Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/C9C9CAFC09DC11EAA8D48765F8AEA228.roa
File:                     C9C9CAFC09DC11EAA8D48765F8AEA228.roa (raw, json)
Hash identifier:          Hh2geVt32wPYiVtUnOCmtfBAqi4QqznTI3vj7Q7Yo/0=
Subject key identifier:   AC:9F:67:A8:8C:20:86:0D:12:B7:07:4D:AD:E0:91:74:FC:FA:BA:FD
Certificate issuer:       /CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
Certificate serial:       42
Authority key identifier: 23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/C9C9CAFC09DC11EAA8D48765F8AEA228.roa
Signing time:             Mon 18 Nov 2019 08:24:07 +0000
ROA not before:           Mon 18 Nov 2019 08:24:01 +0000
ROA not after:            Sat 17 Nov 2029 08:24:01 +0000
asID:                     327687
IP address blocks:        137.63.151.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.mft
                          rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66 (0x42)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
        Validity
            Not Before: Nov 18 08:24:01 2019 GMT
            Not After : Nov 17 08:24:01 2029 GMT
        Subject: CN=5dd25527-b250
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:9b:84:4b:76:4e:b1:f7:6b:2a:fe:60:0a:90:
                    32:5f:81:69:2f:62:eb:5f:43:d2:2a:7f:a5:8a:59:
                    96:ec:16:0f:1d:fa:d2:e5:28:14:51:1b:18:e0:c6:
                    86:9e:6a:3f:2d:00:9a:5c:2f:9f:bc:30:c9:67:f2:
                    f7:bc:c7:fc:db:72:33:66:1e:6d:0f:5b:55:ac:ef:
                    d0:91:70:7d:90:aa:71:33:0d:8f:d9:b6:33:fb:c7:
                    32:66:65:96:a2:7a:29:86:c0:27:db:67:34:26:cb:
                    c1:3a:f5:6c:5a:8f:fb:57:23:75:e1:b5:01:6a:c1:
                    81:9a:85:9d:28:a3:e8:23:e0:a7:4e:81:7b:dd:cc:
                    2e:10:9c:72:20:28:24:07:16:32:0d:48:af:08:5a:
                    f5:0b:22:65:11:e3:f7:88:bc:ad:fe:05:03:75:8c:
                    3f:3f:22:c6:7d:bd:e4:80:40:5f:37:9b:d5:05:53:
                    b8:ba:db:56:64:e0:a2:6b:df:b6:ca:aa:bf:e4:5e:
                    ed:f8:33:aa:6c:01:5f:c3:71:f5:c2:19:d5:32:fd:
                    bd:f9:26:36:47:4d:30:a4:45:a1:02:79:55:32:59:
                    7e:dd:70:0d:02:be:85:81:60:50:fb:aa:5c:e9:de:
                    15:9b:72:40:b1:2d:6e:f9:14:7b:62:38:c7:6b:52:
                    c9:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:9F:67:A8:8C:20:86:0D:12:B7:07:4D:AD:E0:91:74:FC:FA:BA:FD
            X509v3 Authority Key Identifier:
                keyid:23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/C9C9CAFC09DC11EAA8D48765F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.63.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:1a:13:c4:72:39:3e:8b:eb:3a:c4:49:f8:df:8f:bf:30:74:
         b2:f0:bf:ad:89:99:58:85:73:63:ef:5b:58:c6:e4:07:4f:db:
         ba:7c:71:f1:86:aa:1e:a3:bc:03:f4:7f:c3:10:41:c8:ea:0a:
         bf:ed:0d:ea:f0:fe:47:88:0f:ef:48:67:c2:e5:8c:a2:60:dd:
         ef:f5:76:d6:a7:b4:2d:5f:63:84:59:8c:83:50:4e:bf:5b:ef:
         50:6c:44:43:35:4b:e7:cd:42:23:9f:0a:ab:25:1b:73:c5:e9:
         63:5e:1e:e1:0e:88:c0:44:36:c3:c5:24:9e:d6:57:af:d2:f9:
         26:95:59:ba:fb:c0:7a:f9:c2:a3:bd:25:ed:4c:50:ea:af:58:
         57:c2:e6:bb:aa:11:70:da:07:12:94:a8:ec:75:6d:b3:24:49:
         ea:ee:bb:55:aa:64:52:b5:e5:0e:f4:5b:7d:eb:73:a2:76:0c:
         dc:89:d6:db:e3:4f:17:fc:66:f0:49:de:1f:3d:7f:8d:8f:42:
         5e:44:ab:0b:87:fc:08:96:df:e5:ce:89:1b:ca:ab:61:66:20:
         87:e6:6b:46:c7:be:ca:ec:0a:95:ae:ff:5f:bb:1e:35:4f:29:
         ff:6e:2a:f0:c3:fd:2b:04:46:38:ad:16:9c:9d:63:72:42:60:
         70:06:5e:60
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIBQjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjM4RUFSMTEwLwYDVQQFEygyM0U2M0JBNTUxMzY1RkM1OTEyM0E2MzcxMkQ3OTc4
MkFGMTAyOEQxMB4XDTE5MTExODA4MjQwMVoXDTI5MTExNzA4MjQwMVowGDEWMBQG
A1UEAxMNNWRkMjU1MjctYjI1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWbhEt2TrH3ayr+YAqQMl+BaS9i619D0ip/pYpZluwWDx360uUoFFEbGODG
hp5qPy0Amlwvn7wwyWfy97zH/NtyM2YebQ9bVazv0JFwfZCqcTMNj9m2M/vHMmZl
lqJ6KYbAJ9tnNCbLwTr1bFqP+1cjdeG1AWrBgZqFnSij6CPgp06Be93MLhCcciAo
JAcWMg1Irwha9QsiZRHj94i8rf4FA3WMPz8ixn295IBAXzeb1QVTuLrbVmTgomvf
tsqqv+Re7fgzqmwBX8Nx9cIZ1TL9vfkmNkdNMKRFoQJ5VTJZft1wDQK+hYFgUPuq
XOneFZtyQLEtbvkUe2I4x2tSydMCAwEAAaOCAmswggJnMB0GA1UdDgQWBBSsn2eo
jCCGDRK3B02t4JF0/Pq6/TAfBgNVHSMEGDAWgBQj5julUTZfxZEjpjcS15eCrxAo
0TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEyMjgvSS1ZN3BW
RTJYOFdSSTZZM0V0ZVhncThRS05FLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SS1ZN3BWRTJYOFdSSTZZM0V0ZVhncThRS05FLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEy
MjgvQzlDOUNBRkMwOURDMTFFQUE4RDQ4NzY1RjhBRUEyMjgucm9hMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAiT+XMA0GCSqGSIb3DQEBCwUAA4IBAQBxGhPE
cjk+i+s6xEn434+/MHSy8L+tiZlYhXNj71tYxuQHT9u6fHHxhqoeo7wD9H/DEEHI
6gq/7Q3q8P5HiA/vSGfC5YyiYN3v9XbWp7QtX2OEWYyDUE6/W+9QbERDNUvnzUIj
nwqrJRtzxeljXh7hDojARDbDxSSe1lev0vkmlVm6+8B6+cKjvSXtTFDqr1hXwua7
qhFw2gcSlKjsdW2zJEnq7rtVqmRSteUO9Ft963Oidgzcidbb408X/GbwSd4fPX+N
j0JeRKsLh/wIlt/lzokbyqthZiCH5mtGx77K7AqVrv9fux41Tyn/birww/0rBEY4
rRacnWNyQmBwBl5g
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:32 2024 by rpki-client on console-ams.rpki-client.org