Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB63B2803A5311EDA08A88B4F1222468.roa
File:                     AB63B2803A5311EDA08A88B4F1222468.roa (download)
Hash identifier:          Yrd7h2rNrAATSdCralJ8GgadPvpVkM9B6P9WWADlLsA=
Subject key identifier:   03:F5:18:79:8D:51:8B:A6:7E:9D:54:2D:C4:65:CB:23:A5:E7:48:6D
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       18F5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB63B2803A5311EDA08A88B4F1222468.roa
ROA valid until:          Sep 25 08:50:51 2023 GMT
asID:                     138995
IP address blocks:
    1: 154.197.33.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6389 (0x18f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Sep 22 08:50:51 2022 GMT
            Not After : Sep 25 08:50:51 2023 GMT
        Subject: CN=632c21ef-42a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:07:e0:3e:a4:07:7e:f1:c2:2f:be:b5:b0:d4:
                    16:ab:43:0f:da:e7:24:94:08:e7:d6:57:f2:f0:fc:
                    b0:e7:f4:3f:9f:3c:02:43:f5:cf:c8:7c:17:c6:31:
                    10:68:a0:9d:d4:15:e7:54:22:c5:ed:2b:6d:18:de:
                    1d:51:7c:b6:a4:f3:ad:8b:88:ea:0d:fc:6d:57:ac:
                    26:f0:63:31:f9:80:75:23:86:43:90:2b:7a:49:e6:
                    ba:3d:c6:54:21:ae:27:86:2d:ca:52:bd:f0:f3:eb:
                    7c:1f:40:7a:d2:25:9e:eb:8a:ac:05:2b:9b:16:a4:
                    d7:33:5c:25:3b:02:23:b0:24:9e:3c:a6:60:52:1d:
                    8c:dc:a8:ab:26:06:82:f9:bb:8a:88:20:2b:06:1f:
                    6e:7c:b0:76:01:99:d9:4d:be:fc:17:4b:3d:3a:dd:
                    22:00:32:6a:a4:4b:69:13:e1:2d:e2:b3:7f:4d:8d:
                    f1:90:db:45:eb:7d:32:2e:09:4b:b1:9f:ed:11:6c:
                    60:6d:aa:a0:48:31:e9:26:4d:f8:66:33:5e:07:c2:
                    5b:dc:d0:0a:ee:f3:57:99:83:fc:39:67:53:0d:50:
                    f4:39:9a:3e:db:a7:4d:54:9e:14:f2:20:1d:48:42:
                    29:35:27:5d:d8:f6:42:0d:d7:9b:78:e4:32:81:0a:
                    4a:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                03:F5:18:79:8D:51:8B:A6:7E:9D:54:2D:C4:65:CB:23:A5:E7:48:6D
            X509v3 Authority Key Identifier: 
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB63B2803A5311EDA08A88B4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.197.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ca:08:85:83:1f:5c:50:9b:c5:66:ab:9e:94:0a:72:4b:97:e4:
         39:a3:71:57:f7:6b:61:6e:70:59:c5:c2:d4:75:48:ee:66:7e:
         62:2e:64:f0:bb:8a:5f:a3:7f:95:db:28:b2:92:4c:48:25:be:
         af:e6:f2:c0:13:22:bf:ed:7b:bc:da:8e:78:45:11:7f:17:66:
         67:10:95:ad:39:c3:21:5a:a0:b7:61:ba:76:77:8b:b8:e4:03:
         94:fe:8c:53:73:39:16:90:85:68:22:f4:a1:2c:7b:ea:b8:31:
         58:a2:a9:ad:a7:cf:26:42:8b:fd:65:b2:f9:eb:fa:cb:18:16:
         c5:3c:5d:43:50:4c:37:ee:8f:24:48:d8:db:31:8d:32:14:39:
         f4:c3:d3:ab:23:fb:bd:fc:98:41:48:d1:d4:b1:5c:13:2d:a0:
         9f:92:4f:93:1f:7c:d3:54:ef:c7:7b:2b:e1:87:e8:2e:c2:3b:
         87:df:b0:bf:fc:8a:77:23:66:f1:1f:93:d3:8f:c5:4c:d4:90:
         33:12:d7:b3:71:84:03:97:43:ff:0c:c2:05:12:df:85:fe:11:
         5a:70:f7:6e:f9:f8:ff:58:6e:e2:82:1b:78:a6:ec:67:dc:86:
         fb:8f:e9:ae:0f:96:fa:9c:23:d9:1c:9a:1a:6b:54:f1:96:93:
         a4:fc:48:2f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGPUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjA5MjIwODUwNTFaFw0yMzA5MjUwODUwNTFaMBgxFjAU
BgNVBAMMDTYzMmMyMWVmLTQyYTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpB+A+pAd+8cIvvrWw1BarQw/a5ySUCOfWV/Lw/LDn9D+fPAJD9c/IfBfG
MRBooJ3UFedUIsXtK20Y3h1RfLak862LiOoN/G1XrCbwYzH5gHUjhkOQK3pJ5ro9
xlQhrieGLcpSvfDz63wfQHrSJZ7riqwFK5sWpNczXCU7AiOwJJ48pmBSHYzcqKsm
BoL5u4qIICsGH258sHYBmdlNvvwXSz063SIAMmqkS2kT4S3is39NjfGQ20XrfTIu
CUuxn+0RbGBtqqBIMekmTfhmM14Hwlvc0Aru81eZg/w5Z1MNUPQ5mj7bp01UnhTy
IB1IQik1J13Y9kIN15t45DKBCkoLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUA/UY
eY1Ri6Z+nVQtxGXLI6XnSG0wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0FCNjNCMjgwM0E1MzExRURBMDhBODhCNEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxSEwDQYJKoZIhvcNAQEL
BQADggEBAMoIhYMfXFCbxWarnpQKckuX5DmjcVf3a2FucFnFwtR1SO5mfmIuZPC7
il+jf5XbKLKSTEglvq/m8sATIr/te7zajnhFEX8XZmcQla05wyFaoLdhunZ3i7jk
A5T+jFNzORaQhWgi9KEse+q4MViiqa2nzyZCi/1lsvnr+ssYFsU8XUNQTDfujyRI
2NsxjTIUOfTD06sj+738mEFI0dSxXBMtoJ+ST5MffNNU78d7K+GH6C7CO4ffsL/8
incjZvEfk9OPxUzUkDMS17NxhAOXQ/8MwgUS34X+EVpw9275+P9YbuKCG3im7Gfc
hvuP6a4PlvqcI9kcmhprVPGWk6T8SC8=
-----END CERTIFICATE-----
Generated at Wed Dec 7 16:43:33 2022 by rpki-client.