Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EEF93F541CF711F0873333C6DAE4EC9C.roa
File:                     EEF93F541CF711F0873333C6DAE4EC9C.roa (raw, json)
Hash identifier:          y7C7YBPzopEF6KJNaCt1XoYu2kt0WbRjNQDdgPOx+DU=
Subject key identifier:   24:00:E1:2D:BC:17:FE:79:4F:04:1C:A8:23:70:27:D0:60:C7:D0:59
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       014D70
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EEF93F541CF711F0873333C6DAE4EC9C.roa
Signing time:             Sat 19 Apr 2025 08:26:04 +0000
ROA not before:           Sat 19 Apr 2025 08:26:00 +0000
ROA not after:            Sun 25 May 2025 08:26:00 +0000
asID:                     214590
IP address blocks:        156.225.73.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 26 Apr 2025 00:26:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85360 (0x14d70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 19 08:26:00 2025 GMT
            Not After : May 25 08:26:00 2025 GMT
        Subject: CN=68035e1c-3db2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:46:cb:86:6d:e4:00:04:e4:de:d5:29:e7:20:
                    e7:e0:d3:82:9c:21:70:2f:14:93:8e:36:40:c7:ca:
                    0b:a8:de:42:0d:b1:59:31:61:d9:bd:bf:f8:1d:6e:
                    2e:c9:e5:95:61:0a:97:d7:53:ff:7a:1a:1d:51:58:
                    70:68:ba:2e:7b:2d:3e:6c:b6:1d:19:97:c1:42:59:
                    87:fa:5a:eb:ac:9a:40:e3:8a:b0:5a:f1:6b:01:94:
                    a6:68:64:f2:88:38:1b:ba:d5:ae:ff:a7:1d:eb:f2:
                    a7:1e:88:b2:69:0e:71:9f:bc:6d:67:07:c8:71:44:
                    e7:c0:36:1a:c4:a7:c6:74:2f:a2:ee:95:9e:63:25:
                    61:69:93:72:ce:c2:99:ec:02:67:36:20:45:e4:43:
                    08:1b:1b:fc:d8:bc:44:ad:8f:50:48:2d:83:d7:0f:
                    75:16:67:b5:4f:45:e9:db:98:8c:ed:ca:98:cd:5b:
                    00:2c:06:0c:5d:94:a6:41:c1:32:6e:c2:bf:3e:ab:
                    6f:0b:58:c1:38:59:fe:ad:d1:5c:86:25:c0:06:e1:
                    c3:35:5b:8c:ee:73:31:2f:ad:08:82:10:92:29:ad:
                    65:d7:cf:82:b3:8f:fd:08:61:e8:5b:d7:0c:7d:a6:
                    d1:aa:75:c2:bc:01:c3:f1:18:b5:be:35:50:00:29:
                    1b:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:00:E1:2D:BC:17:FE:79:4F:04:1C:A8:23:70:27:D0:60:C7:D0:59
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EEF93F541CF711F0873333C6DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.225.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:21:ab:71:c9:fb:34:9c:3b:cc:d8:d9:6b:3d:e8:29:af:35:
         27:d8:d1:d0:5e:18:43:2e:aa:cc:4f:a1:06:c0:da:ba:19:25:
         0c:28:37:f8:c0:14:85:df:d2:f0:19:a4:c6:69:4a:8e:81:0e:
         e4:fd:04:d0:d0:a1:85:86:55:0e:92:bb:d9:9f:86:e8:af:b7:
         13:d4:da:c8:60:43:45:a8:c1:8c:56:b4:36:fa:d6:07:25:30:
         ab:e4:e9:8e:69:f8:17:55:f6:3f:ae:64:22:1a:b1:1f:29:5c:
         70:c4:92:ea:e2:0b:8b:01:d9:e7:aa:d3:f2:cc:38:75:c5:f4:
         c2:f6:ff:be:3a:d9:df:32:d0:89:bd:6c:fd:1c:cb:79:20:f0:
         0a:89:9a:1c:75:dc:2c:c1:5e:ce:93:6a:4b:e9:ac:2b:b8:64:
         de:5f:d5:cb:24:1d:62:22:31:a5:b3:25:70:f2:4d:2f:ec:d3:
         32:ff:21:89:63:9b:9e:f3:f6:f2:fd:d4:d4:03:28:75:1a:29:
         e7:b3:2f:1a:c3:07:11:6a:fb:a0:9e:84:9b:d0:8a:69:5a:57:
         3a:2f:a1:31:08:d9:1f:6b:8d:c7:9e:b7:10:3f:f8:52:9b:2d:
         0b:18:d9:29:49:fb:3c:bf:5b:d7:22:5b:b7:2e:d0:d7:69:30:
         25:49:60:81
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAU1wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE5MDgyNjAwWhcNMjUwNTI1MDgyNjAwWjAYMRYw
FAYDVQQDEw02ODAzNWUxYy0zZGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq0bLhm3kAATk3tUp5yDn4NOCnCFwLxSTjjZAx8oLqN5CDbFZMWHZvb/4
HW4uyeWVYQqX11P/ehodUVhwaLouey0+bLYdGZfBQlmH+lrrrJpA44qwWvFrAZSm
aGTyiDgbutWu/6cd6/KnHoiyaQ5xn7xtZwfIcUTnwDYaxKfGdC+i7pWeYyVhaZNy
zsKZ7AJnNiBF5EMIGxv82LxErY9QSC2D1w91Fme1T0Xp25iM7cqYzVsALAYMXZSm
QcEybsK/PqtvC1jBOFn+rdFchiXABuHDNVuM7nMxL60IghCSKa1l18+Cs4/9CGHo
W9cMfabRqnXCvAHD8Ri1vjVQACkb/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCQA
4S28F/55TwQcqCNwJ9Bgx9BZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRUY5M0Y1NDFDRjcxMUYwODczMzMzQzZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOFJMA0GCSqGSIb3DQEBCwUA
A4IBAQByIatxyfs0nDvM2NlrPegprzUn2NHQXhhDLqrMT6EGwNq6GSUMKDf4wBSF
39LwGaTGaUqOgQ7k/QTQ0KGFhlUOkrvZn4bor7cT1NrIYENFqMGMVrQ2+tYHJTCr
5OmOafgXVfY/rmQiGrEfKVxwxJLq4guLAdnnqtPyzDh1xfTC9v++OtnfMtCJvWz9
HMt5IPAKiZocddwswV7Ok2pL6awruGTeX9XLJB1iIjGlsyVw8k0v7NMy/yGJY5ue
8/by/dTUAyh1Ginnsy8awwcRavugnoSb0IppWlc6L6ExCNkfa43HnrcQP/hSmy0L
GNkpSfs8v1vXIlu3LtDXaTAlSWCB
-----END CERTIFICATE-----