Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFB0A726278311EE8400AE224AD9E6FC.roa
File:                     AFB0A726278311EE8400AE224AD9E6FC.roa (raw, json)
Hash identifier:          /e6cMsDxForw39C05VV6f+TlL1/Fy2smt+TYOjhXdpY=
Subject key identifier:   51:91:24:EE:BF:3D:DB:60:8C:5A:15:68:93:7A:87:73:C5:EF:13:37
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       31D9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFB0A726278311EE8400AE224AD9E6FC.roa
Signing time:             Fri 21 Jul 2023 05:01:44 +0000
ROA not before:           Fri 21 Jul 2023 05:01:40 +0000
ROA not after:            Thu 13 Jun 2024 05:01:40 +0000
asID:                     5065
IP address blocks:        45.202.5.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 07 May 2024 00:16:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12761 (0x31d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jul 21 05:01:40 2023 GMT
            Not After : Jun 13 05:01:40 2024 GMT
        Subject: CN=64ba1138-19dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:70:65:ae:1c:7c:3e:25:1b:81:66:02:40:5c:
                    00:a8:3e:c2:74:00:bf:55:f5:33:d4:d5:52:17:95:
                    3a:35:aa:db:7a:04:31:0b:34:c4:b3:db:55:93:15:
                    b2:41:eb:c9:77:20:b0:b3:7c:95:3d:e2:4e:47:9f:
                    bb:11:19:9d:ab:ae:80:d9:9c:71:a3:df:b7:de:92:
                    d7:c8:a1:32:04:d6:4c:05:73:2e:b6:07:77:93:19:
                    2f:99:6f:1c:20:99:cc:36:49:22:51:db:d3:ae:c0:
                    10:57:4d:3d:b0:29:6b:40:af:c0:49:08:ae:46:12:
                    af:4c:79:34:89:b5:db:8f:59:41:cc:37:fe:6a:33:
                    71:2e:dc:0f:18:58:c1:39:2c:f8:68:a4:9e:43:44:
                    81:cf:00:fb:33:a9:ba:35:c2:4d:f2:7d:8e:a9:35:
                    a8:06:f6:82:3e:2a:be:6c:59:76:79:6a:9d:a0:c5:
                    2c:d2:ee:e7:d4:78:4d:9c:53:a8:4a:4c:0e:7d:b7:
                    48:61:75:0e:c1:d0:c6:bd:07:8d:a3:94:95:03:76:
                    ac:cc:dd:aa:36:7a:78:65:ae:18:68:14:a6:77:f6:
                    85:2a:b3:5c:70:a8:e0:c4:be:ce:af:13:90:c2:b2:
                    35:57:5c:b8:f9:6f:cf:74:47:a4:2e:11:4e:4a:6a:
                    56:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:91:24:EE:BF:3D:DB:60:8C:5A:15:68:93:7A:87:73:C5:EF:13:37
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFB0A726278311EE8400AE224AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.202.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:19:97:e9:d3:6c:c9:32:8c:08:b3:de:c1:a0:b8:59:88:3f:
         c3:e3:a9:ea:73:0b:d5:ee:cc:04:44:6b:8c:85:52:ce:5b:66:
         7c:7f:95:50:63:29:08:2e:57:d5:d9:96:db:fc:47:55:03:81:
         15:04:30:ed:83:57:d6:ce:72:8b:ff:71:33:1c:52:0f:1a:45:
         5a:12:71:f1:8c:7e:99:ac:68:51:13:ae:09:38:4f:6d:f8:13:
         7d:28:a1:b9:c3:1b:ff:d2:12:5a:53:b8:97:db:93:2b:59:4d:
         9b:37:47:2f:e3:35:8d:89:a1:ab:4f:04:3b:3b:76:12:ec:66:
         09:27:b1:a8:cc:02:cc:c6:b5:9e:bb:cf:ee:7d:e4:27:31:fa:
         95:39:cb:8b:3e:1e:35:69:81:49:54:25:97:32:70:fc:fb:54:
         d7:74:7c:d8:58:a8:94:80:9f:02:70:e4:c9:33:d9:b8:3f:bf:
         81:b9:a9:cc:4f:55:3f:2e:36:1a:c6:81:43:dc:b4:b6:b8:29:
         00:c9:f4:a5:d2:bf:0e:ff:57:c3:96:51:8d:dd:32:c3:b2:58:
         09:22:a7:12:51:b2:1b:dc:3b:af:00:b5:34:0b:84:9e:5f:13:
         af:33:6a:9c:fa:7d:60:45:1d:f5:02:1a:ee:22:17:0e:fd:fa:
         38:23:8e:c4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICMdkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzA3MjEwNTAxNDBaFw0yNDA2MTMwNTAxNDBaMBgxFjAU
BgNVBAMTDTY0YmExMTM4LTE5ZGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDqcGWuHHw+JRuBZgJAXACoPsJ0AL9V9TPU1VIXlTo1qtt6BDELNMSz21WT
FbJB68l3ILCzfJU94k5Hn7sRGZ2rroDZnHGj37fektfIoTIE1kwFcy62B3eTGS+Z
bxwgmcw2SSJR29OuwBBXTT2wKWtAr8BJCK5GEq9MeTSJtduPWUHMN/5qM3Eu3A8Y
WME5LPhopJ5DRIHPAPszqbo1wk3yfY6pNagG9oI+Kr5sWXZ5ap2gxSzS7ufUeE2c
U6hKTA59t0hhdQ7B0Ma9B42jlJUDdqzM3ao2enhlrhhoFKZ39oUqs1xwqODEvs6v
E5DCsjVXXLj5b890R6QuEU5KalY3AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUUZEk
7r8922CMWhVok3qHc8XvEzcwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4L0FGQjBBNzI2Mjc4MzExRUU4NDAwQUUyMjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtygUwDQYJKoZIhvcNAQELBQAD
ggEBABEZl+nTbMkyjAiz3sGguFmIP8PjqepzC9XuzAREa4yFUs5bZnx/lVBjKQgu
V9XZltv8R1UDgRUEMO2DV9bOcov/cTMcUg8aRVoScfGMfpmsaFETrgk4T234E30o
obnDG//SElpTuJfbkytZTZs3Ry/jNY2JoatPBDs7dhLsZgknsajMAszGtZ67z+59
5Ccx+pU5y4s+HjVpgUlUJZcycPz7VNd0fNhYqJSAnwJw5Mkz2bg/v4G5qcxPVT8u
NhrGgUPctLa4KQDJ9KXSvw7/V8OWUY3dMsOyWAkipxJRshvcO68AtTQLhJ5fE68z
apz6fWBFHfUCGu4iFw79+jgjjsQ=
-----END CERTIFICATE-----