Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/2DC07636BE9811EEB828A29F775412E6.roa
File:                     2DC07636BE9811EEB828A29F775412E6.roa (raw, json)
Hash identifier:          vTtZ3HCyitozreBUviGMuZqf7Jm+AwVhbmjy9U1TjbE=
Subject key identifier:   E2:C3:8C:FC:99:86:63:B9:F4:69:C0:62:A3:B4:A6:28:A1:23:9D:00
Certificate issuer:       /CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Certificate serial:       02
Authority key identifier: CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/2DC07636BE9811EEB828A29F775412E6.roa
Signing time:             Mon 29 Jan 2024 11:18:51 +0000
ROA not before:           Mon 29 Jan 2024 11:18:47 +0000
ROA not after:            Thu 29 Jan 2026 11:18:47 +0000
asID:                     21003
IP address blocks:        102.68.128.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Jan 2024 12:14:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
        Validity
            Not Before: Jan 29 11:18:47 2024 GMT
            Not After : Jan 29 11:18:47 2026 GMT
        Subject: CN=65b7899b-1bce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:55:b7:25:e6:9f:19:8b:3d:2c:77:fb:bb:a2:
                    b4:50:47:de:21:56:66:c2:fb:b9:e3:2e:d9:cd:a9:
                    68:e3:78:a9:ae:9e:65:70:36:43:98:30:95:dc:97:
                    4b:41:e7:03:bf:c0:a6:30:b5:25:76:89:c4:de:02:
                    d8:5b:84:a3:b1:db:91:5f:b4:bd:c6:70:70:67:44:
                    72:ff:32:ff:62:d4:29:a3:5f:9f:b2:b2:69:07:fb:
                    90:54:90:4d:fa:46:ca:d2:ad:88:11:59:b7:fc:0e:
                    aa:01:79:5b:a4:84:85:0a:3a:28:11:c5:3b:13:74:
                    36:5b:53:09:27:40:a0:68:a7:bd:0f:29:ac:fe:28:
                    ba:2c:86:01:2f:2c:c4:78:c3:76:8c:aa:88:a6:9a:
                    3c:f7:55:af:36:65:24:e1:69:b5:9e:f0:4a:28:3b:
                    f7:a7:3f:77:d0:53:f2:a8:14:13:c3:0d:59:41:c0:
                    f4:a1:1f:57:fd:d4:55:4a:e6:35:d9:4d:f9:c7:e8:
                    69:b1:08:6b:ee:01:b5:19:1b:7f:42:10:e9:b2:3e:
                    d5:48:12:01:a5:2e:ca:4c:f5:cb:89:ef:32:18:9f:
                    e8:f0:2a:83:ac:11:1f:4d:36:db:36:e7:8d:fc:c6:
                    fc:2a:40:72:9f:8d:05:0c:f2:11:3d:36:b9:5c:66:
                    23:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:C3:8C:FC:99:86:63:B9:F4:69:C0:62:A3:B4:A6:28:A1:23:9D:00
            X509v3 Authority Key Identifier:
                keyid:CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/2DC07636BE9811EEB828A29F775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.68.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         58:77:33:f6:dd:48:65:ed:f9:8d:6f:fa:ff:ea:39:09:b6:39:
         96:5a:e8:8f:00:b2:f3:7e:be:cd:f8:84:76:ab:48:bb:09:05:
         b1:66:b3:49:db:55:0e:c6:a8:b3:84:bd:62:33:f9:7e:9a:d2:
         bd:44:66:f9:34:4f:2f:2a:ee:74:69:6d:2f:d8:8d:ca:0b:0d:
         d6:82:3f:b4:d6:cf:53:04:af:82:44:7e:71:cb:4e:71:f9:d6:
         54:14:7f:0e:51:55:32:c0:35:a9:aa:72:2d:06:af:f2:2d:57:
         dd:de:cd:04:f6:e0:ea:7c:8f:6e:4e:81:93:3b:2d:2f:00:92:
         df:a9:33:45:96:71:90:ec:14:8b:18:82:f5:99:1e:fa:17:d5:
         ae:4d:f0:bd:84:5c:2d:b3:83:f9:03:34:23:2f:77:98:2d:30:
         de:06:3a:83:38:68:e7:66:7c:77:91:2e:3b:6a:4a:92:d9:93:
         10:43:fd:26:5e:15:62:d0:71:f0:28:18:68:f7:1f:06:9f:a5:
         06:d9:b7:ed:11:0a:4b:2b:6d:00:22:70:86:97:38:43:4a:3a:
         a4:a1:13:f5:ce:5e:3b:30:62:d5:f9:9e:b3:3b:cb:d8:92:00:
         7d:85:e9:88:c2:5c:5d:3b:e4:9c:33:21:7c:9b:c2:8b:53:5a:
         0d:b6:a6:d6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MTRBQUFGMTEwLwYDVQQFEyhDRDUyMzJCNjNDNkE4MzI5OTBDODY3MDdDQjczOUJE
QzA0REI5QTU5MB4XDTI0MDEyOTExMTg0N1oXDTI2MDEyOTExMTg0N1owGDEWMBQG
A1UEAxMNNjViNzg5OWItMWJjZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5VtyXmnxmLPSx3+7uitFBH3iFWZsL7ueMu2c2paON4qa6eZXA2Q5gwldyX
S0HnA7/ApjC1JXaJxN4C2FuEo7HbkV+0vcZwcGdEcv8y/2LUKaNfn7KyaQf7kFSQ
TfpGytKtiBFZt/wOqgF5W6SEhQo6KBHFOxN0NltTCSdAoGinvQ8prP4ouiyGAS8s
xHjDdoyqiKaaPPdVrzZlJOFptZ7wSig796c/d9BT8qgUE8MNWUHA9KEfV/3UVUrm
NdlN+cfoabEIa+4BtRkbf0IQ6bI+1UgSAaUuykz1y4nvMhif6PAqg6wRH0022zbn
jfzG/CpAcp+NBQzyET02uVxmI+0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTiw4z8
mYZjufRpwGKjtKYooSOdADAfBgNVHSMEGDAWgBTNUjK2PGqDKZDIZwfLc5vcBNua
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1NDEyRTYvelZJeXRq
eHFneW1ReUdjSHkzT2IzQVRibWxrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvelZJeXRqeHFneW1ReUdjSHkzT2IzQVRibWxrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1
NDEyRTYvMkRDMDc2MzZCRTk4MTFFRUI4MjhBMjlGNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2ZEgDANBgkqhkiG9w0BAQsF
AAOCAQEAWHcz9t1IZe35jW/6/+o5CbY5llrojwCy836+zfiEdqtIuwkFsWazSdtV
Dsaos4S9YjP5fprSvURm+TRPLyrudGltL9iNygsN1oI/tNbPUwSvgkR+cctOcfnW
VBR/DlFVMsA1qapyLQav8i1X3d7NBPbg6nyPbk6BkzstLwCS36kzRZZxkOwUixiC
9Zke+hfVrk3wvYRcLbOD+QM0Iy93mC0w3gY6gzho52Z8d5EuO2pKktmTEEP9Jl4V
YtBx8CgYaPcfBp+lBtm37REKSyttACJwhpc4Q0o6pKET9c5eOzBi1fmeszvL2JIA
fYXpiMJcXTvknDMhfJvCi1NaDbam1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:30 2024 by rpki-client on console-ams.rpki-client.org