Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EFBABE22C34711EFB13B8567762E951A.roa
File:                     EFBABE22C34711EFB13B8567762E951A.roa (raw, json)
Hash identifier:          cBTBixqXlBeC7HX6BZszRI0C5deaoqy/UbQxlqox/pY=
Subject key identifier:   3C:D4:1E:1E:F4:91:D4:D0:8E:EB:26:E9:32:63:30:27:E2:AE:E3:07
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       EC1B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EFBABE22C34711EFB13B8567762E951A.roa
Signing time:             Thu 26 Dec 2024 05:12:01 +0000
ROA not before:           Thu 26 Dec 2024 05:11:57 +0000
ROA not after:            Wed 10 Dec 2025 05:11:57 +0000
asID:                     984
IP address blocks:        156.245.185.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60443 (0xec1b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Dec 26 05:11:57 2024 GMT
            Not After : Dec 10 05:11:57 2025 GMT
        Subject: CN=676ce5a0-9fe2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:28:6e:88:bd:9a:21:0c:6a:8e:9f:15:e0:00:
                    eb:7f:0e:78:19:52:00:94:12:16:10:eb:d2:ff:64:
                    9a:03:ef:d5:35:a7:4c:47:22:ff:7f:12:a4:66:e8:
                    2c:48:c8:fd:3d:2a:88:25:e4:93:1f:91:33:02:b2:
                    bd:d4:7a:cc:15:a5:22:2c:64:d4:ee:87:61:d1:05:
                    46:13:83:39:33:0a:bb:92:41:d5:a9:61:2f:61:5d:
                    d0:1c:57:d1:31:74:63:b3:c8:27:32:d2:9d:83:f8:
                    ad:55:fc:14:17:1b:78:02:b9:33:fd:0e:d7:42:ac:
                    8f:86:7f:34:10:20:ab:78:89:9c:09:52:1f:ed:eb:
                    77:24:b6:6c:6c:37:44:fd:fc:16:1b:47:af:0e:bf:
                    85:9a:b2:dd:bb:cf:a2:b2:14:06:0b:b7:0b:c7:38:
                    a0:e5:38:c2:9b:5a:3b:b2:45:9d:c7:6e:27:14:dd:
                    40:ba:70:fb:90:2f:6b:7c:b7:de:52:16:a6:bc:01:
                    8c:9c:e0:3a:87:e4:be:c8:54:71:29:33:7a:2f:0c:
                    ae:ad:ca:39:08:d4:d4:43:80:80:7d:c1:bc:96:42:
                    91:38:86:75:21:13:c8:9e:8d:80:93:f9:e5:6c:ad:
                    c9:33:4f:79:59:7b:25:78:7f:7a:5b:2f:3b:a8:70:
                    87:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:D4:1E:1E:F4:91:D4:D0:8E:EB:26:E9:32:63:30:27:E2:AE:E3:07
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EFBABE22C34711EFB13B8567762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.245.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:c5:24:b5:3b:de:b2:ac:0d:19:76:d1:26:39:c1:d4:86:67:
         1b:f6:88:2a:7c:98:8c:b6:0c:3a:97:fc:c4:8d:88:7c:29:24:
         c0:ef:52:92:e3:f5:7d:89:35:f2:f4:a9:68:3b:38:93:93:34:
         22:18:28:91:c1:af:bd:80:12:ee:63:48:48:73:3b:60:26:92:
         9c:09:1c:1e:c1:41:16:3e:2b:dc:9b:ee:52:fd:b6:c6:b9:33:
         88:8f:a6:16:72:ca:f5:48:1c:04:fb:23:d3:76:53:52:d4:ad:
         ac:d5:b0:fe:9a:b7:59:ea:dc:10:fb:47:41:cd:d6:26:e2:fb:
         9a:f2:b1:ad:49:73:35:85:e4:55:97:1d:89:f3:46:c1:e4:d1:
         20:ee:46:f6:ca:4f:e9:16:bd:a3:bc:fa:42:fb:81:5f:c2:3d:
         34:f0:e1:dc:1f:ed:c3:0a:f7:f0:99:a8:7f:20:a3:0c:d6:55:
         75:00:d1:38:4d:49:ad:fc:5f:0b:2a:e2:a4:7a:7a:fb:54:c0:
         3a:74:f2:c9:27:2e:4b:be:24:ad:92:73:fe:37:ee:57:97:d3:
         ef:e5:c0:86:d2:2d:ab:19:f0:3e:a0:14:1c:8c:2f:30:c3:71:
         52:50:dd:0d:0b:b9:d5:23:e3:0a:8f:54:aa:56:69:c0:c7:70:
         b7:6f:f4:a7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOwbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDUxMTU3WhcNMjUxMjEwMDUxMTU3WjAYMRYw
FAYDVQQDEw02NzZjZTVhMC05ZmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzShuiL2aIQxqjp8V4ADrfw54GVIAlBIWEOvS/2SaA+/VNadMRyL/fxKk
ZugsSMj9PSqIJeSTH5EzArK91HrMFaUiLGTU7odh0QVGE4M5Mwq7kkHVqWEvYV3Q
HFfRMXRjs8gnMtKdg/itVfwUFxt4Arkz/Q7XQqyPhn80ECCreImcCVIf7et3JLZs
bDdE/fwWG0evDr+FmrLdu8+ishQGC7cLxzig5TjCm1o7skWdx24nFN1AunD7kC9r
fLfeUhamvAGMnOA6h+S+yFRxKTN6Lwyurco5CNTUQ4CAfcG8lkKROIZ1IRPIno2A
k/nlbK3JM095WXsleH96Wy87qHCHnwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDzU
Hh70kdTQjusm6TJjMCfiruMHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRkJBQkUyMkMzNDcxMUVGQjEzQjg1Njc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPW5MA0GCSqGSIb3DQEBCwUA
A4IBAQBWxSS1O96yrA0ZdtEmOcHUhmcb9ogqfJiMtgw6l/zEjYh8KSTA71KS4/V9
iTXy9KloOziTkzQiGCiRwa+9gBLuY0hIcztgJpKcCRwewUEWPivcm+5S/bbGuTOI
j6YWcsr1SBwE+yPTdlNS1K2s1bD+mrdZ6twQ+0dBzdYm4vua8rGtSXM1heRVlx2J
80bB5NEg7kb2yk/pFr2jvPpC+4Ffwj008OHcH+3DCvfwmah/IKMM1lV1ANE4TUmt
/F8LKuKkenr7VMA6dPLJJy5LviStknP+N+5Xl9Pv5cCG0i2rGfA+oBQcjC8ww3FS
UN0NC7nVI+MKj1SqVmnAx3C3b/Sn
-----END CERTIFICATE-----