Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5EA5C798250F11EDB27A41F4F1222468.roa
File:                     5EA5C798250F11EDB27A41F4F1222468.roa (download)
Hash identifier:          nqolQY6+2CLvSZICo8vdJ+7mUpCdfALpdOWuq1NsaAE=
Subject key identifier:   78:53:35:A3:9D:AE:3A:C8:AA:1D:0D:B0:27:A7:27:A7:93:8D:C4:6B
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       185D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5EA5C798250F11EDB27A41F4F1222468.roa
ROA valid until:          Aug 31 07:19:02 2023 GMT
asID:                     140224
IP address blocks:
    1: 154.197.12.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6237 (0x185d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Aug 26 07:19:02 2022 GMT
            Not After : Aug 31 07:19:02 2023 GMT
        Subject: CN=630873ea-22fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:98:c6:0f:fb:9d:be:9d:0e:6b:f7:a1:68:b2:
                    5a:30:a2:78:58:33:44:35:90:7b:ef:44:c6:51:34:
                    88:6e:8a:7f:0d:5c:60:c0:c7:c7:f5:60:31:83:70:
                    e6:fd:a2:9c:40:29:1f:b2:1d:a3:0a:ed:dd:d0:eb:
                    a7:62:2c:1f:1f:f9:e1:36:50:55:ec:67:78:37:52:
                    f2:fc:90:1f:7e:67:46:4a:1c:22:de:f6:c6:1a:f3:
                    69:3d:e9:5e:b5:84:4a:55:9d:27:9a:2f:25:a5:ef:
                    7f:99:86:59:ff:5d:d8:ed:5e:51:ca:52:bd:dd:30:
                    f3:66:9c:fb:08:56:3d:22:96:83:31:1b:7c:53:d5:
                    7f:02:cc:ff:40:a8:17:9b:18:9d:71:e0:21:4d:67:
                    42:1a:f1:e0:d3:b3:71:1d:cd:ce:5c:9a:75:89:a0:
                    67:e2:76:5d:ab:35:13:ff:ba:2e:64:36:61:41:0d:
                    7a:f3:98:ea:fe:df:15:31:05:e1:24:7d:d7:00:7d:
                    df:81:e3:0e:e5:75:e6:fb:d9:70:76:a1:b6:e7:ee:
                    57:77:75:37:04:10:39:3a:50:24:cf:8e:14:1f:f4:
                    8f:fe:02:a5:94:ac:a9:4d:ab:c9:ec:a8:2b:56:5c:
                    7b:ac:b8:99:15:4b:7f:18:ac:aa:6c:1c:60:a0:ef:
                    30:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                78:53:35:A3:9D:AE:3A:C8:AA:1D:0D:B0:27:A7:27:A7:93:8D:C4:6B
            X509v3 Authority Key Identifier: 
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5EA5C798250F11EDB27A41F4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.197.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         81:7b:d0:db:83:0a:92:0b:20:bc:32:6f:b1:14:23:ba:7c:9d:
         0f:f0:dd:a3:0d:af:a4:50:26:b8:81:19:34:82:66:d0:78:4c:
         5a:aa:46:fd:27:ba:2b:9c:65:4e:94:60:84:14:67:bd:ce:67:
         4e:4a:d7:76:19:d4:3a:37:a0:bd:5e:8d:11:4c:c2:97:ec:3d:
         34:f5:90:47:f2:bb:aa:54:6e:9e:d0:dd:51:03:16:c5:8e:85:
         15:c7:5e:0d:8a:73:63:67:7f:2c:51:31:7a:e3:f4:10:33:8c:
         be:0e:7f:c5:c8:a9:b4:c4:8a:8f:3b:35:1b:50:c3:7b:fe:e8:
         21:47:c3:df:3a:f0:41:42:1d:16:6f:fd:14:3f:ea:1f:a7:33:
         58:46:c4:51:3d:97:da:be:cd:8e:03:44:fc:a7:a4:ce:9f:39:
         5f:f6:7d:a9:68:bf:ef:ed:3c:9c:f5:39:10:84:42:6a:f5:b8:
         7c:e4:89:7d:0d:3e:8e:3d:89:66:8f:7a:ce:8a:7d:33:a8:bc:
         eb:33:33:ed:c8:87:5d:67:20:04:aa:c3:1b:34:e9:60:a2:b2:
         c0:5f:52:63:4f:c5:3c:87:7d:ba:2a:90:f8:dd:64:8a:4c:24:
         b1:4b:92:36:4f:f7:d9:36:1a:1a:c3:cd:32:86:42:df:80:17:
         90:d5:50:bf
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGF0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjA4MjYwNzE5MDJaFw0yMzA4MzEwNzE5MDJaMBgxFjAU
BgNVBAMMDTYzMDg3M2VhLTIyZmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDhmMYP+52+nQ5r96FoslowonhYM0Q1kHvvRMZRNIhuin8NXGDAx8f1YDGD
cOb9opxAKR+yHaMK7d3Q66diLB8f+eE2UFXsZ3g3UvL8kB9+Z0ZKHCLe9sYa82k9
6V61hEpVnSeaLyWl73+Zhln/XdjtXlHKUr3dMPNmnPsIVj0iloMxG3xT1X8CzP9A
qBebGJ1x4CFNZ0Ia8eDTs3Edzc5cmnWJoGfidl2rNRP/ui5kNmFBDXrzmOr+3xUx
BeEkfdcAfd+B4w7ldeb72XB2obbn7ld3dTcEEDk6UCTPjhQf9I/+AqWUrKlNq8ns
qCtWXHusuJkVS38YrKpsHGCg7zALAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUeFM1
o52uOsiqHQ2wJ6cnp5ONxGswHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzVFQTVDNzk4MjUwRjExRURCMjdBNDFGNEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKaxQwwDQYJKoZIhvcNAQEL
BQADggEBAIF70NuDCpILILwyb7EUI7p8nQ/w3aMNr6RQJriBGTSCZtB4TFqqRv0n
uiucZU6UYIQUZ73OZ05K13YZ1Do3oL1ejRFMwpfsPTT1kEfyu6pUbp7Q3VEDFsWO
hRXHXg2Kc2NnfyxRMXrj9BAzjL4Of8XIqbTEio87NRtQw3v+6CFHw9868EFCHRZv
/RQ/6h+nM1hGxFE9l9q+zY4DRPynpM6fOV/2falov+/tPJz1ORCEQmr1uHzkiX0N
Po49iWaPes6KfTOovOszM+3Ih11nIASqwxs06WCissBfUmNPxTyHfboqkPjdZIpM
JLFLkjZP99k2GhrDzTKGQt+AF5DVUL8=
-----END CERTIFICATE-----
Generated at Wed Dec 7 16:06:02 2022 by rpki-client.