Route Origin Authorization

$ cd rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/

$ rpki-client -vvf 9FC9043AC47D11ECA2000D8BF1222468.roa
File:                     9FC9043AC47D11ECA2000D8BF1222468.roa (download)
Hash identifier:          E7ZLKl7fO221nHcmOVbNcFyTIIU+CdvrdkhOUi5DmNw=
Subject key identifier:   06:A1:48:8F:E9:2B:2C:27:69:E5:AA:E5:8E:CC:CE:69:B1:E0:94:34
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       137C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FC9043AC47D11ECA2000D8BF1222468.roa
ROA valid until:          Jan 30 09:53:54 2023 GMT
asID:                     139057
IP address blocks:
    1: 156.251.72.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4988 (0x137c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 25 09:53:54 2022 GMT
            Not After : Jan 30 09:53:54 2023 GMT
        Subject: CN=62666fb5-f624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:54:bf:48:60:f1:cb:96:82:3c:a4:d5:dc:66:
                    63:8a:ba:4f:0c:c7:b2:42:53:13:7a:1c:ac:a1:11:
                    71:32:40:f4:4b:c5:4c:92:87:7b:a9:40:0f:70:1b:
                    c5:7e:66:90:7d:f0:b4:9c:a8:cc:1f:43:5e:e1:97:
                    7d:a2:c2:a5:50:d6:34:dc:7a:c6:45:f8:1e:83:42:
                    ef:91:33:48:60:b1:bb:cf:bb:0a:cd:81:f9:01:89:
                    ee:9a:66:20:bf:54:41:34:97:18:df:7b:ca:67:75:
                    9f:fc:82:df:3f:9f:be:d9:f3:8c:a5:b9:f6:68:7a:
                    55:d9:19:c3:64:99:9f:72:e2:86:f0:f8:65:71:64:
                    2a:8f:5b:25:30:e9:6f:40:1a:6c:d6:77:dd:49:48:
                    e9:dd:1c:34:ea:14:b6:cd:25:0f:e0:b0:1d:29:23:
                    a3:a6:3c:46:42:41:6e:a8:d0:c5:bc:46:fc:96:31:
                    bd:d6:f8:3a:65:b6:a0:55:57:4d:ec:30:13:20:a7:
                    55:52:8d:ac:5f:4d:5d:36:5b:6b:4b:a3:0b:6f:c2:
                    91:20:03:3d:7a:69:c1:cd:b8:a4:b1:5d:17:ed:13:
                    31:b9:fc:5c:ae:d9:25:8d:49:84:cd:34:c2:eb:54:
                    8b:88:a7:75:56:7d:fe:15:5c:2d:4e:ab:8b:e6:21:
                    32:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                06:A1:48:8F:E9:2B:2C:27:69:E5:AA:E5:8E:CC:CE:69:B1:E0:94:34
            X509v3 Authority Key Identifier: 
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FC9043AC47D11ECA2000D8BF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.251.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2c:5f:ef:49:54:33:f6:3b:c2:1d:40:78:9e:a0:a2:8c:b7:55:
         cf:b6:d5:d7:c7:71:55:10:65:76:75:56:48:eb:92:7c:cc:08:
         4a:60:99:f7:8e:e0:9e:56:f7:4c:2c:1d:8c:dc:54:b3:38:47:
         9c:f4:6d:dc:7e:5e:cc:63:a3:b4:bf:7d:25:ec:ca:a7:8f:63:
         bb:2b:0f:8d:03:c9:aa:ad:2a:cd:4e:20:7b:ed:83:40:13:6d:
         1d:c1:a8:58:37:c6:e5:ca:92:5d:74:0f:f4:80:4e:30:b8:23:
         58:e0:3d:8b:24:1d:a7:fd:7a:f2:89:6b:65:92:fe:51:d8:27:
         07:62:df:a5:9c:05:3b:8a:5d:65:bd:e1:fb:4a:80:53:05:0c:
         30:a1:42:26:9b:7b:a5:27:36:0f:31:4e:e0:b6:71:86:77:98:
         89:6f:ad:28:c8:0a:de:2b:76:25:d3:dc:12:21:80:a6:92:4a:
         be:30:37:66:ce:1f:65:2a:63:24:05:8f:97:9d:a5:67:a6:39:
         43:db:85:89:d0:63:10:fd:1a:f5:35:ec:f5:0b:d7:37:48:0a:
         2f:76:de:64:25:2a:47:cf:8d:62:48:de:1c:aa:e6:eb:1e:26:
         85:7f:3c:f7:03:11:e8:1a:19:45:f6:94:89:f5:e5:0e:91:03:
         38:84:f9:c3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICE3wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMjA0MjUwOTUzNTRaFw0yMzAxMzAwOTUzNTRaMBgxFjAU
BgNVBAMMDTYyNjY2ZmI1LWY2MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDrVL9IYPHLloI8pNXcZmOKuk8Mx7JCUxN6HKyhEXEyQPRLxUySh3upQA9w
G8V+ZpB98LScqMwfQ17hl32iwqVQ1jTcesZF+B6DQu+RM0hgsbvPuwrNgfkBie6a
ZiC/VEE0lxjfe8pndZ/8gt8/n77Z84ylufZoelXZGcNkmZ9y4obw+GVxZCqPWyUw
6W9AGmzWd91JSOndHDTqFLbNJQ/gsB0pI6OmPEZCQW6o0MW8RvyWMb3W+DpltqBV
V03sMBMgp1VSjaxfTV02W2tLowtvwpEgAz16acHNuKSxXRftEzG5/Fyu2SWNSYTN
NMLrVIuIp3VWff4VXC1Oq4vmITJlAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUBqFI
j+krLCdp5arljszOabHglDQwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzlGQzkwNDNBQzQ3RDExRUNBMjAwMEQ4QkYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKc+0gwDQYJKoZIhvcNAQELBQAD
ggEBACxf70lUM/Y7wh1AeJ6gooy3Vc+21dfHcVUQZXZ1VkjrknzMCEpgmfeO4J5W
90wsHYzcVLM4R5z0bdx+Xsxjo7S/fSXsyqePY7srD40DyaqtKs1OIHvtg0ATbR3B
qFg3xuXKkl10D/SATjC4I1jgPYskHaf9evKJa2WS/lHYJwdi36WcBTuKXWW94ftK
gFMFDDChQiabe6UnNg8xTuC2cYZ3mIlvrSjICt4rdiXT3BIhgKaSSr4wN2bOH2Uq
YyQFj5edpWemOUPbhYnQYxD9GvU17PUL1zdICi923mQlKkfPjWJI3hyq5useJoV/
PPcDEegaGUX2lIn15Q6RAziE+cM=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:48:35 2022 by rpki-client.