKudnafdEdNZYZiDFi0PKTtG5vfBQZKujmRqYnv2LS2iZA+RndhETD6YIY9FXOG8
jErQKyNEDo6N1EvgR5ec87Mn00+VynnY2EH8PzlCM84ewTY5kwPSUxaGI3V9pTog
O4+0onGwBRwZJJrSXbtLbYBL7RSmlItrENpwECKtz9MN22+mhNx8GwipfP9++bFU
SauAo4LFjLeUvu8Me2/y+DG1bxHK2NKlooHkwNO69Z0jVl8LXX5Ayljy14ykj6Kr
YhGMviMnL/zjg8KdNXMQWt54II1DwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN0l
1OfOPI4Bo1x+h0JK3Jbw2VluMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MDNCMUVBNkNDRUMxMUVGQUQwMDQ1QUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwYMA0GCSqGSIb3DQEBCwUA
A4IBAQCeUiJpzxBCJ2GJ7AVk8BQHdmdD+qoNIIzIrQZGn7BjpHkRkAh3egeQG3yS
y6mvPY87RJIOs80zgQ31fvps2U/nmlu7ALMV0bXfHLRX+kYd5MUZyU+VJBTjMMwT
xUTW1Ysn3nkd4djWI/Ve0vibsIfZEV8y7rcqKs53++m3HoWH2+9cDtPfgvuBvw7y
T2BZoeBO0bqxeDKNjb+ae0wKelLDxvbHLxD7ojKGoT7NcmETUURPJliVQkSVTQS0
X50W+OqoEI9522+DF1xN7vbQp5jX2mp5c/kseLmjSZP1XTg9lYQapCE2a1Zf5/my
Ul/EUqgipTWiE+Y7Hncli6PWnJW6
-----END CERTIFICATE-----