Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3643835/D5B994A8D55E11E9B7571043F8AEA228/06790CE8E4E811E9A6E7B210F8AEA228.roa
File:                     06790CE8E4E811E9A6E7B210F8AEA228.roa (raw, json)
Hash identifier:          3FK+sU9EsywdjoaV3PADXyQzo9SoU1mDVNi/r4tmF6E=
Subject key identifier:   15:21:87:DC:9E:85:C1:04:0A:36:BE:20:92:D2:EB:14:47:81:36:2E
Certificate issuer:       /CN=F3643835AF/serialNumber=428A89318E5067DD9C8ECF67E77E79C5FDA3792B
Certificate serial:       21
Authority key identifier: 42:8A:89:31:8E:50:67:DD:9C:8E:CF:67:E7:7E:79:C5:FD:A3:79:2B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/QoqJMY5QZ92cjs9n5355xf2jeSs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3643835/D5B994A8D55E11E9B7571043F8AEA228/06790CE8E4E811E9A6E7B210F8AEA228.roa
Signing time:             Wed 02 Oct 2019 07:41:21 +0000
ROA not before:           Wed 02 Oct 2019 07:41:16 +0000
ROA not after:            Wed 31 Oct 2029 07:41:16 +0000
asID:                     37712
IP address blocks:        41.79.91.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3643835/D5B994A8D55E11E9B7571043F8AEA228/QoqJMY5QZ92cjs9n5355xf2jeSs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3643835/D5B994A8D55E11E9B7571043F8AEA228/QoqJMY5QZ92cjs9n5355xf2jeSs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/QoqJMY5QZ92cjs9n5355xf2jeSs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33 (0x21)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3643835AF/serialNumber=428A89318E5067DD9C8ECF67E77E79C5FDA3792B
        Validity
            Not Before: Oct  2 07:41:16 2019 GMT
            Not After : Oct 31 07:41:16 2029 GMT
        Subject: CN=5d9454a0-5552
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:3c:16:8d:ce:36:b3:79:bc:20:37:a9:0f:27:
                    6f:af:f5:f8:40:b3:65:70:43:11:70:2d:f9:16:b2:
                    43:bf:a9:c3:d4:9a:d7:78:12:28:4d:a8:12:ab:a5:
                    09:17:c0:32:de:56:44:ee:ba:b0:a0:13:b7:51:77:
                    f3:7a:27:bc:17:11:60:b1:f4:97:99:26:13:91:2a:
                    4f:69:b9:8a:21:33:25:ee:4c:f8:cf:d0:fe:c7:c1:
                    73:5c:70:41:d0:a6:1f:15:98:dd:30:24:a3:02:f7:
                    95:76:75:7a:a7:5e:56:7b:62:d3:4b:ad:f5:65:0d:
                    20:b5:f7:ff:30:ce:9e:68:d8:be:a1:a5:fd:db:c4:
                    b2:4e:f0:28:0d:df:d3:eb:e2:54:5c:52:51:de:7a:
                    0e:10:d2:f9:15:80:cb:5b:32:e6:d8:bc:d2:fb:17:
                    e2:0f:d7:4f:52:7a:04:0c:33:dc:df:a3:2a:d3:39:
                    0c:95:b9:8a:04:2c:58:75:60:62:28:4f:ec:b8:b4:
                    2e:39:26:13:a0:28:d8:20:b4:40:a2:83:13:b3:b9:
                    af:46:9f:cb:b2:d1:17:7b:fb:d8:1f:5b:36:1d:e6:
                    c5:27:f6:1b:59:ba:4d:7c:e2:b9:39:bf:5c:38:b8:
                    2a:80:ac:2f:8e:d0:b8:bf:16:00:19:db:a0:e5:9b:
                    71:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:21:87:DC:9E:85:C1:04:0A:36:BE:20:92:D2:EB:14:47:81:36:2E
            X509v3 Authority Key Identifier:
                keyid:42:8A:89:31:8E:50:67:DD:9C:8E:CF:67:E7:7E:79:C5:FD:A3:79:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3643835/D5B994A8D55E11E9B7571043F8AEA228/QoqJMY5QZ92cjs9n5355xf2jeSs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QoqJMY5QZ92cjs9n5355xf2jeSs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3643835/D5B994A8D55E11E9B7571043F8AEA228/06790CE8E4E811E9A6E7B210F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.79.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:04:17:9b:92:3a:31:37:f2:6d:2d:e2:50:cd:9f:76:6f:5f:
         5e:35:76:39:34:82:a8:4f:1f:2a:92:bd:cc:b0:54:8f:3c:f2:
         d4:64:f6:d5:8e:32:10:f9:7c:51:eb:fd:6b:04:d2:82:21:6d:
         cd:39:9a:02:5a:1b:4a:4a:bb:bb:79:97:05:65:ea:f1:fc:21:
         57:04:a0:39:9b:01:ab:a5:81:63:85:8e:28:ba:8d:4a:b4:ee:
         f7:fa:c9:08:90:81:22:90:7f:c0:cc:00:be:6e:bc:fa:7f:dd:
         29:5e:e4:65:50:8b:6a:42:fe:cc:bc:40:de:0b:4e:d0:29:6f:
         e9:77:86:54:b8:a7:9a:ef:72:70:18:d3:ac:70:0a:53:20:cd:
         de:14:b8:3d:d3:46:da:f9:21:15:3f:cb:63:96:75:d4:ba:d1:
         41:63:46:de:4e:d1:4c:48:55:dd:66:51:6a:44:a0:01:f2:80:
         47:fc:ce:23:31:5c:cf:20:81:65:61:87:08:74:45:97:dd:1a:
         f4:72:bf:13:e6:e0:de:06:6c:b6:23:eb:22:c4:34:eb:89:a8:
         59:2d:fe:5f:fc:17:53:9f:51:a4:49:6a:4a:0b:d4:dd:f7:07:
         bb:0c:68:dc:c8:92:bd:c9:c6:0d:a7:67:f7:5a:15:aa:8b:90:
         80:35:02:42
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBITANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MzgzNUFGMTEwLwYDVQQFEyg0MjhBODkzMThFNTA2N0REOUM4RUNGNjdFNzdFNzlD
NUZEQTM3OTJCMB4XDTE5MTAwMjA3NDExNloXDTI5MTAzMTA3NDExNlowGDEWMBQG
A1UEAxMNNWQ5NDU0YTAtNTU1MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALs8Fo3ONrN5vCA3qQ8nb6/1+ECzZXBDEXAt+RayQ7+pw9Sa13gSKE2oEqul
CRfAMt5WRO66sKATt1F383onvBcRYLH0l5kmE5EqT2m5iiEzJe5M+M/Q/sfBc1xw
QdCmHxWY3TAkowL3lXZ1eqdeVnti00ut9WUNILX3/zDOnmjYvqGl/dvEsk7wKA3f
0+viVFxSUd56DhDS+RWAy1sy5ti80vsX4g/XT1J6BAwz3N+jKtM5DJW5igQsWHVg
YihP7Li0LjkmE6Ao2CC0QKKDE7O5r0afy7LRF3v72B9bNh3mxSf2G1m6TXziuTm/
XDi4KoCsL47QuL8WABnboOWbcfECAwEAAaOCAm4wggJqMB0GA1UdDgQWBBQVIYfc
noXBBAo2viCS0usUR4E2LjAfBgNVHSMEGDAWgBRCiokxjlBn3ZyOz2fnfnnF/aN5
KzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDM4MzUvRDVCOTk0QThENTVFMTFFOUI3NTcxMDQzRjhBRUEyMjgvUW9xSk1Z
NVFaOTJjanM5bjUzNTV4ZjJqZVNzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUW9xSk1ZNVFaOTJjanM5bjUzNTV4ZjJqZVNzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDM4MzUvRDVCOTk0QThENTVFMTFFOUI3NTcxMDQzRjhB
RUEyMjgvMDY3OTBDRThFNEU4MTFFOUE2RTdCMjEwRjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAKU9bMA0GCSqGSIb3DQEBCwUAA4IBAQBT
BBebkjoxN/JtLeJQzZ92b19eNXY5NIKoTx8qkr3MsFSPPPLUZPbVjjIQ+XxR6/1r
BNKCIW3NOZoCWhtKSru7eZcFZerx/CFXBKA5mwGrpYFjhY4ouo1KtO73+skIkIEi
kH/AzAC+brz6f90pXuRlUItqQv7MvEDeC07QKW/pd4ZUuKea73JwGNOscApTIM3e
FLg900ba+SEVP8tjlnXUutFBY0beTtFMSFXdZlFqRKAB8oBH/M4jMVzPIIFlYYcI
dEWX3Rr0cr8T5uDeBmy2I+sixDTriahZLf5f/BdTn1GkSWpKC9Td9we7DGjcyJK9
ycYNp2f3WhWqi5CANQJC
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:47:19 2024 by rpki-client on console-ams.rpki-client.org