Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/9E08AE8409DB11EA83298264F8AEA228.roa
File:                     9E08AE8409DB11EA83298264F8AEA228.roa (raw, json)
Hash identifier:          6809cUJBFwZKmKhL9GUSkBUOZyHPswwn/Hhe2oSj9sM=
Subject key identifier:   2F:FD:72:96:59:52:16:60:C9:EC:EA:CF:10:2E:48:03:45:41:97:C2
Certificate issuer:       /CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
Certificate serial:       38
Authority key identifier: 23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/9E08AE8409DB11EA83298264F8AEA228.roa
Signing time:             Mon 18 Nov 2019 08:15:44 +0000
ROA not before:           Mon 18 Nov 2019 08:15:39 +0000
ROA not after:            Sat 17 Nov 2029 08:15:39 +0000
asID:                     327687
IP address blocks:        137.63.128.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.mft
                          rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56 (0x38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
        Validity
            Not Before: Nov 18 08:15:39 2019 GMT
            Not After : Nov 17 08:15:39 2029 GMT
        Subject: CN=5dd25330-e215
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:d3:a9:4e:d8:61:58:ac:78:3c:86:1d:43:e9:
                    a3:39:76:46:f4:08:5a:c6:32:9f:f0:fa:61:fc:62:
                    71:1e:df:ee:b3:28:87:16:fd:52:2c:a3:ae:99:de:
                    46:db:dd:7e:23:da:61:12:92:e2:3e:01:f2:08:a2:
                    39:ec:bb:87:39:ce:bb:75:be:f0:02:1a:1c:56:23:
                    c3:60:42:27:19:64:b8:fe:e2:da:9e:d7:4b:e6:cb:
                    54:27:a9:5f:fd:b5:fc:ef:bb:ca:0b:aa:41:ff:3c:
                    bd:b7:3c:ea:59:4d:44:c9:21:c1:f1:80:61:6a:34:
                    40:1a:c6:2a:af:68:bd:4d:39:4c:91:0b:53:b3:86:
                    3b:37:90:aa:05:7f:f9:6d:fa:0b:f3:2c:69:bc:9b:
                    5b:92:5d:53:02:10:fe:5b:e1:ee:a8:ef:5c:ba:cc:
                    b4:97:9d:a5:44:34:61:70:fb:72:2d:9b:69:59:5c:
                    18:59:d5:4e:22:a5:90:35:0e:b3:37:17:2f:11:17:
                    52:d0:16:a7:34:95:f2:b8:3d:13:94:b7:f2:4e:79:
                    12:b0:75:18:63:eb:8a:8c:0c:5a:4f:c5:da:ac:07:
                    66:1a:7d:2a:f0:2b:cb:69:2b:e1:ac:3f:32:78:47:
                    b0:68:47:80:9f:03:62:3d:51:c8:50:3d:c6:dc:df:
                    65:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:FD:72:96:59:52:16:60:C9:EC:EA:CF:10:2E:48:03:45:41:97:C2
            X509v3 Authority Key Identifier:
                keyid:23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/9E08AE8409DB11EA83298264F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.63.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:0b:b4:ca:4c:12:8f:92:38:3d:ac:71:d3:fc:c5:ab:ae:20:
         02:82:1b:a6:22:e2:6d:60:c4:f2:da:ba:0e:5d:56:b0:10:c9:
         be:87:a4:16:c2:76:73:1a:01:6d:81:a6:10:aa:d7:44:40:a8:
         c9:6a:12:7f:cd:8c:95:63:5b:a1:68:15:a9:06:73:43:15:4d:
         61:c2:e9:a1:d9:fb:0f:95:8b:95:ac:91:c2:c5:70:8f:1d:c3:
         3f:4e:19:80:92:dc:fa:72:84:0b:57:79:2a:87:e7:d1:64:ea:
         5a:4d:eb:83:59:6a:e8:af:c0:e8:ea:6e:65:4a:a8:54:c8:19:
         02:a8:21:b0:21:a8:f2:e5:c9:1f:68:03:78:bf:06:8b:a7:d2:
         49:c1:91:69:b7:19:04:a3:82:f0:34:5e:f8:bd:c5:41:98:9f:
         c8:83:03:c1:57:48:e5:e2:c7:d0:af:6b:4b:9e:b1:5e:9d:10:
         0e:32:51:5b:78:39:9e:22:0e:2c:e0:ca:0e:7e:c1:a4:47:5e:
         ee:2a:71:c7:3c:be:43:68:88:cd:2e:80:2b:26:62:f7:d2:51:
         02:f0:f9:16:f5:51:a0:9a:b5:e2:42:62:a4:00:4b:4e:cc:72:
         c7:ba:79:ea:78:9e:17:f2:ae:dd:49:e2:c5:bc:ed:cc:a7:95:
         db:cc:a7:98
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIBODANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjM4RUFSMTEwLwYDVQQFEygyM0U2M0JBNTUxMzY1RkM1OTEyM0E2MzcxMkQ3OTc4
MkFGMTAyOEQxMB4XDTE5MTExODA4MTUzOVoXDTI5MTExNzA4MTUzOVowGDEWMBQG
A1UEAxMNNWRkMjUzMzAtZTIxNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3TqU7YYViseDyGHUPpozl2RvQIWsYyn/D6YfxicR7f7rMohxb9Uiyjrpne
RtvdfiPaYRKS4j4B8giiOey7hznOu3W+8AIaHFYjw2BCJxlkuP7i2p7XS+bLVCep
X/21/O+7yguqQf88vbc86llNRMkhwfGAYWo0QBrGKq9ovU05TJELU7OGOzeQqgV/
+W36C/MsabybW5JdUwIQ/lvh7qjvXLrMtJedpUQ0YXD7ci2baVlcGFnVTiKlkDUO
szcXLxEXUtAWpzSV8rg9E5S38k55ErB1GGPriowMWk/F2qwHZhp9KvAry2kr4aw/
MnhHsGhHgJ8DYj1RyFA9xtzfZa8CAwEAAaOCAmswggJnMB0GA1UdDgQWBBQv/XKW
WVIWYMns6s8QLkgDRUGXwjAfBgNVHSMEGDAWgBQj5julUTZfxZEjpjcS15eCrxAo
0TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEyMjgvSS1ZN3BW
RTJYOFdSSTZZM0V0ZVhncThRS05FLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SS1ZN3BWRTJYOFdSSTZZM0V0ZVhncThRS05FLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEy
MjgvOUUwOEFFODQwOURCMTFFQTgzMjk4MjY0RjhBRUEyMjgucm9hMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAiT+AMA0GCSqGSIb3DQEBCwUAA4IBAQCUC7TK
TBKPkjg9rHHT/MWrriACghumIuJtYMTy2roOXVawEMm+h6QWwnZzGgFtgaYQqtdE
QKjJahJ/zYyVY1uhaBWpBnNDFU1hwumh2fsPlYuVrJHCxXCPHcM/ThmAktz6coQL
V3kqh+fRZOpaTeuDWWror8Do6m5lSqhUyBkCqCGwIajy5ckfaAN4vwaLp9JJwZFp
txkEo4LwNF74vcVBmJ/IgwPBV0jl4sfQr2tLnrFenRAOMlFbeDmeIg4s4MoOfsGk
R17uKnHHPL5DaIjNLoArJmL30lEC8PkW9VGgmrXiQmKkAEtOzHLHunnqeJ4X8q7d
SeLFvO3Mp5XbzKeY
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:32 2024 by rpki-client on console-ams.rpki-client.org