Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/353E608A09DE11EA831F9E66F8AEA228.roa
File:                     353E608A09DE11EA831F9E66F8AEA228.roa (raw, json)
Hash identifier:          bmQWKwElZuOg+Eg4v4TVb24EjsjJlUkVEy6hedxtJfg=
Subject key identifier:   A2:5A:E3:AC:96:6D:43:2A:66:01:C7:09:66:DC:BF:98:BB:04:07:04
Certificate issuer:       /CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
Certificate serial:       4C
Authority key identifier: 23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/353E608A09DE11EA831F9E66F8AEA228.roa
Signing time:             Mon 18 Nov 2019 08:34:17 +0000
ROA not before:           Mon 18 Nov 2019 08:34:12 +0000
ROA not after:            Sat 17 Nov 2029 08:34:12 +0000
asID:                     327687
IP address blocks:        137.63.133.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.mft
                          rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 76 (0x4c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
        Validity
            Not Before: Nov 18 08:34:12 2019 GMT
            Not After : Nov 17 08:34:12 2029 GMT
        Subject: CN=5dd25789-8ce8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:6e:20:45:56:2b:8c:38:6a:36:f8:79:83:d7:
                    6b:a4:ae:a5:73:0b:32:56:73:0a:e7:62:f5:61:eb:
                    2c:70:26:41:dc:aa:44:bd:d2:d9:7e:e2:38:95:f9:
                    12:1f:b9:93:d5:c6:70:61:0a:10:d7:a8:36:f4:dd:
                    2f:f4:c1:ee:61:22:de:4d:62:e1:cb:6a:37:48:95:
                    93:db:43:90:69:71:64:a7:64:f8:34:84:65:92:7e:
                    e7:0b:e9:f2:b1:8c:d3:49:0d:25:0e:aa:a2:79:51:
                    9f:ca:3a:f0:d3:42:d8:83:61:7f:50:9b:19:ea:d1:
                    d9:0e:92:61:b1:7e:e6:1d:ef:ed:ba:73:cd:e5:a3:
                    e7:1a:7e:de:80:fd:75:d5:03:c6:40:f7:80:c4:a0:
                    95:ac:96:25:35:c7:82:f6:e0:8c:b5:9c:0f:84:5a:
                    8a:e7:66:04:b6:02:7d:20:2f:b7:bb:1f:b9:09:ef:
                    64:68:66:9a:24:fa:b0:4d:36:50:7d:00:80:fe:e3:
                    6d:1b:dc:dc:f8:c1:9a:94:b6:7b:63:19:35:b6:65:
                    b1:6f:c4:9d:d7:13:f1:35:0e:d8:88:46:4d:01:83:
                    ba:ab:27:9f:14:56:94:67:61:08:97:d0:29:68:50:
                    ac:33:66:80:8b:30:18:84:ae:b0:d1:16:b1:2e:94:
                    8e:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:5A:E3:AC:96:6D:43:2A:66:01:C7:09:66:DC:BF:98:BB:04:07:04
            X509v3 Authority Key Identifier:
                keyid:23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/353E608A09DE11EA831F9E66F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.63.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:a8:37:aa:1f:11:95:07:9d:73:de:f0:70:d1:c3:aa:d4:11:
         5f:07:f1:46:84:ef:7b:43:7d:da:65:9d:63:ee:a8:cb:74:3e:
         ca:71:e1:ac:c8:2a:f6:da:49:7b:e7:f3:64:8e:46:e3:a1:8c:
         b1:3c:70:f2:18:d2:ef:50:47:4d:a7:08:88:83:91:bb:74:e1:
         8e:99:d7:3b:5d:31:41:4e:66:f9:9c:fc:43:b0:18:f5:b5:90:
         4d:7b:20:51:cc:5c:1f:c2:a8:7e:ef:d1:ff:32:c0:51:5e:2d:
         14:fb:02:2f:74:9e:6a:96:e1:96:a1:81:b2:29:68:06:83:db:
         38:54:7f:11:46:7c:8f:63:4b:a1:e1:c8:81:51:a1:fe:28:8c:
         e1:1a:ff:e1:3c:75:d4:f1:de:4b:a3:ac:dc:1b:e7:19:d6:dc:
         ac:34:33:2d:bb:5a:87:e7:ab:e0:07:8c:eb:5b:e0:76:ad:e2:
         3b:97:39:0c:de:ef:d9:b3:17:dc:35:f5:3b:87:dc:59:a1:b2:
         32:37:62:88:53:6f:0f:3c:41:90:89:37:09:72:5d:21:b6:c2:
         4a:5c:85:c9:7d:5e:09:b1:09:b0:de:4b:d1:16:63:25:94:36:
         0f:5c:2e:47:04:44:f4:24:a9:2d:7d:60:81:df:47:92:18:79:
         9a:df:a8:73
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIBTDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjM4RUFSMTEwLwYDVQQFEygyM0U2M0JBNTUxMzY1RkM1OTEyM0E2MzcxMkQ3OTc4
MkFGMTAyOEQxMB4XDTE5MTExODA4MzQxMloXDTI5MTExNzA4MzQxMlowGDEWMBQG
A1UEAxMNNWRkMjU3ODktOGNlODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJuIEVWK4w4ajb4eYPXa6SupXMLMlZzCudi9WHrLHAmQdyqRL3S2X7iOJX5
Eh+5k9XGcGEKENeoNvTdL/TB7mEi3k1i4ctqN0iVk9tDkGlxZKdk+DSEZZJ+5wvp
8rGM00kNJQ6qonlRn8o68NNC2INhf1CbGerR2Q6SYbF+5h3v7bpzzeWj5xp+3oD9
ddUDxkD3gMSglayWJTXHgvbgjLWcD4RaiudmBLYCfSAvt7sfuQnvZGhmmiT6sE02
UH0AgP7jbRvc3PjBmpS2e2MZNbZlsW/EndcT8TUO2IhGTQGDuqsnnxRWlGdhCJfQ
KWhQrDNmgIswGISusNEWsS6UjjECAwEAAaOCAmswggJnMB0GA1UdDgQWBBSiWuOs
lm1DKmYBxwlm3L+YuwQHBDAfBgNVHSMEGDAWgBQj5julUTZfxZEjpjcS15eCrxAo
0TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEyMjgvSS1ZN3BW
RTJYOFdSSTZZM0V0ZVhncThRS05FLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SS1ZN3BWRTJYOFdSSTZZM0V0ZVhncThRS05FLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEy
MjgvMzUzRTYwOEEwOURFMTFFQTgzMUY5RTY2RjhBRUEyMjgucm9hMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAiT+FMA0GCSqGSIb3DQEBCwUAA4IBAQBcqDeq
HxGVB51z3vBw0cOq1BFfB/FGhO97Q33aZZ1j7qjLdD7KceGsyCr22kl75/Nkjkbj
oYyxPHDyGNLvUEdNpwiIg5G7dOGOmdc7XTFBTmb5nPxDsBj1tZBNeyBRzFwfwqh+
79H/MsBRXi0U+wIvdJ5qluGWoYGyKWgGg9s4VH8RRnyPY0uh4ciBUaH+KIzhGv/h
PHXU8d5Lo6zcG+cZ1tysNDMtu1qH56vgB4zrW+B2reI7lzkM3u/ZsxfcNfU7h9xZ
obIyN2KIU28PPEGQiTcJcl0htsJKXIXJfV4JsQmw3kvRFmMllDYPXC5HBET0JKkt
fWCB30eSGHma36hz
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:52 2024 by rpki-client on console-fra.rpki-client.org