Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365FB04/A0030BD0BF7611EE98EA44B3775412E6/62CD0732BF7811EE80E549B6775412E6.roa
File:                     62CD0732BF7811EE80E549B6775412E6.roa (raw, json)
Hash identifier:          VWR7RMytyNTGo5zgV0+TRGpVgAJ1KnOC1v2HB7dEj44=
Subject key identifier:   57:E8:AF:F4:84:EA:9B:19:C5:CB:A7:1C:EF:B4:DA:F5:EC:B3:1B:16
Certificate issuer:       /CN=F365FB04AF/serialNumber=93CE1F2027182B8129AB0C713A8FF521C13D448F
Certificate serial:       04
Authority key identifier: 93:CE:1F:20:27:18:2B:81:29:AB:0C:71:3A:8F:F5:21:C1:3D:44:8F
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/k84fICcYK4EpqwxxOo_1IcE9RI8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F365FB04/A0030BD0BF7611EE98EA44B3775412E6/62CD0732BF7811EE80E549B6775412E6.roa
Signing time:             Tue 30 Jan 2024 14:03:47 +0000
ROA not before:           Tue 30 Jan 2024 14:03:44 +0000
ROA not after:            Wed 31 Jan 2029 14:03:44 +0000
asID:                     37482
IP address blocks:        102.38.32.0/21 maxlen: 21
                          102.38.40.0/24 maxlen: 24
                          102.38.41.0/24 maxlen: 24
                          102.38.42.0/24 maxlen: 24
                          102.38.43.0/24 maxlen: 24
                          102.38.44.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 Jan 2024 09:42:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F365FB04AF/serialNumber=93CE1F2027182B8129AB0C713A8FF521C13D448F
        Validity
            Not Before: Jan 30 14:03:44 2024 GMT
            Not After : Jan 31 14:03:44 2029 GMT
        Subject: CN=65b901c3-3858
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:de:c4:32:46:ba:d2:fa:10:36:c3:22:ae:b3:
                    2d:a9:eb:37:4b:75:6a:ac:56:de:5b:eb:a9:cd:3e:
                    e1:07:52:79:ff:df:fa:dc:22:08:c2:b8:f6:45:e7:
                    02:b0:0a:52:67:1d:50:54:00:2d:3f:07:2a:bb:82:
                    26:cb:ac:f4:8e:ff:18:02:b8:08:36:86:60:7d:6d:
                    90:93:fe:4c:4f:fb:62:36:b2:80:db:c7:fd:af:bc:
                    43:7b:38:9c:f8:ab:02:56:c3:e5:4d:3f:02:0d:23:
                    7b:ef:13:02:e9:6f:d8:b4:e9:45:b2:da:a5:08:0e:
                    8e:8b:f6:7c:a6:34:3f:59:23:64:ff:09:56:f1:74:
                    a3:d1:49:e2:f7:ed:25:02:2c:7a:14:d7:86:03:58:
                    ce:d9:d3:60:d9:11:a9:7f:bd:3c:4b:3e:0f:b0:12:
                    f3:ba:51:71:ea:28:ae:ba:4a:3a:98:b9:4a:52:63:
                    67:a9:9b:82:01:17:e9:6f:0a:4f:92:20:38:1c:bd:
                    11:c5:67:e6:36:af:86:a7:56:2a:26:11:68:9e:2b:
                    e1:e8:f2:e9:48:45:4a:84:b2:2b:d4:1e:38:3b:f4:
                    be:b0:ff:66:b3:f7:ee:6f:a9:b1:77:3e:53:9f:af:
                    b7:4d:14:6f:00:6d:c0:79:11:70:86:78:2c:99:1a:
                    7e:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:E8:AF:F4:84:EA:9B:19:C5:CB:A7:1C:EF:B4:DA:F5:EC:B3:1B:16
            X509v3 Authority Key Identifier:
                keyid:93:CE:1F:20:27:18:2B:81:29:AB:0C:71:3A:8F:F5:21:C1:3D:44:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F365FB04/A0030BD0BF7611EE98EA44B3775412E6/k84fICcYK4EpqwxxOo_1IcE9RI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/k84fICcYK4EpqwxxOo_1IcE9RI8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365FB04/A0030BD0BF7611EE98EA44B3775412E6/62CD0732BF7811EE80E549B6775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.38.32.0-102.38.44.255

    Signature Algorithm: sha256WithRSAEncryption
         72:66:c4:d0:10:7f:31:2e:d1:34:64:34:00:05:1c:27:5a:74:
         c2:62:ff:e1:0b:37:a8:73:8f:fd:53:f5:c9:74:98:13:2b:01:
         f6:ad:30:d8:36:06:dc:f1:90:c6:b1:5b:6b:89:87:8b:67:56:
         4b:54:11:35:15:38:7c:2e:72:e0:65:26:2f:32:35:13:23:a1:
         69:4e:f2:0e:d3:f5:74:9c:dc:3b:ad:a4:49:f4:da:0f:39:90:
         21:23:10:68:68:02:0c:41:0d:fa:97:bb:3c:4d:d5:0a:48:70:
         26:04:99:2e:5c:d4:33:e7:2e:cc:20:ec:61:d6:47:ae:c6:1a:
         09:f0:c9:ff:08:37:be:47:a7:f9:86:62:32:9d:15:5b:a9:50:
         9b:00:89:42:ca:e1:14:b5:f3:9f:fb:3d:20:ca:4e:b0:bf:68:
         21:91:a1:8b:51:a6:1b:2a:cd:b9:cb:0e:36:8f:89:23:ce:46:
         ff:e7:da:39:57:35:58:ed:69:3a:4c:ed:59:93:ce:0d:7d:02:
         76:88:55:8b:9a:63:c2:b9:e7:8f:13:a4:b5:9a:05:c6:5f:7d:
         d6:4e:60:12:bb:5f:f7:e6:7c:e4:9f:1e:70:dc:e6:d8:05:6b:
         87:c3:56:bb:a6:5a:5a:4b:b5:68:b7:49:aa:b1:39:cc:da:95:
         60:0e:57:f5
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
RkIwNEFGMTEwLwYDVQQFEyg5M0NFMUYyMDI3MTgyQjgxMjlBQjBDNzEzQThGRjUy
MUMxM0Q0NDhGMB4XDTI0MDEzMDE0MDM0NFoXDTI5MDEzMTE0MDM0NFowGDEWMBQG
A1UEAxMNNjViOTAxYzMtMzg1ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbexDJGutL6EDbDIq6zLanrN0t1aqxW3lvrqc0+4QdSef/f+twiCMK49kXn
ArAKUmcdUFQALT8HKruCJsus9I7/GAK4CDaGYH1tkJP+TE/7YjaygNvH/a+8Q3s4
nPirAlbD5U0/Ag0je+8TAulv2LTpRbLapQgOjov2fKY0P1kjZP8JVvF0o9FJ4vft
JQIsehTXhgNYztnTYNkRqX+9PEs+D7AS87pRceoorrpKOpi5SlJjZ6mbggEX6W8K
T5IgOBy9EcVn5javhqdWKiYRaJ4r4ejy6UhFSoSyK9QeODv0vrD/ZrP37m+psXc+
U5+vt00UbwBtwHkRcIZ4LJkafksCAwEAAaOCAq0wggKpMB0GA1UdDgQWBBRX6K/0
hOqbGcXLpxzvtNr17LMbFjAfBgNVHSMEGDAWgBSTzh8gJxgrgSmrDHE6j/UhwT1E
jzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUZCMDQvQTAwMzBCRDBCRjc2MTFFRTk4RUE0NEIzNzc1NDEyRTYvazg0ZklD
Y1lLNEVwcXd4eE9vXzFJY0U5Ukk4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvazg0ZklDY1lLNEVwcXd4eE9vXzFJY0U5Ukk4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUZCMDQvQTAwMzBCRDBCRjc2MTFFRTk4RUE0NEIzNzc1
NDEyRTYvNjJDRDA3MzJCRjc4MTFFRTgwRTU0OUI2Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQFZiYgAwQAZiYsMA0GCSqG
SIb3DQEBCwUAA4IBAQByZsTQEH8xLtE0ZDQABRwnWnTCYv/hCzeoc4/9U/XJdJgT
KwH2rTDYNgbc8ZDGsVtriYeLZ1ZLVBE1FTh8LnLgZSYvMjUTI6FpTvIO0/V0nNw7
raRJ9NoPOZAhIxBoaAIMQQ36l7s8TdUKSHAmBJkuXNQz5y7MIOxh1keuxhoJ8Mn/
CDe+R6f5hmIynRVbqVCbAIlCyuEUtfOf+z0gyk6wv2ghkaGLUaYbKs25yw42j4kj
zkb/59o5VzVY7Wk6TO1Zk84NfQJ2iFWLmmPCueePE6S1mgXGX33WTmASu1/35nzk
nx5w3ObYBWuHw1a7plpaS7Vot0mqsTnM2pVgDlf1
-----END CERTIFICATE-----