Route Origin Authorization 

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D8DFA/0E9B19BA140A11E5A7F5FC4CF8AEA228/2BEA28CA140B11E5A64E754DF8AEA228.roa
File:                     2BEA28CA140B11E5A64E754DF8AEA228.roa (raw, json)
Hash identifier:          /AEjNTPfWEOJ+6QO/s2Ryh1RY8O5qzriXvISQD/v5rE=
Subject key identifier:   F1:02:49:FA:18:E5:DF:FF:93:D6:01:4F:DA:99:7B:91:E4:5F:9D:29
Certificate issuer:       /CN=F36D8DFAAF/serialNumber=D668BECAF3CB14DB624A3425D666609BF27B52EE
Certificate serial:       04
Authority key identifier: D6:68:BE:CA:F3:CB:14:DB:62:4A:34:25:D6:66:60:9B:F2:7B:52:EE
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/1mi-yvPLFNtiSjQl1mZgm_J7Uu4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D8DFA/0E9B19BA140A11E5A7F5FC4CF8AEA228/2BEA28CA140B11E5A64E754DF8AEA228.roa
Signing time:             Tue 16 Jun 2015 09:36:09 +0000
ROA not before:           Tue 16 Jun 2015 09:36:26 +0000
ROA not after:            Mon 16 Jun 2025 09:36:26 +0000
asID:                     37271
IP address blocks:        41.78.188.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D8DFA/0E9B19BA140A11E5A7F5FC4CF8AEA228/1mi-yvPLFNtiSjQl1mZgm_J7Uu4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D8DFA/0E9B19BA140A11E5A7F5FC4CF8AEA228/1mi-yvPLFNtiSjQl1mZgm_J7Uu4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/1mi-yvPLFNtiSjQl1mZgm_J7Uu4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D8DFAAF/serialNumber=D668BECAF3CB14DB624A3425D666609BF27B52EE
        Validity
            Not Before: Jun 16 09:36:26 2015 GMT
            Not After : Jun 16 09:36:26 2025 GMT
        Subject: CN=557fee09-bdd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:76:cf:94:9b:ab:e4:55:f8:a4:f5:3b:53:37:
                    af:94:d0:4d:6d:98:98:b1:b4:b2:2b:f5:94:fe:08:
                    0a:4e:1f:de:d7:a1:94:43:6a:31:36:7d:11:82:75:
                    1a:15:f9:6d:7c:72:92:f9:92:03:ad:a2:f3:0e:b2:
                    aa:dc:b5:48:09:6a:59:77:0a:5e:89:4e:f0:d0:01:
                    9e:ff:ec:bc:a2:06:81:b7:21:24:41:57:7c:0e:98:
                    bd:07:89:77:28:9b:02:27:e2:2d:ba:cd:6d:f7:9a:
                    ed:2d:ae:39:b3:4f:f9:5b:d8:3f:96:8b:b7:24:c5:
                    50:46:f4:9e:30:13:de:3d:02:4f:a7:7c:61:10:51:
                    a7:9c:af:82:c9:04:f5:7f:bf:99:90:51:53:91:34:
                    9c:c5:56:da:9a:92:35:a9:a8:90:86:cb:cf:28:63:
                    5a:f3:0f:5b:91:71:4a:a4:88:41:52:f6:79:ec:43:
                    90:c0:a0:87:45:72:b4:e0:4a:c2:03:1b:46:f4:7f:
                    70:74:f5:a6:39:ff:2e:96:0a:c2:c8:be:25:c5:1d:
                    d5:49:56:a7:cb:bc:d6:2a:10:3b:9f:fb:b8:6e:5c:
                    1e:e1:ba:0a:e7:2d:3e:ab:37:6d:51:46:c5:4d:0b:
                    0d:14:38:26:19:a1:25:89:7d:b2:2a:ea:32:02:68:
                    46:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:02:49:FA:18:E5:DF:FF:93:D6:01:4F:DA:99:7B:91:E4:5F:9D:29
            X509v3 Authority Key Identifier:
                keyid:D6:68:BE:CA:F3:CB:14:DB:62:4A:34:25:D6:66:60:9B:F2:7B:52:EE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D8DFA/0E9B19BA140A11E5A7F5FC4CF8AEA228/1mi-yvPLFNtiSjQl1mZgm_J7Uu4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/1mi-yvPLFNtiSjQl1mZgm_J7Uu4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D8DFA/0E9B19BA140A11E5A7F5FC4CF8AEA228/2BEA28CA140B11E5A64E754DF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.78.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:67:7b:64:59:d1:e5:41:9a:24:15:b9:34:fd:06:a6:d7:a5:
         31:1a:bc:cf:99:c4:2f:fe:93:17:d9:65:e3:d6:25:43:60:ed:
         d7:73:23:82:1a:9f:e2:b3:a5:36:85:7a:4c:b0:bc:cc:c4:ab:
         6a:e5:63:6a:a9:42:7b:11:de:d9:34:e5:a7:20:58:07:37:04:
         d9:e2:37:c8:54:7c:80:ad:51:8f:3a:43:72:d3:34:5f:ed:49:
         7b:fd:e2:7f:1e:6c:90:5c:00:0d:32:a4:3c:60:34:a1:e6:70:
         38:7f:68:77:e3:4e:ea:3a:73:50:02:98:ac:90:fc:eb:bd:3c:
         e2:09:5f:0c:b4:de:06:88:e3:83:93:30:d6:d7:12:a5:3f:56:
         bf:16:48:be:ed:77:4c:81:5f:b3:31:90:45:ef:b4:99:c8:71:
         41:fd:83:1c:81:99:0d:84:07:d2:a2:08:ad:13:82:01:23:96:
         9c:27:15:34:3c:66:13:53:21:d3:74:d1:53:24:ef:ce:79:9a:
         38:d4:82:46:c5:38:12:bb:db:fe:5d:43:1c:16:55:e7:4f:62:
         b9:f6:a8:8c:59:70:df:0e:af:9d:01:e2:bf:a9:e6:13:6c:11:
         64:08:aa:99:d1:3e:4e:6b:b7:12:36:c8:c6:1d:60:69:51:58:
         a4:63:ec:af
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
OERGQUFGMTEwLwYDVQQFEyhENjY4QkVDQUYzQ0IxNERCNjI0QTM0MjVENjY2NjA5
QkYyN0I1MkVFMB4XDTE1MDYxNjA5MzYyNloXDTI1MDYxNjA5MzYyNlowGDEWMBQG
A1UEAxMNNTU3ZmVlMDktYmRkMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAON2z5Sbq+RV+KT1O1M3r5TQTW2YmLG0siv1lP4ICk4f3tehlENqMTZ9EYJ1
GhX5bXxykvmSA62i8w6yqty1SAlqWXcKXolO8NABnv/svKIGgbchJEFXfA6YvQeJ
dyibAifiLbrNbfea7S2uObNP+VvYP5aLtyTFUEb0njAT3j0CT6d8YRBRp5yvgskE
9X+/mZBRU5E0nMVW2pqSNamokIbLzyhjWvMPW5FxSqSIQVL2eexDkMCgh0VytOBK
wgMbRvR/cHT1pjn/LpYKwsi+JcUd1UlWp8u81ioQO5/7uG5cHuG6CuctPqs3bVFG
xU0LDRQ4JhmhJYl9sirqMgJoRt8CAwEAAaOCAm4wggJqMB0GA1UdDgQWBBTxAkn6
GOXf/5PWAU/amXuR5F+dKTAfBgNVHSMEGDAWgBTWaL7K88sU22JKNCXWZmCb8ntS
7jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDhERkEvMEU5QjE5QkExNDBBMTFFNUE3RjVGQzRDRjhBRUEyMjgvMW1pLXl2
UExGTnRpU2pRbDFtWmdtX0o3VXU0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMW1pLXl2UExGTnRpU2pRbDFtWmdtX0o3VXU0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDhERkEvMEU5QjE5QkExNDBBMTFFNUE3RjVGQzRDRjhB
RUEyMjgvMkJFQTI4Q0ExNDBCMTFFNUE2NEU3NTRERjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCKU68MA0GCSqGSIb3DQEBCwUAA4IBAQAh
Z3tkWdHlQZokFbk0/Qam16UxGrzPmcQv/pMX2WXj1iVDYO3XcyOCGp/is6U2hXpM
sLzMxKtq5WNqqUJ7Ed7ZNOWnIFgHNwTZ4jfIVHyArVGPOkNy0zRf7Ul7/eJ/HmyQ
XAANMqQ8YDSh5nA4f2h3407qOnNQApiskPzrvTziCV8MtN4GiOODkzDW1xKlP1a/
Fki+7XdMgV+zMZBF77SZyHFB/YMcgZkNhAfSogitE4IBI5acJxU0PGYTUyHTdNFT
JO/OeZo41IJGxTgSu9v+XUMcFlXnT2K59qiMWXDfDq+dAeK/qeYTbBFkCKqZ0T5O
a7cSNsjGHWBpUVikY+yv
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:18 2024 by rpki-client on console-fra.rpki-client.org