Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8567261ED2F111EF8A781F6C762E951A.roa
File:                     8567261ED2F111EF8A781F6C762E951A.roa (raw, json)
Hash identifier:          6u/Nzd24bdgUJXxWAK4u/dsNDKm80oL3T1NczWIXMIY=
Subject key identifier:   54:83:6B:05:6E:55:C3:45:DE:D0:FB:9B:5D:12:00:3C:1E:F2:1D:8A
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       010783
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8567261ED2F111EF8A781F6C762E951A.roa
Signing time:             Wed 15 Jan 2025 03:33:44 +0000
ROA not before:           Wed 15 Jan 2025 03:33:40 +0000
ROA not after:            Sat 03 Jan 2026 03:33:40 +0000
asID:                     984
IP address blocks:        156.243.101.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67459 (0x10783)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan 15 03:33:40 2025 GMT
            Not After : Jan  3 03:33:40 2026 GMT
        Subject: CN=67872c98-02fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:17:32:ff:0c:ae:04:68:c0:39:03:f3:da:ac:
                    35:c6:12:01:86:9c:db:48:d2:7f:7b:e0:dc:5b:1d:
                    ee:28:58:13:2e:be:66:62:20:d8:53:74:de:0b:4e:
                    02:ea:28:32:2c:4b:40:69:37:79:20:a3:0c:1e:ac:
                    8c:2d:34:4a:56:ef:7e:2c:06:52:be:be:e1:52:bb:
                    31:a0:c9:e9:ae:1a:e5:0b:a1:72:e0:02:0e:52:7c:
                    78:5a:96:1e:1a:38:0b:ee:90:20:aa:13:d1:78:1e:
                    d3:15:14:40:1c:26:4d:79:d1:89:24:97:e8:a0:99:
                    38:8c:d0:39:86:da:f9:f6:fa:1f:e3:fc:7c:ac:fe:
                    07:0e:4c:51:19:63:c8:df:86:6f:5d:52:bf:c4:9f:
                    6f:13:c8:3a:14:bc:7d:1a:b4:9d:91:94:26:b1:c8:
                    f7:60:3e:fb:2b:ca:08:cb:9c:e4:2c:48:4d:37:8d:
                    f2:af:53:20:ae:05:f3:c9:75:e6:08:8f:b1:6f:ca:
                    f3:89:bd:62:94:4e:e3:15:b8:60:3a:63:31:53:f6:
                    c0:9a:22:ae:16:70:0b:5b:d6:1b:61:96:d1:52:18:
                    15:3a:ee:cf:9c:c9:b8:10:c1:63:07:56:9e:9f:5e:
                    63:45:67:0e:b3:52:8f:3d:74:25:02:54:db:ab:b0:
                    e3:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:83:6B:05:6E:55:C3:45:DE:D0:FB:9B:5D:12:00:3C:1E:F2:1D:8A
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8567261ED2F111EF8A781F6C762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.243.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:64:30:08:93:d3:e8:67:17:79:2a:86:26:ac:ba:e0:47:93:
         a6:21:65:71:4f:dc:d2:9b:f9:38:18:f3:c4:fc:40:1e:f7:4b:
         fa:1a:c6:db:b2:1f:09:90:0e:af:f3:f3:7b:7d:cc:19:90:60:
         1a:2b:47:22:e9:37:a5:ad:b7:41:37:92:f9:68:a3:e4:55:38:
         90:64:05:7c:be:14:be:bb:88:5f:07:cf:b4:28:47:76:68:a3:
         55:b1:17:74:cd:d8:c1:c2:a7:83:6a:d3:80:f7:a4:41:73:05:
         75:08:0a:97:ec:4e:a6:0a:2d:bd:5f:2d:7d:bf:a2:5a:dc:a4:
         4d:b7:aa:8f:ef:1b:a6:33:7e:2c:6e:b7:5d:e6:9f:a4:71:04:
         a1:21:53:4e:f8:b0:79:c4:25:95:ec:60:4e:c8:e2:8a:c0:ae:
         5e:82:c3:c9:98:4e:0e:72:9a:7f:29:78:48:7a:17:21:b0:18:
         c4:2b:d3:f5:1e:8c:60:b0:4b:1a:76:a6:1b:9e:88:22:40:c9:
         b1:28:0c:cb:51:ca:ab:32:c4:81:fe:bd:08:7a:98:b6:5c:db:
         01:73:88:ac:f7:fa:39:6a:d8:67:fb:79:10:5d:6a:ce:73:8c:
         37:55:3a:bb:52:dc:d6:1e:6a:df:ed:28:ce:2a:7a:f1:f4:da:
         98:a9:88:a0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQeDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDMzMzQwWhcNMjYwMTAzMDMzMzQwWjAYMRYw
FAYDVQQDEw02Nzg3MmM5OC0wMmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8Rcy/wyuBGjAOQPz2qw1xhIBhpzbSNJ/e+DcWx3uKFgTLr5mYiDYU3Te
C04C6igyLEtAaTd5IKMMHqyMLTRKVu9+LAZSvr7hUrsxoMnprhrlC6Fy4AIOUnx4
WpYeGjgL7pAgqhPReB7TFRRAHCZNedGJJJfooJk4jNA5htr59vof4/x8rP4HDkxR
GWPI34ZvXVK/xJ9vE8g6FLx9GrSdkZQmscj3YD77K8oIy5zkLEhNN43yr1MgrgXz
yXXmCI+xb8rzib1ilE7jFbhgOmMxU/bAmiKuFnALW9YbYZbRUhgVOu7PnMm4EMFj
B1aen15jRWcOs1KPPXQlAlTbq7DjFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFSD
awVuVcNF3tD7m10SADwe8h2KMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NTY3MjYxRUQyRjExMUVGOEE3ODFGNkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNlMA0GCSqGSIb3DQEBCwUA
A4IBAQCvZDAIk9PoZxd5KoYmrLrgR5OmIWVxT9zSm/k4GPPE/EAe90v6Gsbbsh8J
kA6v8/N7fcwZkGAaK0ci6TelrbdBN5L5aKPkVTiQZAV8vhS+u4hfB8+0KEd2aKNV
sRd0zdjBwqeDatOA96RBcwV1CAqX7E6mCi29Xy19v6Ja3KRNt6qP7xumM34sbrdd
5p+kcQShIVNO+LB5xCWV7GBOyOKKwK5egsPJmE4Ocpp/KXhIehchsBjEK9P1Hoxg
sEsadqYbnogiQMmxKAzLUcqrMsSB/r0Iepi2XNsBc4is9/o5athn+3kQXWrOc4w3
VTq7UtzWHmrf7SjOKnrx9NqYqYig
-----END CERTIFICATE-----