Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/36E8B606FE1D11E88DCDCE82F8AEA228.roa
File:                     36E8B606FE1D11E88DCDCE82F8AEA228.roa (raw, json)
Hash identifier:          SvO8wCmqFCCs7pvZRw0lkVxnGHmag+waEJa8/soA19E=
Subject key identifier:   15:68:07:42:DE:B5:9B:A7:8F:A5:94:B6:52:F3:D6:F8:A9:CA:44:45
Certificate issuer:       /CN=F36D9B5BAF/serialNumber=23F814BB47D5C3AEDD5103F36F5DB8A29BE3D71D
Certificate serial:       052B
Authority key identifier: 23:F8:14:BB:47:D5:C3:AE:DD:51:03:F3:6F:5D:B8:A2:9B:E3:D7:1D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/36E8B606FE1D11E88DCDCE82F8AEA228.roa
Signing time:             Wed 12 Dec 2018 14:50:07 +0000
ROA not before:           Wed 12 Dec 2018 14:50:02 +0000
ROA not after:            Tue 12 Dec 2028 14:50:02 +0000
asID:                     32653
IP address blocks:        41.77.152.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1323 (0x52b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D9B5BAF/serialNumber=23F814BB47D5C3AEDD5103F36F5DB8A29BE3D71D
        Validity
            Not Before: Dec 12 14:50:02 2018 GMT
            Not After : Dec 12 14:50:02 2028 GMT
        Subject: CN=5c11201e-3186
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c1:50:20:88:34:5c:e4:99:f7:77:42:2b:d5:
                    66:4b:9d:0e:c3:c4:a5:39:92:56:b1:6b:26:ee:62:
                    6f:d8:4a:65:1e:a2:39:c0:39:3d:55:9d:f8:21:f4:
                    ef:77:4c:8f:ad:35:90:7d:91:74:e7:15:cc:74:f9:
                    a9:8e:10:81:65:22:91:4f:e8:a1:3f:a3:41:62:ca:
                    e2:ee:63:62:12:77:b8:57:20:6a:db:7c:73:aa:e4:
                    65:71:37:20:df:ad:56:c4:a8:c1:29:13:eb:e8:a6:
                    2c:b1:c8:70:cd:00:cb:f1:38:57:c0:bc:2b:d0:2d:
                    87:b5:ec:ec:10:64:2d:29:e4:5e:48:6a:b8:c3:e0:
                    e6:c7:30:47:89:3a:54:d6:98:41:31:fb:7f:d8:07:
                    5a:fc:cb:b1:17:22:4c:b7:dc:fa:09:c6:53:50:80:
                    e4:34:db:1f:ba:55:9e:d0:32:42:df:0f:1e:76:26:
                    18:89:9a:e9:ca:29:cc:1d:e7:aa:a3:02:a8:fd:5e:
                    e7:8b:76:fb:a6:86:8b:43:4a:6a:c1:48:c5:7d:b5:
                    76:02:aa:be:6a:58:82:4b:2c:de:e1:2f:3b:28:b9:
                    47:5a:60:0e:cf:4d:9b:42:34:5a:39:c9:e9:00:b0:
                    cd:e2:77:54:93:02:8a:c5:7d:2f:bf:f1:f5:62:b3:
                    21:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:68:07:42:DE:B5:9B:A7:8F:A5:94:B6:52:F3:D6:F8:A9:CA:44:45
            X509v3 Authority Key Identifier:
                keyid:23:F8:14:BB:47:D5:C3:AE:DD:51:03:F3:6F:5D:B8:A2:9B:E3:D7:1D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/36E8B606FE1D11E88DCDCE82F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.77.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2f:a7:ea:17:1d:6e:f7:50:65:b9:d2:d1:fd:14:e1:06:b5:b3:
         c5:c0:f1:12:f1:69:3c:11:f7:1d:93:3a:78:aa:bb:17:ba:f9:
         f9:1d:cd:a1:94:a9:78:e5:2a:2b:13:32:0a:cc:97:8f:33:95:
         e8:db:6f:74:95:17:4b:2c:d1:24:5d:41:63:80:fb:4c:22:c7:
         6f:40:24:c4:71:06:a9:1b:f1:8e:98:cf:20:f6:48:9b:8d:f9:
         4c:59:41:65:db:31:18:b3:5d:2c:9b:91:5b:ec:6a:84:a8:a8:
         bc:e4:b8:56:2c:0a:4e:4c:16:50:64:53:4c:07:6a:02:98:e7:
         72:8f:18:79:4d:78:32:75:a7:22:ac:04:e6:93:9b:c2:d6:23:
         bf:da:c9:6d:61:8d:6c:9b:70:63:c1:b1:29:8f:1f:c1:f7:de:
         de:4a:9b:7d:69:e2:d6:1d:ab:79:86:ef:9e:36:0a:b2:86:40:
         9e:6c:3c:42:bb:fb:1f:21:d7:22:58:fd:ac:05:c3:aa:4e:7a:
         62:76:4a:ad:23:69:38:05:43:29:0d:74:43:fd:e2:82:2c:92:
         a0:91:32:ab:fa:42:75:72:b0:cc:3a:ee:3d:e9:79:f9:db:cd:
         d3:84:4b:9b:65:75:7b:12:a1:9a:33:ef:ce:3b:c5:44:dd:22:
         4d:1c:43:ff
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgICBSswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RDlCNUJBRjExMC8GA1UEBRMoMjNGODE0QkI0N0Q1QzNBRURENTEwM0YzNkY1REI4
QTI5QkUzRDcxRDAeFw0xODEyMTIxNDUwMDJaFw0yODEyMTIxNDUwMDJaMBgxFjAU
BgNVBAMTDTVjMTEyMDFlLTMxODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9wVAgiDRc5Jn3d0Ir1WZLnQ7DxKU5klaxaybuYm/YSmUeojnAOT1Vnfgh
9O93TI+tNZB9kXTnFcx0+amOEIFlIpFP6KE/o0FiyuLuY2ISd7hXIGrbfHOq5GVx
NyDfrVbEqMEpE+vopiyxyHDNAMvxOFfAvCvQLYe17OwQZC0p5F5IarjD4ObHMEeJ
OlTWmEEx+3/YB1r8y7EXIky33PoJxlNQgOQ02x+6VZ7QMkLfDx52JhiJmunKKcwd
56qjAqj9XueLdvumhotDSmrBSMV9tXYCqr5qWIJLLN7hLzsouUdaYA7PTZtCNFo5
yekAsM3id1STAorFfS+/8fVisyHNAgMBAAGjggJuMIICajAdBgNVHQ4EFgQUFWgH
Qt61m6ePpZS2UvPW+KnKREUwHwYDVR0jBBgwFoAUI/gUu0fVw67dUQPzb124opvj
1x0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQ5QjVCLzlFMUJEMzc4MTM1QTExRTVCNjhENDI4NkY4QUVBMjI4L0lfZ1V1
MGZWdzY3ZFVRUHpiMTI0b3B2ajF4MC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0lfZ1V1MGZWdzY3ZFVRUHpiMTI0b3B2ajF4MC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQ5QjVCLzlFMUJEMzc4MTM1QTExRTVCNjhENDI4NkY4
QUVBMjI4LzM2RThCNjA2RkUxRDExRTg4RENEQ0U4MkY4QUVBMjI4LnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAilNmDANBgkqhkiG9w0BAQsFAAOCAQEA
L6fqFx1u91BludLR/RThBrWzxcDxEvFpPBH3HZM6eKq7F7r5+R3NoZSpeOUqKxMy
CsyXjzOV6NtvdJUXSyzRJF1BY4D7TCLHb0AkxHEGqRvxjpjPIPZIm435TFlBZdsx
GLNdLJuRW+xqhKiovOS4ViwKTkwWUGRTTAdqApjnco8YeU14MnWnIqwE5pObwtYj
v9rJbWGNbJtwY8GxKY8fwffe3kqbfWni1h2reYbvnjYKsoZAnmw8Qrv7HyHXIlj9
rAXDqk56YnZKrSNpOAVDKQ10Q/3igiySoJEyq/pCdXKwzDruPel5+dvN04RLm2V1
exKhmjPvzjvFRN0iTRxD/w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 01:34:53 2024 by rpki-client on console-ams.rpki-client.org