Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/19F651E6C4DA11E9AB3B1D27F8AEA228.roa
File:                     19F651E6C4DA11E9AB3B1D27F8AEA228.roa (raw, json)
Hash identifier:          6cNifU+dnh2iNhQgpKvyLDNVbFzFJJzW3fscpRBY7Yw=
Subject key identifier:   B6:4E:08:BF:58:BF:5D:FE:9D:38:2F:E9:F8:1A:72:5E:C4:B9:13:59
Certificate issuer:       /CN=F36FA13FAF/serialNumber=5A86F988A1231F86C972331285587ECF864BDB90
Certificate serial:       05
Authority key identifier: 5A:86:F9:88:A1:23:1F:86:C9:72:33:12:85:58:7E:CF:86:4B:DB:90
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/Wob5iKEjH4bJcjMShVh-z4ZL25A.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/19F651E6C4DA11E9AB3B1D27F8AEA228.roa
Signing time:             Thu 22 Aug 2019 12:41:03 +0000
ROA not before:           Thu 22 Aug 2019 12:40:58 +0000
ROA not after:            Wed 22 Aug 2029 12:40:58 +0000
asID:                     30999
IP address blocks:        41.76.40.0/21 maxlen: 24
                          102.160.0.0/14 maxlen: 24
                          105.235.144.0/20 maxlen: 24
                          154.71.0.0/19 maxlen: 24
                          196.192.80.0/22 maxlen: 24
                          2001:4248::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/Wob5iKEjH4bJcjMShVh-z4ZL25A.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/Wob5iKEjH4bJcjMShVh-z4ZL25A.mft
                          rsync://rpki.afrinic.net/repository/afrinic/Wob5iKEjH4bJcjMShVh-z4ZL25A.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FA13FAF/serialNumber=5A86F988A1231F86C972331285587ECF864BDB90
        Validity
            Not Before: Aug 22 12:40:58 2019 GMT
            Not After : Aug 22 12:40:58 2029 GMT
        Subject: CN=5d5e8d5f-c799
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:45:ab:18:27:f8:c0:73:6f:d0:b2:a1:36:e9:
                    5c:de:ce:21:11:93:52:29:5e:d2:9c:3a:1f:f3:4e:
                    da:e6:4d:b6:3e:d1:8f:7e:8d:8a:4a:23:33:0d:43:
                    e5:55:e1:e6:0b:d5:aa:c1:5c:07:fe:75:bd:58:59:
                    ec:96:a2:1a:50:2a:0f:27:06:00:40:7f:07:5d:e3:
                    47:af:0d:61:b4:35:35:12:9f:46:44:de:84:41:6b:
                    82:d3:c8:26:11:26:ed:df:d2:7e:90:16:c2:09:e2:
                    44:b7:68:1f:9f:15:7e:ec:8e:23:e0:a1:c9:81:20:
                    e2:78:6c:0d:5e:ff:ac:20:dc:0d:b2:32:b9:23:ec:
                    ba:f8:d5:eb:4b:42:22:e2:b1:e1:74:12:62:db:9f:
                    be:b2:2c:b5:b3:7d:bd:02:3e:c6:c0:3d:cd:89:27:
                    b7:df:b5:b0:8b:40:7e:16:e1:cb:5b:1a:36:06:99:
                    1a:8c:c6:98:b2:5b:9d:c0:f1:c1:f3:b5:f3:1d:b9:
                    10:7b:6f:c8:4e:76:16:b1:48:83:c5:4d:86:d2:d5:
                    7a:53:3f:41:78:06:1a:67:ea:c6:bd:f6:2b:f7:41:
                    d5:5a:c9:9f:ab:84:9e:51:c0:2a:5a:37:a9:58:60:
                    a3:c6:2f:58:63:e2:ad:04:37:f6:18:86:ff:7e:3b:
                    a9:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:4E:08:BF:58:BF:5D:FE:9D:38:2F:E9:F8:1A:72:5E:C4:B9:13:59
            X509v3 Authority Key Identifier:
                keyid:5A:86:F9:88:A1:23:1F:86:C9:72:33:12:85:58:7E:CF:86:4B:DB:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/Wob5iKEjH4bJcjMShVh-z4ZL25A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Wob5iKEjH4bJcjMShVh-z4ZL25A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/19F651E6C4DA11E9AB3B1D27F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.40.0/21
                  102.160.0.0/14
                  105.235.144.0/20
                  154.71.0.0/19
                  196.192.80.0/22
                IPv6:
                  2001:4248::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:28:af:a0:43:94:ab:67:a1:39:ed:fe:00:49:4e:64:87:5e:
         a6:de:e0:15:1e:29:cf:9e:02:5a:04:48:8e:08:41:0c:0e:ab:
         e6:0e:33:89:16:98:c4:13:70:fc:b4:8b:32:21:7a:01:7d:29:
         9e:b4:b9:6f:08:8e:26:6d:9c:51:45:39:83:51:36:66:21:3f:
         fb:92:df:d0:3e:4c:71:7d:00:00:f1:8e:8d:8d:2a:2c:6e:bd:
         d7:ef:f1:72:b3:a2:2b:cb:8c:14:3c:37:47:53:bb:82:84:ae:
         41:d8:d8:9a:8d:51:87:39:0a:34:75:60:b6:a0:67:5f:66:fa:
         f2:11:c5:c3:7c:5f:44:51:62:79:a4:c6:6e:bd:4d:d7:a9:bd:
         e5:c9:88:2a:99:07:66:bb:66:8a:18:5c:8d:82:1b:8c:9d:ec:
         61:73:66:cf:50:5b:68:cd:4b:41:f1:1a:96:f9:40:d9:08:bf:
         d0:d0:c0:2e:d0:76:1a:57:9f:6c:74:92:95:b7:5d:1d:98:f2:
         e0:b1:65:35:84:50:a9:98:0a:42:fe:8a:8a:fe:58:89:0a:06:
         47:82:fe:ac:68:60:83:b9:17:44:63:b7:5e:c3:bc:db:55:4b:
         e2:1e:f1:1d:09:cc:9a:fd:6a:85:3f:0e:28:7d:8e:c7:5d:3a:
         a8:d7:1e:81
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QTEzRkFGMTEwLwYDVQQFEyg1QTg2Rjk4OEExMjMxRjg2Qzk3MjMzMTI4NTU4N0VD
Rjg2NEJEQjkwMB4XDTE5MDgyMjEyNDA1OFoXDTI5MDgyMjEyNDA1OFowGDEWMBQG
A1UEAxMNNWQ1ZThkNWYtYzc5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9Fqxgn+MBzb9CyoTbpXN7OIRGTUile0pw6H/NO2uZNtj7Rj36NikojMw1D
5VXh5gvVqsFcB/51vVhZ7JaiGlAqDycGAEB/B13jR68NYbQ1NRKfRkTehEFrgtPI
JhEm7d/SfpAWwgniRLdoH58VfuyOI+ChyYEg4nhsDV7/rCDcDbIyuSPsuvjV60tC
IuKx4XQSYtufvrIstbN9vQI+xsA9zYknt9+1sItAfhbhy1saNgaZGozGmLJbncDx
wfO18x25EHtvyE52FrFIg8VNhtLVelM/QXgGGmfqxr32K/dB1VrJn6uEnlHAKlo3
qVhgo8YvWGPirQQ39hiG/347qc0CAwEAAaOCApQwggKQMB0GA1UdDgQWBBS2Tgi/
WL9d/p04L+n4GnJexLkTWTAfBgNVHSMEGDAWgBRahvmIoSMfhslyMxKFWH7Phkvb
kDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkExM0YvQ0REQkM0QzhDNEQ3MTFFOThBMDc2MzI1RjhBRUEyMjgvV29iNWlL
RWpINGJKY2pNU2hWaC16NFpMMjVBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvV29iNWlLRWpINGJKY2pNU2hWaC16NFpMMjVBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkExM0YvQ0REQkM0QzhDNEQ3MTFFOThBMDc2MzI1RjhB
RUEyMjgvMTlGNjUxRTZDNERBMTFFOUFCM0IxRDI3RjhBRUEyMjgucm9hMEUGCCsG
AQUFBwEHAQH/BDYwNDAjBAIAATAdAwQDKUwoAwMCZqADBARp65ADBAWaRwADBALE
wFAwDQQCAAIwBwMFACABQkgwDQYJKoZIhvcNAQELBQADggEBAHQor6BDlKtnoTnt
/gBJTmSHXqbe4BUeKc+eAloESI4IQQwOq+YOM4kWmMQTcPy0izIhegF9KZ60uW8I
jiZtnFFFOYNRNmYhP/uS39A+THF9AADxjo2NKixuvdfv8XKzoivLjBQ8N0dTu4KE
rkHY2JqNUYc5CjR1YLagZ19m+vIRxcN8X0RRYnmkxm69TdepveXJiCqZB2a7ZooY
XI2CG4yd7GFzZs9QW2jNS0HxGpb5QNkIv9DQwC7QdhpXn2x0kpW3XR2Y8uCxZTWE
UKmYCkL+ior+WIkKBkeC/qxoYIO5F0Rjt17DvNtVS+Ie8R0JzJr9aoU/Dih9jsdd
OqjXHoE=
-----END CERTIFICATE-----
Generated at Sun Jun 16 01:45:56 2024 by rpki-client on console-fra.rpki-client.org