Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/EBE3324609E011EAA40FD868F8AEA228.roa
File:                     EBE3324609E011EAA40FD868F8AEA228.roa (raw, json)
Hash identifier:          XtVGXQe4ez8+8HSj6Xq1cxn1+HRDWcNrmAQBTelCu3k=
Subject key identifier:   20:74:28:4A:0A:DC:37:0C:C3:23:BD:CF:AF:69:7A:30:48:C7:E4:D6
Certificate issuer:       /CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
Certificate serial:       64
Authority key identifier: 23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/EBE3324609E011EAA40FD868F8AEA228.roa
Signing time:             Mon 18 Nov 2019 08:53:43 +0000
ROA not before:           Mon 18 Nov 2019 08:53:37 +0000
ROA not after:            Sat 17 Nov 2029 08:53:37 +0000
asID:                     327687
IP address blocks:        137.63.155.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.mft
                          rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 100 (0x64)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B38EAR/serialNumber=23E63BA551365FC59123A63712D79782AF1028D1
        Validity
            Not Before: Nov 18 08:53:37 2019 GMT
            Not After : Nov 17 08:53:37 2029 GMT
        Subject: CN=5dd25c17-0d31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:0c:09:e5:f0:4b:6a:6e:01:f4:91:fa:c9:0c:
                    c5:98:ab:b5:74:65:4e:6b:6d:77:d9:bc:4f:87:20:
                    93:ca:68:91:7b:a5:a5:52:d7:1b:12:95:fc:e9:1e:
                    26:c3:f8:94:23:f5:9b:0b:79:62:a9:dd:e2:02:08:
                    31:4c:ca:a6:f9:db:92:bb:c9:64:50:6b:64:29:3d:
                    ef:0c:e5:8b:75:a3:1a:4a:8f:2a:a7:a1:7b:31:a8:
                    57:35:26:36:0a:b1:1d:4c:99:30:82:09:5d:48:53:
                    14:ba:4f:78:67:47:40:c9:cc:8e:6c:5f:ba:f4:5b:
                    d1:ef:8e:38:51:e8:81:7e:67:53:bc:e1:95:18:72:
                    16:62:5e:9d:72:71:56:a7:02:1b:86:5a:fb:d2:ad:
                    dd:09:1c:65:a5:27:b1:ef:4d:b1:6f:9b:b8:58:d2:
                    99:c4:db:a7:42:11:a3:cd:fe:4c:85:ac:4d:96:ef:
                    58:33:dd:64:47:a1:df:af:65:93:b2:87:30:58:61:
                    6b:81:9a:7d:d4:4a:66:62:42:d5:82:15:a9:8c:55:
                    33:bc:bc:9b:c2:ef:4a:0b:8d:ee:f2:82:9d:06:76:
                    f9:3c:05:02:22:f3:89:06:8b:7a:12:01:31:71:9e:
                    54:4c:6c:17:3c:75:2b:bd:86:fe:f5:83:7b:55:fd:
                    c4:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:74:28:4A:0A:DC:37:0C:C3:23:BD:CF:AF:69:7A:30:48:C7:E4:D6
            X509v3 Authority Key Identifier:
                keyid:23:E6:3B:A5:51:36:5F:C5:91:23:A6:37:12:D7:97:82:AF:10:28:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/I-Y7pVE2X8WRI6Y3EteXgq8QKNE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B38E/87EF9710DF6111E98F394530F8AEA228/EBE3324609E011EAA40FD868F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.63.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:0f:0d:25:03:9a:1e:b9:a8:b8:36:45:28:4a:c0:51:05:fb:
         b9:9d:4f:be:48:df:bd:6f:e8:fe:cd:6e:3c:99:8e:6b:aa:b4:
         0f:3c:17:68:ce:e9:74:8f:f7:f6:2e:ab:62:cb:8d:2f:df:08:
         bf:01:dc:b0:85:b3:c0:6f:14:dd:7c:14:e2:f8:7e:bc:2a:93:
         90:b9:bb:e1:a4:d3:e3:68:ae:d4:63:68:08:9e:8c:c4:77:47:
         15:56:36:64:d7:d1:b2:e1:3d:13:84:41:5b:17:95:f6:81:51:
         94:85:b6:fb:5b:f8:63:55:47:df:19:4c:dd:d7:43:cd:eb:dc:
         be:54:b6:d5:3e:e4:aa:b6:7e:e7:b6:86:a4:ed:52:8c:31:c4:
         91:91:ee:85:47:5a:a6:4e:8b:dd:8c:f7:a4:42:e3:a5:74:7b:
         17:b8:f7:bf:2f:28:fe:45:a3:67:db:22:cc:f3:27:ec:8f:6a:
         0b:2b:dc:1a:55:1b:12:4a:b7:31:c6:d0:bf:22:ff:ea:e3:3d:
         48:78:29:96:f4:5d:ff:20:1c:97:5e:f9:37:bd:a9:4c:6b:2c:
         bf:af:a9:80:13:52:4c:66:13:19:c1:7a:62:86:69:4b:df:a7:
         84:7f:f4:48:a0:81:94:c4:59:f9:3b:2a:20:bf:8d:25:f5:53:
         3a:29:0f:db
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIBZDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjM4RUFSMTEwLwYDVQQFEygyM0U2M0JBNTUxMzY1RkM1OTEyM0E2MzcxMkQ3OTc4
MkFGMTAyOEQxMB4XDTE5MTExODA4NTMzN1oXDTI5MTExNzA4NTMzN1owGDEWMBQG
A1UEAxMNNWRkMjVjMTctMGQzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMMCeXwS2puAfSR+skMxZirtXRlTmttd9m8T4cgk8pokXulpVLXGxKV/Oke
JsP4lCP1mwt5Yqnd4gIIMUzKpvnbkrvJZFBrZCk97wzli3WjGkqPKqehezGoVzUm
NgqxHUyZMIIJXUhTFLpPeGdHQMnMjmxfuvRb0e+OOFHogX5nU7zhlRhyFmJenXJx
VqcCG4Za+9Kt3QkcZaUnse9NsW+buFjSmcTbp0IRo83+TIWsTZbvWDPdZEeh369l
k7KHMFhha4GafdRKZmJC1YIVqYxVM7y8m8LvSguN7vKCnQZ2+TwFAiLziQaLehIB
MXGeVExsFzx1K72G/vWDe1X9xP0CAwEAAaOCAmswggJnMB0GA1UdDgQWBBQgdChK
Ctw3DMMjvc+vaXowSMfk1jAfBgNVHSMEGDAWgBQj5julUTZfxZEjpjcS15eCrxAo
0TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEyMjgvSS1ZN3BW
RTJYOFdSSTZZM0V0ZVhncThRS05FLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SS1ZN3BWRTJYOFdSSTZZM0V0ZVhncThRS05FLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MkIzOEUvODdFRjk3MTBERjYxMTFFOThGMzk0NTMwRjhBRUEy
MjgvRUJFMzMyNDYwOUUwMTFFQUE0MEZEODY4RjhBRUEyMjgucm9hMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAiT+bMA0GCSqGSIb3DQEBCwUAA4IBAQCIDw0l
A5oeuai4NkUoSsBRBfu5nU++SN+9b+j+zW48mY5rqrQPPBdozul0j/f2Lqtiy40v
3wi/AdywhbPAbxTdfBTi+H68KpOQubvhpNPjaK7UY2gInozEd0cVVjZk19Gy4T0T
hEFbF5X2gVGUhbb7W/hjVUffGUzd10PN69y+VLbVPuSqtn7ntoak7VKMMcSRke6F
R1qmTovdjPekQuOldHsXuPe/Lyj+RaNn2yLM8yfsj2oLK9waVRsSSrcxxtC/Iv/q
4z1IeCmW9F3/IByXXvk3valMayy/r6mAE1JMZhMZwXpihmlL36eEf/RIoIGUxFn5
Oyogv40l9VM6KQ/b
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:52 2024 by rpki-client on console-fra.rpki-client.org