Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAC6746EC3B911EF95B60BB2762E951A.roa
File:                     BAC6746EC3B911EF95B60BB2762E951A.roa (raw, json)
Hash identifier:          yTiom55F1zT++oL0boXATTu2OcQag8Qup0YFEg9HEu0=
Subject key identifier:   E6:36:DD:DB:CE:04:2D:28:26:6E:DC:3C:1F:5E:D0:4F:4F:06:23:95
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       EE9B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAC6746EC3B911EF95B60BB2762E951A.roa
Signing time:             Thu 26 Dec 2024 18:46:34 +0000
ROA not before:           Thu 26 Dec 2024 18:46:31 +0000
ROA not after:            Sun 12 Dec 2027 18:46:31 +0000
asID:                     17561
IP address blocks:        45.207.142.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61083 (0xee9b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Dec 26 18:46:31 2024 GMT
            Not After : Dec 12 18:46:31 2027 GMT
        Subject: CN=676da48a-07da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:e0:4b:ca:62:6d:3a:3d:2a:b6:03:71:ea:90:
                    8d:6c:cf:94:8b:37:ab:3d:bb:6c:70:0b:e4:62:d2:
                    03:9b:3f:f2:69:14:c7:1c:4b:6c:16:ea:bd:a6:9b:
                    88:8f:89:aa:4c:bf:75:ee:70:ce:45:b8:39:9b:63:
                    d8:89:88:60:d9:73:33:7c:89:46:cc:39:a4:1c:dc:
                    8f:3b:b1:bc:61:25:51:f3:ff:57:5e:d5:3d:fc:b8:
                    a8:a0:3f:92:b6:c1:f9:a2:86:a8:77:29:25:b1:40:
                    33:c7:4d:bd:42:c3:f3:ea:52:91:a1:ab:fd:49:70:
                    af:16:be:62:07:98:80:fa:41:18:ed:e6:34:6b:34:
                    8e:77:6a:0a:54:2c:ba:38:41:c9:40:c3:df:33:19:
                    e0:b0:30:95:8d:da:c6:9f:db:eb:b6:bc:b2:f9:f4:
                    cc:9a:f5:cb:b4:cd:54:48:02:76:80:61:e4:71:ad:
                    8c:b3:40:d9:74:30:72:1a:f7:d5:dd:18:2a:c7:69:
                    f8:57:23:da:a0:22:13:22:16:c3:70:41:d4:0d:bb:
                    9f:d6:e3:4d:90:35:1c:cb:ac:82:8a:19:e0:0a:95:
                    de:cf:a9:65:e3:e5:1c:d4:43:69:61:0a:63:db:f2:
                    f5:af:5c:51:e5:50:20:67:04:39:36:54:e5:a7:01:
                    2a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:36:DD:DB:CE:04:2D:28:26:6E:DC:3C:1F:5E:D0:4F:4F:06:23:95
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAC6746EC3B911EF95B60BB2762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.207.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:3b:71:75:76:28:7a:74:a3:ca:74:ab:24:11:05:d7:36:10:
         ae:68:a6:40:aa:b9:08:04:59:4d:0d:ba:86:b1:81:82:15:e2:
         9c:58:f3:dc:c7:d5:13:29:8d:c8:e0:e3:ba:27:ba:bd:a8:cf:
         20:57:d7:5e:61:32:12:1e:66:7c:0f:db:4d:79:f9:81:47:07:
         18:d8:34:4d:95:53:01:f3:d0:17:94:e9:32:76:0a:59:fd:e6:
         69:47:7e:a3:9a:22:f8:90:a6:64:94:bc:e0:e1:49:de:ca:e4:
         2b:58:5d:4a:c3:96:89:88:00:71:2f:3c:75:ab:fd:ff:86:ac:
         f3:b0:ca:cc:75:16:44:2e:13:05:da:98:08:8b:16:ab:dd:8d:
         43:94:a7:05:b8:42:d5:6b:f4:27:dd:3f:cc:a8:95:ca:53:98:
         26:8b:10:f3:8b:ad:3d:2b:ff:f0:4b:66:a7:f8:13:80:8d:5d:
         b3:c9:07:43:90:24:ee:b5:b5:13:a7:ab:14:36:6e:21:1b:4f:
         87:8c:45:91:b8:9b:d8:e8:53:a4:26:4f:22:c1:2e:65:41:0c:
         c9:56:e1:c7:b5:e7:d1:37:1c:0f:16:8f:77:1c:0e:55:0b:74:
         2e:3d:e9:72:75:43:77:e9:f5:e1:1b:6b:8c:d0:53:53:62:d6:
         05:46:93:2b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO6bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTg0NjMxWhcNMjcxMjEyMTg0NjMxWjAYMRYw
FAYDVQQDEw02NzZkYTQ4YS0wN2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy+BLymJtOj0qtgNx6pCNbM+UizerPbtscAvkYtIDmz/yaRTHHEtsFuq9
ppuIj4mqTL917nDORbg5m2PYiYhg2XMzfIlGzDmkHNyPO7G8YSVR8/9XXtU9/Lio
oD+StsH5ooaodyklsUAzx029QsPz6lKRoav9SXCvFr5iB5iA+kEY7eY0azSOd2oK
VCy6OEHJQMPfMxngsDCVjdrGn9vrtryy+fTMmvXLtM1USAJ2gGHkca2Ms0DZdDBy
GvfV3Rgqx2n4VyPaoCITIhbDcEHUDbuf1uNNkDUcy6yCihngCpXez6ll4+Uc1ENp
YQpj2/L1r1xR5VAgZwQ5NlTlpwEqRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOY2
3dvOBC0oJm7cPB9e0E9PBiOVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQUM2NzQ2RUMzQjkxMUVGOTVCNjBCQjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+OMA0GCSqGSIb3DQEBCwUA
A4IBAQC7O3F1dih6dKPKdKskEQXXNhCuaKZAqrkIBFlNDbqGsYGCFeKcWPPcx9UT
KY3I4OO6J7q9qM8gV9deYTISHmZ8D9tNefmBRwcY2DRNlVMB89AXlOkydgpZ/eZp
R36jmiL4kKZklLzg4UneyuQrWF1Kw5aJiABxLzx1q/3/hqzzsMrMdRZELhMF2pgI
ixar3Y1DlKcFuELVa/Qn3T/MqJXKU5gmixDzi609K//wS2an+BOAjV2zyQdDkCTu
tbUTp6sUNm4hG0+HjEWRuJvY6FOkJk8iwS5lQQzJVuHHtefRNxwPFo93HA5VC3Qu
PelydUN36fXhG2uM0FNTYtYFRpMr
-----END CERTIFICATE-----