Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9282444CCDD11EFA1AC1452762E951A.roa
File:                     C9282444CCDD11EFA1AC1452762E951A.roa (raw, json)
Hash identifier:          wMX0AfHJPFMdWUIYz9PR95VNZ4d44RXJw+3JF5Z2xpw=
Subject key identifier:   59:33:5E:57:BE:BB:48:BD:E2:77:FF:84:1E:23:81:9F:E8:DD:70:75
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       FB85
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9282444CCDD11EFA1AC1452762E951A.roa
Signing time:             Tue 07 Jan 2025 09:57:21 +0000
ROA not before:           Tue 07 Jan 2025 09:57:17 +0000
ROA not after:            Mon 13 Dec 2027 09:57:17 +0000
asID:                     17561
IP address blocks:        156.233.214.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64389 (0xfb85)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  7 09:57:17 2025 GMT
            Not After : Dec 13 09:57:17 2027 GMT
        Subject: CN=677cfa81-872b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:3a:37:0d:cb:64:47:91:70:70:2d:ad:16:cb:
                    aa:1b:36:48:df:3d:4a:38:77:f7:14:5b:86:19:33:
                    45:ec:73:9d:13:90:4b:c8:2f:9c:a8:9d:47:4f:94:
                    17:22:6b:f2:63:a9:9a:0d:2a:7b:69:aa:6e:56:d3:
                    bf:56:14:6d:cf:29:7d:e6:f6:b7:19:37:e6:09:4f:
                    c3:bb:01:a6:0f:67:87:53:58:f1:37:22:f1:00:a2:
                    fd:da:71:00:15:72:96:68:45:ef:ac:26:ab:32:49:
                    ad:f2:52:85:91:aa:04:72:af:2b:4e:e8:39:ad:ef:
                    a9:3c:60:ba:32:a2:95:26:26:b3:30:ad:b6:bb:55:
                    c6:29:64:27:5a:ab:54:99:d3:91:9f:9a:a6:46:ba:
                    bf:d5:00:55:31:80:94:9b:d4:e0:00:f4:d7:54:70:
                    b6:8b:91:f5:05:ad:28:8a:80:a1:34:c6:f9:85:28:
                    90:44:48:68:3e:4b:ee:a5:eb:25:8e:1c:4e:c0:47:
                    77:c2:68:e3:30:33:bb:35:3b:1f:74:b8:dc:3f:01:
                    0e:39:72:57:ab:42:ce:f7:96:8b:aa:dd:16:38:ee:
                    52:79:78:a9:b4:d3:a7:af:5f:2b:ee:77:af:03:8d:
                    65:9c:bd:e7:23:b4:f6:a5:87:f9:fa:b3:d1:f4:57:
                    42:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:33:5E:57:BE:BB:48:BD:E2:77:FF:84:1E:23:81:9F:E8:DD:70:75
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9282444CCDD11EFA1AC1452762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.233.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:fc:96:eb:23:7e:be:e8:16:51:03:1e:87:30:b7:02:67:de:
         a5:96:87:6c:50:db:38:f9:47:71:41:81:53:4e:8e:7f:7d:92:
         15:8e:f0:c8:cf:ca:be:fe:f5:7d:6c:36:ab:72:20:12:63:a3:
         df:29:86:7b:c9:cb:dc:2c:ef:cf:73:5f:9e:c7:27:f1:09:55:
         67:fa:bf:9a:cd:4a:24:43:61:dd:1b:ba:94:c6:b9:89:c5:e5:
         e1:52:9c:64:91:b8:ac:d5:c6:a6:64:9c:20:06:1c:64:a9:66:
         0f:19:e6:80:58:9d:5f:dc:68:fb:2a:62:98:e5:62:08:84:1b:
         11:e0:6f:a3:ae:f7:4e:7d:e7:f1:25:c1:d5:38:dc:56:06:52:
         48:e0:ec:3f:d8:3b:37:dd:8d:b6:dd:4a:50:a9:82:fd:41:64:
         77:a2:fb:83:04:df:75:20:ba:b9:cb:24:5e:bd:bc:43:ad:77:
         3f:ea:14:c8:83:55:19:f6:de:90:7d:75:e0:e9:0b:29:d9:a9:
         3d:e1:cd:ef:70:72:44:b5:b3:33:fe:c3:4b:59:c7:9c:d6:78:
         7e:98:77:38:44:0f:a1:ee:ca:78:ae:db:37:97:91:17:6b:95:
         11:14:8f:ef:e4:97:82:ec:84:ff:4c:52:81:6a:08:ed:64:ba:
         f8:38:3d:d0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPuFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDk1NzE3WhcNMjcxMjEzMDk1NzE3WjAYMRYw
FAYDVQQDEw02NzdjZmE4MS04NzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsDo3DctkR5FwcC2tFsuqGzZI3z1KOHf3FFuGGTNF7HOdE5BLyC+cqJ1H
T5QXImvyY6maDSp7aapuVtO/VhRtzyl95va3GTfmCU/DuwGmD2eHU1jxNyLxAKL9
2nEAFXKWaEXvrCarMkmt8lKFkaoEcq8rTug5re+pPGC6MqKVJiazMK22u1XGKWQn
WqtUmdORn5qmRrq/1QBVMYCUm9TgAPTXVHC2i5H1Ba0oioChNMb5hSiQREhoPkvu
pesljhxOwEd3wmjjMDO7NTsfdLjcPwEOOXJXq0LO95aLqt0WOO5SeXiptNOnr18r
7nevA41lnL3nI7T2pYf5+rPR9FdCKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFkz
Xle+u0i94nf/hB4jgZ/o3XB1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOTI4MjQ0NENDREQxMUVGQTFBQzE0NTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnWMA0GCSqGSIb3DQEBCwUA
A4IBAQAU/JbrI36+6BZRAx6HMLcCZ96llodsUNs4+UdxQYFTTo5/fZIVjvDIz8q+
/vV9bDarciASY6PfKYZ7ycvcLO/Pc1+exyfxCVVn+r+azUokQ2HdG7qUxrmJxeXh
Upxkkbis1camZJwgBhxkqWYPGeaAWJ1f3Gj7KmKY5WIIhBsR4G+jrvdOfefxJcHV
ONxWBlJI4Ow/2Ds33Y223UpQqYL9QWR3ovuDBN91ILq5yyRevbxDrXc/6hTIg1UZ
9t6QfXXg6Qsp2ak94c3vcHJEtbMz/sNLWcec1nh+mHc4RA+h7sp4rts3l5EXa5UR
FI/v5JeC7IT/TFKBagjtZLr4OD3Q
-----END CERTIFICATE-----