Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BDB53/5453645A799711E6986B7147F8AEA228/BEBDF2D279B111E6830FCB69F8AEA228.roa
File:                     BEBDF2D279B111E6830FCB69F8AEA228.roa (raw, json)
Hash identifier:          EouzcL5tOeyVAza9Ny4WgUhhP+v0Y2hxWM5v0/DIPwk=
Subject key identifier:   93:30:8B:49:AE:91:79:4F:41:CD:48:F3:72:3E:CC:D7:67:07:F5:37
Certificate issuer:       /CN=F36BDB53AF/serialNumber=E1AEBAB4B1EF74DB2FA6E7F6B0C8612B0CE1BFDB
Certificate serial:       02
Authority key identifier: E1:AE:BA:B4:B1:EF:74:DB:2F:A6:E7:F6:B0:C8:61:2B:0C:E1:BF:DB
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/4a66tLHvdNsvpuf2sMhhKwzhv9s.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BDB53/5453645A799711E6986B7147F8AEA228/BEBDF2D279B111E6830FCB69F8AEA228.roa
Signing time:             Tue 13 Sep 2016 12:58:20 +0000
ROA not before:           Tue 13 Sep 2016 12:58:10 +0000
ROA not after:            Thu 31 Dec 2026 12:58:10 +0000
asID:                     15022
IP address blocks:        196.44.32.0/20 maxlen: 24
                          196.223.64.0/19 maxlen: 24
                          197.255.144.0/20 maxlen: 24
                          2001:43d8::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BDB53/5453645A799711E6986B7147F8AEA228/4a66tLHvdNsvpuf2sMhhKwzhv9s.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BDB53/5453645A799711E6986B7147F8AEA228/4a66tLHvdNsvpuf2sMhhKwzhv9s.mft
                          rsync://rpki.afrinic.net/repository/afrinic/4a66tLHvdNsvpuf2sMhhKwzhv9s.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BDB53AF/serialNumber=E1AEBAB4B1EF74DB2FA6E7F6B0C8612B0CE1BFDB
        Validity
            Not Before: Sep 13 12:58:10 2016 GMT
            Not After : Dec 31 12:58:10 2026 GMT
        Subject: CN=57d7f7ec-3e66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:25:29:69:2f:da:80:ac:38:1d:f8:8f:be:c9:
                    aa:2d:60:07:ee:00:47:64:ba:5d:00:af:6b:ea:3a:
                    3c:97:01:ea:2a:bb:4d:64:2a:57:6f:6c:3c:28:75:
                    eb:74:c5:d9:24:10:c8:e8:22:94:af:82:23:06:cb:
                    be:7a:81:95:35:ed:52:64:6c:6f:6e:6f:2b:9c:c1:
                    da:66:f0:98:72:3a:44:45:f2:00:a6:9f:73:17:f5:
                    fa:3f:03:bc:0f:7e:08:87:3d:6b:9a:47:39:0b:47:
                    1a:40:56:e2:56:e3:eb:d6:c8:c8:eb:8a:f0:0e:85:
                    bd:80:13:53:15:7a:67:1e:57:59:80:40:2a:20:75:
                    05:6b:7d:8f:68:90:7a:66:49:6a:b2:b9:2e:c9:d0:
                    2a:60:fa:63:ff:27:f8:c4:e7:f4:5b:95:dd:32:7a:
                    49:b2:7c:77:5e:4c:d5:cf:92:23:01:43:34:64:4f:
                    94:dc:9b:cd:1c:7b:c0:6c:50:6f:ea:72:b0:74:7e:
                    8d:ce:e0:de:15:72:72:02:0d:c9:b4:c1:14:1e:5a:
                    20:a4:31:fd:34:70:9d:46:72:f8:39:9b:b8:47:5c:
                    95:3c:53:31:36:32:41:f1:d8:80:24:08:b3:26:ec:
                    58:c2:ee:01:19:b3:43:d4:6a:6d:99:60:f8:e6:77:
                    e7:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:30:8B:49:AE:91:79:4F:41:CD:48:F3:72:3E:CC:D7:67:07:F5:37
            X509v3 Authority Key Identifier:
                keyid:E1:AE:BA:B4:B1:EF:74:DB:2F:A6:E7:F6:B0:C8:61:2B:0C:E1:BF:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BDB53/5453645A799711E6986B7147F8AEA228/4a66tLHvdNsvpuf2sMhhKwzhv9s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4a66tLHvdNsvpuf2sMhhKwzhv9s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BDB53/5453645A799711E6986B7147F8AEA228/BEBDF2D279B111E6830FCB69F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.44.32.0/20
                  196.223.64.0/19
                  197.255.144.0/20
                IPv6:
                  2001:43d8::/32

    Signature Algorithm: sha256WithRSAEncryption
         10:19:79:8e:1f:11:13:c8:26:c4:ff:4c:69:b7:17:b3:72:7f:
         0d:6d:4e:12:42:bc:28:4d:0e:7a:7a:ed:3e:73:e1:ba:6e:d0:
         8a:ae:f4:1a:9e:e2:80:ba:68:88:bf:6f:e8:e0:e8:51:53:08:
         b5:d0:04:64:28:bf:4d:27:5c:75:78:4b:7e:fa:c9:d3:09:b3:
         2b:7f:8c:44:6c:80:a3:4b:1e:4b:71:f1:48:f5:43:32:bb:bb:
         42:07:bc:af:5f:25:ce:68:15:04:ea:e5:74:db:37:67:63:ef:
         25:e3:a1:11:de:44:2c:8f:dd:1c:99:57:29:3a:d1:ba:9f:e6:
         0f:1b:df:5b:59:95:b6:4e:73:06:f3:f1:82:f5:cf:bf:b8:09:
         0d:dc:ab:04:14:d1:2f:5d:16:fb:25:dd:2f:31:a2:4d:1f:3d:
         6f:58:55:22:1b:21:93:0a:16:dc:a1:a9:b7:de:5a:12:35:0b:
         90:d6:d5:2e:a8:6d:3e:2a:d9:3d:3c:a1:e6:7b:c5:55:3a:da:
         74:c3:97:8a:b9:af:41:27:20:28:9f:ee:c4:2c:97:66:63:d9:
         7a:d2:70:2b:a0:14:bb:79:47:01:53:24:47:48:d4:cd:dc:c1:
         8a:9d:49:62:89:74:39:19:ee:75:c0:8d:48:1d:af:68:f4:0a:
         3c:9f:38:87
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
REI1M0FGMTEwLwYDVQQFEyhFMUFFQkFCNEIxRUY3NERCMkZBNkU3RjZCMEM4NjEy
QjBDRTFCRkRCMB4XDTE2MDkxMzEyNTgxMFoXDTI2MTIzMTEyNTgxMFowGDEWMBQG
A1UEAxMNNTdkN2Y3ZWMtM2U2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMlKWkv2oCsOB34j77Jqi1gB+4AR2S6XQCva+o6PJcB6iq7TWQqV29sPCh1
63TF2SQQyOgilK+CIwbLvnqBlTXtUmRsb25vK5zB2mbwmHI6REXyAKafcxf1+j8D
vA9+CIc9a5pHOQtHGkBW4lbj69bIyOuK8A6FvYATUxV6Zx5XWYBAKiB1BWt9j2iQ
emZJarK5LsnQKmD6Y/8n+MTn9FuV3TJ6SbJ8d15M1c+SIwFDNGRPlNybzRx7wGxQ
b+pysHR+jc7g3hVycgINybTBFB5aIKQx/TRwnUZy+DmbuEdclTxTMTYyQfHYgCQI
sybsWMLuARmzQ9RqbZlg+OZ353kCAwEAAaOCAokwggKFMB0GA1UdDgQWBBSTMItJ
rpF5T0HNSPNyPszXZwf1NzAfBgNVHSMEGDAWgBThrrq0se902y+m5/awyGErDOG/
2zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkRCNTMvNTQ1MzY0NUE3OTk3MTFFNjk4NkI3MTQ3RjhBRUEyMjgvNGE2NnRM
SHZkTnN2cHVmMnNNaGhLd3podjlzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNGE2NnRMSHZkTnN2cHVmMnNNaGhLd3podjlzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkRCNTMvNTQ1MzY0NUE3OTk3MTFFNjk4NkI3MTQ3RjhB
RUEyMjgvQkVCREYyRDI3OUIxMTFFNjgzMEZDQjY5RjhBRUEyMjgucm9hMDoGCCsG
AQUFBwEHAQH/BCswKTAYBAIAATASAwQExCwgAwQFxN9AAwQExf+QMA0EAgACMAcD
BQAgAUPYMA0GCSqGSIb3DQEBCwUAA4IBAQAQGXmOHxETyCbE/0xptxezcn8NbU4S
QrwoTQ56eu0+c+G6btCKrvQanuKAumiIv2/o4OhRUwi10ARkKL9NJ1x1eEt++snT
CbMrf4xEbICjSx5LcfFI9UMyu7tCB7yvXyXOaBUE6uV02zdnY+8l46ER3kQsj90c
mVcpOtG6n+YPG99bWZW2TnMG8/GC9c+/uAkN3KsEFNEvXRb7Jd0vMaJNHz1vWFUi
GyGTChbcoam33loSNQuQ1tUuqG0+Ktk9PKHme8VVOtp0w5eKua9BJyAon+7ELJdm
Y9l60nAroBS7eUcBUyRHSNTN3MGKnUliiXQ5Ge51wI1IHa9o9Ao8nziH
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:44:20 2024 by rpki-client on console-ams.rpki-client.org