Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A864A/D914420C91EC11E9AE65947CF8AEA228/7096049891EE11E9A555EE7DF8AEA228.roa
File:                     7096049891EE11E9A555EE7DF8AEA228.roa (raw, json)
Hash identifier:          2aPRraUa1zRqlBbh7kNkr61WXzqFbO2X7OiJq25EwsE=
Subject key identifier:   DC:25:3F:48:6D:99:87:55:FF:48:D8:4E:06:8B:2C:22:E7:62:83:B8
Certificate issuer:       /CN=F36A864AAF/serialNumber=A7ECDCE66670FE183EC65E9A3ED20E7D5593D4BF
Certificate serial:       02
Authority key identifier: A7:EC:DC:E6:66:70:FE:18:3E:C6:5E:9A:3E:D2:0E:7D:55:93:D4:BF
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/p-zc5mZw_hg-xl6aPtIOfVWT1L8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A864A/D914420C91EC11E9AE65947CF8AEA228/7096049891EE11E9A555EE7DF8AEA228.roa
Signing time:             Tue 18 Jun 2019 17:28:09 +0000
ROA not before:           Tue 18 Jun 2019 17:28:03 +0000
ROA not after:            Mon 31 Dec 2029 17:28:03 +0000
asID:                     37420
IP address blocks:        102.131.128.0/17 maxlen: 17
                          196.46.144.0/22 maxlen: 22
                          196.220.224.0/20 maxlen: 20
                          2001:43f8:180::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A864A/D914420C91EC11E9AE65947CF8AEA228/p-zc5mZw_hg-xl6aPtIOfVWT1L8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A864A/D914420C91EC11E9AE65947CF8AEA228/p-zc5mZw_hg-xl6aPtIOfVWT1L8.mft
                          rsync://rpki.afrinic.net/repository/afrinic/p-zc5mZw_hg-xl6aPtIOfVWT1L8.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A864AAF/serialNumber=A7ECDCE66670FE183EC65E9A3ED20E7D5593D4BF
        Validity
            Not Before: Jun 18 17:28:03 2019 GMT
            Not After : Dec 31 17:28:03 2029 GMT
        Subject: CN=5d091f29-6055
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:0f:96:f7:f3:0f:3f:db:2b:04:55:a5:d1:8b:
                    a5:4e:2f:fb:10:bb:3e:6b:1b:0a:61:7c:4a:ab:2a:
                    a1:7a:ee:a6:de:85:78:94:1d:d8:af:84:a5:9d:e5:
                    e3:9b:92:9b:5a:0b:12:f3:25:77:3e:01:d0:67:36:
                    4a:01:13:c7:52:e6:42:ec:66:f2:2a:ac:bc:d6:a1:
                    56:45:1a:1b:a0:41:9b:6b:ec:b4:d1:91:24:0e:ae:
                    80:25:24:8c:c3:01:cf:9c:e1:08:4e:a9:72:b9:e6:
                    b4:a2:28:35:49:c0:9c:2e:88:29:53:64:f5:79:da:
                    57:85:f4:fd:34:dd:e5:0c:7c:49:b5:e4:98:70:ca:
                    a1:6a:cb:7e:7a:8f:40:ac:3d:ba:6d:d0:68:22:29:
                    dc:37:71:5f:48:cc:2e:4f:64:bb:48:7f:cb:71:f7:
                    fb:4b:9a:ae:73:b7:bc:74:ec:4e:f7:72:f5:f0:c9:
                    96:36:06:65:b3:75:02:89:a7:71:a4:cd:31:a4:98:
                    0a:2a:65:f9:c4:a6:e2:28:ed:6f:e1:47:38:4f:0b:
                    5f:04:dd:80:40:dd:87:68:32:94:58:2f:1f:c8:ff:
                    76:e2:bd:fe:49:e9:4f:55:e5:b6:de:b7:7d:65:a1:
                    e6:55:70:fe:c0:ca:51:74:09:7c:fd:9c:17:7e:d4:
                    4a:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:25:3F:48:6D:99:87:55:FF:48:D8:4E:06:8B:2C:22:E7:62:83:B8
            X509v3 Authority Key Identifier:
                keyid:A7:EC:DC:E6:66:70:FE:18:3E:C6:5E:9A:3E:D2:0E:7D:55:93:D4:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A864A/D914420C91EC11E9AE65947CF8AEA228/p-zc5mZw_hg-xl6aPtIOfVWT1L8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/p-zc5mZw_hg-xl6aPtIOfVWT1L8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A864A/D914420C91EC11E9AE65947CF8AEA228/7096049891EE11E9A555EE7DF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.131.128.0/17
                  196.46.144.0/22
                  196.220.224.0/20
                IPv6:
                  2001:43f8:180::/48

    Signature Algorithm: sha256WithRSAEncryption
         7d:2c:c4:7d:5a:7a:bc:53:44:c9:04:35:d9:4d:cd:2a:09:db:
         6c:d9:61:0b:18:62:d9:af:23:fc:59:ac:ee:d0:53:0a:4c:2a:
         3e:5c:7b:e1:c2:96:80:61:f8:19:41:8a:6b:78:bb:8b:b2:be:
         86:71:00:df:fc:7f:cb:90:13:bc:c5:af:13:01:66:37:29:a2:
         6d:a7:2d:3e:97:8c:48:64:19:a8:2c:ae:92:c6:e0:b9:b5:8a:
         74:ff:d2:40:ca:76:01:14:b5:9b:fe:87:c3:8c:53:ef:28:75:
         96:3c:b2:a6:7a:7e:f9:89:cf:40:99:28:49:df:8a:3c:86:e5:
         3d:33:56:f7:c5:ab:95:eb:82:62:01:04:25:9c:53:22:4e:eb:
         0d:4c:03:d4:b8:4c:9e:8e:f6:eb:c2:fe:a6:e0:1b:45:06:0b:
         87:74:70:e3:ea:dd:a1:26:a1:32:0d:d9:af:1a:06:5d:18:5b:
         2e:0a:13:5b:76:5e:b3:5b:62:3d:60:43:40:53:cc:ba:38:b0:
         13:31:ab:05:af:85:4a:da:f5:17:28:d5:54:38:15:87:c0:0d:
         9d:4c:6a:c2:81:d5:c5:8f:73:57:49:ac:be:ac:c1:9e:66:92:
         3d:12:bb:ff:4c:a8:38:a8:cd:68:c6:25:cb:f5:e4:e3:d5:06:
         39:84:8b:4c
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
ODY0QUFGMTEwLwYDVQQFEyhBN0VDRENFNjY2NzBGRTE4M0VDNjVFOUEzRUQyMEU3
RDU1OTNENEJGMB4XDTE5MDYxODE3MjgwM1oXDTI5MTIzMTE3MjgwM1owGDEWMBQG
A1UEAxMNNWQwOTFmMjktNjA1NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcPlvfzDz/bKwRVpdGLpU4v+xC7PmsbCmF8SqsqoXrupt6FeJQd2K+EpZ3l
45uSm1oLEvMldz4B0Gc2SgETx1LmQuxm8iqsvNahVkUaG6BBm2vstNGRJA6ugCUk
jMMBz5zhCE6pcrnmtKIoNUnAnC6IKVNk9XnaV4X0/TTd5Qx8SbXkmHDKoWrLfnqP
QKw9um3QaCIp3DdxX0jMLk9ku0h/y3H3+0uarnO3vHTsTvdy9fDJljYGZbN1Aomn
caTNMaSYCipl+cSm4ijtb+FHOE8LXwTdgEDdh2gylFgvH8j/duK9/knpT1Xltt63
fWWh5lVw/sDKUXQJfP2cF37USscCAwEAAaOCAoswggKHMB0GA1UdDgQWBBTcJT9I
bZmHVf9I2E4Giywi52KDuDAfBgNVHSMEGDAWgBSn7NzmZnD+GD7GXpo+0g59VZPU
vzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTg2NEEvRDkxNDQyMEM5MUVDMTFFOUFFNjU5NDdDRjhBRUEyMjgvcC16YzVt
WndfaGcteGw2YVB0SU9mVldUMUw4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcC16YzVtWndfaGcteGw2YVB0SU9mVldUMUw4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTg2NEEvRDkxNDQyMEM5MUVDMTFFOUFFNjU5NDdDRjhB
RUEyMjgvNzA5NjA0OTg5MUVFMTFFOUE1NTVFRTdERjhBRUEyMjgucm9hMDwGCCsG
AQUFBwEHAQH/BC0wKzAYBAIAATASAwQHZoOAAwQCxC6QAwQExNzgMA8EAgACMAkD
BwAgAUP4AYAwDQYJKoZIhvcNAQELBQADggEBAH0sxH1aerxTRMkENdlNzSoJ22zZ
YQsYYtmvI/xZrO7QUwpMKj5ce+HCloBh+BlBimt4u4uyvoZxAN/8f8uQE7zFrxMB
Zjcpom2nLT6XjEhkGagsrpLG4Lm1inT/0kDKdgEUtZv+h8OMU+8odZY8sqZ6fvmJ
z0CZKEnfijyG5T0zVvfFq5XrgmIBBCWcUyJO6w1MA9S4TJ6O9uvC/qbgG0UGC4d0
cOPq3aEmoTIN2a8aBl0YWy4KE1t2XrNbYj1gQ0BTzLo4sBMxqwWvhUra9Rco1VQ4
FYfADZ1MasKB1cWPc1dJrL6swZ5mkj0Su/9MqDiozWjGJcv15OPVBjmEi0w=
-----END CERTIFICATE-----
Generated at Sun Jun 16 01:45:54 2024 by rpki-client on console-fra.rpki-client.org