Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E82B3A88106D11F09EB01585762E951A.roa
File:                     E82B3A88106D11F09EB01585762E951A.roa (raw, json)
Hash identifier:          O8GFFsZXI99sze0mWYJRmx1VZA4zlYdDAiVIYhVkRgg=
Subject key identifier:   DF:17:78:B4:65:4F:0B:59:16:62:3F:92:D9:33:B1:FF:B5:8E:CF:82
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       01499E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E82B3A88106D11F09EB01585762E951A.roa
Signing time:             Thu 03 Apr 2025 09:27:48 +0000
ROA not before:           Thu 03 Apr 2025 09:27:44 +0000
ROA not after:            Sat 12 Apr 2025 09:27:44 +0000
asID:                     135097
IP address blocks:        156.254.128.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 07 Apr 2025 00:26:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 84382 (0x1499e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Apr  3 09:27:44 2025 GMT
            Not After : Apr 12 09:27:44 2025 GMT
        Subject: CN=67ee5494-58c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:4a:68:a8:1a:fb:ba:e4:33:2f:37:59:43:07:
                    34:37:bc:08:c8:1e:17:3d:0a:f5:19:7f:80:6e:3e:
                    3b:6b:2d:a1:c8:77:6e:1f:6d:04:af:61:b6:0e:20:
                    64:09:f0:a2:53:c9:87:04:35:63:5e:62:6b:11:96:
                    bd:76:44:b2:8d:aa:b8:1a:e9:49:72:dd:7d:19:fd:
                    78:52:62:09:12:70:69:2a:b8:46:d2:45:5b:8d:dd:
                    e7:f3:03:53:fc:1b:2e:ca:ac:21:0b:2a:38:b9:b8:
                    25:e9:5c:c4:0b:ca:09:a2:b6:33:4d:50:19:3c:9b:
                    5a:91:37:de:62:76:58:22:82:b3:6d:6a:db:f6:29:
                    55:b8:50:34:28:3c:af:66:4e:75:55:a0:c7:75:ea:
                    65:42:fc:98:30:93:9e:b4:f4:f3:10:14:3b:95:0b:
                    cd:79:82:70:41:cf:44:fd:24:fb:e4:ec:10:04:b2:
                    6d:53:20:25:6a:da:58:4d:3e:9f:04:37:43:31:7a:
                    5c:e9:fc:cb:db:ea:0f:91:d8:49:0b:91:dd:21:63:
                    fd:a1:a8:76:cf:b1:d8:7d:09:86:7d:a3:3e:e5:01:
                    9e:14:62:74:b9:51:ef:e4:62:b5:2c:ca:8f:0b:f1:
                    60:b5:d0:79:29:1b:7f:50:32:58:17:fd:93:52:c7:
                    89:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:17:78:B4:65:4F:0B:59:16:62:3F:92:D9:33:B1:FF:B5:8E:CF:82
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E82B3A88106D11F09EB01585762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.254.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         87:ff:9f:72:f0:b2:e0:aa:18:81:50:3d:b9:45:c3:97:97:a8:
         97:ac:ec:0c:13:b5:96:fb:83:a6:a3:b4:8f:06:f6:b8:d1:64:
         25:9b:69:3d:7e:f0:1f:82:43:da:5e:28:7d:d1:60:3c:7d:2f:
         bc:6e:61:40:7d:b2:7a:d4:0b:eb:cf:c3:49:f1:ab:3d:3d:8d:
         89:49:e0:b6:96:ea:cd:0b:b3:54:d2:c8:3c:77:9d:48:ac:6a:
         4d:c7:c5:8b:2e:8a:cd:fe:10:85:52:e6:20:68:a7:aa:de:b9:
         9b:50:a2:d7:15:ab:53:cd:d7:80:9c:e4:1f:ba:b4:6f:30:28:
         67:79:ee:e0:3c:3c:4d:6d:b8:c5:10:93:75:e3:66:be:6d:68:
         d7:f7:64:12:fc:23:2b:c2:41:d4:3b:80:13:f5:4b:96:68:c6:
         c0:65:b9:47:ca:f9:fd:0a:eb:86:a3:78:09:e4:50:4c:54:95:
         c0:20:92:19:9c:aa:b1:cd:7d:61:b5:6a:8b:66:f1:34:30:94:
         a5:9b:5c:32:c3:6f:8d:4b:e0:b8:dc:c6:c3:e0:ff:c3:26:60:
         1c:38:06:d4:53:62:6c:eb:ef:33:40:99:6f:b7:a9:05:e8:c1:
         ba:a8:a1:bc:92:fb:88:ab:6c:8c:bb:40:68:c9:d3:0c:e6:9f:
         9e:04:04:b6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUmeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDAzMDkyNzQ0WhcNMjUwNDEyMDkyNzQ0WjAYMRYw
FAYDVQQDEw02N2VlNTQ5NC01OGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1EpoqBr7uuQzLzdZQwc0N7wIyB4XPQr1GX+Abj47ay2hyHduH20Er2G2
DiBkCfCiU8mHBDVjXmJrEZa9dkSyjaq4GulJct19Gf14UmIJEnBpKrhG0kVbjd3n
8wNT/BsuyqwhCyo4ubgl6VzEC8oJorYzTVAZPJtakTfeYnZYIoKzbWrb9ilVuFA0
KDyvZk51VaDHdeplQvyYMJOetPTzEBQ7lQvNeYJwQc9E/ST75OwQBLJtUyAlatpY
TT6fBDdDMXpc6fzL2+oPkdhJC5HdIWP9oah2z7HYfQmGfaM+5QGeFGJ0uVHv5GK1
LMqPC/FgtdB5KRt/UDJYF/2TUseJ1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN8X
eLRlTwtZFmI/ktkzsf+1js+CMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FODJCM0E4ODEwNkQxMUYwOUVCMDE1ODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHnP6AMA0GCSqGSIb3DQEBCwUA
A4IBAQCH/59y8LLgqhiBUD25RcOXl6iXrOwME7WW+4Omo7SPBva40WQlm2k9fvAf
gkPaXih90WA8fS+8bmFAfbJ61Avrz8NJ8as9PY2JSeC2lurNC7NU0sg8d51IrGpN
x8WLLorN/hCFUuYgaKeq3rmbUKLXFatTzdeAnOQfurRvMChnee7gPDxNbbjFEJN1
42a+bWjX92QS/CMrwkHUO4AT9UuWaMbAZblHyvn9CuuGo3gJ5FBMVJXAIJIZnKqx
zX1htWqLZvE0MJSlm1wyw2+NS+C43MbD4P/DJmAcOAbUU2Js6+8zQJlvt6kF6MG6
qKG8kvuIq2yMu0BoydMM5p+eBAS2
-----END CERTIFICATE-----