Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E4308944B5FD11EF9E4604A1762E951A.roa
File:                     E4308944B5FD11EF9E4604A1762E951A.roa (raw, json)
Hash identifier:          tZYJOISR/Vdgu7Lo6hOFbFkXcE+M/X2zAWNJPqvVj0Y=
Subject key identifier:   58:A0:02:48:23:38:C3:D3:A2:5C:B1:47:75:EE:C1:38:B2:ED:5A:17
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       E16C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E4308944B5FD11EF9E4604A1762E951A.roa
Signing time:             Mon 09 Dec 2024 07:19:13 +0000
ROA not before:           Mon 09 Dec 2024 07:19:09 +0000
ROA not after:            Thu 06 Feb 2025 07:19:09 +0000
asID:                     137443
IP address blocks:        156.236.112.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 06 Feb 2025 07:19:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 57708 (0xe16c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Dec  9 07:19:09 2024 GMT
            Not After : Feb  6 07:19:09 2025 GMT
        Subject: CN=675699f1-a64c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:8f:f9:ff:f2:c4:15:75:98:54:ea:06:a3:0c:
                    8e:1f:84:27:d1:84:93:58:c1:2c:09:fa:2e:d3:ab:
                    2e:b7:83:35:8f:d3:3a:78:16:b1:67:43:c6:b9:36:
                    cc:4d:1e:8e:34:e2:c0:21:b2:c1:cd:02:e9:de:48:
                    c0:1c:87:1a:f7:85:26:e2:f2:0d:47:d5:00:48:9c:
                    ef:fa:79:de:e0:84:c7:01:4c:fc:4a:24:3a:0c:fe:
                    01:73:4d:cd:db:ef:eb:5d:b7:68:07:4a:37:76:d5:
                    79:bd:aa:47:a7:0a:e5:a0:ce:c5:b3:04:c1:a0:0f:
                    96:42:b8:37:9a:d0:bf:78:aa:6d:ca:01:39:fe:d2:
                    3e:28:b8:31:94:58:1e:76:bc:75:c7:3f:40:8a:63:
                    35:26:e0:90:90:46:3e:74:65:8a:5b:f0:0e:22:8b:
                    19:66:40:93:63:18:d7:0e:3b:21:c2:0c:f0:f3:a4:
                    31:2b:63:58:30:29:cb:e6:39:a9:88:44:e3:2f:c5:
                    2a:98:f6:4a:70:70:61:44:0e:15:83:3b:92:6b:1c:
                    0b:38:43:66:ea:f3:2d:46:f1:0b:f1:b8:b8:29:6f:
                    72:c3:01:04:54:60:78:51:4a:64:bb:52:00:48:f2:
                    00:ad:23:77:8b:05:b0:56:b6:2c:0a:af:45:c5:b9:
                    c4:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:A0:02:48:23:38:C3:D3:A2:5C:B1:47:75:EE:C1:38:B2:ED:5A:17
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E4308944B5FD11EF9E4604A1762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.236.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:7b:87:c8:be:fa:9e:eb:8e:26:8e:f2:4e:16:4e:ba:d3:20:
         5d:f6:55:56:78:8c:cb:c6:ab:e8:c0:e9:4f:8e:f1:ad:38:70:
         e6:48:ce:12:6e:68:dd:ed:66:35:0c:5d:e6:42:cf:51:4a:d4:
         72:f4:be:16:b3:39:73:76:54:8c:db:18:0c:21:b3:49:68:38:
         55:95:b8:55:c6:0e:43:5c:10:41:ab:c8:3d:42:14:5a:bc:e7:
         1a:f0:45:07:a2:04:2a:b5:99:6d:f6:db:0a:d2:4d:a1:3b:97:
         32:6f:d1:7a:02:c9:6a:0a:1f:94:a4:d2:bb:4b:11:60:86:a9:
         df:19:1e:c1:b7:5d:a9:a0:9c:4f:c1:e3:78:3a:c7:72:60:9f:
         7b:6d:fe:f7:37:c4:d4:8b:76:b9:f5:17:5a:05:9f:db:8a:b7:
         65:1a:b4:89:c8:ee:b4:ad:b6:92:94:68:7c:46:bf:66:4d:96:
         e4:59:ff:96:94:2d:86:18:1f:86:a6:1f:5a:d0:40:4b:f4:28:
         81:1e:c9:12:f6:7a:d7:8d:32:04:5b:59:a9:2d:8a:7f:c5:87:
         d8:82:44:3f:2f:27:c3:01:af:27:96:3a:1b:4a:57:92:9f:5a:
         32:f8:13:08:5a:25:e6:04:be:23:ce:e0:61:10:a9:90:01:ef:
         41:2d:cb:14
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOFsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDcxOTA5WhcNMjUwMjA2MDcxOTA5WjAYMRYw
FAYDVQQDEw02NzU2OTlmMS1hNjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApY/5//LEFXWYVOoGowyOH4Qn0YSTWMEsCfou06sut4M1j9M6eBaxZ0PG
uTbMTR6ONOLAIbLBzQLp3kjAHIca94Um4vINR9UASJzv+nne4ITHAUz8SiQ6DP4B
c03N2+/rXbdoB0o3dtV5vapHpwrloM7FswTBoA+WQrg3mtC/eKptygE5/tI+KLgx
lFgedrx1xz9AimM1JuCQkEY+dGWKW/AOIosZZkCTYxjXDjshwgzw86QxK2NYMCnL
5jmpiETjL8UqmPZKcHBhRA4VgzuSaxwLOENm6vMtRvEL8bi4KW9ywwEEVGB4UUpk
u1IASPIArSN3iwWwVrYsCq9FxbnEgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFig
AkgjOMPTolyxR3XuwTiy7VoXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNDMwODk0NEI1RkQxMUVGOUU0NjA0QTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOxwMA0GCSqGSIb3DQEBCwUA
A4IBAQA6e4fIvvqe644mjvJOFk660yBd9lVWeIzLxqvowOlPjvGtOHDmSM4Sbmjd
7WY1DF3mQs9RStRy9L4WszlzdlSM2xgMIbNJaDhVlbhVxg5DXBBBq8g9QhRavOca
8EUHogQqtZlt9tsK0k2hO5cyb9F6AslqCh+UpNK7SxFghqnfGR7Bt12poJxPweN4
OsdyYJ97bf73N8TUi3a59RdaBZ/birdlGrSJyO60rbaSlGh8Rr9mTZbkWf+WlC2G
GB+Gph9a0EBL9CiBHskS9nrXjTIEW1mpLYp/xYfYgkQ/LyfDAa8nljobSleSn1oy
+BMIWiXmBL4jzuBhEKmQAe9BLcsU
-----END CERTIFICATE-----