Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/634BDB82CDA711EF8270F85E762E951A.roa
File:                     634BDB82CDA711EF8270F85E762E951A.roa (raw, json)
Hash identifier:          6LhE8z3PhCE9+n6GogbbsEeGAPU4teDuFN8fkMy21s0=
Subject key identifier:   D6:A7:49:BF:BA:12:E0:EF:7A:FC:89:FE:70:35:7A:A8:B2:77:54:E0
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       010133
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/634BDB82CDA711EF8270F85E762E951A.roa
Signing time:             Wed 08 Jan 2025 10:00:28 +0000
ROA not before:           Wed 08 Jan 2025 10:00:24 +0000
ROA not after:            Mon 13 Dec 2027 10:00:24 +0000
asID:                     17561
IP address blocks:        156.255.12.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65843 (0x10133)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  8 10:00:24 2025 GMT
            Not After : Dec 13 10:00:24 2027 GMT
        Subject: CN=677e4cbc-2651
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cc:2a:11:1d:0e:b1:75:52:f4:83:9a:a5:1d:
                    04:8b:87:41:54:70:5e:ed:90:7c:45:64:ec:3b:85:
                    23:3c:ae:3a:c5:d3:81:37:36:fe:b9:fd:f3:fc:6f:
                    6f:d4:54:f0:25:8a:b6:8a:79:b3:b8:a2:c5:59:a9:
                    01:6c:ee:41:d6:6e:dc:89:4b:c8:ed:48:0c:22:db:
                    59:46:c8:af:fb:33:2a:b1:f3:ef:7a:b4:84:e6:19:
                    0b:4a:e4:45:5a:a1:2c:bd:8b:93:76:4c:df:c6:e2:
                    fb:36:7d:3f:c1:3d:3c:01:3a:81:c4:88:6c:bb:5f:
                    5d:76:9b:4d:e4:21:1b:2b:e5:93:b7:5a:d4:0c:38:
                    be:85:18:8c:3e:59:18:a0:41:fd:4e:c3:27:99:15:
                    f7:4e:80:eb:f2:f4:be:e0:5b:ac:a0:4b:ab:2c:7e:
                    35:27:fc:1a:6b:1b:78:f1:ec:69:72:31:13:f0:25:
                    28:0f:f7:d1:53:43:40:60:68:77:83:7d:b6:e4:6d:
                    03:58:86:72:46:21:9e:71:2d:a4:47:1d:1e:db:df:
                    9a:8e:83:46:a2:5f:73:65:41:27:b2:bc:0a:af:88:
                    4f:ac:4f:d3:71:17:ed:08:05:3f:88:6f:14:09:84:
                    ad:ce:71:8b:52:56:8a:85:89:4b:83:dd:a2:70:f4:
                    05:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:A7:49:BF:BA:12:E0:EF:7A:FC:89:FE:70:35:7A:A8:B2:77:54:E0
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/634BDB82CDA711EF8270F85E762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.255.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:c2:04:2e:df:ac:51:f4:85:2c:d6:b0:9e:52:24:27:ae:c9:
         7e:73:a1:15:76:03:39:c2:e9:59:ac:96:f3:98:f1:dc:9a:0f:
         84:cf:fa:52:ff:b8:d5:4d:d6:bd:b2:43:07:26:6f:39:0c:ae:
         4f:d1:b7:89:7d:70:26:12:aa:56:bf:0f:f9:48:29:2d:ed:f0:
         52:35:c2:22:87:c0:d2:11:b0:3c:56:e1:ea:fd:f2:4c:ac:9c:
         99:af:53:4d:37:bc:e4:97:15:d8:2f:59:ce:71:8a:7b:3a:61:
         d7:24:0e:23:e0:70:8c:5f:16:9f:ef:02:5b:4b:9a:c5:e7:82:
         f7:a1:f0:8b:7b:1e:29:a8:f2:4e:dd:b3:b8:4c:17:e0:d4:11:
         4d:fb:ff:57:d9:da:e7:6e:52:4f:68:d0:8c:88:4a:43:14:64:
         c7:d7:8e:24:81:0e:43:c3:52:8d:6f:70:45:90:be:a2:cd:07:
         c3:ff:fc:eb:bd:c6:09:37:48:19:6b:b9:f5:e9:57:16:25:a1:
         a0:c6:bc:1b:0f:ee:e9:2d:75:ab:7c:51:d0:3b:ca:fa:ec:55:
         20:a2:65:cd:7b:f6:9a:fc:03:3a:87:89:31:9a:bd:58:05:9c:
         27:fa:fc:e9:bc:c1:cb:e0:5f:41:2f:94:23:9c:da:16:7d:d2:
         2a:dd:68:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQEzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTAwMDI0WhcNMjcxMjEzMTAwMDI0WjAYMRYw
FAYDVQQDEw02NzdlNGNiYy0yNjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtswqER0OsXVS9IOapR0Ei4dBVHBe7ZB8RWTsO4UjPK46xdOBNzb+uf3z
/G9v1FTwJYq2inmzuKLFWakBbO5B1m7ciUvI7UgMIttZRsiv+zMqsfPverSE5hkL
SuRFWqEsvYuTdkzfxuL7Nn0/wT08ATqBxIhsu19ddptN5CEbK+WTt1rUDDi+hRiM
PlkYoEH9TsMnmRX3ToDr8vS+4FusoEurLH41J/waaxt48expcjET8CUoD/fRU0NA
YGh3g3225G0DWIZyRiGecS2kRx0e29+ajoNGol9zZUEnsrwKr4hPrE/TcRftCAU/
iG8UCYStznGLUlaKhYlLg92icPQF/QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNan
Sb+6EuDvevyJ/nA1eqiyd1TgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MzRCREI4MkNEQTcxMUVGODI3MEY4NUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8MMA0GCSqGSIb3DQEBCwUA
A4IBAQBawgQu36xR9IUs1rCeUiQnrsl+c6EVdgM5wulZrJbzmPHcmg+Ez/pS/7jV
Tda9skMHJm85DK5P0beJfXAmEqpWvw/5SCkt7fBSNcIih8DSEbA8VuHq/fJMrJyZ
r1NNN7zklxXYL1nOcYp7OmHXJA4j4HCMXxaf7wJbS5rF54L3ofCLex4pqPJO3bO4
TBfg1BFN+/9X2drnblJPaNCMiEpDFGTH144kgQ5Dw1KNb3BFkL6izQfD//zrvcYJ
N0gZa7n16VcWJaGgxrwbD+7pLXWrfFHQO8r67FUgomXNe/aa/AM6h4kxmr1YBZwn
+vzpvMHL4F9BL5QjnNoWfdIq3Wja
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:19 2025 by rpki-client