Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/8325096471AB11EE8BF5C52D4AD9E6FC.roa
File:                     8325096471AB11EE8BF5C52D4AD9E6FC.roa (raw, json)
Hash identifier:          MsN49LQIZZXwzmXaD+kxEcWuDZK+WgCH9x49zTIFMQI=
Subject key identifier:   30:BD:75:E0:1F:80:30:6B:82:08:CA:EF:62:D2:4E:06:6A:1F:AC:05
Certificate issuer:       /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial:       0802
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access:    rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/8325096471AB11EE8BF5C52D4AD9E6FC.roa
Signing time:             Mon 23 Oct 2023 13:53:15 +0000
ROA not before:           Mon 23 Oct 2023 13:53:11 +0000
ROA not after:            Tue 25 Oct 2033 13:53:11 +0000
asID:                     212238
IP address blocks:        192.142.174.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Nov 2024 10:43:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2050 (0x802)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
        Validity
            Not Before: Oct 23 13:53:11 2023 GMT
            Not After : Oct 25 13:53:11 2033 GMT
        Subject: CN=65367acb-d285
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:fd:d7:ac:b1:13:9a:c7:24:12:b5:7c:85:d9:
                    dc:78:d1:d1:82:e9:80:df:38:14:57:14:3e:29:aa:
                    36:b7:8c:0c:03:52:ea:d0:84:81:3f:02:1e:95:a9:
                    92:28:8d:3b:f3:83:d4:38:81:e5:9d:4d:ef:03:cb:
                    3e:de:15:10:1b:53:5f:26:dc:d1:8b:6e:5c:dd:7e:
                    e5:ae:ca:ae:5b:70:c2:04:c6:fc:1b:12:01:1e:3d:
                    24:0f:d5:a4:6f:df:62:53:eb:b2:45:66:6f:46:68:
                    21:20:3a:be:bd:fd:e4:68:6e:09:ff:c3:98:1d:54:
                    ca:e4:86:54:0c:de:b3:7c:4a:28:f9:ec:e0:8c:cd:
                    82:b9:09:54:9a:47:c3:15:26:1f:45:8f:16:2f:1f:
                    bb:42:13:f5:f3:9f:69:1f:e2:e6:ef:e6:a5:9a:c7:
                    90:67:9d:70:4f:d2:43:7f:ca:26:11:eb:cc:f6:e0:
                    49:3c:5d:37:fd:d8:f3:b4:2a:77:e8:7e:03:1a:31:
                    d6:32:1f:fe:9f:17:aa:fe:15:e9:0d:0a:2e:b1:d2:
                    65:82:23:15:a4:87:61:9b:90:c2:92:d2:d1:18:eb:
                    34:a6:3f:cf:d1:88:e7:db:bf:d5:56:21:c5:25:36:
                    62:65:d2:de:28:5d:77:cb:9b:86:30:85:54:10:b2:
                    31:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:BD:75:E0:1F:80:30:6B:82:08:CA:EF:62:D2:4E:06:6A:1F:AC:05
            X509v3 Authority Key Identifier:
                keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/8325096471AB11EE8BF5C52D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.142.174.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9b:13:24:1c:52:99:e8:aa:2c:e4:4a:fe:c1:91:92:c5:91:de:
         ec:6a:29:0e:02:9c:9a:c8:f6:30:6f:ce:cd:1b:d0:40:2c:61:
         bb:05:3e:d3:99:a3:e4:d4:49:f8:41:96:b9:21:0f:96:be:52:
         24:c0:97:d3:23:67:b5:b5:aa:d7:92:82:6c:0b:3e:37:5d:7b:
         4f:60:bd:43:f4:a1:72:95:d5:da:2b:1f:56:c1:81:47:ff:94:
         43:0e:c3:6c:82:3e:84:3a:f2:39:37:32:2c:e6:fa:89:7a:60:
         ea:bd:0e:1f:43:28:43:95:2e:3e:8e:e8:31:2a:c2:e8:97:4f:
         e8:ba:26:2f:c8:bf:a1:c7:11:65:6c:fb:02:7a:b3:b9:6b:b4:
         22:27:65:c6:1d:85:2d:35:4e:7f:da:af:97:89:42:8e:e2:78:
         4e:5c:45:3e:21:7d:e9:b9:4d:2a:6d:fe:b1:f0:b0:07:76:8f:
         39:d4:53:24:05:7c:66:a6:35:8c:70:c9:5d:d2:d0:51:5d:de:
         e7:f0:74:08:71:03:4a:cb:b8:31:f4:30:79:ca:b6:1e:c4:d8:
         8a:25:fb:47:9e:e4:e8:3a:b0:55:6b:23:e0:6c:c8:e0:86:1e:
         32:7a:ae:cd:1f:85:d7:52:2b:e0:f0:82:0f:0f:30:39:8f:93:
         a9:a4:a1:32
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCAIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yMzEwMjMxMzUzMTFaFw0zMzEwMjUxMzUzMTFaMBgxFjAU
BgNVBAMTDTY1MzY3YWNiLWQyODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCp/dessROaxyQStXyF2dx40dGC6YDfOBRXFD4pqja3jAwDUurQhIE/Ah6V
qZIojTvzg9Q4geWdTe8Dyz7eFRAbU18m3NGLblzdfuWuyq5bcMIExvwbEgEePSQP
1aRv32JT67JFZm9GaCEgOr69/eRobgn/w5gdVMrkhlQM3rN8Sij57OCMzYK5CVSa
R8MVJh9FjxYvH7tCE/Xzn2kf4ubv5qWax5BnnXBP0kN/yiYR68z24Ek8XTf92PO0
KnfofgMaMdYyH/6fF6r+FekNCi6x0mWCIxWkh2GbkMKS0tEY6zSmP8/RiOfbv9VW
IcUlNmJl0t4oXXfLm4YwhVQQsjHVAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUML11
4B+AMGuCCMrvYtJOBmofrAUwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzgzMjUwOTY0NzFBQjExRUU4QkY1QzUyRDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHAjq4wDQYJKoZIhvcNAQELBQAD
ggEBAJsTJBxSmeiqLORK/sGRksWR3uxqKQ4CnJrI9jBvzs0b0EAsYbsFPtOZo+TU
SfhBlrkhD5a+UiTAl9MjZ7W1qteSgmwLPjdde09gvUP0oXKV1dorH1bBgUf/lEMO
w2yCPoQ68jk3Mizm+ol6YOq9Dh9DKEOVLj6O6DEqwuiXT+i6Ji/Iv6HHEWVs+wJ6
s7lrtCInZcYdhS01Tn/ar5eJQo7ieE5cRT4hfem5TSpt/rHwsAd2jznUUyQFfGam
NYxwyV3S0FFd3ufwdAhxA0rLuDH0MHnKth7E2Iol+0ee5Og6sFVrI+BsyOCGHjJ6
rs0fhddSK+Dwgg8PMDmPk6mkoTI=
-----END CERTIFICATE-----
Generated at Fri Nov 1 12:52:16 2024 by rpki-client on console-fra.rpki-client.org