Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/71DF216083DB11EA9105FC4DF8AEA228.roa
File:                     71DF216083DB11EA9105FC4DF8AEA228.roa (raw, json)
Hash identifier:          zfmHbJRQtVBUwvmUKSgZtJBt5/jDmUcnGKZISZcJqVM=
Subject key identifier:   58:26:C1:52:24:53:8B:F2:A5:74:8E:A0:8A:5F:0E:4E:AE:3B:F3:40
Certificate issuer:       /CN=F3663CEEAF/serialNumber=CB88587527B383916CC0B1D8866653C33431E45D
Certificate serial:       03
Authority key identifier: CB:88:58:75:27:B3:83:91:6C:C0:B1:D8:86:66:53:C3:34:31:E4:5D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/y4hYdSezg5FswLHYhmZTwzQx5F0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/71DF216083DB11EA9105FC4DF8AEA228.roa
Signing time:             Tue 21 Apr 2020 14:21:52 +0000
ROA not before:           Tue 21 Apr 2020 14:21:47 +0000
ROA not after:            Mon 29 Jul 2030 14:21:47 +0000
asID:                     327693
IP address blocks:        41.76.224.0/21 maxlen: 21
                          102.67.176.0/21 maxlen: 21
                          154.73.184.0/21 maxlen: 21
                          2c0f:f708::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 13 Nov 2023 08:36:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3663CEEAF/serialNumber=CB88587527B383916CC0B1D8866653C33431E45D
        Validity
            Not Before: Apr 21 14:21:47 2020 GMT
            Not After : Jul 29 14:21:47 2030 GMT
        Subject: CN=5e9f0180-f95b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:32:9e:9a:34:66:7b:d3:60:0d:6e:52:e3:77:
                    65:02:a1:c7:97:9d:2c:af:37:46:f2:e8:90:29:66:
                    87:0c:cb:c8:36:e5:8f:3f:ab:b3:4e:3a:ed:71:f1:
                    d7:85:4e:bd:9f:38:73:70:b2:53:62:1f:56:ba:23:
                    0b:26:c0:5a:53:bf:63:22:32:94:00:42:e3:7b:b3:
                    84:23:07:ec:61:ef:0a:ef:d6:7a:f7:ff:ca:af:7c:
                    6e:fc:38:61:7a:27:3c:10:82:ca:db:86:73:a4:56:
                    68:6f:0e:09:7e:e6:39:62:d2:a9:04:ab:89:a0:4d:
                    30:f3:3f:cd:80:62:1e:c6:24:74:f3:63:68:7a:d6:
                    d7:6a:10:38:54:74:68:5f:f7:a9:09:20:76:fe:7a:
                    1d:5c:c8:b5:db:39:35:e9:0d:f9:1c:bd:ff:6f:96:
                    f7:07:ae:48:a9:f1:86:ed:17:2a:92:ba:4f:cb:44:
                    36:ab:26:11:16:e8:6f:df:1a:43:b2:f5:c0:ee:15:
                    25:32:23:c6:c9:be:f9:7b:64:d8:62:49:fb:79:6e:
                    8e:3b:1b:57:a8:91:6b:03:07:ab:50:14:2e:cf:e3:
                    d7:4a:c3:6d:0e:f7:bb:fa:db:f1:78:b8:74:f4:3d:
                    c9:68:97:8b:01:34:d4:e3:3e:a8:68:17:93:ec:5f:
                    0d:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:26:C1:52:24:53:8B:F2:A5:74:8E:A0:8A:5F:0E:4E:AE:3B:F3:40
            X509v3 Authority Key Identifier:
                keyid:CB:88:58:75:27:B3:83:91:6C:C0:B1:D8:86:66:53:C3:34:31:E4:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/y4hYdSezg5FswLHYhmZTwzQx5F0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/y4hYdSezg5FswLHYhmZTwzQx5F0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/71DF216083DB11EA9105FC4DF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.224.0/21
                  102.67.176.0/21
                  154.73.184.0/21
                IPv6:
                  2c0f:f708::/32

    Signature Algorithm: sha256WithRSAEncryption
         19:01:d1:53:40:5c:23:18:c7:b2:2c:c2:50:a9:09:9e:f8:ad:
         57:eb:6f:cc:7b:b8:59:08:5a:49:04:6c:8a:63:4e:a9:44:a6:
         a6:28:7a:43:32:f0:35:0a:08:4c:90:27:63:e7:04:10:ff:f6:
         d5:84:f2:7b:25:7a:11:7d:85:23:cc:50:c8:24:c0:96:12:67:
         d1:c9:8d:20:94:50:d7:44:e8:4d:2a:e3:a7:2e:b1:25:a0:9f:
         01:34:27:3c:18:f1:1d:56:3c:4a:4f:7a:f4:8c:aa:e3:b3:03:
         50:18:83:8f:53:bc:3e:f3:78:a7:03:91:6f:76:ee:85:1e:fc:
         c7:52:08:cb:47:d8:02:a8:fd:5c:72:93:ff:48:51:eb:da:d0:
         d2:6d:32:83:b4:f1:93:d3:39:9e:9b:b0:00:b4:0a:2d:1f:02:
         95:71:82:81:49:6d:1e:39:2a:05:95:d9:5c:a8:78:45:67:5f:
         8e:73:a5:96:56:cb:66:cf:10:80:b0:a1:22:f0:1e:85:be:56:
         fe:23:07:4b:a8:eb:28:37:96:9a:34:c5:be:55:96:77:5f:78:
         c5:cd:93:62:90:e4:a2:1e:05:4b:f9:90:ea:b9:72:cd:01:5f:
         e9:26:3d:2b:8e:db:ce:89:40:58:8d:d3:ea:29:a8:6a:92:74:
         cc:df:47:b5
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
M0NFRUFGMTEwLwYDVQQFEyhDQjg4NTg3NTI3QjM4MzkxNkNDMEIxRDg4NjY2NTND
MzM0MzFFNDVEMB4XDTIwMDQyMTE0MjE0N1oXDTMwMDcyOTE0MjE0N1owGDEWMBQG
A1UEAxMNNWU5ZjAxODAtZjk1YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8ynpo0ZnvTYA1uUuN3ZQKhx5edLK83RvLokClmhwzLyDbljz+rs0467XHx
14VOvZ84c3CyU2IfVrojCybAWlO/YyIylABC43uzhCMH7GHvCu/Wevf/yq98bvw4
YXonPBCCytuGc6RWaG8OCX7mOWLSqQSriaBNMPM/zYBiHsYkdPNjaHrW12oQOFR0
aF/3qQkgdv56HVzItds5NekN+Ry9/2+W9weuSKnxhu0XKpK6T8tENqsmERbob98a
Q7L1wO4VJTIjxsm++Xtk2GJJ+3lujjsbV6iRawMHq1AULs/j10rDbQ73u/rb8Xi4
dPQ9yWiXiwE01OM+qGgXk+xfDZsCAwEAAaOCAsAwggK8MB0GA1UdDgQWBBRYJsFS
JFOL8qV0jqCKXw5OrjvzQDAfBgNVHSMEGDAWgBTLiFh1J7ODkWzAsdiGZlPDNDHk
XTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjNDRUUvMUZCQzQ0MjA4M0JFMTFFQThBNjVCNzMwRjhBRUEyMjgveTRoWWRT
ZXpnNUZzd0xIWWhtWlR3elF4NUYwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveTRoWWRTZXpnNUZzd0xIWWhtWlR3elF4NUYwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjNDRUUvMUZCQzQ0MjA4M0JFMTFFQThBNjVCNzMwRjhB
RUEyMjgvNzFERjIxNjA4M0RCMTFFQTkxMDVGQzRERjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAylM4AMEA2ZDsAMEA5pJuDAN
BAIAAjAHAwUALA/3CDANBgkqhkiG9w0BAQsFAAOCAQEAGQHRU0BcIxjHsizCUKkJ
nvitV+tvzHu4WQhaSQRsimNOqUSmpih6QzLwNQoITJAnY+cEEP/21YTyeyV6EX2F
I8xQyCTAlhJn0cmNIJRQ10ToTSrjpy6xJaCfATQnPBjxHVY8Sk969Iyq47MDUBiD
j1O8PvN4pwORb3buhR78x1IIy0fYAqj9XHKT/0hR69rQ0m0yg7Txk9M5npuwALQK
LR8ClXGCgUltHjkqBZXZXKh4RWdfjnOlllbLZs8QgLChIvAehb5W/iMHS6jrKDeW
mjTFvlWWd194xc2TYpDkoh4FS/mQ6rlyzQFf6SY9K47bzolAWI3T6imoapJ0zN9H
tQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:08 2024 by rpki-client on console-fra.rpki-client.org