Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A657A0AC96F11EF8143E97A762E951A.roa
File:                     5A657A0AC96F11EF8143E97A762E951A.roa (raw, json)
Hash identifier:          2j3UxHvJRnGcJ+usRrG/612mxuVfL8Wt11vRw+B9nKE=
Subject key identifier:   14:2F:D9:7A:C3:75:54:AF:08:ED:D1:EA:DB:50:C3:3F:1F:81:61:BE
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       F4A5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A657A0AC96F11EF8143E97A762E951A.roa
Signing time:             Fri 03 Jan 2025 01:09:17 +0000
ROA not before:           Fri 03 Jan 2025 01:09:13 +0000
ROA not after:            Mon 13 Dec 2027 01:09:13 +0000
asID:                     17561
IP address blocks:        156.227.68.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62629 (0xf4a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  3 01:09:13 2025 GMT
            Not After : Dec 13 01:09:13 2027 GMT
        Subject: CN=677738bd-5e0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:03:f4:20:aa:db:05:98:10:25:5d:ab:1c:85:
                    7a:9e:0e:c2:fb:15:ea:6b:f0:e3:86:09:08:4f:52:
                    c5:b7:b8:41:27:af:e4:3b:b2:67:cd:79:db:aa:ae:
                    fe:79:c3:82:10:3b:63:08:21:ff:67:eb:57:c7:13:
                    70:2b:0a:47:80:36:5f:72:c3:6f:4f:89:3d:d0:39:
                    3c:14:7b:6b:59:71:31:bf:45:a1:eb:97:10:69:2f:
                    6a:cd:b9:6c:39:e7:eb:1c:6a:cc:ea:21:30:c4:04:
                    d3:3d:13:f0:ee:52:80:ef:83:9c:15:4c:97:4d:79:
                    04:34:0b:57:52:96:33:2a:a1:26:21:2d:1f:3f:98:
                    c3:59:75:67:02:0e:97:fe:3f:7e:e5:4d:03:aa:eb:
                    77:ea:53:6c:1b:5a:9f:ff:18:7c:ec:5e:a2:7b:29:
                    c1:73:fd:57:d1:3a:d3:ed:13:45:43:71:5c:01:43:
                    89:8a:3c:90:d9:d9:2c:b2:3b:f7:68:40:7b:8b:ab:
                    b7:44:ad:04:ec:8e:71:bc:34:2e:44:1d:2b:d7:62:
                    14:aa:d4:65:a9:af:3b:3c:ec:95:66:a3:49:bd:97:
                    11:bf:70:95:66:61:9c:1f:b8:35:e8:5e:55:b5:d6:
                    3c:94:30:9f:43:25:2c:2b:97:ad:9a:1f:5c:17:2a:
                    92:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:2F:D9:7A:C3:75:54:AF:08:ED:D1:EA:DB:50:C3:3F:1F:81:61:BE
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A657A0AC96F11EF8143E97A762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.227.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:7b:1f:dc:b5:48:b4:b2:58:90:bd:d3:8f:6e:07:0b:40:0d:
         ad:83:e9:ca:3c:7f:0f:b6:bd:14:28:e9:44:2d:ca:e6:d5:ab:
         60:ec:95:b5:66:1f:b9:d0:9b:52:f7:b2:e4:0c:df:de:17:91:
         1f:5c:41:6e:88:f2:6f:fe:b8:77:f1:80:e9:b4:48:17:1a:c8:
         d8:9a:23:54:3c:9f:db:e0:f9:0f:e7:28:cf:c7:eb:3c:d1:de:
         b7:f9:b9:1e:c0:6b:02:47:78:a5:00:39:a8:ec:d6:08:d1:91:
         5a:82:f3:ce:48:eb:b3:41:4f:fc:20:e8:44:49:45:ab:7b:28:
         89:ba:f4:bc:10:5a:6b:29:78:e6:d3:e7:ba:f4:a2:ed:79:69:
         bd:e5:e5:38:b0:d9:94:af:0f:67:97:94:f1:96:16:51:8e:7a:
         a7:69:6f:3b:0d:f9:68:6e:40:b5:4e:6a:d0:11:a4:9e:04:4c:
         85:90:c9:d1:c0:76:f5:2c:93:2b:c1:af:2f:74:c1:4d:81:30:
         e9:68:3e:96:fa:48:5b:d7:e9:74:96:ef:36:3b:77:89:d3:7e:
         e4:06:f3:e4:0d:1b:50:b2:4a:79:0e:72:ab:94:2f:ff:5b:7b:
         d4:03:2f:06:51:3e:7b:ca:77:80:06:2c:15:d4:ff:9f:c7:4f:
         d8:43:bc:82
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPSlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDEwOTEzWhcNMjcxMjEzMDEwOTEzWjAYMRYw
FAYDVQQDEw02Nzc3MzhiZC01ZTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAngP0IKrbBZgQJV2rHIV6ng7C+xXqa/DjhgkIT1LFt7hBJ6/kO7JnzXnb
qq7+ecOCEDtjCCH/Z+tXxxNwKwpHgDZfcsNvT4k90Dk8FHtrWXExv0Wh65cQaS9q
zblsOefrHGrM6iEwxATTPRPw7lKA74OcFUyXTXkENAtXUpYzKqEmIS0fP5jDWXVn
Ag6X/j9+5U0Dqut36lNsG1qf/xh87F6ieynBc/1X0TrT7RNFQ3FcAUOJijyQ2dks
sjv3aEB7i6u3RK0E7I5xvDQuRB0r12IUqtRlqa87POyVZqNJvZcRv3CVZmGcH7g1
6F5VtdY8lDCfQyUsK5etmh9cFyqSIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBQv
2XrDdVSvCO3R6ttQwz8fgWG+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QTY1N0EwQUM5NkYxMUVGODE0M0U5N0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONEMA0GCSqGSIb3DQEBCwUA
A4IBAQAdex/ctUi0sliQvdOPbgcLQA2tg+nKPH8Ptr0UKOlELcrm1atg7JW1Zh+5
0JtS97LkDN/eF5EfXEFuiPJv/rh38YDptEgXGsjYmiNUPJ/b4PkP5yjPx+s80d63
+bkewGsCR3ilADmo7NYI0ZFagvPOSOuzQU/8IOhESUWreyiJuvS8EFprKXjm0+e6
9KLteWm95eU4sNmUrw9nl5TxlhZRjnqnaW87DflobkC1TmrQEaSeBEyFkMnRwHb1
LJMrwa8vdMFNgTDpaD6W+khb1+l0lu82O3eJ037kBvPkDRtQskp5DnKrlC//W3vU
Ay8GUT57yneABiwV1P+fx0/YQ7yC
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:19 2025 by rpki-client