Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/B7C01426FED211E89B120309F8AEA228.roa
File:                     B7C01426FED211E89B120309F8AEA228.roa (raw, json)
Hash identifier:          Cu6wxRaLD5ODNZaYGqU1rGwfd0FTt/GsL/H9WnzG7Vs=
Subject key identifier:   03:57:C0:47:CE:7F:CA:92:6C:2A:4C:32:A2:97:EB:6B:BF:80:DA:01
Certificate issuer:       /CN=F36D9B5BAF/serialNumber=23F814BB47D5C3AEDD5103F36F5DB8A29BE3D71D
Certificate serial:       052E
Authority key identifier: 23:F8:14:BB:47:D5:C3:AE:DD:51:03:F3:6F:5D:B8:A2:9B:E3:D7:1D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/B7C01426FED211E89B120309F8AEA228.roa
Signing time:             Thu 13 Dec 2018 12:29:23 +0000
ROA not before:           Thu 13 Dec 2018 12:29:14 +0000
ROA not after:            Wed 13 Dec 2028 12:29:14 +0000
asID:                     32653
IP address blocks:        41.77.156.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1326 (0x52e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D9B5BAF/serialNumber=23F814BB47D5C3AEDD5103F36F5DB8A29BE3D71D
        Validity
            Not Before: Dec 13 12:29:14 2018 GMT
            Not After : Dec 13 12:29:14 2028 GMT
        Subject: CN=5c1250a2-e486
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9b:dc:bc:b7:ac:c4:fe:4a:f2:6f:e4:b8:61:
                    73:ca:97:d9:ec:0e:a1:ff:6f:f0:67:56:8a:61:31:
                    53:3f:eb:c6:48:95:1d:16:2a:fd:53:c5:d0:d5:48:
                    45:a5:62:ce:9e:82:7b:b3:60:35:70:00:32:cf:ae:
                    e7:2e:d7:9f:80:19:32:df:fc:19:8e:a2:bb:5d:1f:
                    cd:1d:2d:fa:ba:d7:5b:58:07:a2:e0:13:66:6d:6f:
                    28:a2:19:ce:5c:cf:aa:31:20:ea:2f:7b:ef:f7:d4:
                    55:c4:9b:b9:f3:ae:b5:ef:a5:6a:b8:cc:9e:f4:e4:
                    e6:8d:4d:f1:fe:22:c4:ed:59:39:c1:b1:92:7a:aa:
                    e1:98:85:9d:03:9c:35:b5:88:37:64:f0:de:38:cf:
                    fa:1e:3b:e0:cd:a7:05:57:5b:f4:29:ab:79:8b:57:
                    43:be:3c:de:2d:bf:a5:75:c6:89:99:3b:cb:de:ae:
                    9f:fb:4c:53:5c:24:c1:fb:cc:b3:6e:d0:ff:e4:58:
                    ff:0a:4d:78:91:1f:fb:9b:a2:fb:07:21:9b:54:55:
                    54:f6:15:05:ba:0b:40:14:2f:95:b4:4a:11:0a:38:
                    8c:00:43:e2:92:d0:1e:2e:ba:16:3f:2c:8e:1f:e6:
                    89:1f:d0:1f:63:10:56:52:cf:8a:bc:24:5f:73:e7:
                    f8:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:57:C0:47:CE:7F:CA:92:6C:2A:4C:32:A2:97:EB:6B:BF:80:DA:01
            X509v3 Authority Key Identifier:
                keyid:23:F8:14:BB:47:D5:C3:AE:DD:51:03:F3:6F:5D:B8:A2:9B:E3:D7:1D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/B7C01426FED211E89B120309F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.77.156.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:cc:c4:68:ac:ad:ec:6b:a2:51:d7:41:9d:da:f6:71:d0:e6:
         91:e1:04:64:3c:8a:29:1c:73:f8:2f:87:8d:81:ea:b8:c0:15:
         2d:a1:0c:07:b5:ad:33:18:52:01:79:c8:e8:c1:16:4a:ae:48:
         61:6c:37:8a:38:85:2f:68:eb:17:05:1e:4a:c4:68:6d:31:f9:
         5a:90:ef:dc:ab:2d:f6:d8:d6:27:0d:33:7e:97:76:14:30:71:
         f7:47:ba:8f:4f:9e:a2:b6:f2:99:19:1d:22:e2:d0:df:64:ac:
         f6:61:95:2e:45:e7:96:99:fe:5d:d2:1b:a1:64:35:33:2c:7f:
         1e:85:2e:5b:d0:54:56:c1:53:e6:b7:7c:55:dd:b4:f3:56:66:
         d1:9c:49:5f:c3:41:d4:bb:30:b5:af:31:12:cd:8f:d3:3c:53:
         b2:68:48:68:21:dd:f3:60:8d:ab:d8:95:91:34:6a:a1:1e:86:
         26:a7:90:b7:34:a7:22:cd:74:fc:c0:dc:8c:4e:d9:d5:7c:94:
         69:8e:75:88:fd:e9:db:e1:12:c2:66:63:c6:9e:da:01:10:ad:
         b0:73:ff:bc:80:1d:78:8a:06:bc:b1:f4:4c:fc:cc:8f:8d:4d:
         c3:24:13:2c:e3:e6:0a:8b:af:5c:ee:37:eb:5e:65:3a:bf:ed:
         ed:c8:24:b0
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgICBS4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RDlCNUJBRjExMC8GA1UEBRMoMjNGODE0QkI0N0Q1QzNBRURENTEwM0YzNkY1REI4
QTI5QkUzRDcxRDAeFw0xODEyMTMxMjI5MTRaFw0yODEyMTMxMjI5MTRaMBgxFjAU
BgNVBAMTDTVjMTI1MGEyLWU0ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4m9y8t6zE/kryb+S4YXPKl9nsDqH/b/BnVophMVM/68ZIlR0WKv1TxdDV
SEWlYs6egnuzYDVwADLPrucu15+AGTLf/BmOortdH80dLfq611tYB6LgE2Ztbyii
Gc5cz6oxIOove+/31FXEm7nzrrXvpWq4zJ705OaNTfH+IsTtWTnBsZJ6quGYhZ0D
nDW1iDdk8N44z/oeO+DNpwVXW/Qpq3mLV0O+PN4tv6V1xomZO8verp/7TFNcJMH7
zLNu0P/kWP8KTXiRH/ubovsHIZtUVVT2FQW6C0AUL5W0ShEKOIwAQ+KS0B4uuhY/
LI4f5okf0B9jEFZSz4q8JF9z5/gzAgMBAAGjggJuMIICajAdBgNVHQ4EFgQUA1fA
R85/ypJsKkwyopfra7+A2gEwHwYDVR0jBBgwFoAUI/gUu0fVw67dUQPzb124opvj
1x0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQ5QjVCLzlFMUJEMzc4MTM1QTExRTVCNjhENDI4NkY4QUVBMjI4L0lfZ1V1
MGZWdzY3ZFVRUHpiMTI0b3B2ajF4MC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0lfZ1V1MGZWdzY3ZFVRUHpiMTI0b3B2ajF4MC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQ5QjVCLzlFMUJEMzc4MTM1QTExRTVCNjhENDI4NkY4
QUVBMjI4L0I3QzAxNDI2RkVEMjExRTg5QjEyMDMwOUY4QUVBMjI4LnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEASlNnDANBgkqhkiG9w0BAQsFAAOCAQEA
BczEaKyt7GuiUddBndr2cdDmkeEEZDyKKRxz+C+HjYHquMAVLaEMB7WtMxhSAXnI
6MEWSq5IYWw3ijiFL2jrFwUeSsRobTH5WpDv3Kst9tjWJw0zfpd2FDBx90e6j0+e
orbymRkdIuLQ32Ss9mGVLkXnlpn+XdIboWQ1Myx/HoUuW9BUVsFT5rd8Vd2081Zm
0ZxJX8NB1Lswta8xEs2P0zxTsmhIaCHd82CNq9iVkTRqoR6GJqeQtzSnIs10/MDc
jE7Z1XyUaY51iP3p2+ESwmZjxp7aARCtsHP/vIAdeIoGvLH0TPzMj41NwyQTLOPm
CouvXO43615lOr/t7cgksA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:18 2024 by rpki-client on console-fra.rpki-client.org