Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E80A904CD7211EFB493D590762E951A.roa
File:                     6E80A904CD7211EFB493D590762E951A.roa (raw, json)
Hash identifier:          THKUvst7giOwIaD6xaS6rRXU1XNU1f6XjWMd8eNidbw=
Subject key identifier:   4B:1D:73:A8:9F:80:A5:38:36:96:61:E0:B1:52:A2:C5:B1:B6:B7:A6
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       FF95
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E80A904CD7211EFB493D590762E951A.roa
Signing time:             Wed 08 Jan 2025 03:41:24 +0000
ROA not before:           Wed 08 Jan 2025 03:41:20 +0000
ROA not after:            Mon 13 Dec 2027 03:41:20 +0000
asID:                     17561
IP address blocks:        156.248.68.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65429 (0xff95)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  8 03:41:20 2025 GMT
            Not After : Dec 13 03:41:20 2027 GMT
        Subject: CN=677df3e3-aace
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:66:13:02:5f:0b:e9:b9:4e:03:bc:bd:86:41:
                    63:67:1b:8c:8b:ca:f6:f2:0e:65:61:58:6c:b0:77:
                    da:bd:a7:7c:52:86:76:6f:a2:ea:e1:b0:b0:e4:48:
                    8f:67:d7:f5:6d:54:c4:79:23:4c:05:96:08:b4:6d:
                    79:75:4b:40:fc:ec:49:58:55:92:63:36:b4:e7:9d:
                    e7:fe:62:81:16:33:7d:52:9e:78:1e:72:a4:ba:90:
                    64:24:0d:41:8a:df:cb:f9:cf:a4:78:e8:90:ff:98:
                    ef:3b:54:1a:4f:a1:83:94:8d:d3:32:ce:39:4b:52:
                    74:ba:c6:51:64:3d:16:b3:a4:7c:db:b6:fb:1c:4f:
                    1c:38:ec:2b:a8:88:46:f6:6f:c2:80:e9:a9:0b:79:
                    4a:3d:c9:5a:75:0c:26:ea:18:3f:ae:84:a0:5e:79:
                    8a:2d:c3:0f:bb:e2:e9:25:83:4f:30:6c:c2:6e:97:
                    e7:13:0f:c0:38:fe:8a:2d:7c:01:21:99:d4:9f:81:
                    68:2c:92:73:c4:b7:4c:aa:dd:09:a5:22:8d:08:06:
                    ad:3c:01:1d:37:5c:f3:17:e0:e0:e1:d9:6f:0e:fb:
                    8b:d8:97:f1:a7:de:6b:84:15:a1:a2:42:53:e5:12:
                    3b:37:ad:80:e6:a3:4e:86:ab:b8:2b:67:21:31:e7:
                    9c:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:1D:73:A8:9F:80:A5:38:36:96:61:E0:B1:52:A2:C5:B1:B6:B7:A6
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E80A904CD7211EFB493D590762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.248.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:56:df:c3:f1:eb:f2:2b:29:6e:17:f2:83:b0:db:04:3a:4c:
         bb:a4:da:72:6c:f1:41:47:34:71:90:c5:b7:30:ba:12:9c:37:
         4a:38:7a:b7:da:ed:77:2d:56:b3:3e:ba:a1:65:06:18:52:02:
         d4:65:b9:8c:26:7e:43:9b:ad:2a:63:99:c9:95:32:e4:f6:cc:
         fd:50:21:15:86:29:8c:b6:ec:20:bf:72:3d:60:f0:96:12:61:
         07:a9:a0:ea:ad:9c:ab:7b:37:5d:39:04:cc:14:2d:c0:7c:dc:
         7f:8b:c9:87:ab:23:c8:11:52:9b:ff:ef:b4:67:d2:c9:ca:29:
         9e:af:73:eb:aa:e2:1a:4f:75:f7:61:7e:53:d3:80:64:e6:3e:
         c4:61:05:3e:e6:28:43:2e:8f:2b:bf:28:26:a8:d5:3b:f4:22:
         33:12:cc:c5:ae:dc:60:dd:b5:ca:d3:f0:60:81:4f:0d:3d:8f:
         9a:05:fc:0a:8a:a5:00:51:8a:3e:6c:ac:c6:cb:10:aa:71:77:
         39:5d:cb:61:29:16:53:d7:a4:90:be:44:5c:f0:9d:58:a4:7b:
         ec:8e:35:5c:01:93:b4:7a:b2:20:90:14:fa:0d:60:ba:d7:00:
         f4:e9:7e:8a:35:09:8b:4a:45:d2:11:b5:f3:f5:2c:84:1c:f3:
         3c:8e:c5:13
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP+VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDM0MTIwWhcNMjcxMjEzMDM0MTIwWjAYMRYw
FAYDVQQDEw02NzdkZjNlMy1hYWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvGYTAl8L6blOA7y9hkFjZxuMi8r28g5lYVhssHfavad8UoZ2b6Lq4bCw
5EiPZ9f1bVTEeSNMBZYItG15dUtA/OxJWFWSYza0553n/mKBFjN9Up54HnKkupBk
JA1Bit/L+c+keOiQ/5jvO1QaT6GDlI3TMs45S1J0usZRZD0Ws6R827b7HE8cOOwr
qIhG9m/CgOmpC3lKPcladQwm6hg/roSgXnmKLcMPu+LpJYNPMGzCbpfnEw/AOP6K
LXwBIZnUn4FoLJJzxLdMqt0JpSKNCAatPAEdN1zzF+Dg4dlvDvuL2Jfxp95rhBWh
okJT5RI7N62A5qNOhqu4K2chMeecBwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEsd
c6ifgKU4NpZh4LFSosWxtremMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RTgwQTkwNENENzIxMUVGQjQ5M0Q1OTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhEMA0GCSqGSIb3DQEBCwUA
A4IBAQCrVt/D8evyKyluF/KDsNsEOky7pNpybPFBRzRxkMW3MLoSnDdKOHq32u13
LVazPrqhZQYYUgLUZbmMJn5Dm60qY5nJlTLk9sz9UCEVhimMtuwgv3I9YPCWEmEH
qaDqrZyrezddOQTMFC3AfNx/i8mHqyPIEVKb/++0Z9LJyimer3PrquIaT3X3YX5T
04Bk5j7EYQU+5ihDLo8rvygmqNU79CIzEszFrtxg3bXK0/BggU8NPY+aBfwKiqUA
UYo+bKzGyxCqcXc5XcthKRZT16SQvkRc8J1YpHvsjjVcAZO0erIgkBT6DWC61wD0
6X6KNQmLSkXSEbXz9SyEHPM8jsUT
-----END CERTIFICATE-----