Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4853BC8CCEA11EFB7FE5BA4762E951A.roa
File:                     B4853BC8CCEA11EFB7FE5BA4762E951A.roa (raw, json)
Hash identifier:          bHcj9JRA5614n6oAyIqJuBcCfN58CFG5Gg2nEvHY7yc=
Subject key identifier:   AF:5C:BA:91:CC:CC:F3:02:F9:24:61:E8:C4:6D:A9:ED:D8:3F:D6:3B
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       FBF7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4853BC8CCEA11EFB7FE5BA4762E951A.roa
Signing time:             Tue 07 Jan 2025 11:29:50 +0000
ROA not before:           Tue 07 Jan 2025 11:29:46 +0000
ROA not after:            Mon 13 Dec 2027 11:29:46 +0000
asID:                     17561
IP address blocks:        156.236.6.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64503 (0xfbf7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  7 11:29:46 2025 GMT
            Not After : Dec 13 11:29:46 2027 GMT
        Subject: CN=677d102d-4db0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2e:41:b3:5c:bb:74:ce:18:cf:c9:0b:fa:96:
                    02:50:a6:9f:80:25:8d:22:8b:7a:ef:82:c2:29:ff:
                    e6:10:12:7f:c5:1d:84:86:77:76:a9:5e:e1:45:c8:
                    b0:82:25:a9:6d:9b:21:da:04:37:75:70:be:e0:04:
                    df:7b:1f:0b:53:e1:b9:04:48:6b:10:a1:68:b0:7a:
                    58:cf:f7:7d:b3:b6:07:af:45:a7:78:e5:70:2e:f2:
                    50:95:d7:3c:50:d0:9f:ba:12:fa:ba:0e:4b:36:17:
                    26:a8:71:50:87:e2:ed:fd:6e:ba:eb:c0:32:c3:61:
                    1f:5e:c0:8e:b0:67:22:ff:b7:b0:ed:73:d0:58:9c:
                    d1:56:72:8e:63:50:e8:19:be:18:5d:7e:8e:e4:6f:
                    ce:af:25:25:60:cf:d1:28:ab:d5:81:6b:c5:32:f2:
                    48:f3:30:4d:1e:00:f3:a0:e8:dc:80:85:00:49:50:
                    79:12:42:28:1c:93:9c:51:80:49:52:b6:48:75:56:
                    19:84:84:25:85:d0:95:b0:55:65:e3:92:a9:ed:e5:
                    52:5c:3d:00:32:a2:38:36:71:36:4d:01:2f:65:f6:
                    60:97:ab:98:60:76:b2:74:b6:84:51:df:9d:23:84:
                    85:72:03:2b:20:e3:42:9b:86:2e:ec:83:7c:c1:df:
                    3c:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:5C:BA:91:CC:CC:F3:02:F9:24:61:E8:C4:6D:A9:ED:D8:3F:D6:3B
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4853BC8CCEA11EFB7FE5BA4762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.236.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:6a:b8:63:35:82:2a:ca:0f:91:73:e9:77:de:a9:d0:db:80:
         f9:c3:cc:00:bd:6e:1e:d6:61:0a:40:47:23:54:39:9e:9e:1b:
         fb:7a:83:74:4f:4d:80:89:29:f9:69:32:14:f2:bd:18:7f:38:
         bc:24:e8:94:bd:3b:f4:6d:e1:fb:47:22:d0:00:69:10:c1:09:
         fc:b9:f8:9c:6d:8d:9c:e0:70:ed:b7:4e:01:94:b3:f2:df:6a:
         9a:19:96:1b:7a:f0:cd:3a:3f:78:b4:54:9a:29:3e:34:93:9b:
         fc:93:5d:49:26:70:f3:18:23:fe:7f:ea:8d:e2:16:5e:76:74:
         63:53:f4:be:12:7f:d1:ff:72:31:35:e3:7c:c4:b2:e9:3b:96:
         ab:a8:8b:a5:19:1d:f0:27:82:1c:88:9b:6a:51:fe:fb:5c:88:
         f1:53:df:bd:78:ec:e5:d2:23:e7:d2:f3:3c:1e:63:cb:22:e5:
         d5:91:f4:d6:97:f8:f6:a4:24:04:45:ab:ac:8f:ac:c1:2c:e6:
         0e:af:df:f2:33:ba:6e:ee:52:fb:81:7a:8d:c9:23:5e:b5:5b:
         11:67:b0:22:86:2b:79:df:21:62:b6:f2:5e:d3:f7:2e:f9:01:
         dc:85:ae:85:56:b6:62:7a:44:75:b7:68:8f:a9:9a:68:f1:d7:
         4d:92:c7:4b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPv3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTEyOTQ2WhcNMjcxMjEzMTEyOTQ2WjAYMRYw
FAYDVQQDEw02NzdkMTAyZC00ZGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvC5Bs1y7dM4Yz8kL+pYCUKafgCWNIot674LCKf/mEBJ/xR2Ehnd2qV7h
RciwgiWpbZsh2gQ3dXC+4ATfex8LU+G5BEhrEKFosHpYz/d9s7YHr0WneOVwLvJQ
ldc8UNCfuhL6ug5LNhcmqHFQh+Lt/W6668Ayw2EfXsCOsGci/7ew7XPQWJzRVnKO
Y1DoGb4YXX6O5G/OryUlYM/RKKvVgWvFMvJI8zBNHgDzoOjcgIUASVB5EkIoHJOc
UYBJUrZIdVYZhIQlhdCVsFVl45Kp7eVSXD0AMqI4NnE2TQEvZfZgl6uYYHaydLaE
Ud+dI4SFcgMrIONCm4Yu7IN8wd88/QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK9c
upHMzPMC+SRh6MRtqe3YP9Y7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNDg1M0JDOENDRUExMUVGQjdGRTVCQTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwGMA0GCSqGSIb3DQEBCwUA
A4IBAQB2arhjNYIqyg+Rc+l33qnQ24D5w8wAvW4e1mEKQEcjVDmenhv7eoN0T02A
iSn5aTIU8r0Yfzi8JOiUvTv0beH7RyLQAGkQwQn8uficbY2c4HDtt04BlLPy32qa
GZYbevDNOj94tFSaKT40k5v8k11JJnDzGCP+f+qN4hZednRjU/S+En/R/3IxNeN8
xLLpO5arqIulGR3wJ4IciJtqUf77XIjxU9+9eOzl0iPn0vM8HmPLIuXVkfTWl/j2
pCQERausj6zBLOYOr9/yM7pu7lL7gXqNySNetVsRZ7Aihit53yFitvJe0/cu+QHc
ha6FVrZiekR1t2iPqZpo8ddNksdL
-----END CERTIFICATE-----