Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/D31B027C09E811EA81F71D6FF8AEA228.roa
File:                     D31B027C09E811EA81F71D6FF8AEA228.roa (raw, json)
Hash identifier:          b8/MKILK8qVZbnSZ6GNgISieotlLivTMN6UnBlZh4zA=
Subject key identifier:   69:6A:DF:F9:71:16:CE:84:B5:88:A8:E8:7E:DB:44:9D:7B:74:E7:6C
Certificate issuer:       /CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
Certificate serial:       94
Authority key identifier: 23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/D31B027C09E811EA81F71D6FF8AEA228.roa
Signing time:             Mon 18 Nov 2019 09:50:17 +0000
ROA not before:           Mon 18 Nov 2019 09:50:12 +0000
ROA not after:            Sat 17 Nov 2029 09:50:12 +0000
asID:                     327687
IP address blocks:        137.63.204.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.mft
                          rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 148 (0x94)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
        Validity
            Not Before: Nov 18 09:50:12 2019 GMT
            Not After : Nov 17 09:50:12 2029 GMT
        Subject: CN=5dd26959-622e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:0f:94:7d:39:77:33:a6:40:c7:a5:32:1e:0e:
                    74:55:7d:08:7c:7a:7e:18:fe:39:51:83:97:ae:de:
                    f7:6e:4b:dc:f1:03:d0:c6:ca:b6:ff:1f:07:42:d6:
                    bc:d7:71:59:7f:e4:eb:8b:61:dd:5d:06:e9:63:e2:
                    0c:3f:3a:85:1d:9f:9d:d9:f6:7a:5a:fc:fa:bb:a3:
                    ae:e8:53:e4:19:5f:d6:22:ee:6a:c7:14:5a:dc:ed:
                    ca:c9:ef:3d:de:ee:fc:55:32:c8:18:85:e9:f7:bc:
                    55:51:f9:0c:cc:f2:0f:aa:66:a4:c1:38:b8:e1:f8:
                    38:43:81:4e:d8:a3:33:31:7d:4d:8e:53:67:f3:5a:
                    31:b4:7c:81:02:2b:37:aa:94:3b:f1:18:0c:19:5d:
                    d0:c8:da:68:7a:77:9c:af:2d:f3:ed:cd:14:7e:3d:
                    48:b0:0f:58:bd:1b:09:e4:bf:d2:5e:0c:33:44:06:
                    91:de:f1:51:f6:69:0c:f5:69:10:08:85:94:0b:da:
                    d2:e3:a5:e3:9f:75:27:46:0f:2a:73:db:6b:cf:09:
                    f2:b5:e1:a6:dc:6c:ce:59:77:6e:a3:f1:bb:de:4a:
                    3d:82:25:6c:fb:e8:47:94:f0:6e:dc:25:dd:f2:92:
                    99:eb:ae:61:da:60:1b:87:3e:8e:71:76:f2:ba:8c:
                    a0:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:6A:DF:F9:71:16:CE:84:B5:88:A8:E8:7E:DB:44:9D:7B:74:E7:6C
            X509v3 Authority Key Identifier:
                keyid:23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/D31B027C09E811EA81F71D6FF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.63.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:2d:30:48:3c:db:45:44:0e:9b:e9:32:23:6b:09:56:d7:aa:
         cb:32:b8:2f:c6:5f:9c:ef:90:f7:3e:13:c4:6a:3c:e2:13:ba:
         81:11:5e:d3:93:b5:71:1b:3e:ea:37:2a:d2:ee:30:b1:76:92:
         4f:da:c1:15:88:cf:47:78:93:df:b7:c2:ef:35:e5:03:24:43:
         a5:05:29:b4:d3:65:17:89:ab:4a:dc:1c:62:21:d8:bb:25:e8:
         9f:07:1f:82:f8:c2:a9:0d:1b:19:85:9e:b7:b5:a8:b1:11:31:
         98:1b:52:a3:87:07:77:1d:ba:cd:56:89:5f:72:57:02:5c:3a:
         9c:8b:c8:00:4f:b1:2c:e4:0a:73:4b:43:43:73:10:e7:24:12:
         3c:f7:e5:57:3b:43:9f:3d:4d:88:d0:36:e8:22:fe:f2:56:13:
         94:51:86:29:bf:ac:ec:75:7d:70:d9:9c:18:5c:99:69:53:02:
         5f:37:d8:26:ef:aa:b4:f5:1a:90:41:a4:1e:13:01:d2:90:b2:
         e2:1c:b6:d0:80:1a:1f:fe:62:7f:9b:65:2f:34:2d:2e:cb:3d:
         35:8c:c0:8c:44:05:e6:e4:fe:0d:3f:3a:66:43:3f:0f:42:d7:
         29:19:82:78:c2:a8:db:87:6e:97:24:0a:a5:4f:87:fe:74:a7:
         18:06:a8:76
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgICAJQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkIzOEVBUjExMC8GA1UEBRMoMjNFNjNCQTU1MTM2NUZDNTkxMjNBNjM3MTJENzk3
ODJBRjEwMjhEMTAeFw0xOTExMTgwOTUwMTJaFw0yOTExMTcwOTUwMTJaMBgxFjAU
BgNVBAMTDTVkZDI2OTU5LTYyMmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpD5R9OXczpkDHpTIeDnRVfQh8en4Y/jlRg5eu3vduS9zxA9DGyrb/HwdC
1rzXcVl/5OuLYd1dBulj4gw/OoUdn53Z9npa/Pq7o67oU+QZX9Yi7mrHFFrc7crJ
7z3e7vxVMsgYhen3vFVR+QzM8g+qZqTBOLjh+DhDgU7YozMxfU2OU2fzWjG0fIEC
KzeqlDvxGAwZXdDI2mh6d5yvLfPtzRR+PUiwD1i9Gwnkv9JeDDNEBpHe8VH2aQz1
aRAIhZQL2tLjpeOfdSdGDypz22vPCfK14abcbM5Zd26j8bveSj2CJWz76EeU8G7c
Jd3ykpnrrmHaYBuHPo5xdvK6jKCFAgMBAAGjggJrMIICZzAdBgNVHQ4EFgQUaWrf
+XEWzoS1iKjofttEnXt052wwHwYDVR0jBBgwFoAUI+Y7pVE2X8WRI6Y3EteXgq8Q
KNEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJCMzhFLzg3RUY5NzEwREY2MTExRTk4RjM5NDUzMEY4QUVBMjI4L0ktWTdw
VkUyWDhXUkk2WTNFdGVYZ3E4UUtORS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0ktWTdwVkUyWDhXUkk2WTNFdGVYZ3E4UUtORS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjJCMzhFLzg3RUY5NzEwREY2MTExRTk4RjM5NDUzMEY4QUVB
MjI4L0QzMUIwMjdDMDlFODExRUE4MUY3MUQ2RkY4QUVBMjI4LnJvYTAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAIk/zDANBgkqhkiG9w0BAQsFAAOCAQEAZC0w
SDzbRUQOm+kyI2sJVteqyzK4L8ZfnO+Q9z4TxGo84hO6gRFe05O1cRs+6jcq0u4w
sXaST9rBFYjPR3iT37fC7zXlAyRDpQUptNNlF4mrStwcYiHYuyXonwcfgvjCqQ0b
GYWet7WosRExmBtSo4cHdx26zVaJX3JXAlw6nIvIAE+xLOQKc0tDQ3MQ5yQSPPfl
VztDnz1NiNA26CL+8lYTlFGGKb+s7HV9cNmcGFyZaVMCXzfYJu+qtPUakEGkHhMB
0pCy4hy20IAaH/5if5tlLzQtLss9NYzAjEQF5uT+DT86ZkM/D0LXKRmCeMKo24du
lyQKpU+H/nSnGAaodg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:52 2024 by rpki-client on console-fra.rpki-client.org