Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09BE8C12452111F0A185DAD2DAE4EC9C.roa
File:                     09BE8C12452111F0A185DAD2DAE4EC9C.roa (raw, json)
Hash identifier:          yB72gcP8ogz7lP5z5Q9I6Kd7jDayGEP1gbFbOVNfT88=
Subject key identifier:   9E:9A:35:FE:7B:12:0E:D3:F0:00:25:DA:37:5A:B7:97:A8:A2:16:68
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       015A87
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09BE8C12452111F0A185DAD2DAE4EC9C.roa
Signing time:             Mon 09 Jun 2025 11:01:05 +0000
ROA not before:           Mon 09 Jun 2025 11:01:00 +0000
ROA not after:            Tue 11 Nov 2025 11:01:00 +0000
asID:                     210110
IP address blocks:        156.224.30.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 02 Jul 2025 00:26:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 88711 (0x15a87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jun  9 11:01:00 2025 GMT
            Not After : Nov 11 11:01:00 2025 GMT
        Subject: CN=6846bef1-3397
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:6e:74:89:72:d2:70:6b:24:18:36:20:b6:3c:
                    48:f8:81:cf:97:03:b0:10:10:f2:a8:a0:4f:0b:25:
                    90:2e:f4:94:7a:7a:86:63:67:6d:34:46:c3:d5:32:
                    f8:bd:90:15:4f:5c:58:cd:3f:d9:a1:ba:98:55:0c:
                    b4:0a:13:11:ab:ac:8b:86:d3:81:10:76:6a:25:68:
                    a2:37:63:65:2d:d9:a1:5f:a1:c8:ad:a5:52:06:a4:
                    15:4e:02:09:bb:2d:e2:0d:9e:ba:2e:22:e8:65:19:
                    7d:17:66:f7:45:30:20:99:07:f2:dd:26:dd:19:0d:
                    c2:57:e6:1d:2c:22:32:10:ab:3a:2e:31:d8:a9:da:
                    06:a3:40:30:27:fa:db:f3:5a:bf:92:e6:f9:80:7e:
                    82:0e:64:ab:c7:0e:b9:d8:53:e3:94:7a:a3:37:85:
                    b7:22:c7:f7:47:d8:53:b4:c0:a5:19:ca:05:ab:bb:
                    0a:93:45:4b:cf:b0:e1:1f:7b:94:94:ff:3e:a6:cf:
                    83:d6:12:b0:ed:a0:92:c7:1e:4e:55:f1:cf:dc:d3:
                    35:d5:5b:1e:14:09:a5:f1:c0:61:3e:31:12:01:67:
                    63:cf:a1:b9:8d:81:e2:59:b1:fb:fa:6c:b7:7f:ae:
                    e7:cf:af:50:ab:e8:ab:3a:32:4a:f9:32:76:36:37:
                    a7:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:9A:35:FE:7B:12:0E:D3:F0:00:25:DA:37:5A:B7:97:A8:A2:16:68
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09BE8C12452111F0A185DAD2DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.224.30.0/23

    Signature Algorithm: sha256WithRSAEncryption
         25:c1:42:3a:c7:70:7e:06:09:b3:55:9c:52:60:90:21:8d:ea:
         75:c0:f2:e2:c9:59:6a:81:13:e7:6e:f2:f4:bc:28:d0:0d:57:
         d2:46:a9:0d:d4:ce:f2:94:ea:e1:10:9a:c0:3b:b5:40:87:e5:
         45:f4:54:68:c8:a0:8d:bb:3b:17:1d:16:43:e1:76:de:da:6d:
         1d:17:ba:5b:3a:4d:7d:a4:30:a6:3a:20:61:15:39:78:99:51:
         53:73:15:b5:02:72:12:7e:3c:f5:92:1b:2c:fc:80:b5:73:21:
         f6:92:67:83:39:90:50:99:34:ed:b7:b4:3e:cb:a8:b1:64:be:
         be:cb:5f:58:34:08:27:68:d0:01:52:d2:90:86:76:11:d2:75:
         fd:a8:93:bb:39:c0:b3:7b:f5:05:48:b6:b3:1b:20:39:45:8d:
         fe:cd:d8:63:e8:a7:82:29:de:65:0d:62:3c:c1:eb:f7:59:02:
         97:e7:57:cd:39:6c:27:91:38:c0:1f:cb:ef:59:cc:9e:2b:41:
         28:52:11:7b:4b:de:0d:7d:16:c8:b8:69:2b:66:4e:3a:0c:d4:
         fa:0f:a3:f3:2a:4b:c9:41:a8:67:66:8a:a2:b0:5a:95:ae:17:
         6d:61:2c:5c:b7:ff:e8:d1:5b:41:c7:c5:94:82:43:70:b7:dc:
         49:bd:dc:99
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVqHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA5MTEwMTAwWhcNMjUxMTExMTEwMTAwWjAYMRYw
FAYDVQQDEw02ODQ2YmVmMS0zMzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6W50iXLScGskGDYgtjxI+IHPlwOwEBDyqKBPCyWQLvSUenqGY2dtNEbD
1TL4vZAVT1xYzT/ZobqYVQy0ChMRq6yLhtOBEHZqJWiiN2NlLdmhX6HIraVSBqQV
TgIJuy3iDZ66LiLoZRl9F2b3RTAgmQfy3SbdGQ3CV+YdLCIyEKs6LjHYqdoGo0Aw
J/rb81q/kub5gH6CDmSrxw652FPjlHqjN4W3Isf3R9hTtMClGcoFq7sKk0VLz7Dh
H3uUlP8+ps+D1hKw7aCSxx5OVfHP3NM11VseFAml8cBhPjESAWdjz6G5jYHiWbH7
+my3f67nz69Qq+irOjJK+TJ2NjenSQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ6a
Nf57Eg7T8AAl2jdat5eoohZoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wOUJFOEMxMjQ1MjExMUYwQTE4NURBRDJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOAeMA0GCSqGSIb3DQEBCwUA
A4IBAQAlwUI6x3B+BgmzVZxSYJAhjep1wPLiyVlqgRPnbvL0vCjQDVfSRqkN1M7y
lOrhEJrAO7VAh+VF9FRoyKCNuzsXHRZD4Xbe2m0dF7pbOk19pDCmOiBhFTl4mVFT
cxW1AnISfjz1khss/IC1cyH2kmeDOZBQmTTtt7Q+y6ixZL6+y19YNAgnaNABUtKQ
hnYR0nX9qJO7OcCze/UFSLazGyA5RY3+zdhj6KeCKd5lDWI8wev3WQKX51fNOWwn
kTjAH8vvWcyeK0EoUhF7S94NfRbIuGkrZk46DNT6D6PzKkvJQahnZoqisFqVrhdt
YSxct//o0VtBx8WUgkNwt9xJvdyZ
-----END CERTIFICATE-----