Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD50C662CDB311EF908748AB762E951A.roa
File:                     CD50C662CDB311EF908748AB762E951A.roa (raw, json)
Hash identifier:          5r+BxxEwKIiR7LBsScQhuBd2fg6qPly8x1NpL5r/ESE=
Subject key identifier:   D5:54:13:0E:5C:B2:6F:CC:90:42:60:EC:1E:0D:98:A9:9C:77:5E:11
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       010195
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD50C662CDB311EF908748AB762E951A.roa
Signing time:             Wed 08 Jan 2025 11:29:20 +0000
ROA not before:           Wed 08 Jan 2025 11:29:16 +0000
ROA not after:            Thu 16 Dec 2027 11:29:16 +0000
asID:                     17561
IP address blocks:        45.201.235.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65941 (0x10195)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  8 11:29:16 2025 GMT
            Not After : Dec 16 11:29:16 2027 GMT
        Subject: CN=677e6190-bc4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:55:3a:a1:7d:10:56:b9:71:43:42:53:90:1f:
                    ab:22:10:9b:a7:3a:5a:17:06:3d:0b:0d:ba:f0:eb:
                    27:a9:73:fe:38:eb:50:59:f9:d5:ca:f0:82:e4:c1:
                    4b:56:67:8e:bc:84:be:1b:d0:5f:b1:90:ae:82:ab:
                    9c:d8:6e:c7:42:ec:f3:64:24:a2:42:fa:08:dd:c6:
                    f8:b3:17:63:99:6a:80:81:06:6e:03:a3:b2:b3:46:
                    31:fd:3e:22:a8:b4:f2:d6:bb:70:03:22:0b:94:9a:
                    e3:bb:35:3b:8f:bd:5b:a1:e8:a6:68:76:24:b1:05:
                    cb:11:cf:89:a1:b1:27:88:95:af:15:bf:48:a3:4d:
                    f8:1e:ce:af:f4:27:e5:9a:56:8d:e6:6e:a7:f4:f1:
                    e3:2d:c3:c6:00:a2:a6:dd:e8:76:8f:cd:7c:95:5e:
                    be:0b:22:ec:7c:9b:a5:fc:24:53:ab:8c:7d:16:70:
                    f6:c4:29:03:07:0d:9d:ec:74:5f:9c:c9:b4:db:29:
                    a8:58:d8:0b:43:13:21:da:f5:52:af:42:71:7c:88:
                    53:62:da:f3:ca:8f:12:c4:22:67:3d:30:fd:ee:a9:
                    20:4b:d3:28:63:e3:b5:0e:dc:06:98:d8:24:ab:70:
                    d8:05:03:0c:95:20:df:d7:3c:c3:57:34:2b:ac:8b:
                    6a:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:54:13:0E:5C:B2:6F:CC:90:42:60:EC:1E:0D:98:A9:9C:77:5E:11
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD50C662CDB311EF908748AB762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.201.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:97:6f:c2:73:03:8b:b1:e0:29:55:9a:bb:7f:6f:46:ff:5d:
         2c:63:95:a3:c1:57:8f:84:2a:11:bd:80:78:26:66:26:c9:22:
         7e:2a:88:97:44:93:bf:6e:77:e3:c7:94:02:ee:3f:8c:f9:09:
         04:0e:4f:72:6e:00:61:cf:4a:dc:67:e3:fc:32:a9:8e:5a:a3:
         9f:27:b1:79:87:61:15:77:66:a0:7e:2f:55:45:4c:98:a8:b8:
         ad:51:6b:74:ec:77:a8:29:e9:e6:16:27:00:33:ae:04:72:be:
         79:8e:1f:54:37:b2:64:7a:ec:8a:e6:49:e0:17:60:c1:87:8d:
         cf:c3:7c:48:de:88:3a:69:63:af:7a:84:22:99:6e:e6:b6:63:
         32:6b:aa:7e:f3:f2:34:67:ab:74:c3:e6:05:44:b2:db:c5:4a:
         3b:0d:12:2f:2a:81:57:62:84:82:c4:0d:4f:4b:52:3a:59:01:
         62:66:f4:80:af:7a:3a:be:79:31:bd:04:a8:90:af:09:de:98:
         7e:4a:fa:0a:bf:d2:a5:80:1a:d1:43:7c:b5:5f:21:f6:86:44:
         ec:b9:2e:74:d4:45:99:88:97:08:c1:c9:53:44:32:7d:c8:e5:
         34:8f:b7:9e:c6:74:42:71:ad:54:b4:f6:a5:a3:1c:d7:4a:d4:
         92:a4:6b:25
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQGVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTEyOTE2WhcNMjcxMjE2MTEyOTE2WjAYMRYw
FAYDVQQDEw02NzdlNjE5MC1iYzRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp1U6oX0QVrlxQ0JTkB+rIhCbpzpaFwY9Cw268OsnqXP+OOtQWfnVyvCC
5MFLVmeOvIS+G9BfsZCugquc2G7HQuzzZCSiQvoI3cb4sxdjmWqAgQZuA6Oys0Yx
/T4iqLTy1rtwAyILlJrjuzU7j71boeimaHYksQXLEc+JobEniJWvFb9Io034Hs6v
9CflmlaN5m6n9PHjLcPGAKKm3eh2j818lV6+CyLsfJul/CRTq4x9FnD2xCkDBw2d
7HRfnMm02ymoWNgLQxMh2vVSr0JxfIhTYtrzyo8SxCJnPTD97qkgS9MoY+O1DtwG
mNgkq3DYBQMMlSDf1zzDVzQrrItq7wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNVU
Ew5csm/MkEJg7B4NmKmcd14RMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRDUwQzY2MkNEQjMxMUVGOTA4NzQ4QUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcnrMA0GCSqGSIb3DQEBCwUA
A4IBAQBbl2/CcwOLseApVZq7f29G/10sY5WjwVePhCoRvYB4JmYmySJ+KoiXRJO/
bnfjx5QC7j+M+QkEDk9ybgBhz0rcZ+P8MqmOWqOfJ7F5h2EVd2agfi9VRUyYqLit
UWt07HeoKenmFicAM64Ecr55jh9UN7JkeuyK5kngF2DBh43Pw3xI3og6aWOveoQi
mW7mtmMya6p+8/I0Z6t0w+YFRLLbxUo7DRIvKoFXYoSCxA1PS1I6WQFiZvSAr3o6
vnkxvQSokK8J3ph+SvoKv9KlgBrRQ3y1XyH2hkTsuS501EWZiJcIwclTRDJ9yOU0
j7eexnRCca1UtPaloxzXStSSpGsl
-----END CERTIFICATE-----