Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/159723A832AC11EDBEB90BE3F1222468.roa
File:                     159723A832AC11EDBEB90BE3F1222468.roa (raw, json)
Hash identifier:          qPo5TM6lKUat3AteIaVBWXCCMIZO8rA2Mya2N5a3TFU=
Subject key identifier:   C7:3A:DC:CE:0E:0E:D2:FF:D4:A8:23:4F:91:40:25:72:D0:51:55:ED
Certificate issuer:       /CN=F3647FF0AF/serialNumber=9204412A1F12BCD5D2B3CE3991ACEF6976C8865E
Certificate serial:       02
Authority key identifier: 92:04:41:2A:1F:12:BC:D5:D2:B3:CE:39:91:AC:EF:69:76:C8:86:5E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/kgRBKh8SvNXSs845kazvaXbIhl4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/159723A832AC11EDBEB90BE3F1222468.roa
Signing time:             Mon 12 Sep 2022 15:03:40 +0000
ROA not before:           Mon 12 Sep 2022 15:03:35 +0000
ROA not after:            Sat 11 Sep 2032 15:03:35 +0000
asID:                     37406
IP address blocks:        41.79.24.0/22 maxlen: 23
                          105.235.208.0/22 maxlen: 24
                          105.235.212.0/23 maxlen: 24
                          154.73.88.0/22 maxlen: 23
                          196.201.8.0/23 maxlen: 23
                          2c0f:f690::/32 maxlen: 48

Validation:               Failed, certificate revoked on Fri 05 Jul 2024 11:57:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3647FF0AF/serialNumber=9204412A1F12BCD5D2B3CE3991ACEF6976C8865E
        Validity
            Not Before: Sep 12 15:03:35 2022 GMT
            Not After : Sep 11 15:03:35 2032 GMT
        Subject: CN=631f4a4c-880f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:26:c3:f5:41:ea:b9:cb:d3:71:2b:a9:59:99:
                    03:bf:cb:bc:9f:b2:98:a5:62:23:1d:c2:5a:6f:30:
                    5e:cf:5d:80:d8:da:b1:29:b5:91:b5:13:d8:a5:a3:
                    67:c0:92:5e:1d:24:d0:8d:6e:b3:0a:9c:93:ce:12:
                    61:40:7e:3a:72:23:2b:f9:53:f8:5b:86:3d:84:2a:
                    8c:bd:ed:cb:2d:b1:f9:99:1f:e0:3f:fb:83:a7:88:
                    96:f8:21:b1:4a:f4:d3:bb:a1:3d:f0:93:f5:aa:5d:
                    90:38:4d:50:88:f8:87:ca:b1:f0:fd:b8:90:12:f7:
                    c3:ad:a2:f7:b0:e2:fe:54:25:b4:8d:7b:a4:35:1c:
                    f9:80:f0:a4:b4:5b:1c:b6:b2:23:87:52:92:7a:95:
                    59:83:b5:91:92:4e:b1:fe:0b:35:40:fe:5c:ce:65:
                    8f:4a:91:9e:db:16:10:60:64:fa:87:66:ca:e3:78:
                    91:c6:87:c3:8e:c2:92:52:7a:53:89:a6:6d:b6:84:
                    b9:47:2c:f8:07:81:b1:3b:f6:ba:25:11:ed:54:c6:
                    71:f2:9f:fd:f4:d2:0b:53:b6:99:f3:9d:e5:4e:a3:
                    3a:44:f3:e4:59:b2:ea:bf:e2:a3:f9:6a:38:20:32:
                    d3:ba:d1:0f:59:ee:f2:61:65:4c:f7:8a:df:dc:de:
                    41:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:3A:DC:CE:0E:0E:D2:FF:D4:A8:23:4F:91:40:25:72:D0:51:55:ED
            X509v3 Authority Key Identifier:
                keyid:92:04:41:2A:1F:12:BC:D5:D2:B3:CE:39:91:AC:EF:69:76:C8:86:5E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/kgRBKh8SvNXSs845kazvaXbIhl4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/kgRBKh8SvNXSs845kazvaXbIhl4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3647FF0/A28AC10A32A911EDA4E5C9DCF1222468/159723A832AC11EDBEB90BE3F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.79.24.0/22
                  105.235.208.0-105.235.213.255
                  154.73.88.0/22
                  196.201.8.0/23
                IPv6:
                  2c0f:f690::/32

    Signature Algorithm: sha256WithRSAEncryption
         66:71:9a:eb:dc:ff:09:8d:23:8b:f2:a5:87:ca:3f:f3:f1:66:
         89:04:40:79:b3:5a:dd:93:fa:a4:cc:15:b8:d1:13:35:4a:78:
         46:77:fc:51:8c:ac:10:37:3d:8e:47:19:4d:74:32:68:aa:7e:
         bf:19:55:17:f7:93:91:77:9f:92:6e:dd:9e:04:47:f6:ee:ac:
         2b:3d:43:e4:77:ef:4b:88:e5:0d:46:b5:49:48:94:60:06:e0:
         f1:d4:7e:6a:19:10:98:61:95:80:0e:76:19:02:27:0f:54:ed:
         05:d6:00:58:93:a4:fb:fe:ab:a4:63:de:ea:eb:1c:ee:42:a7:
         fb:b6:7f:dc:3c:44:84:eb:71:8c:6b:62:87:41:54:da:e5:91:
         35:24:3b:76:0a:08:93:82:8f:5e:38:36:ae:0d:f0:2d:ed:2d:
         04:f0:2a:7c:31:ce:b1:71:dd:4f:b8:c5:3b:4c:fb:6b:cd:b8:
         91:aa:9f:ce:7c:85:1d:cb:9a:2d:09:88:9e:c5:46:64:b3:9c:
         70:b1:59:6c:4b:f9:cb:51:3b:27:3a:49:d1:e2:8e:a6:fc:7f:
         d5:d7:5e:28:b9:b8:2d:fa:34:a0:a1:9a:75:b1:6a:19:27:3b:
         12:97:e7:05:39:b8:4f:22:ea:83:75:71:fb:b0:33:02:c5:e7:
         d4:06:7b:73
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
N0ZGMEFGMTEwLwYDVQQFEyg5MjA0NDEyQTFGMTJCQ0Q1RDJCM0NFMzk5MUFDRUY2
OTc2Qzg4NjVFMB4XDTIyMDkxMjE1MDMzNVoXDTMyMDkxMTE1MDMzNVowGDEWMBQG
A1UEAwwNNjMxZjRhNGMtODgwZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMmw/VB6rnL03ErqVmZA7/LvJ+ymKViIx3CWm8wXs9dgNjasSm1kbUT2KWj
Z8CSXh0k0I1uswqck84SYUB+OnIjK/lT+FuGPYQqjL3tyy2x+Zkf4D/7g6eIlvgh
sUr007uhPfCT9apdkDhNUIj4h8qx8P24kBL3w62i97Di/lQltI17pDUc+YDwpLRb
HLayI4dSknqVWYO1kZJOsf4LNUD+XM5lj0qRntsWEGBk+odmyuN4kcaHw47CklJ6
U4mmbbaEuUcs+AeBsTv2uiUR7VTGcfKf/fTSC1O2mfOd5U6jOkTz5Fmy6r/io/lq
OCAy07rRD1nu8mFlTPeK39zeQe0CAwEAAaOCAs4wggLKMB0GA1UdDgQWBBTHOtzO
Dg7S/9SoI0+RQCVy0FFV7TAfBgNVHSMEGDAWgBSSBEEqHxK81dKzzjmRrO9pdsiG
XjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDdGRjAvQTI4QUMxMEEzMkE5MTFFREE0RTVDOURDRjEyMjI0Njgva2dSQkto
OFN2TlhTczg0NWthenZhWGJJaGw0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMva2dSQktoOFN2TlhTczg0NWthenZhWGJJaGw0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDdGRjAvQTI4QUMxMEEzMkE5MTFFREE0RTVDOURDRjEy
MjI0NjgvMTU5NzIzQTgzMkFDMTFFREJFQjkwQkUzRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBIBggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIAMEAilPGDAMAwQEaevQAwQBaevU
AwQCmklYAwQBxMkIMA0EAgACMAcDBQAsD/aQMA0GCSqGSIb3DQEBCwUAA4IBAQBm
cZrr3P8JjSOL8qWHyj/z8WaJBEB5s1rdk/qkzBW40RM1SnhGd/xRjKwQNz2ORxlN
dDJoqn6/GVUX95ORd5+Sbt2eBEf27qwrPUPkd+9LiOUNRrVJSJRgBuDx1H5qGRCY
YZWADnYZAicPVO0F1gBYk6T7/qukY97q6xzuQqf7tn/cPESE63GMa2KHQVTa5ZE1
JDt2CgiTgo9eODauDfAt7S0E8Cp8Mc6xcd1PuMU7TPtrzbiRqp/OfIUdy5otCYie
xUZks5xwsVlsS/nLUTsnOknR4o6m/H/V114oubgt+jSgoZp1sWoZJzsSl+cFObhP
IuqDdXH7sDMCxefUBntz
-----END CERTIFICATE-----
Generated at Fri Jul 5 13:49:19 2024 by rpki-client on console-ams.rpki-client.org