Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFAD1AF6E93C11EF9D646397762E951A.roa
File:                     CFAD1AF6E93C11EF9D646397762E951A.roa (raw, json)
Hash identifier:          YnoeHQunRrDTgK2o+CK7reDBmLcmUHBoQl3hZhLC628=
Subject key identifier:   E6:C1:A3:B2:43:AA:B8:3F:33:43:53:3D:BC:BC:93:4E:A1:00:C9:EF
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       01219B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFAD1AF6E93C11EF9D646397762E951A.roa
Signing time:             Wed 12 Feb 2025 12:28:06 +0000
ROA not before:           Wed 12 Feb 2025 12:28:03 +0000
ROA not after:            Fri 15 Aug 2025 12:28:03 +0000
asID:                     400619
IP address blocks:        45.204.32.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 21 Feb 2025 00:26:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74139 (0x1219b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Feb 12 12:28:03 2025 GMT
            Not After : Aug 15 12:28:03 2025 GMT
        Subject: CN=67ac93d6-ace6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:bf:9e:68:d3:20:59:dc:a7:cb:7a:b9:b9:4e:
                    4a:c0:e2:49:e6:31:c3:ad:a6:db:24:23:6f:54:a4:
                    84:0e:38:d1:2f:75:44:73:70:57:81:a4:63:2b:32:
                    a3:57:68:42:af:5c:38:55:f4:f9:55:fd:4f:0d:49:
                    72:b8:32:10:37:c7:cd:2f:68:33:4f:7f:ee:29:8c:
                    d4:fd:3a:77:c1:52:bc:f6:0d:b8:fc:2b:0e:bf:75:
                    58:f4:60:c4:29:47:ad:34:ef:af:1a:21:c2:4f:1e:
                    c6:ba:64:ca:09:dc:5c:10:66:4e:02:92:f0:7b:16:
                    64:5c:18:80:c3:d7:50:1e:8d:9f:d6:17:25:52:a4:
                    81:de:a7:11:72:3b:96:fb:b1:59:85:f0:1f:b9:be:
                    07:55:46:bc:90:12:f1:87:47:93:fd:f2:84:4e:b4:
                    8a:7a:38:c1:ec:4d:4c:96:c2:3a:48:42:56:93:29:
                    ea:aa:12:26:8c:03:f1:49:c1:e0:bf:7f:15:8e:b2:
                    45:bd:f8:b2:3f:89:da:49:96:b7:d0:1b:46:83:08:
                    f7:ea:bb:40:a4:0b:c7:36:2d:ed:b6:dc:08:be:42:
                    e8:6f:4a:31:0c:e0:35:71:dc:84:23:02:4f:85:2b:
                    e8:69:2d:81:3d:6d:14:2f:99:20:c6:5b:ef:38:ba:
                    9f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:C1:A3:B2:43:AA:B8:3F:33:43:53:3D:BC:BC:93:4E:A1:00:C9:EF
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFAD1AF6E93C11EF9D646397762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.204.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         78:70:9f:14:e0:92:a6:4f:09:03:83:76:c4:3c:54:d4:94:ab:
         e0:95:a1:78:ff:34:1a:26:0f:01:1f:55:20:91:45:73:96:bc:
         2c:5e:33:3c:de:1a:6a:ff:c7:6a:79:af:67:53:c1:2d:47:c1:
         b8:6e:85:9a:10:50:40:01:31:7b:10:16:ca:78:5f:99:85:36:
         ef:2d:b4:22:1e:44:bc:dd:a7:42:0f:46:7d:be:01:ae:a4:9c:
         f6:7c:1f:4e:1a:d1:62:10:ca:41:2d:f5:05:23:b0:bb:50:0f:
         5d:be:af:bc:3a:a4:d0:57:b8:c6:c2:ff:63:d2:ec:f1:ea:c4:
         23:bc:89:dd:58:2c:91:10:83:ae:38:65:e9:0f:27:78:4c:a4:
         4d:f3:c0:2f:3c:a0:37:2a:a3:a9:4a:46:c9:88:39:37:e8:ae:
         c8:80:67:99:14:16:98:9a:7e:68:28:76:78:31:fe:86:98:cf:
         9c:b2:f6:35:31:66:1a:8f:3a:e6:e6:af:d5:a5:29:d6:3f:a0:
         61:44:79:e8:91:c7:6d:a7:57:70:a7:49:e6:82:b5:0a:1b:3d:
         da:35:cc:da:a8:e4:08:09:d3:67:f8:bf:de:7e:5e:ec:e4:45:
         85:0f:84:7f:b9:0b:5f:8d:20:e2:c9:df:9d:77:8a:c8:60:32:
         61:22:a9:06
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASGbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjEyMTIyODAzWhcNMjUwODE1MTIyODAzWjAYMRYw
FAYDVQQDEw02N2FjOTNkNi1hY2U2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyr+eaNMgWdyny3q5uU5KwOJJ5jHDrabbJCNvVKSEDjjRL3VEc3BXgaRj
KzKjV2hCr1w4VfT5Vf1PDUlyuDIQN8fNL2gzT3/uKYzU/Tp3wVK89g24/CsOv3VY
9GDEKUetNO+vGiHCTx7GumTKCdxcEGZOApLwexZkXBiAw9dQHo2f1hclUqSB3qcR
cjuW+7FZhfAfub4HVUa8kBLxh0eT/fKETrSKejjB7E1MlsI6SEJWkynqqhImjAPx
ScHgv38VjrJFvfiyP4naSZa30BtGgwj36rtApAvHNi3tttwIvkLob0oxDOA1cdyE
IwJPhSvoaS2BPW0UL5kgxlvvOLqfkwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFObB
o7JDqrg/M0NTPby8k06hAMnvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRkFEMUFGNkU5M0MxMUVGOUQ2NDYzOTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLcwgMA0GCSqGSIb3DQEBCwUA
A4IBAQB4cJ8U4JKmTwkDg3bEPFTUlKvglaF4/zQaJg8BH1UgkUVzlrwsXjM83hpq
/8dqea9nU8EtR8G4boWaEFBAATF7EBbKeF+ZhTbvLbQiHkS83adCD0Z9vgGupJz2
fB9OGtFiEMpBLfUFI7C7UA9dvq+8OqTQV7jGwv9j0uzx6sQjvIndWCyREIOuOGXp
Dyd4TKRN88AvPKA3KqOpSkbJiDk36K7IgGeZFBaYmn5oKHZ4Mf6GmM+csvY1MWYa
jzrm5q/VpSnWP6BhRHnokcdtp1dwp0nmgrUKGz3aNczaqOQICdNn+L/efl7s5EWF
D4R/uQtfjSDiyd+dd4rIYDJhIqkG
-----END CERTIFICATE-----