Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/F4E6D36E93DC11EDB3C88F95F1222468.roa
File:                     F4E6D36E93DC11EDB3C88F95F1222468.roa (raw, json)
Hash identifier:          OTf5sFd+9zzQ+J7wDsq5yKqjr9tKTPDrLVxlMedHBWs=
Subject key identifier:   8E:80:51:A2:56:AA:A8:00:C6:E0:98:2A:1E:CC:13:97:EF:CC:45:03
Certificate issuer:       /CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Certificate serial:       0C10
Authority key identifier: 8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/F4E6D36E93DC11EDB3C88F95F1222468.roa
Signing time:             Sat 14 Jan 2023 07:27:53 +0000
ROA not before:           Sat 14 Jan 2023 07:27:49 +0000
ROA not after:            Thu 31 Jan 2030 07:27:49 +0000
asID:                     33764
IP address blocks:        196.2.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Nov 2024 09:57:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3088 (0xc10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
        Validity
            Not Before: Jan 14 07:27:49 2023 GMT
            Not After : Jan 31 07:27:49 2030 GMT
        Subject: CN=63c25979-6a24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:bc:13:0c:ab:04:06:6f:35:93:41:51:82:1a:
                    25:40:92:40:c8:a7:11:1b:c1:da:61:c4:28:16:b3:
                    f9:fd:f0:d1:13:75:48:09:5d:da:1c:49:88:61:e4:
                    3b:99:c6:ce:fa:59:3e:8a:75:12:4e:0a:d1:d5:89:
                    3c:da:0f:29:bd:b4:60:c9:4f:21:1d:c9:d1:04:64:
                    ab:dc:03:5e:82:45:88:92:f5:af:b7:07:cd:d4:16:
                    be:4a:0d:e2:46:6b:ed:56:ad:72:cd:57:be:53:6a:
                    24:4f:90:3f:55:dd:f3:5d:ef:d5:bc:8e:5f:ca:08:
                    4d:d4:f9:e7:f3:7a:46:33:b8:4f:fe:ff:60:53:fc:
                    14:0f:8f:54:a0:65:eb:80:ba:79:ab:61:48:14:c9:
                    1d:7e:a8:17:ea:05:aa:87:0a:38:d2:c1:5b:32:4f:
                    c4:a0:47:02:53:b4:fe:bb:1b:d4:7b:cf:91:50:ff:
                    8f:79:95:0e:5b:1e:8d:d4:fd:e3:66:e1:bf:4b:fa:
                    9d:34:dc:d6:52:31:2b:1d:05:de:0b:25:e8:7b:00:
                    1c:e7:bb:1b:b5:16:8e:e4:27:36:6a:b1:35:c0:40:
                    6d:51:8b:fa:ad:f9:3a:aa:12:c5:a5:40:94:5b:48:
                    55:a6:c9:3a:6d:d7:93:9a:e0:c3:78:f7:b4:5f:88:
                    3f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:80:51:A2:56:AA:A8:00:C6:E0:98:2A:1E:CC:13:97:EF:CC:45:03
            X509v3 Authority Key Identifier:
                keyid:8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/F4E6D36E93DC11EDB3C88F95F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.2.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:ec:52:7b:77:2b:e7:e5:3a:5e:72:22:ce:1a:72:34:34:94:
         9f:7f:d5:71:af:88:23:29:d1:02:bb:09:9a:d5:94:76:bb:cb:
         73:47:77:2b:83:72:02:75:78:2a:7f:32:79:1a:2b:ab:07:c8:
         4f:32:67:a8:0f:b6:aa:f4:4f:e6:75:3a:b0:88:8c:3d:b6:61:
         07:60:6c:34:da:ae:42:06:e6:cc:18:e9:2d:ff:de:e6:52:d8:
         1b:86:78:96:d0:be:9c:23:a5:12:b3:52:59:e2:42:6d:7f:3d:
         aa:ae:b3:6c:4e:7d:b9:b2:f2:dd:e2:47:e6:3e:c6:57:a1:73:
         15:ad:bb:13:ce:81:a1:6e:49:35:26:3a:f0:af:ad:a2:ca:0f:
         3d:a6:5b:b8:b2:71:bb:aa:a7:96:76:8a:c7:2b:15:42:5d:c6:
         11:b7:d6:5b:34:e2:d0:e3:ae:21:22:a5:b4:9a:49:53:97:17:
         f9:ec:1f:d1:16:8f:6c:9c:e2:fc:0b:6f:20:c3:72:e8:77:ad:
         c3:27:ba:d5:29:6d:7a:9a:94:58:7b:b9:25:b3:93:28:4b:57:
         75:22:40:cf:75:90:3b:ed:6a:48:d7:b4:0c:d6:f6:4e:fc:30:
         f6:75:c2:c3:70:29:48:a7:fb:29:21:f3:8a:73:68:7a:ed:ec:
         9b:85:26:47
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDBAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MzREMjJBRjExMC8GA1UEBRMoOEQwMUQ4MDhFODk3NzQ1NDNERTIyRDBEQTg0NDM3
OEVDRUE4QkI5QjAeFw0yMzAxMTQwNzI3NDlaFw0zMDAxMzEwNzI3NDlaMBgxFjAU
BgNVBAMMDTYzYzI1OTc5LTZhMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFvBMMqwQGbzWTQVGCGiVAkkDIpxEbwdphxCgWs/n98NETdUgJXdocSYhh
5DuZxs76WT6KdRJOCtHViTzaDym9tGDJTyEdydEEZKvcA16CRYiS9a+3B83UFr5K
DeJGa+1WrXLNV75TaiRPkD9V3fNd79W8jl/KCE3U+efzekYzuE/+/2BT/BQPj1Sg
ZeuAunmrYUgUyR1+qBfqBaqHCjjSwVsyT8SgRwJTtP67G9R7z5FQ/495lQ5bHo3U
/eNm4b9L+p003NZSMSsdBd4LJeh7ABznuxu1Fo7kJzZqsTXAQG1Ri/qt+TqqEsWl
QJRbSFWmyTpt15Oa4MN497RfiD8PAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUjoBR
olaqqADG4JgqHswTl+/MRQMwHwYDVR0jBBgwFoAUjQHYCOiXdFQ94i0NqEQ3js6o
u5swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4QUVBMjI4L2pRSFlD
T2lYZEZROTRpME5xRVEzanM2b3U1cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pRSFlDT2lYZEZROTRpME5xRVEzanM2b3U1cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4
QUVBMjI4L0Y0RTZEMzZFOTNEQzExRURCM0M4OEY5NUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADEAgMwDQYJKoZIhvcNAQEL
BQADggEBAGfsUnt3K+flOl5yIs4acjQ0lJ9/1XGviCMp0QK7CZrVlHa7y3NHdyuD
cgJ1eCp/MnkaK6sHyE8yZ6gPtqr0T+Z1OrCIjD22YQdgbDTarkIG5swY6S3/3uZS
2BuGeJbQvpwjpRKzUlniQm1/Paqus2xOfbmy8t3iR+Y+xlehcxWtuxPOgaFuSTUm
OvCvraLKDz2mW7iycbuqp5Z2iscrFUJdxhG31ls04tDjriEipbSaSVOXF/nsH9EW
j2yc4vwLbyDDcuh3rcMnutUpbXqalFh7uSWzkyhLV3UiQM91kDvtakjXtAzW9k78
MPZ1wsNwKUin+ykh84pzaHrt7JuFJkc=
-----END CERTIFICATE-----
Generated at Fri Nov 15 12:38:45 2024 by rpki-client on console-ams.rpki-client.org