Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/38B0D258699C11EEA0233C6C4AD9E6FC.roa
File:                     38B0D258699C11EEA0233C6C4AD9E6FC.roa (raw, json)
Hash identifier:          GAc988XJhyMykG3iCtOcTe3PLTPsWcxJHqxJl6/ovLA=
Subject key identifier:   E5:24:DA:A2:E9:AD:51:0F:C7:C7:6D:11:1F:26:5F:3F:79:AD:36:EC
Certificate issuer:       /CN=F366CE6FAF/serialNumber=2A7CEE79182BB8591BB135DDBFBBEE94C1DF4087
Certificate serial:       02
Authority key identifier: 2A:7C:EE:79:18:2B:B8:59:1B:B1:35:DD:BF:BB:EE:94:C1:DF:40:87
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/KnzueRgruFkbsTXdv7vulMHfQIc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/38B0D258699C11EEA0233C6C4AD9E6FC.roa
Signing time:             Fri 13 Oct 2023 07:43:38 +0000
ROA not before:           Fri 13 Oct 2023 07:43:35 +0000
ROA not after:            Fri 13 Oct 2028 07:43:35 +0000
asID:                     37513
IP address blocks:        196.12.10.0/24 maxlen: 24
                          196.216.164.0/22 maxlen: 22
                          2001:43f8:80::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 13 Oct 2023 10:51:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366CE6FAF/serialNumber=2A7CEE79182BB8591BB135DDBFBBEE94C1DF4087
        Validity
            Not Before: Oct 13 07:43:35 2023 GMT
            Not After : Oct 13 07:43:35 2028 GMT
        Subject: CN=6528f52a-17b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:58:b2:3c:64:42:cd:25:a7:81:72:74:de:4f:
                    fb:b5:b2:15:8d:32:57:60:82:5a:dd:56:30:e1:d7:
                    32:b5:6b:79:38:88:38:bf:94:85:41:9e:58:c1:80:
                    cf:77:b8:fe:aa:b3:56:47:87:cd:e1:c7:20:40:08:
                    15:56:8f:fe:a9:a4:60:31:45:aa:bf:ab:8b:0a:b1:
                    25:27:9a:c6:81:88:68:1a:2b:6d:28:08:03:36:8e:
                    59:8f:db:11:d7:64:fe:95:85:fc:7f:d4:9a:70:03:
                    1a:10:12:42:ba:db:7b:17:9c:20:73:27:06:55:3a:
                    9a:63:9c:2f:97:90:78:29:94:57:b8:65:4e:f7:a2:
                    38:f7:ab:73:13:a1:7c:cf:96:55:f3:9c:e8:c6:fd:
                    d0:9c:af:ca:62:2c:31:ae:ed:12:ff:d4:16:2b:8d:
                    57:cb:7e:37:cd:36:fc:b5:26:5e:58:56:83:74:d2:
                    2d:f9:fa:3f:3f:cd:2b:cd:c6:3f:67:d2:66:c4:43:
                    07:50:82:84:fb:9a:18:a1:b2:ae:6d:cb:02:41:33:
                    aa:e7:dc:f3:47:eb:d9:2b:91:4d:4f:37:f0:ca:7c:
                    71:13:fd:c3:aa:33:e1:b5:90:58:5d:f0:d8:05:fa:
                    78:37:1b:4f:47:80:2c:e9:59:ef:83:01:50:09:3c:
                    bd:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:24:DA:A2:E9:AD:51:0F:C7:C7:6D:11:1F:26:5F:3F:79:AD:36:EC
            X509v3 Authority Key Identifier:
                keyid:2A:7C:EE:79:18:2B:B8:59:1B:B1:35:DD:BF:BB:EE:94:C1:DF:40:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/KnzueRgruFkbsTXdv7vulMHfQIc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KnzueRgruFkbsTXdv7vulMHfQIc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/38B0D258699C11EEA0233C6C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.12.10.0/24
                  196.216.164.0/22
                IPv6:
                  2001:43f8:80::/48

    Signature Algorithm: sha256WithRSAEncryption
         9b:d0:4a:bf:c2:35:db:22:51:9e:1c:36:7a:9b:7d:94:20:84:
         2f:bb:b9:82:27:9b:04:8f:f0:9d:f1:a0:ee:0a:2f:eb:0e:97:
         39:72:1a:04:2e:75:56:8a:88:97:70:8e:52:5f:20:dc:99:7f:
         f3:fe:97:c7:bc:a6:a8:b0:49:2f:6b:c2:e6:31:7e:bb:08:d1:
         b2:3b:77:ce:70:f3:93:04:ec:b2:47:20:78:10:88:1d:a5:2a:
         91:2a:c2:ca:90:29:6c:cf:d7:c6:dd:73:75:be:c0:d3:8f:1a:
         9a:17:9d:01:ba:f1:56:93:2b:7e:1a:fd:b6:25:6f:81:34:00:
         2a:e7:1c:4c:1f:78:91:cd:68:4b:2b:28:f3:3e:1d:0a:4e:46:
         ad:f0:94:1c:ca:e8:90:be:ea:b7:45:ed:93:66:d8:e1:24:a8:
         f5:d1:36:f7:04:4c:de:31:0b:c4:3d:f5:76:43:0c:33:a4:f7:
         9e:e6:35:b7:9d:b5:3b:8c:38:21:86:00:95:05:b5:46:6b:36:
         67:3e:98:32:c8:28:79:59:47:01:aa:e5:52:51:02:04:97:90:
         c8:17:59:1a:ed:6c:0e:fb:44:cd:88:ac:78:83:a1:76:c5:8c:
         77:50:30:7a:5a:a8:4b:4e:c2:86:3b:44:47:20:f7:36:c2:0b:
         b5:a7:59:15
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
Q0U2RkFGMTEwLwYDVQQFEygyQTdDRUU3OTE4MkJCODU5MUJCMTM1RERCRkJCRUU5
NEMxREY0MDg3MB4XDTIzMTAxMzA3NDMzNVoXDTI4MTAxMzA3NDMzNVowGDEWMBQG
A1UEAxMNNjUyOGY1MmEtMTdiNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdYsjxkQs0lp4FydN5P+7WyFY0yV2CCWt1WMOHXMrVreTiIOL+UhUGeWMGA
z3e4/qqzVkeHzeHHIEAIFVaP/qmkYDFFqr+riwqxJSeaxoGIaBorbSgIAzaOWY/b
Eddk/pWF/H/UmnADGhASQrrbexecIHMnBlU6mmOcL5eQeCmUV7hlTveiOPercxOh
fM+WVfOc6Mb90JyvymIsMa7tEv/UFiuNV8t+N802/LUmXlhWg3TSLfn6Pz/NK83G
P2fSZsRDB1CChPuaGKGyrm3LAkEzqufc80fr2SuRTU838Mp8cRP9w6oz4bWQWF3w
2AX6eDcbT0eALOlZ74MBUAk8vbUCAwEAAaOCArwwggK4MB0GA1UdDgQWBBTlJNqi
6a1RD8fHbREfJl8/ea027DAfBgNVHSMEGDAWgBQqfO55GCu4WRuxNd2/u+6Uwd9A
hzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkNFNkYvRDlBNDY3NkM2OTlBMTFFRUJDQzVGQjY3NEFEOUU2RkMvS256dWVS
Z3J1Rmtic1RYZHY3dnVsTUhmUUljLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvS256dWVSZ3J1Rmtic1RYZHY3dnVsTUhmUUljLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkNFNkYvRDlBNDY3NkM2OTlBMTFFRUJDQzVGQjY3NEFE
OUU2RkMvMzhCMEQyNTg2OTlDMTFFRUEwMjMzQzZDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAMQMCgMEAsTYpDAPBAIAAjAJ
AwcAIAFD+ACAMA0GCSqGSIb3DQEBCwUAA4IBAQCb0Eq/wjXbIlGeHDZ6m32UIIQv
u7mCJ5sEj/Cd8aDuCi/rDpc5choELnVWioiXcI5SXyDcmX/z/pfHvKaosEkva8Lm
MX67CNGyO3fOcPOTBOyyRyB4EIgdpSqRKsLKkClsz9fG3XN1vsDTjxqaF50BuvFW
kyt+Gv22JW+BNAAq5xxMH3iRzWhLKyjzPh0KTkat8JQcyuiQvuq3Re2TZtjhJKj1
0Tb3BEzeMQvEPfV2QwwzpPee5jW3nbU7jDghhgCVBbVGazZnPpgyyCh5WUcBquVS
UQIEl5DIF1ka7WwO+0TNiKx4g6F2xYx3UDB6WqhLTsKGO0RHIPc2wgu1p1kV
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:09 2024 by rpki-client on console-fra.rpki-client.org