Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95483800D2EE11EFA30A835A762E951A.roa
File:                     95483800D2EE11EFA30A835A762E951A.roa (raw, json)
Hash identifier:          BknjnZ0cFQDgtkZC8aPjoInJwbSDSLEl+jki92xgCXo=
Subject key identifier:   7F:C0:A7:97:49:61:CA:84:68:50:73:A0:CD:D3:1A:0B:72:01:02:81
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       01076F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95483800D2EE11EFA30A835A762E951A.roa
Signing time:             Wed 15 Jan 2025 03:12:42 +0000
ROA not before:           Wed 15 Jan 2025 03:12:38 +0000
ROA not after:            Mon 03 Jan 2028 03:12:38 +0000
asID:                     17561
IP address blocks:        156.236.103.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67439 (0x1076f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan 15 03:12:38 2025 GMT
            Not After : Jan  3 03:12:38 2028 GMT
        Subject: CN=678727aa-8104
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:eb:0e:88:ec:6a:dd:7b:0b:7d:90:d0:76:27:
                    0b:e7:11:80:e8:f1:57:a7:51:12:ae:e5:e4:72:f6:
                    6c:22:5f:21:c6:f6:c0:67:44:91:cc:6c:3a:26:2a:
                    c7:58:8c:b5:4b:47:63:4a:99:39:ee:06:dd:84:a4:
                    64:34:b2:8e:a6:8f:ba:0c:8c:00:05:ed:20:87:04:
                    ff:3c:da:25:44:dc:f0:4f:d5:df:4e:1e:cb:d5:d3:
                    69:57:b8:b7:0c:4f:8b:87:37:45:8c:a3:d4:93:0d:
                    21:58:b8:53:43:76:90:79:21:43:99:ac:14:8a:e1:
                    e9:52:58:b3:c8:3d:ce:4f:98:87:3d:ad:88:60:87:
                    47:cb:d1:8a:eb:61:4f:8b:ea:6b:8d:78:52:38:d0:
                    89:4b:c8:70:67:66:8f:d2:83:4e:89:24:7f:c7:bb:
                    13:3b:b3:43:a9:f2:a8:88:d6:b4:fd:7c:e6:58:f2:
                    e3:72:9e:58:aa:9a:b8:b1:ff:2a:3e:dd:d7:64:ae:
                    ec:94:49:98:c1:af:1c:a4:d5:9b:a9:45:d0:a8:07:
                    7d:36:39:3a:9a:7f:a6:e8:ac:1c:96:25:75:73:20:
                    01:f9:63:ee:95:66:5d:7d:95:5e:ca:ce:76:d5:1c:
                    81:00:4c:5c:79:3f:0c:12:69:15:28:ad:50:e6:7a:
                    8c:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:C0:A7:97:49:61:CA:84:68:50:73:A0:CD:D3:1A:0B:72:01:02:81
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95483800D2EE11EFA30A835A762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.236.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:36:e1:76:31:27:d3:71:52:74:fa:78:ae:f7:29:ff:6d:fc:
         c3:67:9b:9f:5d:84:de:15:22:f2:31:38:54:0f:30:bd:de:ef:
         ff:33:b3:28:8c:51:14:42:48:93:34:f2:21:8e:c4:69:78:e3:
         d4:18:b5:87:52:bb:a0:19:55:18:ea:51:16:36:90:6e:98:10:
         69:e9:44:bf:77:30:b9:85:bb:bd:8c:a4:42:70:aa:8e:12:4e:
         ee:4d:20:f1:e2:a9:5d:96:03:62:5e:cd:00:c2:9a:d3:6b:f3:
         3c:6e:4d:a7:ba:3e:d6:69:f1:45:d6:75:62:e7:cd:45:f3:e9:
         81:5b:1f:38:82:11:54:9c:50:01:cc:94:25:56:b0:01:23:0f:
         26:08:84:9c:85:f2:cc:62:1c:36:e8:97:e8:af:e0:6f:ab:74:
         51:dc:42:c3:7a:ca:b5:d5:39:16:4c:dd:f3:63:92:82:fc:39:
         b6:df:db:f8:f4:18:96:d8:a7:d3:7d:c3:d7:72:4f:f3:a4:eb:
         4a:f7:c9:86:31:c7:31:29:ad:4e:99:59:ca:fd:2f:f5:32:b8:
         22:98:dd:2b:25:37:dd:8e:66:8f:b8:e0:94:ed:ef:97:eb:be:
         63:14:18:be:67:13:19:97:53:e7:4d:52:85:2e:16:f8:c8:2e:
         18:c6:be:85
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQdvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDMxMjM4WhcNMjgwMTAzMDMxMjM4WjAYMRYw
FAYDVQQDEw02Nzg3MjdhYS04MTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzOsOiOxq3XsLfZDQdicL5xGA6PFXp1ESruXkcvZsIl8hxvbAZ0SRzGw6
JirHWIy1S0djSpk57gbdhKRkNLKOpo+6DIwABe0ghwT/PNolRNzwT9XfTh7L1dNp
V7i3DE+LhzdFjKPUkw0hWLhTQ3aQeSFDmawUiuHpUlizyD3OT5iHPa2IYIdHy9GK
62FPi+prjXhSONCJS8hwZ2aP0oNOiSR/x7sTO7NDqfKoiNa0/XzmWPLjcp5Yqpq4
sf8qPt3XZK7slEmYwa8cpNWbqUXQqAd9Njk6mn+m6KwcliV1cyAB+WPulWZdfZVe
ys521RyBAExceT8MEmkVKK1Q5nqMZwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH/A
p5dJYcqEaFBzoM3TGgtyAQKBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NTQ4MzgwMEQyRUUxMUVGQTMwQTgzNUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOxnMA0GCSqGSIb3DQEBCwUA
A4IBAQCBNuF2MSfTcVJ0+niu9yn/bfzDZ5ufXYTeFSLyMThUDzC93u//M7MojFEU
QkiTNPIhjsRpeOPUGLWHUrugGVUY6lEWNpBumBBp6US/dzC5hbu9jKRCcKqOEk7u
TSDx4qldlgNiXs0AwprTa/M8bk2nuj7WafFF1nVi581F8+mBWx84ghFUnFABzJQl
VrABIw8mCISchfLMYhw26Jfor+Bvq3RR3ELDesq11TkWTN3zY5KC/Dm239v49BiW
2KfTfcPXck/zpOtK98mGMccxKa1OmVnK/S/1MrgimN0rJTfdjmaPuOCU7e+X675j
FBi+ZxMZl1PnTVKFLhb4yC4Yxr6F
-----END CERTIFICATE-----