Route Origin Authorization

$ cd rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/

$ rpki-client -vvf 88F80AC4D04611EC892253A0F1222468.roa
File:                     88F80AC4D04611EC892253A0F1222468.roa (download)
Hash identifier:          QHQss6VVoODrtIMngfDD/kjFy26O59Q+oK+Jl2ttOhE=
Subject key identifier:   F3:D2:0B:89:35:C1:F3:D3:7C:8B:F6:0F:C0:64:B7:E5:81:1A:9B:B7
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       13BD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/88F80AC4D04611EC892253A0F1222468.roa
ROA valid until:          Dec 30 09:49:47 2022 GMT
asID:                     139057
IP address blocks:
    1: 156.238.133.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5053 (0x13bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: May 10 09:49:47 2022 GMT
            Not After : Dec 30 09:49:47 2022 GMT
        Subject: CN=627a353e-5c72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:43:f5:a2:ac:c2:71:93:8a:11:be:20:95:41:
                    b6:38:d7:62:e3:f4:ef:27:84:b4:a8:d1:8e:21:12:
                    ed:fa:29:5a:80:5c:ff:8f:de:43:c8:7e:32:6d:79:
                    7c:1b:f7:a6:96:c8:df:82:30:31:06:c2:57:77:97:
                    d0:14:a0:1e:ce:14:81:12:df:43:c1:2b:ff:97:fd:
                    80:f6:a5:28:ad:4a:df:8a:2b:65:48:42:04:a1:31:
                    13:41:1c:89:59:c2:be:72:b8:bf:e3:b5:ae:07:57:
                    e0:f2:d7:76:67:c2:74:17:c1:22:2b:47:88:87:37:
                    8f:9e:a1:31:18:ed:c1:ff:dd:8e:18:bd:9e:6f:85:
                    ce:57:e9:37:38:65:d2:f2:54:e4:38:0f:92:ab:be:
                    7f:95:a1:0d:d3:11:65:09:63:18:f8:28:eb:5d:28:
                    5e:14:5d:12:c4:0c:a4:28:95:b3:e8:b0:8d:5f:ee:
                    0f:23:d7:dc:58:21:c2:7d:09:fe:09:b1:2a:3c:79:
                    03:58:3a:68:c7:c4:49:64:0c:a5:c4:c6:06:48:96:
                    c6:be:f4:79:8f:18:a1:b9:68:6d:55:8a:02:3d:37:
                    c0:4b:49:de:4f:5c:b7:cd:d9:2d:29:20:a9:8b:df:
                    8a:ab:f5:7e:7d:5e:18:cb:a4:8f:de:43:ff:59:2a:
                    c6:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                F3:D2:0B:89:35:C1:F3:D3:7C:8B:F6:0F:C0:64:B7:E5:81:1A:9B:B7
            X509v3 Authority Key Identifier: 
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/88F80AC4D04611EC892253A0F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.238.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:6b:b9:e3:a2:aa:e2:ae:af:d5:e7:06:72:60:2f:1b:78:50:
         92:13:d8:22:0b:29:d6:14:81:96:c7:c9:c8:ef:e4:7d:17:7d:
         20:77:46:cb:c3:7c:a1:3b:ca:7a:38:ce:ee:08:e3:d0:3e:4a:
         0a:de:c1:f4:b2:60:d8:7a:0d:27:f6:20:8b:7f:08:bd:53:2f:
         ac:c6:d2:1d:17:6b:80:62:a7:f9:07:92:6c:93:7b:53:76:c8:
         b8:02:44:9c:c1:e3:f5:ad:3b:ce:b4:70:f3:14:47:40:2f:73:
         46:f1:48:b1:7d:0f:05:6f:97:f0:9d:5e:a8:76:de:0a:56:03:
         bc:17:8c:f8:1c:4a:41:e4:cc:be:b8:75:2d:5f:30:d8:c5:ce:
         b8:56:3b:74:db:7a:23:c6:76:03:f4:c6:e6:0a:35:6c:53:7d:
         60:09:fa:fb:09:03:6f:54:9b:4c:06:0b:37:b2:67:11:b7:08:
         d7:b2:78:dc:07:6d:19:51:a1:b3:58:d4:ae:ab:db:a9:66:6d:
         08:2c:e4:e8:ba:00:c4:aa:44:22:f8:22:eb:ce:cc:9e:f7:ff:
         36:27:e2:c8:de:14:96:ef:e0:64:5d:9d:3e:72:6c:57:72:dd:
         72:ce:28:58:44:ee:f4:31:20:33:58:c5:b9:bc:8e:cc:f6:f0:
         b6:72:a7:fa
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICE70wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMjA1MTAwOTQ5NDdaFw0yMjEyMzAwOTQ5NDdaMBgxFjAU
BgNVBAMMDTYyN2EzNTNlLTVjNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEQ/WirMJxk4oRviCVQbY412Lj9O8nhLSo0Y4hEu36KVqAXP+P3kPIfjJt
eXwb96aWyN+CMDEGwld3l9AUoB7OFIES30PBK/+X/YD2pSitSt+KK2VIQgShMRNB
HIlZwr5yuL/jta4HV+Dy13ZnwnQXwSIrR4iHN4+eoTEY7cH/3Y4YvZ5vhc5X6Tc4
ZdLyVOQ4D5Krvn+VoQ3TEWUJYxj4KOtdKF4UXRLEDKQolbPosI1f7g8j19xYIcJ9
Cf4JsSo8eQNYOmjHxElkDKXExgZIlsa+9HmPGKG5aG1VigI9N8BLSd5PXLfN2S0p
IKmL34qr9X59XhjLpI/eQ/9ZKsahAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU89IL
iTXB89N8i/YPwGS35YEam7cwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4Lzg4RjgwQUM0RDA0NjExRUM4OTIyNTNBMEYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc7oUwDQYJKoZIhvcNAQELBQAD
ggEBAE1rueOiquKur9XnBnJgLxt4UJIT2CILKdYUgZbHycjv5H0XfSB3RsvDfKE7
yno4zu4I49A+SgrewfSyYNh6DSf2IIt/CL1TL6zG0h0Xa4Bip/kHkmyTe1N2yLgC
RJzB4/WtO860cPMUR0Avc0bxSLF9DwVvl/CdXqh23gpWA7wXjPgcSkHkzL64dS1f
MNjFzrhWO3TbeiPGdgP0xuYKNWxTfWAJ+vsJA29Um0wGCzeyZxG3CNeyeNwHbRlR
obNY1K6r26lmbQgs5Oi6AMSqRCL4IuvOzJ73/zYn4sjeFJbv4GRdnT5ybFdy3XLO
KFhE7vQxIDNYxbm8jsz28LZyp/o=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:11:32 2022 by rpki-client.