Route Origin Authorization

$ cd rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/

$ rpki-client -vvf 1974C978C47D11ECA2C35F89F1222468.roa
File:                     1974C978C47D11ECA2C35F89F1222468.roa (download)
Hash identifier:          HN4Ap2oXXUIDCsdZK5HcjS/BZbKGSyFuX8rSHyN1UmE=
Subject key identifier:   79:93:03:3B:05:37:A4:6E:9F:84:33:62:AC:CC:D1:08:45:A2:B3:B2
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       136E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1974C978C47D11ECA2C35F89F1222468.roa
ROA valid until:          Jan 30 09:50:09 2023 GMT
asID:                     139057
IP address blocks:
    1: 156.251.68.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4974 (0x136e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 25 09:50:09 2022 GMT
            Not After : Jan 30 09:50:09 2023 GMT
        Subject: CN=62666ed4-ea52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:7e:cd:77:95:f4:2c:69:cd:66:c5:e3:dd:31:
                    10:b7:b3:7f:11:ee:ee:8c:39:8f:5b:d9:7f:42:d7:
                    2c:2d:03:e3:5d:a0:cf:dd:4e:d6:b7:41:a6:1c:b2:
                    c4:60:96:c2:18:65:c3:b2:76:0d:d6:a8:98:ee:9a:
                    de:6b:73:22:6a:0d:5d:4e:7e:a2:1c:8f:cd:c8:49:
                    63:0b:cf:d3:ae:7f:bd:c3:6e:fa:ff:7f:1a:bd:61:
                    5d:3e:63:6c:53:f9:38:66:73:28:9c:8f:3a:0f:f7:
                    ca:c0:3f:7e:18:f6:9b:df:64:4e:7a:78:64:5a:30:
                    da:fc:8a:1f:b6:f9:68:fe:43:83:0b:7c:a0:85:81:
                    d1:46:ca:1f:e2:a9:51:7f:f6:cc:f0:cf:b9:fc:73:
                    1e:bd:8b:1a:22:dd:8a:86:e6:98:bf:e8:d3:c9:87:
                    9a:2d:ab:ba:92:3b:19:bd:0e:fa:e5:24:b4:90:e4:
                    d9:bd:35:39:ee:d8:fa:cd:90:ac:4a:45:8e:7f:20:
                    eb:7b:21:43:6d:95:6d:37:be:67:22:02:d8:9d:df:
                    32:ce:ea:1b:9d:3f:c0:1b:35:c3:e2:aa:c4:b3:b0:
                    85:df:b1:cc:28:31:ab:26:2c:99:36:63:b9:de:e0:
                    1b:f6:ce:1e:14:9c:42:45:d2:49:0d:94:26:08:2c:
                    30:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                79:93:03:3B:05:37:A4:6E:9F:84:33:62:AC:CC:D1:08:45:A2:B3:B2
            X509v3 Authority Key Identifier: 
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1974C978C47D11ECA2C35F89F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.251.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a0:3d:4e:18:7d:f9:85:ab:eb:44:cc:b4:95:33:eb:37:58:84:
         3d:9d:d6:95:0e:55:0f:08:96:4a:b6:13:c7:d5:fd:22:49:cf:
         42:70:55:76:c0:f9:67:dd:e1:6e:01:b9:d3:35:28:36:bc:34:
         bb:27:7c:e6:62:ac:5d:7c:10:9c:a7:b2:f9:7e:72:db:07:39:
         33:e6:1d:c1:78:33:ac:71:39:3d:ca:d2:ef:42:b7:37:79:9c:
         5d:09:59:1e:86:8e:65:19:5b:06:4d:6e:ef:da:c4:99:77:7c:
         7e:58:22:f0:35:11:50:46:e3:45:a7:30:fa:cd:c9:55:78:23:
         59:45:88:69:a7:8d:ab:2e:ee:47:8c:28:94:a9:89:7b:4b:23:
         08:3e:e0:fd:7d:44:2d:53:5c:01:db:8e:26:8e:7f:e8:65:13:
         e2:67:9c:42:07:2d:9e:c9:f2:d8:39:3f:7e:19:80:47:f9:71:
         b2:28:12:84:fc:4a:db:e9:22:fc:43:a0:85:e5:eb:c8:89:a3:
         75:89:93:14:81:ba:7e:71:6a:50:1f:8d:88:e9:ab:34:0c:f9:
         6d:f0:9e:bb:27:68:b3:57:4f:73:7e:9f:b8:ff:b1:06:c4:05:
         2b:ea:c2:bc:93:9e:26:55:64:ce:26:3d:eb:4f:05:37:15:1b:
         5e:61:93:3f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICE24wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMjA0MjUwOTUwMDlaFw0yMzAxMzAwOTUwMDlaMBgxFjAU
BgNVBAMMDTYyNjY2ZWQ0LWVhNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCtfs13lfQsac1mxePdMRC3s38R7u6MOY9b2X9C1ywtA+NdoM/dTta3QaYc
ssRglsIYZcOydg3WqJjumt5rcyJqDV1OfqIcj83ISWMLz9Ouf73Dbvr/fxq9YV0+
Y2xT+ThmcyicjzoP98rAP34Y9pvfZE56eGRaMNr8ih+2+Wj+Q4MLfKCFgdFGyh/i
qVF/9szwz7n8cx69ixoi3YqG5pi/6NPJh5otq7qSOxm9DvrlJLSQ5Nm9NTnu2PrN
kKxKRY5/IOt7IUNtlW03vmciAtid3zLO6hudP8AbNcPiqsSzsIXfscwoMasmLJk2
Y7ne4Bv2zh4UnEJF0kkNlCYILDBFAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUeZMD
OwU3pG6fhDNirMzRCEWis7IwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzE5NzRDOTc4QzQ3RDExRUNBMkMzNUY4OUYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKc+0QwDQYJKoZIhvcNAQELBQAD
ggEBAKA9Thh9+YWr60TMtJUz6zdYhD2d1pUOVQ8Ilkq2E8fV/SJJz0JwVXbA+Wfd
4W4BudM1KDa8NLsnfOZirF18EJynsvl+ctsHOTPmHcF4M6xxOT3K0u9Ctzd5nF0J
WR6GjmUZWwZNbu/axJl3fH5YIvA1EVBG40WnMPrNyVV4I1lFiGmnjasu7keMKJSp
iXtLIwg+4P19RC1TXAHbjiaOf+hlE+JnnEIHLZ7J8tg5P34ZgEf5cbIoEoT8Stvp
IvxDoIXl68iJo3WJkxSBun5xalAfjYjpqzQM+W3wnrsnaLNXT3N+n7j/sQbEBSvq
wryTniZVZM4mPetPBTcVG15hkz8=
-----END CERTIFICATE-----
Generated at Sat Dec 3 18:34:26 2022 by rpki-client.