Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2B90B8AFF1711EF912BC79C762E951A.roa
File:                     B2B90B8AFF1711EF912BC79C762E951A.roa (raw, json)
Hash identifier:          JBjT50y6pAYNxZS91sp3xL6pXwxMeJkpYeUUMtw3YUw=
Subject key identifier:   19:C6:3C:21:19:5D:32:C5:6C:A6:44:34:D2:08:F9:6F:D3:D1:02:CA
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       014501
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2B90B8AFF1711EF912BC79C762E951A.roa
Signing time:             Wed 12 Mar 2025 07:57:52 +0000
ROA not before:           Wed 12 Mar 2025 07:57:48 +0000
ROA not after:            Mon 05 May 2025 07:57:48 +0000
asID:                     398993
IP address blocks:        156.229.176.0/20 maxlen: 24
                          156.229.192.0/19 maxlen: 24
                          156.236.192.0/18 maxlen: 24
                          156.252.144.0/20 maxlen: 24
                          156.252.160.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83201 (0x14501)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Mar 12 07:57:48 2025 GMT
            Not After : May  5 07:57:48 2025 GMT
        Subject: CN=67d13e80-6055
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c8:2a:bd:49:35:ae:0c:6b:8d:c0:c4:e4:18:
                    b3:e8:df:36:1c:53:ce:f4:ea:98:33:c9:c6:78:be:
                    f3:42:de:35:5a:c4:c3:fa:c5:e1:2f:a2:ed:e2:e6:
                    f8:aa:7f:20:08:9e:dc:9f:b8:b8:b9:03:41:98:0b:
                    28:18:6f:d1:14:59:5b:b2:c8:fe:a9:3d:0d:2e:9f:
                    bd:5d:7b:df:f6:74:c2:c9:6f:70:aa:ea:75:2b:86:
                    57:2b:10:ec:8f:d4:9b:57:b5:2e:7f:62:53:be:db:
                    57:4d:e6:75:03:a2:4b:40:7c:70:ef:c4:fe:31:1a:
                    ca:77:e9:de:46:3e:01:0d:04:2a:f7:0d:1e:3a:83:
                    1c:fe:ea:b5:25:3c:d9:1e:17:62:33:e6:ab:a4:23:
                    8a:db:e7:fa:32:d6:18:de:c0:4b:dd:e0:17:0e:1f:
                    f8:6a:34:27:82:9b:81:91:2b:c8:c3:3f:ff:e6:14:
                    2e:86:68:54:16:78:b6:86:b4:fd:3b:91:2b:03:b1:
                    66:e9:78:55:ef:ec:b8:6e:1e:78:b6:94:ac:89:2a:
                    19:f4:15:a2:6d:ce:40:64:43:83:cc:a0:0d:b1:61:
                    7d:69:47:e7:8b:12:95:81:e2:42:0a:43:b8:a8:68:
                    1c:c3:70:d6:c8:4e:94:55:ba:ab:b7:48:ac:9a:e5:
                    56:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:C6:3C:21:19:5D:32:C5:6C:A6:44:34:D2:08:F9:6F:D3:D1:02:CA
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2B90B8AFF1711EF912BC79C762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.229.176.0-156.229.223.255
                  156.236.192.0/18
                  156.252.144.0-156.252.175.255

    Signature Algorithm: sha256WithRSAEncryption
         2b:af:56:fc:de:85:9e:10:3b:1b:c6:51:39:40:55:da:2f:b7:
         36:96:5f:26:53:fc:42:e8:2c:07:d0:b0:50:ef:96:85:cf:65:
         43:8e:b8:25:7e:63:9b:9b:34:0e:dc:85:ba:de:68:53:07:b2:
         f1:53:d0:3e:f6:7e:e3:ec:a0:b5:1b:1a:c8:2e:38:01:7d:ab:
         8a:32:49:81:49:f3:9e:97:0f:e4:8b:3b:1c:e6:54:3e:19:09:
         a5:3a:69:53:62:6a:cb:83:48:06:91:bf:58:46:d8:d7:3b:18:
         be:26:9f:75:75:be:0d:7c:75:78:c9:d1:23:fc:39:32:d1:49:
         38:d9:86:9b:04:82:73:40:29:9e:2e:71:c7:cd:35:9c:be:7a:
         d0:a7:8a:4f:93:64:ef:54:7e:0b:0f:dd:c8:d6:38:64:8b:1d:
         a7:1e:a2:42:48:a7:2a:8a:f3:b0:1a:c9:6d:f4:78:c9:b1:f0:
         c0:2a:1c:b7:42:98:b8:95:76:91:a5:91:61:a6:87:0a:0f:04:
         fc:95:d7:1d:50:d3:cc:18:23:c6:1e:8b:fb:30:09:50:76:47:
         18:2a:d0:43:3f:f7:5d:11:e5:c2:1c:da:79:d2:d2:5a:56:3f:
         a5:cb:3d:55:b8:6b:c7:9c:28:47:aa:37:ce:5c:42:36:db:f2:
         d1:3e:a6:4d
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIDAUUBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzEyMDc1NzQ4WhcNMjUwNTA1MDc1NzQ4WjAYMRYw
FAYDVQQDEw02N2QxM2U4MC02MDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx8gqvUk1rgxrjcDE5Biz6N82HFPO9OqYM8nGeL7zQt41WsTD+sXhL6Lt
4ub4qn8gCJ7cn7i4uQNBmAsoGG/RFFlbssj+qT0NLp+9XXvf9nTCyW9wqup1K4ZX
KxDsj9SbV7Uuf2JTvttXTeZ1A6JLQHxw78T+MRrKd+neRj4BDQQq9w0eOoMc/uq1
JTzZHhdiM+arpCOK2+f6MtYY3sBL3eAXDh/4ajQngpuBkSvIwz//5hQuhmhUFni2
hrT9O5ErA7Fm6XhV7+y4bh54tpSsiSoZ9BWibc5AZEODzKANsWF9aUfnixKVgeJC
CkO4qGgcw3DWyE6UVbqrt0ismuVWgwIDAQABo4ICvjCCArowHQYDVR0OBBYEFBnG
PCEZXTLFbKZENNII+W/T0QLKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMkI5MEI4QUZGMTcxMUVGOTEyQkM3OUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBASc5bADBAWc5cADBAac7MAw
DAMEBJz8kAMEBJz8oDANBgkqhkiG9w0BAQsFAAOCAQEAK69W/N6FnhA7G8ZROUBV
2i+3NpZfJlP8QugsB9CwUO+Whc9lQ464JX5jm5s0DtyFut5oUwey8VPQPvZ+4+yg
tRsayC44AX2rijJJgUnznpcP5Is7HOZUPhkJpTppU2Jqy4NIBpG/WEbY1zsYviaf
dXW+DXx1eMnRI/w5MtFJONmGmwSCc0Apni5xx801nL560KeKT5Nk71R+Cw/dyNY4
ZIsdpx6iQkinKorzsBrJbfR4ybHwwCoct0KYuJV2kaWRYaaHCg8E/JXXHVDTzBgj
xh6L+zAJUHZHGCrQQz/3XRHlwhzaedLSWlY/pcs9Vbhrx5woR6o3zlxCNtvy0T6m
TQ==
-----END CERTIFICATE-----