Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FDC3D14CD4B11EFAF1C5784762E951A.roa
File:                     9FDC3D14CD4B11EFAF1C5784762E951A.roa (raw, json)
Hash identifier:          +PCvEooFZ4WqLeYPSK5AMnFC7KOUVgEOdWetQcEG5fA=
Subject key identifier:   7D:7B:F3:67:C9:8C:5D:2A:66:D4:8A:17:6A:8D:ED:A5:C8:E9:A1:8E
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       FEC3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FDC3D14CD4B11EFAF1C5784762E951A.roa
Signing time:             Tue 07 Jan 2025 23:03:36 +0000
ROA not before:           Tue 07 Jan 2025 23:03:32 +0000
ROA not after:            Mon 13 Dec 2027 23:03:32 +0000
asID:                     17561
IP address blocks:        156.246.93.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65219 (0xfec3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  7 23:03:32 2025 GMT
            Not After : Dec 13 23:03:32 2027 GMT
        Subject: CN=677db2c8-a3b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:02:35:8d:fc:4f:05:6b:17:ef:76:20:74:91:
                    ee:9b:e2:2d:8f:28:19:cb:f2:de:04:ce:f4:ff:84:
                    cc:aa:87:80:d4:dc:3e:64:6b:44:d3:2b:f4:6e:1e:
                    6d:4b:4e:d7:8b:e9:2a:f5:20:76:44:f2:e1:59:df:
                    c4:5c:8b:a1:fc:b1:b0:f4:7f:f0:79:47:98:74:d9:
                    80:e9:5d:c4:4f:f4:20:10:57:3c:32:00:4e:71:9a:
                    01:5e:77:66:30:5e:e2:57:4c:26:f2:1e:fa:df:97:
                    10:43:41:b9:9d:20:4c:1c:79:01:da:bf:c3:78:e2:
                    1f:e4:6e:38:60:7a:b2:79:04:07:9b:79:e5:2a:4a:
                    20:50:18:6a:55:4b:ce:45:ab:71:b1:26:3d:21:97:
                    9d:14:21:df:8c:65:9b:9a:1f:78:45:a3:1a:33:d6:
                    de:28:25:b8:d4:8a:3d:d0:15:74:4f:2a:5c:6e:b0:
                    a6:4d:9f:20:95:6c:06:dd:55:49:eb:0e:81:71:21:
                    8a:98:02:2e:a1:d1:69:2e:c7:a5:8a:ac:01:a1:b7:
                    7e:69:8f:d5:fe:7a:1f:0b:58:08:87:d8:15:41:ff:
                    3a:68:40:8a:cb:a4:9b:b0:ea:6e:58:89:bc:15:63:
                    05:3a:37:7b:e6:5e:3a:62:88:28:06:c0:a3:2c:09:
                    d6:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:7B:F3:67:C9:8C:5D:2A:66:D4:8A:17:6A:8D:ED:A5:C8:E9:A1:8E
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FDC3D14CD4B11EFAF1C5784762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.246.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:d9:2c:b8:ef:ca:7d:e9:f2:f8:7b:81:7f:8b:ff:0b:e5:78:
         88:6e:9d:69:31:8c:fe:32:28:73:75:05:74:14:ef:69:a2:aa:
         d4:20:fb:0f:ee:48:d8:10:fa:bd:0b:29:91:79:aa:f8:2c:46:
         02:df:70:e7:d0:b8:66:6a:eb:d3:e4:33:4f:74:6a:b3:8e:ce:
         24:9e:95:67:90:38:f7:fd:6a:0f:51:b1:71:1a:40:8d:d6:bb:
         31:ce:d2:8a:0b:be:3c:39:ff:aa:20:de:2a:28:78:79:07:02:
         06:69:42:d7:b7:92:52:82:57:06:57:98:a2:86:77:72:b1:46:
         f1:ab:1b:99:a5:73:fc:4c:55:31:92:fa:cf:eb:56:3f:f6:e4:
         c1:2a:b6:7c:7d:d9:d4:d1:a8:17:d4:19:80:bd:98:91:94:13:
         62:79:eb:9a:a5:66:0b:fa:66:0a:5e:88:44:fe:0f:8f:d1:18:
         39:22:8f:18:43:6d:e4:38:2b:ec:f5:d9:22:55:eb:47:0e:77:
         73:00:4b:70:55:97:00:ce:45:d0:25:ca:48:a1:9c:17:4a:32:
         bd:f8:fd:34:00:61:ea:37:8e:9f:b0:e3:3e:95:c0:de:b1:39:
         c6:75:70:b5:38:c1:de:6b:10:c1:2f:3e:54:0d:00:3a:d7:fa:
         9a:c4:21:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP7DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjMwMzMyWhcNMjcxMjEzMjMwMzMyWjAYMRYw
FAYDVQQDEw02NzdkYjJjOC1hM2I3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5wI1jfxPBWsX73YgdJHum+ItjygZy/LeBM70/4TMqoeA1Nw+ZGtE0yv0
bh5tS07Xi+kq9SB2RPLhWd/EXIuh/LGw9H/weUeYdNmA6V3ET/QgEFc8MgBOcZoB
XndmMF7iV0wm8h7635cQQ0G5nSBMHHkB2r/DeOIf5G44YHqyeQQHm3nlKkogUBhq
VUvORatxsSY9IZedFCHfjGWbmh94RaMaM9beKCW41Io90BV0TypcbrCmTZ8glWwG
3VVJ6w6BcSGKmAIuodFpLseliqwBobd+aY/V/nofC1gIh9gVQf86aECKy6SbsOpu
WIm8FWMFOjd75l46YogoBsCjLAnWewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH17
82fJjF0qZtSKF2qN7aXI6aGOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RkRDM0QxNENENEIxMUVGQUYxQzU3ODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPZdMA0GCSqGSIb3DQEBCwUA
A4IBAQBG2Sy478p96fL4e4F/i/8L5XiIbp1pMYz+MihzdQV0FO9poqrUIPsP7kjY
EPq9CymRear4LEYC33Dn0LhmauvT5DNPdGqzjs4knpVnkDj3/WoPUbFxGkCN1rsx
ztKKC748Of+qIN4qKHh5BwIGaULXt5JSglcGV5iihndysUbxqxuZpXP8TFUxkvrP
61Y/9uTBKrZ8fdnU0agX1BmAvZiRlBNieeuapWYL+mYKXohE/g+P0Rg5Io8YQ23k
OCvs9dkiVetHDndzAEtwVZcAzkXQJcpIoZwXSjK9+P00AGHqN46fsOM+lcDesTnG
dXC1OMHeaxDBLz5UDQA61/qaxCGY
-----END CERTIFICATE-----