Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/D19A574C0A9011EA842BC16DF8AEA228.roa
File:                     D19A574C0A9011EA842BC16DF8AEA228.roa (raw, json)
Hash identifier:          UreQTBRiDL+aDQhTZoEUNB084HGWiRrRFdvbXYMOpMA=
Subject key identifier:   0D:46:AE:C7:F7:93:EA:42:1B:19:9E:F7:44:34:41:1A:AC:F0:8F:97
Certificate issuer:       /CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
Certificate serial:       AF
Authority key identifier: 23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/D19A574C0A9011EA842BC16DF8AEA228.roa
Signing time:             Tue 19 Nov 2019 05:52:50 +0000
ROA not before:           Tue 19 Nov 2019 05:52:45 +0000
ROA not after:            Sun 18 Nov 2029 05:52:45 +0000
asID:                     327687
IP address blocks:        137.63.152.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.mft
                          rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 175 (0xaf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
        Validity
            Not Before: Nov 19 05:52:45 2019 GMT
            Not After : Nov 18 05:52:45 2029 GMT
        Subject: CN=5dd38332-572c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:68:f2:25:a9:d3:d4:40:09:40:c8:71:69:32:
                    3d:22:41:bd:fa:bb:e0:04:31:3f:f9:9e:9d:e9:77:
                    85:f6:30:8a:5f:86:19:69:95:3c:2c:25:7d:95:9e:
                    08:11:d5:e6:ee:38:28:95:e0:5e:87:82:21:44:2d:
                    4a:f8:de:8e:fb:e5:3a:88:e0:47:92:04:eb:39:81:
                    15:81:7a:ae:b5:bf:26:5c:f0:3e:22:a9:4b:f4:db:
                    59:16:92:e3:bb:49:99:22:01:34:b3:19:32:8f:9e:
                    52:31:6e:40:ee:56:4a:bd:e9:bb:71:78:80:3c:e8:
                    47:8e:07:ea:01:16:fc:09:42:47:72:52:c6:5b:fb:
                    91:e4:bd:e2:30:d1:7a:b3:4f:eb:18:42:7e:92:f2:
                    d1:71:7c:d6:c2:15:fe:1d:34:87:0f:d3:4a:12:fb:
                    2e:47:fa:11:ee:53:25:16:43:96:68:5a:00:08:53:
                    e4:29:6b:11:37:0e:be:2c:a7:a9:b5:39:17:34:a5:
                    e3:75:46:39:fd:8e:13:47:ee:c2:0d:83:97:b3:a1:
                    42:33:dd:01:2a:21:68:85:cd:52:45:65:a2:fa:6a:
                    16:52:e9:84:37:2a:45:4c:e5:16:55:49:16:75:81:
                    8b:98:77:c2:2e:0e:23:4d:fe:44:8a:51:ff:3e:6b:
                    2a:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:46:AE:C7:F7:93:EA:42:1B:19:9E:F7:44:34:41:1A:AC:F0:8F:97
            X509v3 Authority Key Identifier:
                keyid:23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/D19A574C0A9011EA842BC16DF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.63.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         98:33:34:a0:5f:d5:af:a4:93:52:e2:df:d7:1d:87:97:84:25:
         7c:d8:e7:08:8d:1f:1a:a3:26:00:95:05:6f:0b:96:50:96:a7:
         e0:1b:29:0f:77:f4:7b:6d:76:62:99:b5:48:b9:95:e2:30:e9:
         9e:1f:14:ab:30:78:22:d6:eb:ed:06:c3:ff:a6:d7:bf:8e:42:
         4c:46:ae:35:77:9b:15:64:1f:61:c1:ba:39:78:c6:7a:f5:ad:
         30:43:3d:3b:75:45:06:f5:a8:23:bf:45:03:40:34:88:d6:ea:
         19:9a:7a:73:55:0d:d4:21:eb:50:96:4f:90:35:57:50:37:c9:
         93:1d:b6:06:02:3e:60:78:30:cb:58:02:ea:12:d7:3b:0c:1e:
         5c:fd:12:cc:f9:67:e0:f6:68:af:dc:e8:69:f0:4f:8a:ae:dc:
         5f:19:57:bc:5c:da:98:ee:56:1a:03:17:55:b8:96:24:42:fb:
         6f:da:aa:45:1c:8e:1f:bd:30:ba:b5:29:ed:a7:2d:fe:94:48:
         cf:15:6c:03:4c:77:ec:09:07:3c:49:59:41:12:61:0f:e3:e5:
         4f:e5:21:3a:20:88:73:4a:ba:05:af:66:44:b2:12:4a:46:0f:
         29:45:a8:7b:dd:8d:4c:dd:af:64:fc:6d:99:1d:6f:17:50:9a:
         f9:48:2a:dd
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkIzOEVBUjExMC8GA1UEBRMoMjNFNjNCQTU1MTM2NUZDNTkxMjNBNjM3MTJENzk3
ODJBRjEwMjhEMTAeFw0xOTExMTkwNTUyNDVaFw0yOTExMTgwNTUyNDVaMBgxFjAU
BgNVBAMTDTVkZDM4MzMyLTU3MmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDbaPIlqdPUQAlAyHFpMj0iQb36u+AEMT/5np3pd4X2MIpfhhlplTwsJX2V
nggR1ebuOCiV4F6HgiFELUr43o775TqI4EeSBOs5gRWBeq61vyZc8D4iqUv021kW
kuO7SZkiATSzGTKPnlIxbkDuVkq96btxeIA86EeOB+oBFvwJQkdyUsZb+5HkveIw
0XqzT+sYQn6S8tFxfNbCFf4dNIcP00oS+y5H+hHuUyUWQ5ZoWgAIU+QpaxE3Dr4s
p6m1ORc0peN1Rjn9jhNH7sINg5ezoUIz3QEqIWiFzVJFZaL6ahZS6YQ3KkVM5RZV
SRZ1gYuYd8IuDiNN/kSKUf8+aypVAgMBAAGjggJrMIICZzAdBgNVHQ4EFgQUDUau
x/eT6kIbGZ73RDRBGqzwj5cwHwYDVR0jBBgwFoAUI+Y7pVE2X8WRI6Y3EteXgq8Q
KNEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJCMzhFLzg3RUY5NzEwREY2MTExRTk4RjM5NDUzMEY4QUVBMjI4L0ktWTdw
VkUyWDhXUkk2WTNFdGVYZ3E4UUtORS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0ktWTdwVkUyWDhXUkk2WTNFdGVYZ3E4UUtORS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjJCMzhFLzg3RUY5NzEwREY2MTExRTk4RjM5NDUzMEY4QUVB
MjI4L0QxOUE1NzRDMEE5MDExRUE4NDJCQzE2REY4QUVBMjI4LnJvYTAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEA4k/mDANBgkqhkiG9w0BAQsFAAOCAQEAmDM0
oF/Vr6STUuLf1x2Hl4QlfNjnCI0fGqMmAJUFbwuWUJan4BspD3f0e212Ypm1SLmV
4jDpnh8UqzB4Itbr7QbD/6bXv45CTEauNXebFWQfYcG6OXjGevWtMEM9O3VFBvWo
I79FA0A0iNbqGZp6c1UN1CHrUJZPkDVXUDfJkx22BgI+YHgwy1gC6hLXOwweXP0S
zPln4PZor9zoafBPiq7cXxlXvFzamO5WGgMXVbiWJEL7b9qqRRyOH70wurUp7act
/pRIzxVsA0x37AkHPElZQRJhD+PlT+UhOiCIc0q6Ba9mRLISSkYPKUWoe92NTN2v
ZPxtmR1vF1Ca+Ugq3Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:52 2024 by rpki-client on console-fra.rpki-client.org