Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/508536209AFA11ECA56176855A40D577.roa
File:                     508536209AFA11ECA56176855A40D577.roa (raw, json)
Hash identifier:          AdNPqjJ7lYb3Mhu0FE9KQ9W5o9LsUhKXMO54oXl/coM=
Subject key identifier:   2C:F2:18:74:8F:93:C3:20:F8:61:2B:A8:8A:80:63:73:38:B7:8F:37
Certificate issuer:       /CN=F36FA13FAF/serialNumber=5A86F988A1231F86C972331285587ECF864BDB90
Certificate serial:       03B7
Authority key identifier: 5A:86:F9:88:A1:23:1F:86:C9:72:33:12:85:58:7E:CF:86:4B:DB:90
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/Wob5iKEjH4bJcjMShVh-z4ZL25A.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/508536209AFA11ECA56176855A40D577.roa
Signing time:             Thu 03 Mar 2022 14:00:43 +0000
ROA not before:           Thu 03 Mar 2022 14:00:37 +0000
ROA not after:            Wed 03 Mar 2049 14:00:37 +0000
asID:                     30999
IP address blocks:        41.76.40.0/24 maxlen: 24
                          41.76.41.0/24 maxlen: 24
                          41.76.43.0/24 maxlen: 24
                          41.76.44.0/24 maxlen: 24
                          105.235.150.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/Wob5iKEjH4bJcjMShVh-z4ZL25A.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/Wob5iKEjH4bJcjMShVh-z4ZL25A.mft
                          rsync://rpki.afrinic.net/repository/afrinic/Wob5iKEjH4bJcjMShVh-z4ZL25A.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 951 (0x3b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FA13FAF/serialNumber=5A86F988A1231F86C972331285587ECF864BDB90
        Validity
            Not Before: Mar  3 14:00:37 2022 GMT
            Not After : Mar  3 14:00:37 2049 GMT
        Subject: CN=6220ca0a-9170
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:07:6f:f4:57:17:32:ab:0a:81:99:7a:ca:38:
                    b0:f6:7f:3a:c0:9f:81:2f:ab:fc:80:a4:57:7d:81:
                    ba:47:7a:38:26:73:bc:8c:fd:18:03:35:cb:23:f4:
                    1a:c3:ed:79:c4:91:ac:e0:15:35:36:00:e4:27:c0:
                    46:41:c0:e1:ef:ed:4a:2e:6c:61:f0:df:82:c6:75:
                    ea:e8:8a:b5:d4:79:5b:2d:57:1c:95:24:c0:93:a5:
                    48:d4:48:56:0d:64:6d:cf:4b:9b:73:b4:21:22:8a:
                    d6:85:3d:b4:b9:9e:c6:3d:ad:d2:99:26:53:48:21:
                    c0:35:44:85:2a:da:c5:2f:57:bc:ad:11:43:b1:79:
                    9c:e1:d5:b7:fc:d7:e1:31:d6:04:99:f9:98:c0:06:
                    03:8c:6c:e4:61:5d:db:c3:e4:36:69:f0:41:6f:ec:
                    c3:75:3b:d0:bf:77:a1:0f:ae:c3:fb:c7:bd:e6:a7:
                    98:17:9d:4c:3a:a0:1b:26:98:ea:45:b0:87:4d:7b:
                    00:41:8e:fb:e1:fb:eb:19:12:af:20:70:95:7a:50:
                    62:ce:58:9e:b9:81:9b:95:b5:7a:e0:a6:1b:43:a8:
                    d5:2f:cd:78:b2:00:ab:94:b4:bf:eb:1a:8b:30:d8:
                    29:ab:53:db:82:3d:f4:8f:a6:4c:9e:93:1d:6f:f3:
                    79:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:F2:18:74:8F:93:C3:20:F8:61:2B:A8:8A:80:63:73:38:B7:8F:37
            X509v3 Authority Key Identifier:
                keyid:5A:86:F9:88:A1:23:1F:86:C9:72:33:12:85:58:7E:CF:86:4B:DB:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/Wob5iKEjH4bJcjMShVh-z4ZL25A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Wob5iKEjH4bJcjMShVh-z4ZL25A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA13F/CDDBC4C8C4D711E98A076325F8AEA228/508536209AFA11ECA56176855A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.40.0/23
                  41.76.43.0-41.76.44.255
                  105.235.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:18:fa:69:a0:89:b1:1e:50:e6:7a:c1:76:5a:1c:04:1f:68:
         b8:23:01:ce:dd:b2:10:09:cf:99:cd:14:26:90:5b:c3:ce:91:
         b8:cd:20:7b:25:df:ed:88:61:c3:b6:88:b2:ed:38:a5:91:32:
         55:84:5e:c2:00:e6:1d:7a:be:ac:70:1b:6b:a3:ce:1a:ed:fa:
         fc:09:f6:4f:78:fd:df:fa:73:fe:d9:60:a5:9a:c5:36:08:81:
         40:1e:99:5a:ef:ab:9d:35:77:55:60:ba:20:f6:2a:90:ce:d5:
         fe:8c:7b:91:a8:c2:2e:44:94:fc:fb:15:ed:96:3e:92:e0:61:
         d8:eb:d8:dd:af:0f:0a:76:8b:fc:c9:bc:81:c1:73:80:c9:7f:
         51:63:47:4e:d1:7a:a5:94:4c:6d:ea:af:4c:b4:41:90:51:d7:
         b4:9f:6f:5d:d7:60:b6:b7:f1:79:4e:7a:7f:e0:19:39:9d:37:
         a1:e1:7b:9a:c0:c1:2e:6e:c5:fc:b6:14:cf:6c:d8:f6:70:6e:
         8b:8b:b9:c5:43:23:74:f6:94:74:f6:1a:aa:48:8b:9f:37:3e:
         a6:cf:78:0a:37:19:5e:ad:6a:c5:62:8f:b1:c3:3d:08:10:cb:
         54:7b:2d:63:9c:d9:43:38:12:74:62:d9:da:c0:6e:a8:0b:7a:
         61:a5:99:c6
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICA7cwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkExM0ZBRjExMC8GA1UEBRMoNUE4NkY5ODhBMTIzMUY4NkM5NzIzMzEyODU1ODdF
Q0Y4NjRCREI5MDAeFw0yMjAzMDMxNDAwMzdaFw00OTAzMDMxNDAwMzdaMBgxFjAU
BgNVBAMMDTYyMjBjYTBhLTkxNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRB2/0VxcyqwqBmXrKOLD2fzrAn4Evq/yApFd9gbpHejgmc7yM/RgDNcsj
9BrD7XnEkazgFTU2AOQnwEZBwOHv7UoubGHw34LGderoirXUeVstVxyVJMCTpUjU
SFYNZG3PS5tztCEiitaFPbS5nsY9rdKZJlNIIcA1RIUq2sUvV7ytEUOxeZzh1bf8
1+Ex1gSZ+ZjABgOMbORhXdvD5DZp8EFv7MN1O9C/d6EPrsP7x73mp5gXnUw6oBsm
mOpFsIdNewBBjvvh++sZEq8gcJV6UGLOWJ65gZuVtXrgphtDqNUvzXiyAKuUtL/r
Gosw2CmrU9uCPfSPpkyekx1v83nFAgMBAAGjggK5MIICtTAdBgNVHQ4EFgQULPIY
dI+TwyD4YSuoioBjczi3jzcwHwYDVR0jBBgwFoAUWob5iKEjH4bJcjMShVh+z4ZL
25AwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTNGL0NEREJDNEM4QzRENzExRTk4QTA3NjMyNUY4QUVBMjI4L1dvYjVp
S0VqSDRiSmNqTVNoVmgtejRaTDI1QS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1dvYjVpS0VqSDRiSmNqTVNoVmgtejRaTDI1QS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkZBMTNGL0NEREJDNEM4QzRENzExRTk4QTA3NjMyNUY4
QUVBMjI4LzUwODUzNjIwOUFGQTExRUNBNTYxNzY4NTVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBoDBAEpTCgwDAMEAClMKwMEAClM
LAMEAGnrljANBgkqhkiG9w0BAQsFAAOCAQEAQxj6aaCJsR5Q5nrBdlocBB9ouCMB
zt2yEAnPmc0UJpBbw86RuM0geyXf7Yhhw7aIsu04pZEyVYRewgDmHXq+rHAba6PO
Gu36/An2T3j93/pz/tlgpZrFNgiBQB6ZWu+rnTV3VWC6IPYqkM7V/ox7kajCLkSU
/PsV7ZY+kuBh2OvY3a8PCnaL/Mm8gcFzgMl/UWNHTtF6pZRMbeqvTLRBkFHXtJ9v
XddgtrfxeU56f+AZOZ03oeF7msDBLm7F/LYUz2zY9nBui4u5xUMjdPaUdPYaqkiL
nzc+ps94CjcZXq1qxWKPscM9CBDLVHstY5zZQzgSdGLZ2sBuqAt6YaWZxg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:03:07 2024 by rpki-client on console-ams.rpki-client.org