Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EC97D6603F611F08EF4B75C762E951A.roa
File:                     8EC97D6603F611F08EF4B75C762E951A.roa (raw, json)
Hash identifier:          p6YGa9M5YxPMaws0dUA/6aKP73FlOSFf02kGvKkpKZk=
Subject key identifier:   59:B4:F9:0C:81:0D:1A:BA:7E:57:FC:A1:60:7A:AE:41:E7:40:DC:AE
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       0146BF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EC97D6603F611F08EF4B75C762E951A.roa
Signing time:             Tue 18 Mar 2025 12:43:14 +0000
ROA not before:           Tue 18 Mar 2025 12:43:10 +0000
ROA not after:            Sun 27 Apr 2025 12:43:10 +0000
asID:                     48031
IP address blocks:        156.246.128.0/24 maxlen: 24
                          156.246.130.0/24 maxlen: 24
                          156.246.131.0/24 maxlen: 24
                          156.246.133.0/24 maxlen: 24
                          156.246.134.0/24 maxlen: 24
                          156.246.142.0/24 maxlen: 24
                          156.246.143.0/24 maxlen: 24
                          156.246.144.0/24 maxlen: 24
                          156.246.146.0/24 maxlen: 24
                          156.246.147.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83647 (0x146bf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Mar 18 12:43:10 2025 GMT
            Not After : Apr 27 12:43:10 2025 GMT
        Subject: CN=67d96a62-831c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:08:63:4d:e3:0c:ac:0a:6a:3d:db:15:72:57:
                    17:a1:3a:b4:72:33:9a:5b:7a:ec:ef:75:60:cf:cd:
                    6b:4f:80:1f:2d:48:f1:da:26:21:26:e0:c0:57:02:
                    19:95:9a:86:b3:77:f7:e2:44:b7:f3:2e:76:c3:34:
                    fd:06:66:cd:7a:4d:70:a7:9a:3e:23:67:2d:8e:1e:
                    dc:15:b3:d9:68:7f:57:7d:78:58:f6:b1:6f:a3:69:
                    74:4a:68:20:24:3c:f0:23:87:9d:9f:ba:4a:bc:30:
                    06:b8:0b:f4:2b:9b:34:3e:09:24:92:aa:b9:13:96:
                    e1:d8:d2:ea:9e:96:a8:3f:f9:df:c4:30:d2:83:72:
                    c2:b2:ce:a8:ed:e2:0c:8b:02:da:9a:25:c2:76:74:
                    6b:ba:e6:37:2f:25:d8:49:07:5c:08:4c:52:27:44:
                    56:89:83:0a:48:39:09:82:1b:95:be:c8:cd:f5:b3:
                    a9:20:8f:c0:23:9b:a5:15:8a:66:5e:89:b3:9d:96:
                    08:e8:56:64:ac:a6:84:95:93:34:cc:a9:85:79:0d:
                    75:1f:12:4e:8f:77:f9:73:2f:0c:87:21:51:a4:38:
                    23:47:4a:6c:a8:a5:b3:45:2b:41:a0:a4:ab:2c:48:
                    cc:62:a2:34:1e:52:64:69:e5:fd:44:8f:d0:ef:86:
                    cc:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:B4:F9:0C:81:0D:1A:BA:7E:57:FC:A1:60:7A:AE:41:E7:40:DC:AE
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EC97D6603F611F08EF4B75C762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.246.128.0/24
                  156.246.130.0/23
                  156.246.133.0-156.246.134.255
                  156.246.142.0-156.246.144.255
                  156.246.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         76:2a:ec:5d:a0:4d:ba:e4:c4:dc:af:f7:a6:df:3d:3f:93:28:
         d0:10:b1:3f:b7:31:c5:c0:d2:ca:d2:7f:d1:a4:48:1e:ab:9d:
         6e:91:51:f3:61:93:1b:72:1e:f9:7d:ee:f9:7f:73:24:14:d1:
         cf:c7:43:62:c8:59:61:42:88:78:46:e9:fd:a2:87:be:90:13:
         73:f8:e4:5f:6d:25:08:2d:79:ef:36:29:ac:11:f3:9e:52:2f:
         42:df:7d:e6:02:03:6a:ad:58:4f:e6:64:36:0d:fd:e6:cb:7a:
         57:c6:c6:e8:a9:64:ed:81:81:25:8a:12:55:12:ce:6e:60:29:
         aa:8a:8a:8f:10:89:64:cf:a0:14:ef:cd:bd:72:73:d0:c0:2e:
         76:c2:61:c0:c0:a2:cb:19:69:e2:74:68:64:c5:99:e4:a5:90:
         da:2a:72:4f:be:d6:0b:eb:99:2d:f6:51:1c:d0:ef:67:d2:44:
         45:86:0e:31:f5:fb:f5:77:43:2d:83:5b:71:a0:73:e3:ec:70:
         9e:e4:9e:45:26:d0:57:61:51:e6:b6:fb:50:38:ef:11:3b:4b:
         0e:be:16:bc:18:7b:bf:b3:b3:29:6c:b7:3c:56:d4:8a:fa:dd:
         82:0d:1e:b5:7d:e6:43:a7:b9:6c:6b:c8:32:a3:87:4f:dc:57:
         51:2d:18:e5
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIDAUa/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE4MTI0MzEwWhcNMjUwNDI3MTI0MzEwWjAYMRYw
FAYDVQQDEw02N2Q5NmE2Mi04MzFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuwhjTeMMrApqPdsVclcXoTq0cjOaW3rs73Vgz81rT4AfLUjx2iYhJuDA
VwIZlZqGs3f34kS38y52wzT9BmbNek1wp5o+I2ctjh7cFbPZaH9XfXhY9rFvo2l0
SmggJDzwI4edn7pKvDAGuAv0K5s0Pgkkkqq5E5bh2NLqnpaoP/nfxDDSg3LCss6o
7eIMiwLamiXCdnRruuY3LyXYSQdcCExSJ0RWiYMKSDkJghuVvsjN9bOpII/AI5ul
FYpmXomznZYI6FZkrKaElZM0zKmFeQ11HxJOj3f5cy8MhyFRpDgjR0psqKWzRStB
oKSrLEjMYqI0HlJkaeX9RI/Q74bMYQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFFm0
+QyBDRq6flf8oWB6rkHnQNyuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RUM5N0Q2NjAzRjYxMUYwOEVGNEI3NUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAnPaAAwQBnPaCMAwDBACc9oUD
BACc9oYwDAMEAZz2jgMEAJz2kAMEAZz2kjANBgkqhkiG9w0BAQsFAAOCAQEAdirs
XaBNuuTE3K/3pt89P5Mo0BCxP7cxxcDSytJ/0aRIHqudbpFR82GTG3Ie+X3u+X9z
JBTRz8dDYshZYUKIeEbp/aKHvpATc/jkX20lCC157zYprBHznlIvQt995gIDaq1Y
T+ZkNg395st6V8bG6Klk7YGBJYoSVRLObmApqoqKjxCJZM+gFO/NvXJz0MAudsJh
wMCiyxlp4nRoZMWZ5KWQ2ipyT77WC+uZLfZRHNDvZ9JERYYOMfX79XdDLYNbcaBz
4+xwnuSeRSbQV2FR5rb7UDjvETtLDr4WvBh7v7OzKWy3PFbUivrdgg0etX3mQ6e5
bGvIMqOHT9xXUS0Y5Q==
-----END CERTIFICATE-----