Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/4DECBF3485E411ED8705D3A2F1222468.roa
File:                     4DECBF3485E411ED8705D3A2F1222468.roa (raw, json)
Hash identifier:          B0UlVTqsSBsUg64ZeZfDpRR18AKJCj/nGJFK+wmtn7w=
Subject key identifier:   9F:18:7D:96:B8:EF:38:49:45:04:74:A7:EC:19:6D:B5:1E:69:E1:21
Certificate issuer:       /CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
Certificate serial:       0236
Authority key identifier: 60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/4DECBF3485E411ED8705D3A2F1222468.roa
Signing time:             Tue 27 Dec 2022 12:45:12 +0000
ROA not before:           Tue 27 Dec 2022 12:45:08 +0000
ROA not after:            Fri 27 Dec 2030 12:45:08 +0000
asID:                     328992
IP address blocks:        102.215.224.0/22 maxlen: 24
                          102.215.225.0/24 maxlen: 24
                          102.215.226.0/24 maxlen: 24
                          102.215.227.0/24 maxlen: 24
                          102.215.228.0/22 maxlen: 24
                          102.215.229.0/24 maxlen: 24
                          102.215.230.0/24 maxlen: 24
                          102.215.231.0/24 maxlen: 24
                          102.216.80.0/22 maxlen: 24
                          102.216.81.0/24 maxlen: 24
                          102.216.82.0/24 maxlen: 24
                          102.216.83.0/24 maxlen: 24
                          102.217.104.0/22 maxlen: 24
                          102.217.105.0/24 maxlen: 24
                          102.217.106.0/24 maxlen: 24
                          102.217.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 May 2024 11:05:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 566 (0x236)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
        Validity
            Not Before: Dec 27 12:45:08 2022 GMT
            Not After : Dec 27 12:45:08 2030 GMT
        Subject: CN=63aae8d8-5c17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ca:49:73:74:3d:25:d1:23:bb:a3:58:51:ba:
                    88:6c:24:f3:92:d4:85:f6:9f:7b:f3:65:4e:7d:77:
                    6e:43:1e:7f:3c:ee:f6:3e:b2:37:ef:9d:be:82:62:
                    17:47:64:db:e0:93:d8:7d:f7:9c:87:be:ac:c6:ad:
                    0b:16:cc:e7:1c:bb:84:95:13:f1:43:9d:3a:90:2d:
                    8a:af:d3:3d:23:4b:3f:91:e4:d2:18:b2:e3:ce:4b:
                    dd:b3:ec:a4:e2:ac:90:b7:04:b7:25:2f:a0:49:22:
                    9d:5b:cb:c0:c1:de:59:48:11:19:f5:33:80:a4:24:
                    a0:62:7d:2b:ea:fe:b2:8b:3e:99:2b:72:cf:b7:43:
                    8f:db:eb:ab:e6:d8:4a:87:43:7e:c3:c7:4f:de:94:
                    db:b7:65:4f:b0:4b:5f:3d:6b:df:c6:c3:6e:37:f3:
                    9c:69:9f:77:f6:d6:07:3a:4c:53:82:81:c6:b8:7b:
                    38:05:c0:ae:1b:3a:0d:9e:bb:81:0b:71:bf:1f:cf:
                    65:3e:ea:21:e3:5e:fb:74:72:15:c4:40:e8:b4:e5:
                    59:e4:20:b4:45:52:21:7b:70:1a:cf:93:23:1d:dc:
                    3b:92:d8:72:79:5d:9a:16:61:86:8d:a6:84:dc:7b:
                    f9:4e:c9:c3:8a:1f:8b:a2:5d:09:98:87:90:57:ee:
                    1f:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:18:7D:96:B8:EF:38:49:45:04:74:A7:EC:19:6D:B5:1E:69:E1:21
            X509v3 Authority Key Identifier:
                keyid:60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/4DECBF3485E411ED8705D3A2F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.215.224.0/21
                  102.216.80.0/22
                  102.217.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:93:0b:fa:82:57:d1:44:44:64:bf:83:28:f2:54:19:4c:b3:
         88:60:38:03:7e:36:25:e8:6b:b1:85:aa:3e:d8:4c:39:66:de:
         02:c6:34:f5:0f:97:56:7c:db:e8:35:57:19:66:15:d9:b8:6e:
         78:92:52:25:7c:79:30:02:93:75:de:9b:b9:d5:28:0f:d7:9b:
         ff:f5:93:1a:ef:c2:38:19:59:4b:f3:fb:a3:a8:23:8b:d3:d5:
         be:53:4f:b3:43:95:e9:42:34:ff:7d:7f:bc:0c:00:e1:e2:73:
         f0:39:68:ce:f3:73:30:10:94:f7:a7:e5:32:50:fa:b8:2d:85:
         48:43:4b:e7:ba:d0:26:6b:71:6d:ec:af:78:64:bf:b5:c6:5d:
         86:a4:07:79:07:7e:79:16:83:41:57:92:44:4a:ab:e0:ae:c6:
         e9:68:32:0c:45:24:e0:70:93:71:98:fd:6b:18:db:5c:41:b1:
         6b:d0:64:68:18:22:62:64:8f:1b:ab:4c:71:df:e0:7b:96:61:
         cd:23:d6:4b:85:f6:0e:4d:79:43:6a:fe:8c:ef:b1:fb:01:fe:
         bc:3d:ae:6c:43:b3:75:e0:04:04:b7:fa:30:9d:9b:7f:eb:a7:
         b4:5e:d3:33:05:3b:2e:c6:66:6b:85:26:2d:5f:5a:67:a4:df:
         5c:da:3a:f6
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICAjYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MTQ2NTlBRjExMC8GA1UEBRMoNjBBMEU1RDFBQzY2QzhBRTNCN0M5RTZBOEVGNUJD
MDRCOEJCQjg4RTAeFw0yMjEyMjcxMjQ1MDhaFw0zMDEyMjcxMjQ1MDhaMBgxFjAU
BgNVBAMMDTYzYWFlOGQ4LTVjMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDMyklzdD0l0SO7o1hRuohsJPOS1IX2n3vzZU59d25DHn887vY+sjfvnb6C
YhdHZNvgk9h995yHvqzGrQsWzOccu4SVE/FDnTqQLYqv0z0jSz+R5NIYsuPOS92z
7KTirJC3BLclL6BJIp1by8DB3llIERn1M4CkJKBifSvq/rKLPpkrcs+3Q4/b66vm
2EqHQ37Dx0/elNu3ZU+wS189a9/Gw24385xpn3f21gc6TFOCgca4ezgFwK4bOg2e
u4ELcb8fz2U+6iHjXvt0chXEQOi05VnkILRFUiF7cBrPkyMd3DuS2HJ5XZoWYYaN
poTce/lOycOKH4uiXQmYh5BX7h9LAgMBAAGjggKxMIICrTAdBgNVHQ4EFgQUnxh9
lrjvOElFBHSn7BlttR5p4SEwHwYDVR0jBBgwFoAUYKDl0axmyK47fJ5qjvW8BLi7
uI4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVBNDBENTc3L1lLRGww
YXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1lLRGwwYXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVB
NDBENTc3LzRERUNCRjM0ODVFNDExRUQ4NzA1RDNBMkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBANm1+ADBAJm2FADBAJm2Wgw
DQYJKoZIhvcNAQELBQADggEBAGOTC/qCV9FERGS/gyjyVBlMs4hgOAN+NiXoa7GF
qj7YTDlm3gLGNPUPl1Z82+g1VxlmFdm4bniSUiV8eTACk3Xem7nVKA/Xm//1kxrv
wjgZWUvz+6OoI4vT1b5TT7NDlelCNP99f7wMAOHic/A5aM7zczAQlPen5TJQ+rgt
hUhDS+e60CZrcW3sr3hkv7XGXYakB3kHfnkWg0FXkkRKq+CuxuloMgxFJOBwk3GY
/WsY21xBsWvQZGgYImJkjxurTHHf4HuWYc0j1kuF9g5NeUNq/ozvsfsB/rw9rmxD
s3XgBAS3+jCdm3/rp7Re0zMFOy7GZmuFJi1fWmek31zaOvY=
-----END CERTIFICATE-----