Route Origin Authorization

$ cd rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/

$ rpki-client -vvf 0899FB82C47D11EC82B71D89F1222468.roa
File:                     0899FB82C47D11EC82B71D89F1222468.roa (download)
Hash identifier:          L6Lp+FKoMcIB0F8EieQM5Jog0xUZbBxcw+M99aIQoag=
Subject key identifier:   66:8D:11:F4:32:F3:51:C2:C5:4D:6B:AC:4B:DA:E3:A5:FF:A0:77:C3
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       136C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0899FB82C47D11EC82B71D89F1222468.roa
ROA valid until:          Jan 30 09:49:40 2023 GMT
asID:                     139057
IP address blocks:
    1: 156.251.65.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4972 (0x136c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 25 09:49:40 2022 GMT
            Not After : Jan 30 09:49:40 2023 GMT
        Subject: CN=62666eb8-80d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:87:99:b5:0b:8d:5c:19:57:58:7a:a9:bb:f6:
                    44:38:49:00:e2:4d:2a:f2:b7:83:58:5c:58:40:28:
                    4e:b7:1f:2c:3e:67:c9:e2:60:84:18:04:63:fc:be:
                    72:38:c2:17:ed:c3:02:b8:32:8a:1c:fa:e9:16:10:
                    bb:08:6c:21:94:3e:d1:1a:4f:01:82:23:03:e6:06:
                    cc:55:70:dc:ea:f5:cf:2f:78:e2:54:c9:b7:6f:75:
                    12:d3:2a:f7:c8:49:2d:f3:52:b8:bc:fe:29:c7:2e:
                    ca:3f:c1:1a:8e:7a:e8:df:f4:c1:20:7f:46:01:1b:
                    7c:dd:27:1d:ba:d5:9e:b0:21:24:25:1b:62:ba:9d:
                    57:31:a9:d1:f8:b9:94:1d:e9:39:f2:af:49:ba:8d:
                    de:22:d1:ef:c7:ec:ad:03:b2:5a:6f:8a:7c:b0:5f:
                    c8:26:bd:1d:b9:da:01:df:00:b0:4a:c2:8a:63:3f:
                    a2:92:21:6e:a4:a0:a4:c1:ab:96:10:0b:33:3a:a8:
                    e8:a3:5a:1c:eb:3d:4c:28:0c:58:62:67:02:b6:58:
                    8c:29:72:c6:c1:79:e8:4f:08:80:1c:78:2f:57:01:
                    bb:a9:f5:e2:82:3c:81:d3:cd:b4:e9:62:2a:9f:22:
                    a9:b7:c1:91:01:d9:f5:df:77:db:ec:ea:d1:c4:fd:
                    b1:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                66:8D:11:F4:32:F3:51:C2:C5:4D:6B:AC:4B:DA:E3:A5:FF:A0:77:C3
            X509v3 Authority Key Identifier: 
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0899FB82C47D11EC82B71D89F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.251.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:4a:b5:98:82:92:f4:b2:1a:e7:37:4b:29:32:7b:bd:30:53:
         e8:5d:9b:06:d7:34:ac:a4:be:11:7c:b4:2a:6c:82:bf:0f:8f:
         22:84:f1:e6:ab:be:4b:ac:ad:bb:64:9e:ad:0f:e0:71:fd:67:
         f6:91:11:c8:c3:e0:31:5a:8a:26:6d:46:7c:74:f4:d9:64:89:
         d1:96:23:12:36:c4:c3:7e:9e:9e:d3:db:59:2c:f6:ba:68:47:
         4b:da:4f:77:0c:fe:ef:76:82:02:e8:f6:99:74:83:e8:27:49:
         1c:5b:3c:07:59:b5:eb:33:7e:30:bd:28:71:22:33:83:9f:79:
         6a:5d:49:69:45:52:a2:63:a4:5b:c3:6a:12:26:0d:92:1d:f6:
         c8:65:87:b4:12:72:03:4d:93:c4:09:48:e3:6c:fe:98:f0:2a:
         5c:b5:48:80:07:18:45:c1:71:24:08:ac:f3:b5:86:c3:d6:11:
         65:4b:eb:7b:46:6d:c1:32:d8:9c:58:bd:f7:29:22:9e:55:21:
         d5:f3:32:3c:1e:0e:9b:95:44:a6:de:9a:3f:86:a3:6f:5e:b8:
         1a:3c:ff:1f:f8:b3:59:1e:ad:58:24:7b:e8:ad:9a:e6:48:3f:
         a9:a1:77:39:58:a8:ec:86:1b:7f:74:fd:8c:e6:54:ce:c3:e4:
         08:c3:75:b5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICE2wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMjA0MjUwOTQ5NDBaFw0yMzAxMzAwOTQ5NDBaMBgxFjAU
BgNVBAMMDTYyNjY2ZWI4LTgwZDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDvh5m1C41cGVdYeqm79kQ4SQDiTSryt4NYXFhAKE63Hyw+Z8niYIQYBGP8
vnI4whftwwK4Mooc+ukWELsIbCGUPtEaTwGCIwPmBsxVcNzq9c8veOJUybdvdRLT
KvfISS3zUri8/inHLso/wRqOeujf9MEgf0YBG3zdJx261Z6wISQlG2K6nVcxqdH4
uZQd6Tnyr0m6jd4i0e/H7K0DslpvinywX8gmvR252gHfALBKwopjP6KSIW6koKTB
q5YQCzM6qOijWhzrPUwoDFhiZwK2WIwpcsbBeehPCIAceC9XAbup9eKCPIHTzbTp
YiqfIqm3wZEB2fXfd9vs6tHE/bHxAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUZo0R
9DLzUcLFTWusS9rjpf+gd8MwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzA4OTlGQjgyQzQ3RDExRUM4MkI3MUQ4OUYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc+0EwDQYJKoZIhvcNAQELBQAD
ggEBAIZKtZiCkvSyGuc3Sykye70wU+hdmwbXNKykvhF8tCpsgr8PjyKE8earvkus
rbtknq0P4HH9Z/aREcjD4DFaiiZtRnx09NlkidGWIxI2xMN+np7T21ks9rpoR0va
T3cM/u92ggLo9pl0g+gnSRxbPAdZteszfjC9KHEiM4OfeWpdSWlFUqJjpFvDahIm
DZId9shlh7QScgNNk8QJSONs/pjwKly1SIAHGEXBcSQIrPO1hsPWEWVL63tGbcEy
2JxYvfcpIp5VIdXzMjweDpuVRKbemj+Go29euBo8/x/4s1kerVgke+itmuZIP6mh
dzlYqOyGG390/YzmVM7D5AjDdbU=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:11:31 2022 by rpki-client.