Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/739A5BF2CD6711EF8E897342762E951A.roa
File:                     739A5BF2CD6711EF8E897342762E951A.roa (raw, json)
Hash identifier:          dCWHwJRrQyZEUItN66bAs1ZQFbGytrcp4aYjL6yxMXE=
Subject key identifier:   68:AD:60:0E:A1:FB:55:46:E7:0A:E3:CD:90:0E:92:2F:D4:02:34:6C
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       FF4D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/739A5BF2CD6711EF8E897342762E951A.roa
Signing time:             Wed 08 Jan 2025 02:22:48 +0000
ROA not before:           Wed 08 Jan 2025 02:22:44 +0000
ROA not after:            Sat 13 Dec 2025 02:22:44 +0000
asID:                     984
IP address blocks:        156.247.113.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65357 (0xff4d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  8 02:22:44 2025 GMT
            Not After : Dec 13 02:22:44 2025 GMT
        Subject: CN=677de178-8165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ec:4c:7f:0f:ad:71:35:12:8c:f8:5f:34:81:
                    73:10:3a:a4:8e:11:ca:8f:b8:02:1b:96:ab:ec:e6:
                    b1:df:85:88:c4:a4:24:7d:1f:e8:b7:e4:17:ff:da:
                    95:68:ca:ca:db:65:70:f3:f0:55:bf:25:17:9d:e7:
                    9d:27:9a:aa:42:6b:52:54:fb:56:7e:88:d2:91:8a:
                    dc:69:6b:0a:3d:95:fb:b7:cd:a2:68:6a:fa:da:d3:
                    e4:90:5e:20:38:09:cb:6f:55:47:64:1c:ee:eb:50:
                    bb:fa:04:18:59:aa:a0:6f:21:73:5c:64:24:49:2d:
                    bd:1b:69:a5:b8:7c:3e:2b:b1:d2:29:97:72:b7:c7:
                    d3:56:12:e9:f0:99:b2:a0:ba:78:a8:ae:b9:82:4c:
                    08:46:1f:33:b4:40:db:ce:ef:73:eb:30:72:6d:87:
                    ca:5c:d9:1f:ed:57:6a:ca:3c:51:fd:bb:82:44:a5:
                    f2:03:53:48:49:3f:af:a0:60:cd:db:ee:de:86:f4:
                    cc:2c:ca:30:a8:91:74:f0:15:ec:df:86:24:75:0c:
                    20:9f:38:dd:e3:06:a2:e4:84:e0:f3:2a:99:a5:52:
                    a4:e8:c5:a4:dd:71:f4:7c:82:05:5b:48:14:80:99:
                    f1:78:97:8b:44:e7:b8:3c:43:b8:6b:b3:af:02:23:
                    50:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:AD:60:0E:A1:FB:55:46:E7:0A:E3:CD:90:0E:92:2F:D4:02:34:6C
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/739A5BF2CD6711EF8E897342762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.247.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:ff:08:84:27:09:be:7b:66:53:3b:ff:29:7a:bf:90:91:f7:
         cc:77:e9:d1:c3:6c:21:21:8a:d9:91:39:49:f9:26:75:d8:08:
         aa:80:51:06:7f:b5:7b:14:66:4d:f5:f7:5e:73:7d:fc:31:1b:
         f1:2e:2b:ac:bd:85:9e:76:ef:84:d3:c9:8e:4c:fb:7c:e8:5c:
         ef:70:dd:46:fb:95:01:4d:1a:f8:0e:d0:c0:82:96:ab:51:73:
         fa:54:b8:dc:1f:1c:d8:82:c2:73:d6:f6:93:25:88:eb:02:de:
         4e:4e:c4:83:43:b0:69:4e:b1:86:fa:55:fb:d1:93:44:71:70:
         d5:a6:22:f6:7b:06:2c:e9:8c:ce:43:25:6b:f6:bd:1a:b3:74:
         7d:84:78:b6:56:ed:1b:34:ae:a9:ee:7e:30:d3:5d:d4:3c:8e:
         a1:9f:f9:a8:a1:eb:5c:da:fc:e2:dc:7e:01:cf:b7:4e:06:43:
         30:38:dc:c7:cc:a3:d5:09:d8:98:85:77:95:d8:30:57:3e:62:
         4b:90:e3:b0:a8:23:01:1f:13:90:78:a0:cb:13:bb:70:af:d8:
         c7:ae:ac:ba:17:26:1e:7a:53:7a:d5:63:8d:be:69:52:7d:c4:
         cf:06:ed:44:45:9c:e7:b7:9d:75:c2:d6:48:6d:37:a7:fa:ce:
         6f:21:d3:bf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP9NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDIyMjQ0WhcNMjUxMjEzMDIyMjQ0WjAYMRYw
FAYDVQQDEw02NzdkZTE3OC04MTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApuxMfw+tcTUSjPhfNIFzEDqkjhHKj7gCG5ar7Oax34WIxKQkfR/ot+QX
/9qVaMrK22Vw8/BVvyUXneedJ5qqQmtSVPtWfojSkYrcaWsKPZX7t82iaGr62tPk
kF4gOAnLb1VHZBzu61C7+gQYWaqgbyFzXGQkSS29G2mluHw+K7HSKZdyt8fTVhLp
8JmyoLp4qK65gkwIRh8ztEDbzu9z6zBybYfKXNkf7VdqyjxR/buCRKXyA1NIST+v
oGDN2+7ehvTMLMowqJF08BXs34YkdQwgnzjd4wai5ITg8yqZpVKk6MWk3XH0fIIF
W0gUgJnxeJeLROe4PEO4a7OvAiNQxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGit
YA6h+1VG5wrjzZAOki/UAjRsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MzlBNUJGMkNENjcxMUVGOEU4OTczNDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdxMA0GCSqGSIb3DQEBCwUA
A4IBAQAZ/wiEJwm+e2ZTO/8per+QkffMd+nRw2whIYrZkTlJ+SZ12AiqgFEGf7V7
FGZN9fdec338MRvxLiusvYWedu+E08mOTPt86FzvcN1G+5UBTRr4DtDAgparUXP6
VLjcHxzYgsJz1vaTJYjrAt5OTsSDQ7BpTrGG+lX70ZNEcXDVpiL2ewYs6YzOQyVr
9r0as3R9hHi2Vu0bNK6p7n4w013UPI6hn/mooetc2vzi3H4Bz7dOBkMwONzHzKPV
CdiYhXeV2DBXPmJLkOOwqCMBHxOQeKDLE7twr9jHrqy6FyYeelN61WONvmlSfcTP
Bu1ERZznt511wtZIbTen+s5vIdO/
-----END CERTIFICATE-----