Route Origin Authorization

$ cd rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/

$ rpki-client -vvf D2817E1A750011EC963E44975A40D577.roa
File:                     D2817E1A750011EC963E44975A40D577.roa (download)
Hash identifier:          vytB1bxYqZeiVsKh0/qR6/mYjjiUGtgv6dCPr4I7kTc=
Subject key identifier:   AB:8D:2D:7A:B1:A1:62:63:85:F8:CA:D8:8E:38:00:DF:63:A2:2C:D5
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       1185
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2817E1A750011EC963E44975A40D577.roa
ROA valid until:          Jan 31 06:11:29 2023 GMT
asID:                     139057
IP address blocks:
    1: 156.225.96.0/20 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4485 (0x1185)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jan 14 06:11:29 2022 GMT
            Not After : Jan 31 06:11:29 2023 GMT
        Subject: CN=61e11416-6519
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ff:90:ab:66:2e:8f:73:7b:7d:49:d2:bc:fe:
                    69:4a:59:93:55:aa:d4:6d:25:a8:69:7a:9e:53:ad:
                    0f:95:d6:1d:f5:95:48:6d:06:1d:a5:39:1a:6f:f6:
                    fb:53:74:06:35:3d:fc:90:58:f0:ba:10:f8:93:67:
                    ee:f5:6e:bd:97:45:63:1a:46:db:fa:40:2a:18:c6:
                    5e:94:be:07:15:45:1c:60:a0:9d:8f:77:63:35:87:
                    0c:52:f6:5e:b7:0c:0e:8c:1f:1b:19:ab:74:dd:57:
                    74:0a:45:96:cc:47:4c:9e:ef:5d:90:90:d0:2a:4d:
                    e5:b8:72:bf:8c:db:13:49:a0:26:80:f1:d0:4b:99:
                    cb:f7:37:ab:f8:80:6e:e0:73:d4:4a:93:8e:64:ad:
                    0c:df:7c:a3:c9:de:83:3d:71:dc:97:18:8e:22:c2:
                    1f:1b:4a:09:fa:8f:68:8e:82:81:dc:38:c4:5d:09:
                    cc:02:1f:6a:d2:0a:6a:00:59:59:50:08:72:3d:60:
                    50:4f:33:0f:e2:67:ff:b7:c8:bd:fc:4d:ce:1c:82:
                    2a:fd:97:cf:34:77:34:51:92:a8:4d:04:5b:e5:81:
                    b7:02:5a:78:4c:c8:a4:2b:89:02:a7:f9:c1:8f:c0:
                    4b:98:27:88:15:6c:c1:0f:d7:6c:24:e4:0b:a4:2f:
                    33:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                AB:8D:2D:7A:B1:A1:62:63:85:F8:CA:D8:8E:38:00:DF:63:A2:2C:D5
            X509v3 Authority Key Identifier: 
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2817E1A750011EC963E44975A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.225.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         25:8f:5c:40:2b:15:40:2a:30:e9:a3:d5:4c:85:7b:97:fb:45:
         c3:6c:89:28:bb:12:fd:d8:95:f2:b5:f3:3d:91:93:9e:52:2a:
         00:33:8b:95:13:44:7f:dd:69:93:94:7c:8c:58:51:6b:23:a3:
         e9:e7:93:65:5e:ff:6d:cc:80:48:db:c5:f0:3f:02:8f:f4:52:
         1c:bc:e9:25:9b:5e:a9:64:31:11:82:57:cc:e9:7a:e2:1e:34:
         89:14:df:bb:ff:52:36:85:34:46:77:0c:f7:34:5c:fc:2a:4f:
         47:07:c4:6e:44:0b:0c:84:ad:db:fb:75:a0:f7:ad:7a:13:d0:
         02:71:5d:2a:6e:8a:7f:87:eb:c2:03:27:28:0d:5b:20:1f:6e:
         01:4f:a6:5d:76:bc:f8:a0:0b:2f:78:93:7a:9e:ae:8e:d8:8c:
         53:45:31:19:aa:2e:56:00:73:0e:a1:da:ea:f5:0f:fd:68:48:
         9e:d7:fc:35:79:6f:09:24:91:f3:9d:2f:d6:1d:43:f8:c4:40:
         b6:6e:34:df:c7:9a:d6:d7:6d:8e:cc:a5:9e:46:cb:65:1f:fb:
         d9:39:23:6d:44:74:f0:ba:10:71:9e:84:7f:69:37:ed:f7:b9:
         17:b1:24:2e:ce:f6:d6:c6:03:48:8a:ef:e5:32:68:fa:c5:b7:
         49:6e:db:06
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEYUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMjAxMTQwNjExMjlaFw0yMzAxMzEwNjExMjlaMBgxFjAU
BgNVBAMMDTYxZTExNDE2LTY1MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCi/5CrZi6Pc3t9SdK8/mlKWZNVqtRtJahpep5TrQ+V1h31lUhtBh2lORpv
9vtTdAY1PfyQWPC6EPiTZ+71br2XRWMaRtv6QCoYxl6UvgcVRRxgoJ2Pd2M1hwxS
9l63DA6MHxsZq3TdV3QKRZbMR0ye712QkNAqTeW4cr+M2xNJoCaA8dBLmcv3N6v4
gG7gc9RKk45krQzffKPJ3oM9cdyXGI4iwh8bSgn6j2iOgoHcOMRdCcwCH2rSCmoA
WVlQCHI9YFBPMw/iZ/+3yL38Tc4cgir9l880dzRRkqhNBFvlgbcCWnhMyKQriQKn
+cGPwEuYJ4gVbMEP12wk5AukLzOfAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUq40t
erGhYmOF+MrYjjgA32OiLNUwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4L0QyODE3RTFBNzUwMDExRUM5NjNFNDQ5NzVBNDBENTc3LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASc4WAwDQYJKoZIhvcNAQELBQAD
ggEBACWPXEArFUAqMOmj1UyFe5f7RcNsiSi7Ev3YlfK18z2Rk55SKgAzi5UTRH/d
aZOUfIxYUWsjo+nnk2Ve/23MgEjbxfA/Ao/0Uhy86SWbXqlkMRGCV8zpeuIeNIkU
37v/UjaFNEZ3DPc0XPwqT0cHxG5ECwyErdv7daD3rXoT0AJxXSpuin+H68IDJygN
WyAfbgFPpl12vPigCy94k3qero7YjFNFMRmqLlYAcw6h2ur1D/1oSJ7X/DV5bwkk
kfOdL9YdQ/jEQLZuNN/HmtbXbY7MpZ5Gy2Uf+9k5I21EdPC6EHGehH9pN+33uRex
JC7O9tbGA0iK7+UyaPrFt0lu2wY=
-----END CERTIFICATE-----
Generated at Sat Dec 3 19:48:35 2022 by rpki-client.