Route Origin Authorization

$ cd rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/

$ rpki-client -vvf FF0EC9E0250B11EDBB3083E9F1222468.roa
File:                     FF0EC9E0250B11EDBB3083E9F1222468.roa (download)
Hash identifier:          TZhbFxGr/UhJO5DcK7XobZVAQ7QfUjzXuR1Wg3BjJps=
Subject key identifier:   99:8E:64:3A:25:C5:5F:73:D4:0E:C6:2A:EE:56:4C:08:92:A1:0B:8D
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       170D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF0EC9E0250B11EDBB3083E9F1222468.roa
ROA valid until:          Jan 15 06:54:54 2023 GMT
asID:                     139057
IP address blocks:
    1: 156.225.109.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5901 (0x170d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Aug 26 06:54:54 2022 GMT
            Not After : Jan 15 06:54:54 2023 GMT
        Subject: CN=63086e41-6b61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:92:4a:77:91:d6:b4:ac:aa:be:7d:3f:ef:b3:
                    38:86:69:08:10:01:80:d7:85:93:6f:be:34:8e:c9:
                    57:b3:bf:3b:69:29:54:41:8e:93:48:aa:28:92:f1:
                    3b:62:32:bc:97:e9:05:34:2c:af:77:87:35:1d:d9:
                    44:d0:86:c7:23:3f:34:01:5a:ac:97:4e:d2:13:80:
                    d9:e4:00:0d:8d:74:82:cf:8d:a5:ba:41:d7:3c:80:
                    79:2b:06:e9:7b:91:41:b5:a4:75:99:3b:80:b3:9b:
                    e0:30:21:49:d7:79:14:bd:c9:98:0a:5d:95:a3:6c:
                    27:2e:ef:12:e5:1c:f9:8e:fb:7b:32:f1:00:23:11:
                    5f:ee:ff:3e:4e:fd:78:31:7c:ae:a9:83:d6:f3:ab:
                    69:52:20:f5:f5:e8:02:ef:e2:2b:9d:d5:c6:09:0e:
                    e3:e6:d0:3d:6c:4e:93:4b:37:73:1b:44:80:08:0a:
                    db:cd:03:89:ba:8f:0b:d7:b6:dc:04:c4:89:a4:18:
                    eb:40:30:44:12:7e:b6:ec:8a:e8:da:cc:4a:98:68:
                    32:a0:eb:e1:f0:40:a0:33:da:18:9e:b9:de:14:c9:
                    a0:f5:1d:a6:9c:1c:fb:72:1a:ef:a5:0f:cd:fd:92:
                    0a:f6:13:9d:3c:dd:86:07:c8:5e:74:fd:7c:3a:0d:
                    d0:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                99:8E:64:3A:25:C5:5F:73:D4:0E:C6:2A:EE:56:4C:08:92:A1:0B:8D
            X509v3 Authority Key Identifier: 
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF0EC9E0250B11EDBB3083E9F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.225.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:5e:77:e4:e7:a4:3f:80:a8:b4:e2:ef:9f:23:f5:62:c0:a8:
         af:a8:94:69:da:6e:53:ad:10:66:1e:2d:7b:d9:e7:2d:4b:24:
         d8:26:16:48:8e:0e:f0:43:d9:a9:6c:48:38:d0:16:bf:4a:bd:
         1c:4a:6f:e4:2c:5c:d3:6b:87:07:83:ab:03:9b:ea:24:27:1b:
         60:ae:54:b2:39:db:61:55:3a:54:ab:e7:4c:61:46:c1:45:52:
         3d:50:49:31:bb:47:51:d2:dc:ec:ba:7c:8b:4c:84:11:58:39:
         a6:0f:ea:2b:39:f7:cf:dd:b2:da:cc:1b:82:01:3e:00:61:5e:
         ce:06:d1:86:d7:ef:46:be:82:06:ed:1a:47:a5:5f:6e:0c:3e:
         0d:b9:69:4e:47:ca:a8:69:ac:9b:cc:26:1c:bc:e7:fb:2d:a5:
         39:4f:ba:34:ca:be:24:b9:01:1a:21:e3:f2:15:8b:e0:98:49:
         01:47:05:03:01:a1:fc:e2:7b:af:b8:e4:03:de:1d:ec:01:b7:
         6a:57:85:22:bb:4e:90:9e:15:44:df:5f:c3:78:e9:31:1b:12:
         5d:d6:69:8e:94:44:10:c2:a6:b2:e8:f2:97:c4:95:12:eb:f5:
         cc:1a:58:8a:b3:61:af:c6:02:95:3d:aa:7e:b7:a1:42:e4:76:
         26:cd:35:96
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICFw0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMjA4MjYwNjU0NTRaFw0yMzAxMTUwNjU0NTRaMBgxFjAU
BgNVBAMMDTYzMDg2ZTQxLTZiNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCfkkp3kda0rKq+fT/vsziGaQgQAYDXhZNvvjSOyVezvztpKVRBjpNIqiiS
8TtiMryX6QU0LK93hzUd2UTQhscjPzQBWqyXTtITgNnkAA2NdILPjaW6Qdc8gHkr
Bul7kUG1pHWZO4Czm+AwIUnXeRS9yZgKXZWjbCcu7xLlHPmO+3sy8QAjEV/u/z5O
/XgxfK6pg9bzq2lSIPX16ALv4iud1cYJDuPm0D1sTpNLN3MbRIAICtvNA4m6jwvX
ttwExImkGOtAMEQSfrbsiujazEqYaDKg6+HwQKAz2hieud4UyaD1HaacHPtyGu+l
D839kgr2E5083YYHyF50/Xw6DdCFAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUmY5k
OiXFX3PUDsYq7lZMCJKhC40wHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4L0ZGMEVDOUUwMjUwQjExRURCQjMwODNFOUYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc4W0wDQYJKoZIhvcNAQELBQAD
ggEBAHled+TnpD+AqLTi758j9WLAqK+olGnablOtEGYeLXvZ5y1LJNgmFkiODvBD
2alsSDjQFr9KvRxKb+QsXNNrhweDqwOb6iQnG2CuVLI522FVOlSr50xhRsFFUj1Q
STG7R1HS3Oy6fItMhBFYOaYP6is598/dstrMG4IBPgBhXs4G0YbX70a+ggbtGkel
X24MPg25aU5HyqhprJvMJhy85/stpTlPujTKviS5ARoh4/IVi+CYSQFHBQMBofzi
e6+45APeHewBt2pXhSK7TpCeFUTfX8N46TEbEl3WaY6URBDCprLo8pfElRLr9cwa
WIqzYa/GApU9qn63oULkdibNNZY=
-----END CERTIFICATE-----
Generated at Sat Dec 3 18:34:27 2022 by rpki-client.