Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/38BE6FD609E111EAA6CF1569F8AEA228.roa
File:                     38BE6FD609E111EAA6CF1569F8AEA228.roa (raw, json)
Hash identifier:          rXLBXu9JDdTJflms6/elAnDzcWnNcdhacI3p1tIpoTs=
Subject key identifier:   F8:87:A0:DF:F9:A3:64:EC:F3:0B:AC:45:EB:CC:28:0F:9F:03:16:FF
Certificate issuer:       /CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
Certificate serial:       66
Authority key identifier: 23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/38BE6FD609E111EAA6CF1569F8AEA228.roa
Signing time:             Mon 18 Nov 2019 08:55:51 +0000
ROA not before:           Mon 18 Nov 2019 08:55:47 +0000
ROA not after:            Sat 17 Nov 2029 08:55:47 +0000
asID:                     327687
IP address blocks:        137.63.157.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.mft
                          rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102 (0x66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
        Validity
            Not Before: Nov 18 08:55:47 2019 GMT
            Not After : Nov 17 08:55:47 2029 GMT
        Subject: CN=5dd25c97-83f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:01:f3:cc:e8:8b:4e:62:7b:40:dc:db:6e:a7:
                    03:a0:0b:e9:12:96:ba:a5:61:82:24:94:a0:2a:a7:
                    93:11:9c:f4:13:4b:9d:dd:1f:59:0c:5e:82:c5:37:
                    73:67:ec:8b:fa:bc:b2:c4:22:57:d5:07:81:10:a6:
                    58:2f:05:bc:49:89:7f:77:77:f8:4f:a8:19:a7:d8:
                    c3:98:91:b7:84:88:e5:e0:14:37:cb:ae:3a:9b:cb:
                    14:9e:27:88:33:09:0c:54:46:4f:bf:d8:a3:c3:0a:
                    5b:d3:c6:1d:67:e0:a5:ec:e8:0b:b1:44:0f:dc:1d:
                    f2:db:ec:25:6f:4a:d0:dd:ae:5c:e4:63:1a:ec:4c:
                    dc:77:58:30:11:17:35:77:86:f4:34:8d:54:3d:86:
                    6e:d3:bf:8d:f8:5c:b7:ef:33:3b:a2:a8:6f:c0:89:
                    ea:02:e3:da:bf:22:66:0f:08:9d:57:8a:51:c0:e1:
                    4e:f3:d6:fb:66:5c:ba:aa:dd:d1:04:1a:c0:8f:67:
                    4c:c1:d9:5e:29:0b:eb:88:72:91:c2:3a:80:57:12:
                    de:52:24:64:c3:db:77:fb:d1:b4:4e:35:42:08:39:
                    66:93:f0:71:12:e9:0f:21:fe:85:cd:93:ba:1a:bf:
                    73:3d:bc:bd:93:2d:aa:be:db:be:23:2b:39:f6:6c:
                    ed:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:87:A0:DF:F9:A3:64:EC:F3:0B:AC:45:EB:CC:28:0F:9F:03:16:FF
            X509v3 Authority Key Identifier:
                keyid:23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/38BE6FD609E111EAA6CF1569F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.63.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:49:68:79:e8:f0:f3:ec:0d:9d:0f:18:d1:4b:cf:55:92:ff:
         4a:37:f7:22:e1:5f:2f:aa:9d:24:d6:25:c9:5e:3b:2a:3f:1b:
         2c:c2:a8:5e:d4:bb:75:76:75:f6:46:10:bd:98:a4:87:82:87:
         03:98:62:96:e5:16:36:19:45:0f:38:4f:e8:53:7c:3c:f2:54:
         e3:c4:2c:4e:12:58:ef:85:94:2c:34:a6:62:fd:a2:18:ee:44:
         85:e3:2c:9e:2a:20:f9:c9:a9:b4:6c:ae:ba:c1:60:00:1c:28:
         23:7a:75:0d:14:a4:da:ed:06:1a:55:70:22:90:5a:fd:76:f9:
         0e:0a:ae:58:e0:ba:2e:cb:a6:7d:fc:0a:4d:c9:a5:d7:0c:41:
         02:c1:93:a4:ee:b6:ec:a1:e6:11:d8:ad:3b:7b:f5:16:94:be:
         57:b5:a0:de:49:29:8b:ec:b6:9f:a8:2d:17:aa:43:a0:43:99:
         41:c7:e5:e1:c2:92:3b:6a:f4:e6:ca:d8:b5:46:73:79:5b:30:
         84:64:49:02:10:b7:f3:9a:61:f7:03:9b:6f:ca:94:7f:89:cd:
         fc:8f:a2:93:96:2b:08:83:b3:cd:6a:dc:89:06:b6:55:cb:15:
         99:7a:24:c5:9a:46:e0:27:af:5e:22:fa:29:20:86:1d:4d:9a:
         2d:a2:55:71
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIBZjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjM4RUFSMTEwLwYDVQQFEygyM0U2M0JBNTUxMzY1RkM1OTEyM0E2MzcxMkQ3OTc4
MkFGMTAyOEQxMB4XDTE5MTExODA4NTU0N1oXDTI5MTExNzA4NTU0N1owGDEWMBQG
A1UEAxMNNWRkMjVjOTctODNmOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEB88zoi05ie0Dc226nA6AL6RKWuqVhgiSUoCqnkxGc9BNLnd0fWQxegsU3
c2fsi/q8ssQiV9UHgRCmWC8FvEmJf3d3+E+oGafYw5iRt4SI5eAUN8uuOpvLFJ4n
iDMJDFRGT7/Yo8MKW9PGHWfgpezoC7FED9wd8tvsJW9K0N2uXORjGuxM3HdYMBEX
NXeG9DSNVD2GbtO/jfhct+8zO6Kob8CJ6gLj2r8iZg8InVeKUcDhTvPW+2Zcuqrd
0QQawI9nTMHZXikL64hykcI6gFcS3lIkZMPbd/vRtE41Qgg5ZpPwcRLpDyH+hc2T
uhq/cz28vZMtqr7bviMrOfZs7WcCAwEAAaOCAmswggJnMB0GA1UdDgQWBBT4h6Df
+aNk7PMLrEXrzCgPnwMW/zAfBgNVHSMEGDAWgBQj5julUTZfxZEjpjcS15eCrxAo
0TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEyMjgvSS1ZN3BW
RTJYOFdSSTZZM0V0ZVhncThRS05FLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SS1ZN3BWRTJYOFdSSTZZM0V0ZVhncThRS05FLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEy
MjgvMzhCRTZGRDYwOUUxMTFFQUE2Q0YxNTY5RjhBRUEyMjgucm9hMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAiT+dMA0GCSqGSIb3DQEBCwUAA4IBAQBKSWh5
6PDz7A2dDxjRS89Vkv9KN/ci4V8vqp0k1iXJXjsqPxsswqhe1Lt1dnX2RhC9mKSH
gocDmGKW5RY2GUUPOE/oU3w88lTjxCxOEljvhZQsNKZi/aIY7kSF4yyeKiD5yam0
bK66wWAAHCgjenUNFKTa7QYaVXAikFr9dvkOCq5Y4Louy6Z9/ApNyaXXDEECwZOk
7rbsoeYR2K07e/UWlL5XtaDeSSmL7LafqC0XqkOgQ5lBx+XhwpI7avTmyti1RnN5
WzCEZEkCELfzmmH3A5tvypR/ic38j6KTlisIg7PNatyJBrZVyxWZeiTFmkbgJ69e
IvopIIYdTZotolVx
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:52 2024 by rpki-client on console-fra.rpki-client.org