Route Origin Authorization

$ cd rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/

$ rpki-client -vvf 746C18F0C47C11ECADFF2C87F1222468.roa
File:                     746C18F0C47C11ECADFF2C87F1222468.roa (download)
Hash identifier:          PDPN74luedLBBkuG2GRSJ81D/rEoObiJUgIIHsQYxbw=
Subject key identifier:   9D:77:1E:B7:96:28:80:7D:94:2B:A1:21:1A:EA:5E:E6:68:EF:DD:85
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       135E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/746C18F0C47C11ECADFF2C87F1222468.roa
ROA valid until:          Jan 30 09:45:31 2023 GMT
asID:                     139057
IP address blocks:
    1: 156.251.72.0/21 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4958 (0x135e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 25 09:45:31 2022 GMT
            Not After : Jan 30 09:45:31 2023 GMT
        Subject: CN=62666dbf-4eb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:49:25:7f:77:9f:75:b9:b2:6a:b1:f1:fb:df:
                    f9:61:32:c1:5f:ed:ba:92:f7:60:e1:87:27:0a:af:
                    3a:6e:b0:91:57:4f:a7:96:c3:a0:67:1f:8a:a5:91:
                    a4:fd:a9:80:85:ea:0e:d5:86:7c:69:af:da:34:4c:
                    b8:01:9b:ed:a0:e5:2e:13:79:c9:26:71:b8:a7:97:
                    a4:25:54:fe:6a:df:15:29:1f:9e:71:88:ec:df:f5:
                    fd:cb:22:a1:45:05:03:05:f2:a4:f8:78:c7:58:35:
                    38:de:42:af:66:e4:7a:9b:a4:aa:23:ce:91:e5:00:
                    df:a4:10:57:1b:83:17:24:90:72:0d:87:fc:3a:07:
                    a6:37:83:d6:21:d8:aa:8f:8e:3e:c0:9e:8b:a1:66:
                    30:99:de:d5:c6:35:da:48:79:21:d4:96:61:b1:03:
                    6e:86:e3:55:a8:fc:29:c4:4d:76:7c:bc:25:c0:91:
                    0c:ee:2d:60:87:73:0b:9a:0d:ba:81:7c:6b:5c:a5:
                    52:6a:4c:50:bc:e9:80:66:ca:d9:6c:1b:e7:08:27:
                    75:f6:17:cf:45:74:51:79:ca:81:d2:61:16:73:0d:
                    d4:20:81:cf:bf:f4:57:2d:b7:8e:35:66:7b:bd:59:
                    69:e4:02:53:ef:08:6b:3f:82:48:6c:13:d5:f6:31:
                    09:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                9D:77:1E:B7:96:28:80:7D:94:2B:A1:21:1A:EA:5E:E6:68:EF:DD:85
            X509v3 Authority Key Identifier: 
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/746C18F0C47C11ECADFF2C87F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.251.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         38:9d:16:2d:f1:92:65:4b:35:88:5c:68:86:d5:6f:8e:73:50:
         11:0c:ef:75:65:d9:21:0b:a6:dc:da:cc:2f:a4:e2:5d:21:3d:
         b3:b8:d1:6b:51:4b:90:b9:89:f7:d2:5d:f9:18:60:16:a2:a9:
         95:90:c8:50:23:1b:40:e1:01:fc:31:26:bd:59:39:f1:3b:6e:
         a7:e1:7f:21:1c:fa:b8:1c:1c:32:07:7a:58:9c:a2:f3:64:27:
         26:4a:13:0a:24:92:39:00:16:7d:22:6b:f1:7a:8d:ee:26:20:
         04:2f:94:c8:67:b3:77:07:41:a0:fd:72:55:33:c3:ac:eb:07:
         b0:31:ba:88:41:88:d9:b3:b3:a2:e0:1d:b3:ce:24:01:9a:16:
         8e:91:46:77:03:8d:3c:d0:a9:93:4c:5f:32:e8:25:78:3c:f7:
         47:7b:bc:93:35:ed:e4:91:28:d0:a3:c8:ac:2e:ee:bb:09:36:
         c0:2b:f0:11:1c:38:66:c5:93:0d:ff:05:3e:8f:4c:08:84:3a:
         8a:90:54:2a:b6:d6:c0:14:26:19:b9:e3:f0:75:a7:e3:93:80:
         fd:2b:64:48:97:d6:84:c8:e7:a6:4f:98:cb:d3:71:63:f0:c9:
         0e:f1:6f:ee:47:7d:05:e5:d5:09:f1:d8:e7:55:1e:f7:83:94:
         3b:2e:f8:d9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICE14wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMjA0MjUwOTQ1MzFaFw0yMzAxMzAwOTQ1MzFaMBgxFjAU
BgNVBAMMDTYyNjY2ZGJmLTRlYjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDOSSV/d591ubJqsfH73/lhMsFf7bqS92DhhycKrzpusJFXT6eWw6BnH4ql
kaT9qYCF6g7Vhnxpr9o0TLgBm+2g5S4Teckmcbinl6QlVP5q3xUpH55xiOzf9f3L
IqFFBQMF8qT4eMdYNTjeQq9m5HqbpKojzpHlAN+kEFcbgxckkHINh/w6B6Y3g9Yh
2KqPjj7AnouhZjCZ3tXGNdpIeSHUlmGxA26G41Wo/CnETXZ8vCXAkQzuLWCHcwua
DbqBfGtcpVJqTFC86YBmytlsG+cIJ3X2F89FdFF5yoHSYRZzDdQggc+/9Fctt441
Znu9WWnkAlPvCGs/gkhsE9X2MQm5AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUnXce
t5YogH2UK6EhGupe5mjv3YUwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4Lzc0NkMxOEYwQzQ3QzExRUNBREZGMkM4N0YxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOc+0gwDQYJKoZIhvcNAQELBQAD
ggEBADidFi3xkmVLNYhcaIbVb45zUBEM73Vl2SELptzazC+k4l0hPbO40WtRS5C5
iffSXfkYYBaiqZWQyFAjG0DhAfwxJr1ZOfE7bqfhfyEc+rgcHDIHelicovNkJyZK
EwokkjkAFn0ia/F6je4mIAQvlMhns3cHQaD9clUzw6zrB7AxuohBiNmzs6LgHbPO
JAGaFo6RRncDjTzQqZNMXzLoJXg890d7vJM17eSRKNCjyKwu7rsJNsAr8BEcOGbF
kw3/BT6PTAiEOoqQVCq21sAUJhm54/B1p+OTgP0rZEiX1oTI56ZPmMvTcWPwyQ7x
b+5HfQXl1Qnx2OdVHveDlDsu+Nk=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:48:34 2022 by rpki-client.