Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BA96C5267C111F0800093ADDAE4EC9C.roa
File:                     8BA96C5267C111F0800093ADDAE4EC9C.roa (raw, json)
Hash identifier:          A+D4zlxHynhAi0Shh4B78PDDLUbhxPgxKVcvlQO1Q38=
Subject key identifier:   6C:B9:BF:5C:4C:A3:C2:53:0F:9C:FE:7D:55:00:DB:8F:B2:51:08:61
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       0166F0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BA96C5267C111F0800093ADDAE4EC9C.roa
Signing time:             Wed 23 Jul 2025 12:35:42 +0000
ROA not before:           Wed 23 Jul 2025 12:35:37 +0000
ROA not after:            Tue 09 Sep 2025 12:35:37 +0000
asID:                     138915
IP address blocks:        156.244.23.0/24 maxlen: 24
                          156.244.24.0/24 maxlen: 24
                          156.244.36.0/24 maxlen: 24
                          156.244.39.0/24 maxlen: 24
                          156.244.40.0/24 maxlen: 24
                          156.244.41.0/24 maxlen: 24
                          156.244.42.0/24 maxlen: 24
                          156.244.43.0/24 maxlen: 24
                          156.244.44.0/24 maxlen: 24
                          156.244.45.0/24 maxlen: 24
                          156.244.46.0/24 maxlen: 24
                          156.244.47.0/24 maxlen: 24
                          156.244.48.0/24 maxlen: 24
                          156.244.49.0/24 maxlen: 24
                          156.244.50.0/24 maxlen: 24
                          156.244.51.0/24 maxlen: 24
                          156.244.52.0/24 maxlen: 24
                          156.244.53.0/24 maxlen: 24
                          156.244.56.0/23 maxlen: 24
                          156.244.58.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 06 Aug 2025 00:26:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 91888 (0x166f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jul 23 12:35:37 2025 GMT
            Not After : Sep  9 12:35:37 2025 GMT
        Subject: CN=6880d71e-7735
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e3:64:38:50:00:eb:1a:15:d2:02:cd:cb:ca:
                    6a:de:8d:32:4a:0e:f1:c9:3a:36:fd:7f:15:61:26:
                    f0:26:64:3e:82:67:5f:83:c5:bb:f6:15:9d:e9:56:
                    a9:24:c3:bb:1e:18:dd:90:b2:c6:13:59:8c:c6:f1:
                    7e:93:0f:b1:02:df:f8:01:94:31:18:8e:8f:34:82:
                    fa:3f:ca:fc:04:19:0b:68:ca:ad:80:2e:08:73:b3:
                    2d:40:2b:9d:99:ec:95:d2:e3:8b:3e:4b:29:7e:13:
                    ca:62:02:62:34:98:6c:6e:75:9b:e6:5f:50:81:83:
                    a6:06:e3:84:8c:e6:84:cf:72:de:f6:1c:e0:c1:5c:
                    75:d3:f8:b5:9d:e6:67:45:81:ca:9a:fe:27:e7:51:
                    6d:86:57:ba:a5:5e:be:6f:51:80:69:77:e7:ef:81:
                    60:37:36:06:f3:ff:0c:32:8c:61:b5:88:71:dc:b6:
                    91:22:90:86:f1:9a:9e:1d:e1:95:65:82:d2:6c:b5:
                    d6:ce:a6:5f:88:ef:d3:76:77:c6:38:f0:39:f8:80:
                    35:bb:b6:c3:b2:85:78:74:68:4e:6a:d2:b2:c1:95:
                    a1:1f:c0:23:3b:79:52:a8:d3:63:cd:dd:64:dc:c2:
                    8f:05:aa:8d:90:e4:02:3b:30:29:1b:99:2d:26:ae:
                    10:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:B9:BF:5C:4C:A3:C2:53:0F:9C:FE:7D:55:00:DB:8F:B2:51:08:61
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BA96C5267C111F0800093ADDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.244.23.0-156.244.24.255
                  156.244.36.0/24
                  156.244.39.0-156.244.53.255
                  156.244.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:6c:76:11:f7:94:29:c1:82:da:ea:a1:2c:9a:88:7e:48:1f:
         3e:06:25:b9:0f:89:98:ea:1d:2d:9e:ef:7b:57:0f:0d:30:76:
         19:ef:bb:a9:0e:73:10:93:fa:38:0e:23:3a:2d:cd:d1:26:3f:
         ec:ca:62:98:2e:a3:16:14:44:4d:34:01:6d:8a:6e:c0:e2:29:
         07:9d:59:bc:28:7c:89:56:5c:53:3e:2f:be:15:9c:a5:a8:2e:
         0e:c9:d0:db:ec:50:33:ad:93:d3:1a:1e:16:34:0c:0b:13:e3:
         d7:a3:14:40:9e:c5:99:05:0b:f3:e2:64:6c:0f:b0:1e:a2:10:
         ba:b5:ba:14:a6:ab:8d:8d:12:6f:ee:d9:54:86:e6:45:59:e5:
         11:c1:3b:7b:f3:89:ed:00:ea:8e:e2:b9:24:37:84:59:19:c9:
         32:4e:b4:38:f2:e4:fb:24:76:3c:27:1a:e8:af:e4:5e:1d:ca:
         89:ea:00:d0:79:13:4d:1f:8b:c9:ec:c7:c3:54:30:66:97:3b:
         bb:ec:be:df:fc:73:7a:1f:88:dc:f6:60:8d:88:89:be:de:c1:
         8f:f1:7b:03:69:e7:b1:c6:16:34:71:95:22:5a:3a:14:e8:4e:
         d7:4e:26:e3:87:ee:13:ae:d9:96:38:70:7a:f3:bc:ca:b4:6a:
         3a:72:ab:6d
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgIDAWbwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIzMTIzNTM3WhcNMjUwOTA5MTIzNTM3WjAYMRYw
FAYDVQQDEw02ODgwZDcxZS03NzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo+NkOFAA6xoV0gLNy8pq3o0ySg7xyTo2/X8VYSbwJmQ+gmdfg8W79hWd
6VapJMO7HhjdkLLGE1mMxvF+kw+xAt/4AZQxGI6PNIL6P8r8BBkLaMqtgC4Ic7Mt
QCudmeyV0uOLPkspfhPKYgJiNJhsbnWb5l9QgYOmBuOEjOaEz3Le9hzgwVx10/i1
neZnRYHKmv4n51Fthle6pV6+b1GAaXfn74FgNzYG8/8MMoxhtYhx3LaRIpCG8Zqe
HeGVZYLSbLXWzqZfiO/TdnfGOPA5+IA1u7bDsoV4dGhOatKywZWhH8AjO3lSqNNj
zd1k3MKPBaqNkOQCOzApG5ktJq4QnwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFGy5
v1xMo8JTD5z+fVUA24+yUQhhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QkE5NkM1MjY3QzExMUYwODAwMDkzQUREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBACc9BcDBACc9BgDBACc9CQw
DAMEAJz0JwMEAZz0NAMEApz0ODANBgkqhkiG9w0BAQsFAAOCAQEAUGx2EfeUKcGC
2uqhLJqIfkgfPgYluQ+JmOodLZ7ve1cPDTB2Ge+7qQ5zEJP6OA4jOi3N0SY/7Mpi
mC6jFhRETTQBbYpuwOIpB51ZvCh8iVZcUz4vvhWcpaguDsnQ2+xQM62T0xoeFjQM
CxPj16MUQJ7FmQUL8+JkbA+wHqIQurW6FKarjY0Sb+7ZVIbmRVnlEcE7e/OJ7QDq
juK5JDeEWRnJMk60OPLk+yR2PCca6K/kXh3KieoA0HkTTR+LyezHw1QwZpc7u+y+
3/xzeh+I3PZgjYiJvt7Bj/F7A2nnscYWNHGVIlo6FOhO104m44fuE67ZljhwevO8
yrRqOnKrbQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:15:56 2025 by rpki-client