Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EBC58386C3EE11EFBF336582762E951A.roa
File:                     EBC58386C3EE11EFBF336582762E951A.roa (raw, json)
Hash identifier:          SjRt6z1xHfh2a8cZrBxuHWS9LplMGeZUzLdpbhDlySQ=
Subject key identifier:   63:44:2A:6F:4F:C9:47:2A:D7:C9:C2:2B:68:44:3C:4C:EF:FA:17:B8
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       EF3A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EBC58386C3EE11EFBF336582762E951A.roa
Signing time:             Fri 27 Dec 2024 01:07:20 +0000
ROA not before:           Fri 27 Dec 2024 01:07:16 +0000
ROA not after:            Sun 12 Dec 2027 01:07:16 +0000
asID:                     17561
IP address blocks:        45.192.237.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61242 (0xef3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Dec 27 01:07:16 2024 GMT
            Not After : Dec 12 01:07:16 2027 GMT
        Subject: CN=676dfdc8-343c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:91:93:f4:94:51:94:5a:a3:f2:68:1a:c9:2f:
                    4b:e8:3f:93:7f:f9:01:3d:71:9d:dc:41:1d:50:bf:
                    7b:a3:3c:df:20:5e:ec:d5:9c:cb:6e:b3:d6:3a:7a:
                    fe:10:22:0c:60:c8:24:7d:32:ab:0b:db:7d:f8:f8:
                    4c:04:66:f4:a0:0a:69:9e:12:e7:e9:86:0c:61:c0:
                    81:74:26:50:ef:10:ef:aa:52:65:4c:46:df:13:60:
                    71:71:46:73:f4:c6:84:93:79:68:18:de:f4:38:51:
                    1f:31:93:93:c8:f4:cb:f7:6e:eb:16:20:18:94:bb:
                    09:e1:6b:56:59:6d:4d:96:fc:5b:a8:b5:86:f4:42:
                    5e:27:8b:da:11:57:42:48:83:55:3b:87:08:6c:c1:
                    94:59:d8:56:74:be:a6:a4:e9:4f:4d:a7:43:cd:69:
                    d1:e9:aa:0c:40:52:6b:20:88:92:0f:0f:dd:ff:0b:
                    14:27:92:77:c7:7b:4c:ca:70:9c:dd:01:5d:83:3d:
                    cb:54:29:8c:f5:49:e6:ab:0e:69:f5:da:83:07:b1:
                    bc:df:df:12:6c:90:84:e0:a7:a6:a4:ed:5f:9a:3f:
                    45:88:5b:7c:98:e0:a9:28:09:84:00:7f:73:0b:7a:
                    ef:87:19:38:af:e6:38:8e:2c:a9:d4:8f:b8:ff:a7:
                    f9:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:44:2A:6F:4F:C9:47:2A:D7:C9:C2:2B:68:44:3C:4C:EF:FA:17:B8
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EBC58386C3EE11EFBF336582762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.192.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:ff:ac:90:b0:52:f5:1e:54:32:d3:e1:37:7e:88:a8:64:1a:
         e3:c0:6e:04:77:e5:19:f4:ff:02:32:f0:2c:53:3d:ee:5f:d1:
         96:4b:28:5e:69:b9:47:ac:4f:f6:5b:3a:c1:b7:ee:bb:31:23:
         3e:3c:a9:da:8e:63:19:d8:98:c5:38:eb:69:3e:31:92:b5:6d:
         bb:24:90:03:26:bf:08:f7:4c:12:30:10:53:69:7f:9f:fa:c0:
         4e:54:d4:1a:c8:25:44:54:aa:10:5c:39:e1:84:f8:17:c6:2d:
         06:08:a4:ec:37:c7:88:e7:cc:98:c4:a7:13:61:8e:4e:8a:ae:
         fa:21:f9:bc:92:fb:6f:ad:7c:2a:b5:d8:06:41:e3:33:b2:33:
         4c:53:f5:87:e8:c9:8c:af:9d:ab:b3:ef:53:86:5c:3a:06:b4:
         11:9a:7f:4f:49:a9:74:36:c7:da:d1:a1:5d:f3:8c:e8:07:bd:
         70:cc:80:74:be:29:66:3e:f7:7a:74:ac:a8:1b:71:be:0a:01:
         ff:3c:14:49:2d:fa:da:2f:cc:84:73:23:42:f2:b1:d1:c4:27:
         23:dd:7a:42:da:68:6f:8a:b6:b3:b2:4c:57:f4:41:0a:56:98:
         ba:a5:b1:09:85:35:e2:11:ce:77:b9:f1:4f:5b:05:d7:16:cb:
         00:3f:93:9a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO86MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MDEwNzE2WhcNMjcxMjEyMDEwNzE2WjAYMRYw
FAYDVQQDEw02NzZkZmRjOC0zNDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtpGT9JRRlFqj8mgayS9L6D+Tf/kBPXGd3EEdUL97ozzfIF7s1ZzLbrPW
Onr+ECIMYMgkfTKrC9t9+PhMBGb0oAppnhLn6YYMYcCBdCZQ7xDvqlJlTEbfE2Bx
cUZz9MaEk3loGN70OFEfMZOTyPTL927rFiAYlLsJ4WtWWW1NlvxbqLWG9EJeJ4va
EVdCSINVO4cIbMGUWdhWdL6mpOlPTadDzWnR6aoMQFJrIIiSDw/d/wsUJ5J3x3tM
ynCc3QFdgz3LVCmM9Unmqw5p9dqDB7G8398SbJCE4KempO1fmj9FiFt8mOCpKAmE
AH9zC3rvhxk4r+Y4jiyp1I+4/6f5MwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGNE
Km9PyUcq18nCK2hEPEzv+he4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQkM1ODM4NkMzRUUxMUVGQkYzMzY1ODI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcDtMA0GCSqGSIb3DQEBCwUA
A4IBAQC4/6yQsFL1HlQy0+E3foioZBrjwG4Ed+UZ9P8CMvAsUz3uX9GWSyheablH
rE/2WzrBt+67MSM+PKnajmMZ2JjFOOtpPjGStW27JJADJr8I90wSMBBTaX+f+sBO
VNQayCVEVKoQXDnhhPgXxi0GCKTsN8eI58yYxKcTYY5Oiq76Ifm8kvtvrXwqtdgG
QeMzsjNMU/WH6MmMr52rs+9Thlw6BrQRmn9PSal0Nsfa0aFd84zoB71wzIB0vilm
Pvd6dKyoG3G+CgH/PBRJLfraL8yEcyNC8rHRxCcj3XpC2mhvirazskxX9EEKVpi6
pbEJhTXiEc53ufFPWwXXFssAP5Oa
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:53 2025 by rpki-client