Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C09BA1FEC40211EFA4D87E93762E951A.roa
File:                     C09BA1FEC40211EFA4D87E93762E951A.roa (raw, json)
Hash identifier:          Ew2J1rLtRtEK6T1Y009XCnn9Wdx99Jt7moUC3W5m4Dg=
Subject key identifier:   4C:69:BE:24:A8:77:B3:B0:2F:1D:7E:B3:EC:BB:A6:C5:37:72:CF:9C
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       EFE8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C09BA1FEC40211EFA4D87E93762E951A.roa
Signing time:             Fri 27 Dec 2024 03:29:17 +0000
ROA not before:           Fri 27 Dec 2024 03:29:13 +0000
ROA not after:            Sun 12 Dec 2027 03:29:13 +0000
asID:                     17561
IP address blocks:        45.195.196.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61416 (0xefe8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Dec 27 03:29:13 2024 GMT
            Not After : Dec 12 03:29:13 2027 GMT
        Subject: CN=676e1f0d-33e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:1f:91:a7:23:34:d6:2b:d4:35:3e:de:5a:a7:
                    92:5f:b6:f8:47:dd:51:dd:5e:61:fc:f2:aa:4e:88:
                    59:5a:ae:17:96:82:32:b1:e8:8c:b8:92:88:36:2a:
                    cf:5f:a4:7b:97:f1:b0:f9:1d:36:a4:04:fb:e8:fd:
                    ca:56:fa:11:11:c9:1b:19:46:b5:8e:3f:03:b0:ab:
                    f7:c4:bc:ea:36:dc:8b:e8:6a:77:a7:70:73:53:fd:
                    dc:a0:b7:e1:3a:e5:1f:16:8d:1b:9a:0b:6b:5b:0e:
                    e3:8e:13:d2:a4:3a:21:44:bb:e6:dc:8e:69:ad:aa:
                    cf:e9:a5:94:81:cd:d0:b3:6e:fc:d7:3f:98:50:a9:
                    e9:fb:36:d0:c7:64:5c:28:f0:51:b9:b9:07:c2:0f:
                    2c:e7:72:ce:14:e6:6d:d0:96:e4:b6:c9:72:23:23:
                    9c:d3:6a:64:d8:1e:6b:60:46:74:31:dc:1b:3f:ff:
                    4c:74:9e:ab:02:59:26:ac:2e:e9:9d:fc:2c:96:2e:
                    6e:3b:13:4b:2d:f3:56:fc:28:42:d1:bd:97:69:ac:
                    de:52:30:35:98:7e:77:05:d8:86:f2:11:4e:3e:1f:
                    b6:25:b8:dc:d5:20:f7:3a:b7:63:6d:53:64:d1:da:
                    56:88:4d:78:4a:9d:a1:2d:44:72:1b:7a:8b:8d:27:
                    c0:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:69:BE:24:A8:77:B3:B0:2F:1D:7E:B3:EC:BB:A6:C5:37:72:CF:9C
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C09BA1FEC40211EFA4D87E93762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.195.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:55:a6:5b:ec:75:40:4a:33:23:24:0d:e8:f9:08:ca:d8:51:
         09:b2:77:6c:12:ee:a3:0b:3d:68:ae:2c:19:5d:58:13:39:25:
         17:e3:86:fc:a2:76:b1:cd:c9:2d:30:26:e7:d9:89:6d:e8:42:
         1e:5f:fc:ff:86:6e:b0:86:8f:52:91:06:ac:22:b9:36:35:a1:
         61:39:aa:eb:5d:e7:c8:92:3c:60:4b:21:4e:92:3f:6a:29:ad:
         55:a9:34:07:f2:f7:58:5c:c6:d1:64:98:9e:0a:e1:90:62:bc:
         c1:8b:12:5d:78:d4:42:eb:4d:6b:98:8f:7b:f2:6f:b3:52:ed:
         5b:d5:32:e2:9a:ce:be:b2:1b:b8:95:6a:c9:73:8b:50:5f:10:
         c9:c7:d3:82:e4:0f:5d:a5:1e:ca:11:d1:27:2a:bb:ba:8a:49:
         e3:ee:02:b3:52:d2:3a:8c:36:d2:a3:ba:66:89:2e:8a:05:eb:
         25:cd:c6:c0:06:9d:ff:9d:4b:62:ac:a1:76:78:0a:e5:b6:7e:
         d9:b8:28:1e:52:10:d8:32:89:37:4b:c9:2d:f3:88:c9:fe:72:
         f8:ee:11:70:64:c1:71:b7:94:d4:72:ec:eb:d3:f5:f4:e5:b1:
         77:6f:6b:3e:9b:59:d6:5a:b8:fc:64:18:b9:06:d1:ec:0a:0a:
         4a:08:42:2f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO/oMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDMyOTEzWhcNMjcxMjEyMDMyOTEzWjAYMRYw
FAYDVQQDEw02NzZlMWYwZC0zM2U3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7x+RpyM01ivUNT7eWqeSX7b4R91R3V5h/PKqTohZWq4XloIyseiMuJKI
NirPX6R7l/Gw+R02pAT76P3KVvoREckbGUa1jj8DsKv3xLzqNtyL6Gp3p3BzU/3c
oLfhOuUfFo0bmgtrWw7jjhPSpDohRLvm3I5prarP6aWUgc3Qs2781z+YUKnp+zbQ
x2RcKPBRubkHwg8s53LOFOZt0JbktslyIyOc02pk2B5rYEZ0MdwbP/9MdJ6rAlkm
rC7pnfwsli5uOxNLLfNW/ChC0b2XaazeUjA1mH53BdiG8hFOPh+2Jbjc1SD3Ordj
bVNk0dpWiE14Sp2hLURyG3qLjSfAdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFExp
viSod7OwLx1+s+y7psU3cs+cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMDlCQTFGRUM0MDIxMUVGQTREODdFOTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcPEMA0GCSqGSIb3DQEBCwUA
A4IBAQAzVaZb7HVASjMjJA3o+QjK2FEJsndsEu6jCz1oriwZXVgTOSUX44b8onax
zcktMCbn2Ylt6EIeX/z/hm6who9SkQasIrk2NaFhOarrXefIkjxgSyFOkj9qKa1V
qTQH8vdYXMbRZJieCuGQYrzBixJdeNRC601rmI978m+zUu1b1TLims6+shu4lWrJ
c4tQXxDJx9OC5A9dpR7KEdEnKru6iknj7gKzUtI6jDbSo7pmiS6KBeslzcbABp3/
nUtirKF2eArltn7ZuCgeUhDYMok3S8kt84jJ/nL47hFwZMFxt5TUcuzr0/X05bF3
b2s+m1nWWrj8ZBi5BtHsCgpKCEIv
-----END CERTIFICATE-----