Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/3D861C4A09E511EA9046486CF8AEA228.roa
File:                     3D861C4A09E511EA9046486CF8AEA228.roa (raw, json)
Hash identifier:          e0Ytr46CzVIdKa30ZCgISpUYB6GxbwwIdCzInnpbYhI=
Subject key identifier:   BB:7E:AF:E8:A6:20:A2:03:0A:F0:F1:BE:5F:5C:47:D0:34:4C:F8:6D
Certificate issuer:       /CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
Certificate serial:       7E
Authority key identifier: 23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/3D861C4A09E511EA9046486CF8AEA228.roa
Signing time:             Mon 18 Nov 2019 09:24:38 +0000
ROA not before:           Mon 18 Nov 2019 09:24:29 +0000
ROA not after:            Sat 17 Nov 2029 09:24:29 +0000
asID:                     327687
IP address blocks:        137.63.167.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.mft
                          rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126 (0x7e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
        Validity
            Not Before: Nov 18 09:24:29 2019 GMT
            Not After : Nov 17 09:24:29 2029 GMT
        Subject: CN=5dd26355-3532
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b9:bc:cd:da:94:39:6a:8e:32:65:3f:bb:6e:
                    95:3c:2e:b9:af:a8:f6:c1:ef:ed:97:d2:50:00:52:
                    30:0c:bd:6d:69:43:3f:f4:d3:2b:78:c1:15:22:ed:
                    b8:ab:77:07:3a:23:0b:16:34:0c:b3:91:e2:63:d1:
                    fb:d2:40:15:b4:ed:f4:82:c9:65:51:5b:dc:83:3d:
                    8b:bf:24:76:ca:46:d4:49:c1:7b:00:21:e2:96:1a:
                    aa:78:4d:86:68:9b:39:d6:cd:11:98:f0:08:66:d2:
                    fc:38:9a:20:c7:76:e3:f4:cf:a1:50:6f:b7:14:a0:
                    b6:81:3f:95:e1:fc:3a:bc:e4:2a:9f:85:e8:d3:64:
                    0f:90:0a:17:74:04:e2:c8:e4:41:a7:68:dd:28:4e:
                    c5:38:e4:81:cb:6c:e4:b1:0b:ef:38:69:2c:57:44:
                    dd:ee:c9:af:31:38:7b:fc:8f:19:a1:01:8c:9e:41:
                    52:5e:68:db:2a:97:0e:22:b8:db:5d:44:4c:57:eb:
                    52:9a:5e:37:3c:f4:97:a0:a5:7c:b7:20:89:6a:f6:
                    b5:cb:23:a5:e4:3d:20:07:dc:a0:74:50:b9:dc:cd:
                    bd:ca:e5:d2:25:de:33:ff:85:27:1b:b6:e0:6d:5f:
                    92:1f:6a:80:35:44:95:a0:1d:6d:6b:16:34:ac:32:
                    e4:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:7E:AF:E8:A6:20:A2:03:0A:F0:F1:BE:5F:5C:47:D0:34:4C:F8:6D
            X509v3 Authority Key Identifier:
                keyid:23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/3D861C4A09E511EA9046486CF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.63.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:70:c3:66:e3:8f:e6:d4:52:d4:19:b4:f2:61:b3:fa:69:f5:
         d5:89:af:0a:04:be:b5:89:0b:ae:74:89:af:29:1f:09:cb:69:
         b5:9e:43:f9:2c:fa:f7:47:bc:31:20:01:25:f0:f4:9c:e0:d2:
         05:a8:db:2c:fe:42:11:4b:35:1f:9d:d2:ec:50:eb:ff:48:93:
         d9:a3:c2:ec:21:30:30:54:b0:23:b8:f0:41:c5:84:bb:0d:ba:
         26:44:8b:64:19:4c:f8:77:55:08:17:f3:b2:fa:37:35:ad:73:
         1b:b7:d2:29:77:20:00:e6:4f:47:a1:a0:3d:2b:84:99:1c:18:
         74:fa:e8:2b:fc:ee:f8:53:b5:80:73:d4:3d:80:ff:76:a3:44:
         58:39:ae:81:e2:35:a3:59:78:3b:b7:db:0e:13:37:bd:22:6e:
         ae:c0:4d:03:02:93:c8:47:79:b5:fd:1f:bf:b1:68:0c:a4:0f:
         6e:66:29:a8:92:0e:ca:6d:42:b8:d8:df:d4:4d:85:eb:c7:75:
         18:fb:ba:1b:a8:07:0d:49:48:63:6a:53:36:04:07:6e:b1:6a:
         92:9e:4c:39:03:5e:2a:fe:e9:a1:42:58:ca:65:32:f1:d2:da:
         b6:d4:c5:f5:8a:ef:da:16:2f:df:2b:35:9e:b9:55:f2:3f:e5:
         eb:09:06:4b
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIBfjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjM4RUFSMTEwLwYDVQQFEygyM0U2M0JBNTUxMzY1RkM1OTEyM0E2MzcxMkQ3OTc4
MkFGMTAyOEQxMB4XDTE5MTExODA5MjQyOVoXDTI5MTExNzA5MjQyOVowGDEWMBQG
A1UEAxMNNWRkMjYzNTUtMzUzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALO5vM3alDlqjjJlP7tulTwuua+o9sHv7ZfSUABSMAy9bWlDP/TTK3jBFSLt
uKt3BzojCxY0DLOR4mPR+9JAFbTt9ILJZVFb3IM9i78kdspG1EnBewAh4pYaqnhN
hmibOdbNEZjwCGbS/DiaIMd24/TPoVBvtxSgtoE/leH8OrzkKp+F6NNkD5AKF3QE
4sjkQado3ShOxTjkgcts5LEL7zhpLFdE3e7JrzE4e/yPGaEBjJ5BUl5o2yqXDiK4
211ETFfrUppeNzz0l6ClfLcgiWr2tcsjpeQ9IAfcoHRQudzNvcrl0iXeM/+FJxu2
4G1fkh9qgDVElaAdbWsWNKwy5KsCAwEAAaOCAmswggJnMB0GA1UdDgQWBBS7fq/o
piCiAwrw8b5fXEfQNEz4bTAfBgNVHSMEGDAWgBQj5julUTZfxZEjpjcS15eCrxAo
0TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEyMjgvSS1ZN3BW
RTJYOFdSSTZZM0V0ZVhncThRS05FLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SS1ZN3BWRTJYOFdSSTZZM0V0ZVhncThRS05FLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEy
MjgvM0Q4NjFDNEEwOUU1MTFFQTkwNDY0ODZDRjhBRUEyMjgucm9hMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAiT+nMA0GCSqGSIb3DQEBCwUAA4IBAQAhcMNm
44/m1FLUGbTyYbP6afXVia8KBL61iQuudImvKR8Jy2m1nkP5LPr3R7wxIAEl8PSc
4NIFqNss/kIRSzUfndLsUOv/SJPZo8LsITAwVLAjuPBBxYS7DbomRItkGUz4d1UI
F/Oy+jc1rXMbt9IpdyAA5k9HoaA9K4SZHBh0+ugr/O74U7WAc9Q9gP92o0RYOa6B
4jWjWXg7t9sOEze9Im6uwE0DApPIR3m1/R+/sWgMpA9uZimokg7KbUK42N/UTYXr
x3UY+7obqAcNSUhjalM2BAdusWqSnkw5A14q/umhQljKZTLx0tq21MX1iu/aFi/f
KzWeuVXyP+XrCQZL
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:32 2024 by rpki-client on console-ams.rpki-client.org