Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/4420672409E311EA96ABA96AF8AEA228.roa
File:                     4420672409E311EA96ABA96AF8AEA228.roa (raw, json)
Hash identifier:          jArkwIjE4y/4KInGlITUv6dtXL0KBgpvsiRncTl6KdE=
Subject key identifier:   18:9D:7F:3B:BE:B1:FB:04:15:DE:86:C2:2A:67:9A:C4:D9:67:10:7D
Certificate issuer:       /CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
Certificate serial:       6C
Authority key identifier: 23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/4420672409E311EA96ABA96AF8AEA228.roa
Signing time:             Mon 18 Nov 2019 09:10:30 +0000
ROA not before:           Mon 18 Nov 2019 09:10:25 +0000
ROA not after:            Sat 17 Nov 2029 09:10:25 +0000
asID:                     327687
IP address blocks:        137.63.138.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.mft
                          rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 108 (0x6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
        Validity
            Not Before: Nov 18 09:10:25 2019 GMT
            Not After : Nov 17 09:10:25 2029 GMT
        Subject: CN=5dd26005-bd0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a9:be:8b:9c:3c:87:89:ce:e0:e5:8b:87:d0:
                    52:40:fa:cc:25:8f:90:07:e1:d0:ef:04:0d:63:0f:
                    e2:41:df:62:d4:03:0f:c5:bd:94:9c:6f:c9:2c:be:
                    2d:fa:5e:e0:9d:a3:e4:cc:f7:3d:78:22:e4:b6:a3:
                    f9:e3:00:4f:83:c1:73:2c:c2:6b:93:ac:53:6a:cd:
                    fa:e8:65:da:3f:d3:79:8f:50:d1:87:8e:e5:b8:92:
                    ed:36:12:f1:04:1c:0b:08:2f:8b:05:be:d8:19:17:
                    35:89:40:36:bb:04:f0:ee:ad:f7:fa:cf:d0:3b:e2:
                    0b:6b:2b:b8:c2:5f:0a:dc:ce:93:fa:b8:66:af:a7:
                    09:c0:34:f1:f3:3f:c9:cf:85:99:73:09:9a:2b:ae:
                    e9:c0:d8:eb:64:3b:26:dc:b3:e2:9d:69:00:a5:fe:
                    c8:13:43:36:92:5c:cf:9f:dc:06:11:b2:0b:f7:38:
                    8b:35:80:a3:02:ef:d9:3c:68:d8:90:f4:e4:d9:5f:
                    c7:00:f5:12:68:45:4c:21:01:2f:03:f6:ee:be:02:
                    ee:4d:62:92:21:c3:75:ae:d1:57:03:9e:28:89:4d:
                    10:d9:da:62:ae:89:16:ff:da:ad:53:71:ce:a0:c7:
                    75:c9:d4:20:67:a6:3f:3f:b5:10:55:48:cb:2e:e2:
                    b6:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:9D:7F:3B:BE:B1:FB:04:15:DE:86:C2:2A:67:9A:C4:D9:67:10:7D
            X509v3 Authority Key Identifier:
                keyid:23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/4420672409E311EA96ABA96AF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.63.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:3a:64:71:23:ed:6d:e7:30:1b:2b:1e:4f:78:6a:13:95:95:
         00:6c:5e:d4:b6:9d:6a:d8:b2:f5:b0:bf:54:c5:b4:72:c8:7a:
         cd:ff:b5:95:a1:21:c6:fd:d9:b9:74:d5:2c:f1:a9:82:72:66:
         de:99:b2:5b:ee:00:73:52:fb:84:83:59:38:79:d3:b3:a2:b7:
         5d:60:22:82:8f:99:d9:d7:e1:8d:c4:67:9f:80:19:0e:d4:bc:
         92:15:06:a0:02:fa:8a:c6:68:1a:bf:8c:36:f3:98:6f:1a:97:
         40:54:19:ef:a0:d2:52:13:be:93:d9:a6:3a:68:d4:03:ea:c6:
         e6:e8:4e:47:d3:df:a0:c1:4b:a7:d9:11:64:be:6c:36:1b:56:
         66:c4:da:6a:0d:46:10:f8:79:d8:85:92:41:a1:f2:cb:15:28:
         e5:cd:a3:6a:4d:89:ee:92:ec:ef:56:01:94:52:07:dd:5b:e0:
         8d:39:f4:eb:ed:81:78:45:17:6d:1d:92:80:5d:d7:81:c6:3e:
         d9:e2:8b:93:32:30:30:92:aa:1d:81:3b:ce:3c:92:67:04:33:
         aa:33:94:51:78:ad:19:75:b7:8c:74:81:4d:20:99:40:61:07:
         14:4f:a5:9a:67:ad:b8:aa:82:23:30:20:7a:97:8c:ff:77:9d:
         56:f6:e4:a7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIBbDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjM4RUFSMTEwLwYDVQQFEygyM0U2M0JBNTUxMzY1RkM1OTEyM0E2MzcxMkQ3OTc4
MkFGMTAyOEQxMB4XDTE5MTExODA5MTAyNVoXDTI5MTExNzA5MTAyNVowGDEWMBQG
A1UEAxMNNWRkMjYwMDUtYmQwZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmpvoucPIeJzuDli4fQUkD6zCWPkAfh0O8EDWMP4kHfYtQDD8W9lJxvySy+
Lfpe4J2j5Mz3PXgi5Laj+eMAT4PBcyzCa5OsU2rN+uhl2j/TeY9Q0YeO5biS7TYS
8QQcCwgviwW+2BkXNYlANrsE8O6t9/rP0DviC2sruMJfCtzOk/q4Zq+nCcA08fM/
yc+FmXMJmiuu6cDY62Q7Jtyz4p1pAKX+yBNDNpJcz5/cBhGyC/c4izWAowLv2Txo
2JD05NlfxwD1EmhFTCEBLwP27r4C7k1ikiHDda7RVwOeKIlNENnaYq6JFv/arVNx
zqDHdcnUIGemPz+1EFVIyy7ithkCAwEAAaOCAmswggJnMB0GA1UdDgQWBBQYnX87
vrH7BBXehsIqZ5rE2WcQfTAfBgNVHSMEGDAWgBQj5julUTZfxZEjpjcS15eCrxAo
0TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEyMjgvSS1ZN3BW
RTJYOFdSSTZZM0V0ZVhncThRS05FLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SS1ZN3BWRTJYOFdSSTZZM0V0ZVhncThRS05FLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEy
MjgvNDQyMDY3MjQwOUUzMTFFQTk2QUJBOTZBRjhBRUEyMjgucm9hMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAiT+KMA0GCSqGSIb3DQEBCwUAA4IBAQCLOmRx
I+1t5zAbKx5PeGoTlZUAbF7Utp1q2LL1sL9UxbRyyHrN/7WVoSHG/dm5dNUs8amC
cmbembJb7gBzUvuEg1k4edOzorddYCKCj5nZ1+GNxGefgBkO1LySFQagAvqKxmga
v4w285hvGpdAVBnvoNJSE76T2aY6aNQD6sbm6E5H09+gwUun2RFkvmw2G1ZmxNpq
DUYQ+HnYhZJBofLLFSjlzaNqTYnukuzvVgGUUgfdW+CNOfTr7YF4RRdtHZKAXdeB
xj7Z4ouTMjAwkqodgTvOPJJnBDOqM5RReK0ZdbeMdIFNIJlAYQcUT6WaZ624qoIj
MCB6l4z/d51W9uSn
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:32 2024 by rpki-client on console-ams.rpki-client.org