Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/EE6F79CC599E11EE800280744AD9E6FC.roa
File:                     EE6F79CC599E11EE800280744AD9E6FC.roa (raw, json)
Hash identifier:          +mq/0Cx6GJQD0xAmj0vr69Wk64pX7hqeKK/yNHljwu4=
Subject key identifier:   FC:D4:44:74:4D:2A:F8:D7:63:17:4A:84:D8:11:52:0F:ED:45:74:DB
Certificate issuer:       /CN=F363ADF7AF/serialNumber=E73D301F910D56EBAB7A11103BE8BE275388B72B
Certificate serial:       041C
Authority key identifier: E7:3D:30:1F:91:0D:56:EB:AB:7A:11:10:3B:E8:BE:27:53:88:B7:2B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/5z0wH5ENVuurehEQO-i-J1OItys.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/EE6F79CC599E11EE800280744AD9E6FC.roa
Signing time:             Fri 22 Sep 2023 23:22:44 +0000
ROA not before:           Sat 23 Sep 2023 23:22:40 +0000
ROA not after:            Sat 23 Sep 2028 23:22:40 +0000
asID:                     37619
IP address blocks:        41.74.160.0/20 maxlen: 20
                          41.74.160.0/22 maxlen: 22
                          41.74.163.0/24 maxlen: 24
                          41.74.164.0/22 maxlen: 22
                          41.74.166.0/24 maxlen: 24
                          41.74.167.0/24 maxlen: 24
                          41.74.168.0/22 maxlen: 22
                          41.74.168.0/23 maxlen: 23
                          41.74.168.0/24 maxlen: 24
                          41.74.170.0/23 maxlen: 23
                          41.74.172.0/22 maxlen: 22
                          41.74.172.0/23 maxlen: 23
                          41.74.172.0/24 maxlen: 24
                          41.74.174.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 24 Sep 2023 04:58:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1052 (0x41c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363ADF7AF/serialNumber=E73D301F910D56EBAB7A11103BE8BE275388B72B
        Validity
            Not Before: Sep 23 23:22:40 2023 GMT
            Not After : Sep 23 23:22:40 2028 GMT
        Subject: CN=650e21c3-1568
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:05:ad:ab:78:62:3a:82:34:f3:d7:8a:41:44:
                    c6:9f:c6:01:32:5c:2a:a3:62:81:c9:85:6f:77:8c:
                    4f:3c:62:47:94:bb:2d:b0:9d:78:69:35:39:bf:4a:
                    a3:8a:9f:41:8b:03:64:b3:32:c0:cf:78:3c:76:9c:
                    8f:16:ce:10:cc:26:52:9b:d9:5b:89:bd:39:f1:20:
                    3c:af:8c:bf:b3:8f:dc:3a:cf:dd:b8:00:30:90:36:
                    8e:75:1b:f6:4f:dc:60:a8:ae:b8:b9:6e:1c:53:e5:
                    23:8a:33:f1:c5:72:31:c0:d7:88:02:44:72:6b:2b:
                    5c:d2:52:be:ce:87:60:a3:1e:19:41:fb:05:89:7b:
                    53:56:48:4c:6b:0e:81:9b:dd:a3:6a:f0:5b:f5:cc:
                    50:be:fd:aa:e7:7f:2b:67:32:9f:fa:63:14:92:2c:
                    86:86:8f:a6:19:49:8c:1c:92:b0:8c:b8:d2:df:2b:
                    fb:e2:8f:e4:90:34:a2:7a:1b:13:7f:27:90:ea:df:
                    dc:43:ef:cb:ca:86:cb:b4:2e:5c:52:ec:89:64:34:
                    00:81:0a:82:82:a8:e6:dc:6f:c1:36:db:c3:9a:65:
                    f1:b8:4f:2a:40:a0:f0:8d:2b:81:7a:ff:b4:b9:3f:
                    3c:8a:98:8a:f2:e7:f4:6c:1c:2f:43:36:0b:bd:d2:
                    c9:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:D4:44:74:4D:2A:F8:D7:63:17:4A:84:D8:11:52:0F:ED:45:74:DB
            X509v3 Authority Key Identifier:
                keyid:E7:3D:30:1F:91:0D:56:EB:AB:7A:11:10:3B:E8:BE:27:53:88:B7:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/5z0wH5ENVuurehEQO-i-J1OItys.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/5z0wH5ENVuurehEQO-i-J1OItys.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363ADF7/B3123F903BBA11EBA94E9B1FF8AEA228/EE6F79CC599E11EE800280744AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.74.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         6d:84:62:98:b4:4a:15:d4:c3:87:c1:ba:79:23:b8:63:d6:1b:
         fb:46:18:dd:84:0f:35:08:ec:02:d6:f6:ea:7e:c1:94:f6:7e:
         24:cd:63:53:2e:e1:a5:e8:b4:aa:62:79:97:dd:69:9b:b9:b9:
         52:a8:ff:d8:01:dd:e6:1f:ad:35:cc:f4:1a:a7:01:d2:9c:6b:
         36:f2:4d:9c:78:90:52:d2:2b:7b:43:6f:51:bb:9b:bd:cd:98:
         e6:5c:aa:ea:ee:8a:f6:62:0e:69:7b:f0:dd:a0:06:c7:49:19:
         1e:1f:7a:f8:9f:c7:c6:65:fe:80:bb:b4:31:ea:34:ba:4c:54:
         73:76:75:e7:8b:5b:bb:c5:1b:7c:ac:08:22:d6:4b:02:0f:24:
         89:be:2f:ea:84:98:2f:b2:46:13:ee:f1:8d:dd:b6:16:41:d8:
         6e:79:89:90:a9:c1:6b:a3:4e:59:cf:98:89:09:62:7e:ff:db:
         da:67:75:04:a4:8c:51:d7:6f:67:40:77:f2:08:46:cf:77:22:
         e1:37:ce:29:9c:68:d1:7a:5a:af:f5:d4:1f:30:6d:4b:56:5d:
         75:18:a5:f4:fb:5e:59:08:ec:d5:db:8c:a9:fb:01:97:63:b9:
         9f:84:7a:10:59:45:1f:32:f2:24:13:23:b1:c9:22:7f:56:4f:
         cb:e2:7d:02
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBBwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
M0FERjdBRjExMC8GA1UEBRMoRTczRDMwMUY5MTBENTZFQkFCN0ExMTEwM0JFOEJF
Mjc1Mzg4QjcyQjAeFw0yMzA5MjMyMzIyNDBaFw0yODA5MjMyMzIyNDBaMBgxFjAU
BgNVBAMTDTY1MGUyMWMzLTE1NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCtBa2reGI6gjTz14pBRMafxgEyXCqjYoHJhW93jE88YkeUuy2wnXhpNTm/
SqOKn0GLA2SzMsDPeDx2nI8WzhDMJlKb2VuJvTnxIDyvjL+zj9w6z924ADCQNo51
G/ZP3GCorri5bhxT5SOKM/HFcjHA14gCRHJrK1zSUr7Oh2CjHhlB+wWJe1NWSExr
DoGb3aNq8Fv1zFC+/arnfytnMp/6YxSSLIaGj6YZSYwckrCMuNLfK/vij+SQNKJ6
GxN/J5Dq39xD78vKhsu0LlxS7IlkNACBCoKCqObcb8E228OaZfG4TypAoPCNK4F6
/7S5PzyKmIry5/RsHC9DNgu90sn9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU/NRE
dE0q+NdjF0qE2BFSD+1FdNswHwYDVR0jBBgwFoAU5z0wH5ENVuurehEQO+i+J1OI
tyswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNBREY3L0IzMTIzRjkwM0JCQTExRUJBOTRFOUIxRkY4QUVBMjI4LzV6MHdI
NUVOVnV1cmVoRVFPLWktSjFPSXR5cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzV6MHdINUVOVnV1cmVoRVFPLWktSjFPSXR5cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNBREY3L0IzMTIzRjkwM0JCQTExRUJBOTRFOUIxRkY4
QUVBMjI4L0VFNkY3OUNDNTk5RTExRUU4MDAyODA3NDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQpSqAwDQYJKoZIhvcNAQEL
BQADggEBAG2EYpi0ShXUw4fBunkjuGPWG/tGGN2EDzUI7ALW9up+wZT2fiTNY1Mu
4aXotKpieZfdaZu5uVKo/9gB3eYfrTXM9BqnAdKcazbyTZx4kFLSK3tDb1G7m73N
mOZcquruivZiDml78N2gBsdJGR4fevifx8Zl/oC7tDHqNLpMVHN2deeLW7vFG3ys
CCLWSwIPJIm+L+qEmC+yRhPu8Y3dthZB2G55iZCpwWujTlnPmIkJYn7/29pndQSk
jFHXb2dAd/IIRs93IuE3zimcaNF6Wq/11B8wbUtWXXUYpfT7XlkI7NXbjKn7AZdj
uZ+EehBZRR8y8iQTI7HJIn9WT8vifQI=
-----END CERTIFICATE-----