Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FFD1E/1AAE260C316511E5AE666067F8AEA228/36DF01DC39AA11E59B5A3D32F8AEA228.roa
File:                     36DF01DC39AA11E59B5A3D32F8AEA228.roa (raw, json)
Hash identifier:          KB4karfPnV5f0+SNVM+1NuYPsr7TtEZ+5kiyQgRzqTE=
Subject key identifier:   94:B1:A5:5B:4E:80:55:8B:5F:64:B1:DF:0D:82:D7:75:B4:0D:BF:18
Certificate issuer:       /CN=F36FFD1EAF/serialNumber=412D19F9A4E17A04D09BADC902AB0B090824EAD7
Certificate serial:       0D
Authority key identifier: 41:2D:19:F9:A4:E1:7A:04:D0:9B:AD:C9:02:AB:0B:09:08:24:EA:D7
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/QS0Z-aThegTQm63JAqsLCQgk6tc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FFD1E/1AAE260C316511E5AE666067F8AEA228/36DF01DC39AA11E59B5A3D32F8AEA228.roa
Signing time:             Mon 03 Aug 2015 06:36:28 +0000
ROA not before:           Mon 03 Aug 2015 06:38:03 +0000
ROA not after:            Sun 03 Aug 2025 06:38:03 +0000
asID:                     36958
IP address blocks:        41.86.32.0/19 maxlen: 24
                          41.191.120.0/22 maxlen: 24
                          41.222.204.0/22 maxlen: 24
                          41.223.216.0/22 maxlen: 24
                          197.157.96.0/19 maxlen: 24
                          2c0f:fef0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FFD1E/1AAE260C316511E5AE666067F8AEA228/QS0Z-aThegTQm63JAqsLCQgk6tc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FFD1E/1AAE260C316511E5AE666067F8AEA228/QS0Z-aThegTQm63JAqsLCQgk6tc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/QS0Z-aThegTQm63JAqsLCQgk6tc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13 (0xd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FFD1EAF/serialNumber=412D19F9A4E17A04D09BADC902AB0B090824EAD7
        Validity
            Not Before: Aug  3 06:38:03 2015 GMT
            Not After : Aug  3 06:38:03 2025 GMT
        Subject: CN=55bf0bec-48e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:57:63:59:59:16:62:82:a7:6c:a1:a2:7a:fa:
                    cc:cb:3e:e4:b3:de:fb:85:21:56:10:18:d0:70:50:
                    d6:77:0e:9e:cb:05:ea:24:e1:7f:73:ff:e4:37:b6:
                    9b:ad:71:27:dd:9c:48:f0:ac:3d:66:b7:08:97:15:
                    e4:07:ea:70:30:49:fd:20:e8:e0:a4:dd:38:1f:50:
                    61:a8:42:81:1b:35:38:24:27:9a:e2:3e:95:54:d7:
                    c7:70:9d:aa:85:ec:7c:12:a5:f7:31:31:d8:44:f4:
                    cc:ca:4d:62:b9:19:d5:52:83:00:e7:27:6f:64:a4:
                    76:17:31:1c:73:f1:36:7f:a7:98:38:1c:42:3f:72:
                    fa:fb:d3:9b:70:0d:dc:99:a4:27:17:f8:4e:23:e1:
                    bd:60:48:94:2b:11:4d:9c:39:56:78:3a:e1:cb:b0:
                    3c:31:c9:41:5d:94:f7:f4:84:15:03:e9:71:20:0b:
                    71:c8:63:5a:2b:c4:40:f8:b7:60:b4:76:df:3e:4d:
                    6d:3e:ce:6c:6d:9e:85:f6:57:ea:9f:aa:5f:f8:cd:
                    5d:e3:e7:cf:71:df:17:26:ad:dd:db:5d:72:87:4e:
                    28:ab:c3:08:55:79:88:01:98:6d:19:7e:a4:13:9b:
                    3f:0e:b4:d2:63:ab:09:f8:52:5c:00:41:03:92:94:
                    3d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:B1:A5:5B:4E:80:55:8B:5F:64:B1:DF:0D:82:D7:75:B4:0D:BF:18
            X509v3 Authority Key Identifier:
                keyid:41:2D:19:F9:A4:E1:7A:04:D0:9B:AD:C9:02:AB:0B:09:08:24:EA:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FFD1E/1AAE260C316511E5AE666067F8AEA228/QS0Z-aThegTQm63JAqsLCQgk6tc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/QS0Z-aThegTQm63JAqsLCQgk6tc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FFD1E/1AAE260C316511E5AE666067F8AEA228/36DF01DC39AA11E59B5A3D32F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.86.32.0/19
                  41.191.120.0/22
                  41.222.204.0/22
                  41.223.216.0/22
                  197.157.96.0/19
                IPv6:
                  2c0f:fef0::/32

    Signature Algorithm: sha256WithRSAEncryption
         76:bc:03:55:a3:8c:fe:6c:47:ca:34:fe:dd:7b:45:3a:09:0e:
         95:2c:56:28:ee:c8:af:c0:be:54:dd:bd:99:59:81:32:e9:23:
         75:f7:1f:2d:0a:ae:8e:4c:30:3b:f1:28:49:9d:2d:e7:46:63:
         9b:f7:cf:d8:01:9d:b3:08:44:2e:0e:ce:1a:e2:ac:86:92:16:
         6d:eb:63:80:8e:24:c9:ee:93:a6:d6:f5:ae:d2:6d:33:26:48:
         2d:9e:0b:8b:b1:f3:a5:7d:50:2b:27:f1:be:42:e7:ef:9b:75:
         8d:13:30:43:b1:41:b0:44:17:2c:c4:1e:5a:17:47:11:12:e5:
         4d:bf:5d:ca:2f:cd:dd:a6:76:b8:21:d3:a9:d5:12:b5:d7:b4:
         92:9f:37:78:2f:41:4a:b3:35:de:ef:9e:49:3f:0a:d2:c4:05:
         e8:3f:93:9c:b6:cc:c1:b9:47:85:01:de:a4:e0:f3:8c:b5:88:
         c2:9d:cd:53:16:08:3b:e0:17:b6:8a:46:c8:f2:9e:50:35:87:
         90:7b:cf:92:0e:b6:b0:d3:e3:3e:95:41:92:90:49:50:ce:47:
         16:fa:e0:7b:d7:09:ba:d6:ba:e8:26:17:dc:8e:ec:f0:90:2b:
         da:b5:78:37:c1:aa:60:03:31:0c:d3:2e:c6:82:dd:87:9e:85:
         26:43:eb:16
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIBDTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
RkQxRUFGMTEwLwYDVQQFEyg0MTJEMTlGOUE0RTE3QTA0RDA5QkFEQzkwMkFCMEIw
OTA4MjRFQUQ3MB4XDTE1MDgwMzA2MzgwM1oXDTI1MDgwMzA2MzgwM1owGDEWMBQG
A1UEAxMNNTViZjBiZWMtNDhlMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5XY1lZFmKCp2yhonr6zMs+5LPe+4UhVhAY0HBQ1ncOnssF6iThf3P/5De2
m61xJ92cSPCsPWa3CJcV5AfqcDBJ/SDo4KTdOB9QYahCgRs1OCQnmuI+lVTXx3Cd
qoXsfBKl9zEx2ET0zMpNYrkZ1VKDAOcnb2SkdhcxHHPxNn+nmDgcQj9y+vvTm3AN
3JmkJxf4TiPhvWBIlCsRTZw5Vng64cuwPDHJQV2U9/SEFQPpcSALcchjWivEQPi3
YLR23z5NbT7ObG2ehfZX6p+qX/jNXePnz3HfFyat3dtdcodOKKvDCFV5iAGYbRl+
pBObPw600mOrCfhSXABBA5KUPdMCAwEAAaOCApUwggKRMB0GA1UdDgQWBBSUsaVb
ToBVi19ksd8Ngtd1tA2/GDAfBgNVHSMEGDAWgBRBLRn5pOF6BNCbrckCqwsJCCTq
1zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkZEMUUvMUFBRTI2MEMzMTY1MTFFNUFFNjY2MDY3RjhBRUEyMjgvUVMwWi1h
VGhlZ1RRbTYzSkFxc0xDUWdrNnRjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUVMwWi1hVGhlZ1RRbTYzSkFxc0xDUWdrNnRjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkZEMUUvMUFBRTI2MEMzMTY1MTFFNUFFNjY2MDY3RjhB
RUEyMjgvMzZERjAxREMzOUFBMTFFNTlCNUEzRDMyRjhBRUEyMjgucm9hMEYGCCsG
AQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFKVYgAwQCKb94AwQCKd7MAwQCKd/YAwQF
xZ1gMA0EAgACMAcDBQAsD/7wMA0GCSqGSIb3DQEBCwUAA4IBAQB2vANVo4z+bEfK
NP7de0U6CQ6VLFYo7sivwL5U3b2ZWYEy6SN19x8tCq6OTDA78ShJnS3nRmOb98/Y
AZ2zCEQuDs4a4qyGkhZt62OAjiTJ7pOm1vWu0m0zJkgtnguLsfOlfVArJ/G+Qufv
m3WNEzBDsUGwRBcsxB5aF0cREuVNv13KL83dpna4IdOp1RK117SSnzd4L0FKszXe
755JPwrSxAXoP5OctszBuUeFAd6k4POMtYjCnc1TFgg74Be2ikbI8p5QNYeQe8+S
Draw0+M+lUGSkElQzkcW+uB71wm61rroJhfcjuzwkCvatXg3wapgAzEM0y7Ggt2H
noUmQ+sW
-----END CERTIFICATE-----
Generated at Fri Nov 22 01:34:56 2024 by rpki-client on console-ams.rpki-client.org