Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367972F/6110705C901011ED9475399BF1222468/03B25C48901211EDB952C29FF1222468.roa
File: 03B25C48901211EDB952C29FF1222468.roa (raw, json)
Hash identifier: qFAbGyOwChnebSbZSwCGZkk4Y1KP4QTgobGPjclViVo=
Subject key identifier: 4B:B4:45:E2:3A:85:C4:DF:0D:A5:C2:32:44:A9:8B:62:7C:62:C8:2E
Certificate issuer: /CN=F367972FAF/serialNumber=922D26C66B0F4EF852358E3BD9E1A6F1B55D7B87
Certificate serial: 06
Authority key identifier: 92:2D:26:C6:6B:0F:4E:F8:52:35:8E:3B:D9:E1:A6:F1:B5:5D:7B:87
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ki0mxmsPTvhSNY472eGm8bVde4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367972F/6110705C901011ED9475399BF1222468/03B25C48901211EDB952C29FF1222468.roa
Signing time: Mon 09 Jan 2023 11:37:36 +0000
ROA not before: Mon 09 Jan 2023 11:37:33 +0000
ROA not after: Sat 01 Jan 2033 11:37:33 +0000
asID: 24757
IP address blocks: 197.156.64.0/18 maxlen: 18
2c0f:f348::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 09 Jan 2023 13:16:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367972FAF/serialNumber=922D26C66B0F4EF852358E3BD9E1A6F1B55D7B87
Validity
Not Before: Jan 9 11:37:33 2023 GMT
Not After : Jan 1 11:37:33 2033 GMT
Subject: CN=63bbfc80-b58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b3:9d:c3:38:2e:96:af:e3:fe:17:3a:23:5b:
fb:0d:f1:35:d5:25:65:3d:ba:94:9a:0d:e2:cc:72:
46:48:8c:19:7b:0e:79:22:69:8f:c5:ff:58:6b:e2:
17:cc:b6:17:27:02:cd:14:5d:bc:ac:52:24:4b:d0:
a0:e9:d1:f4:e1:d7:16:f1:9d:ca:54:e9:e8:9b:0f:
72:c0:3b:bb:d9:3c:d1:db:a4:d6:1e:42:a8:5a:69:
b4:86:82:e8:20:2d:86:6e:65:d8:d1:9a:69:bc:2e:
ca:ea:a9:08:4a:cd:b4:24:60:91:d1:5a:77:e0:7c:
69:5a:a2:db:8d:34:4c:c1:b0:b5:8f:cd:69:b8:b9:
be:cd:18:6f:18:ae:d3:a3:61:f8:a8:f8:cb:a0:05:
2e:a0:dc:63:a0:af:11:28:c5:9c:3c:1d:a0:4b:1e:
5d:3d:fd:60:00:ab:0c:04:78:00:f4:b0:2f:c2:80:
d2:f8:fb:ce:8f:42:c3:77:1c:22:df:7d:44:80:3b:
40:c8:43:47:fc:27:7f:a4:3d:e1:be:ca:aa:61:c8:
0c:7b:36:45:16:8c:17:2f:25:ff:3e:7e:a0:2d:12:
73:ed:48:6e:94:38:0b:04:85:64:90:c0:99:b3:fe:
68:78:1d:a6:04:f5:4c:4a:32:3d:fd:1f:56:5d:2e:
b2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B4:45:E2:3A:85:C4:DF:0D:A5:C2:32:44:A9:8B:62:7C:62:C8:2E
X509v3 Authority Key Identifier:
keyid:92:2D:26:C6:6B:0F:4E:F8:52:35:8E:3B:D9:E1:A6:F1:B5:5D:7B:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367972F/6110705C901011ED9475399BF1222468/ki0mxmsPTvhSNY472eGm8bVde4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ki0mxmsPTvhSNY472eGm8bVde4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367972F/6110705C901011ED9475399BF1222468/03B25C48901211EDB952C29FF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
197.156.64.0/18
IPv6:
2c0f:f348::/32
Signature Algorithm: sha256WithRSAEncryption
b6:08:e1:e2:92:8a:81:d9:12:9f:c3:4c:0f:85:c5:81:8b:95:
f3:60:01:14:c6:57:f0:e6:5a:46:51:25:06:9e:ae:78:ef:6d:
de:90:a7:8e:be:3a:08:ec:ad:c4:a3:46:3f:0e:9b:51:43:c6:
d4:29:fb:51:04:6d:ed:76:7c:d2:05:81:4b:4d:0b:0c:d2:65:
47:78:46:39:38:c6:46:39:85:e5:d3:49:75:27:8d:33:8b:89:
8a:a9:a2:da:ea:fa:29:d8:3f:a7:31:c2:ce:60:52:ec:34:8d:
37:a8:df:9b:6a:2e:2f:6f:b1:c9:0e:e1:bb:bb:ba:a7:cd:6f:
1a:b6:38:3d:55:44:b0:fe:2e:52:4d:cb:c7:b0:97:41:e3:fb:
7f:b8:3f:e3:66:d3:14:06:91:55:ba:6e:be:e1:db:95:57:3a:
fa:f3:1a:38:68:17:73:5a:fb:a3:69:1d:aa:bb:63:4c:26:75:
0c:73:7e:47:4d:92:34:20:75:0e:34:14:a8:3c:22:47:15:e5:
ac:70:50:c3:c2:54:4b:8f:71:c2:78:9d:46:24:24:d0:87:4f:
82:19:f0:4c:70:4e:b8:aa:66:f9:5d:b2:d3:17:74:f9:11:7d:
57:33:ae:16:a0:4c:47:5f:bf:87:d5:b0:42:de:a8:20:83:67:
fd:f3:f6:36
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY3
OTcyRkFGMTEwLwYDVQQFEyg5MjJEMjZDNjZCMEY0RUY4NTIzNThFM0JEOUUxQTZG
MUI1NUQ3Qjg3MB4XDTIzMDEwOTExMzczM1oXDTMzMDEwMTExMzczM1owGDEWMBQG
A1UEAwwNNjNiYmZjODAtYjU4ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCzncM4Lpav4/4XOiNb+w3xNdUlZT26lJoN4sxyRkiMGXsOeSJpj8X/WGvi
F8y2FycCzRRdvKxSJEvQoOnR9OHXFvGdylTp6JsPcsA7u9k80duk1h5CqFpptIaC
6CAthm5l2NGaabwuyuqpCErNtCRgkdFad+B8aVqi2400TMGwtY/Nabi5vs0Ybxiu
06Nh+Kj4y6AFLqDcY6CvESjFnDwdoEseXT39YACrDAR4APSwL8KA0vj7zo9Cw3cc
It99RIA7QMhDR/wnf6Q94b7KqmHIDHs2RRaMFy8l/z5+oC0Sc+1IbpQ4CwSFZJDA
mbP+aHgdpgT1TEoyPf0fVl0usk8CAwEAAaOCArQwggKwMB0GA1UdDgQWBBRLtEXi
OoXE3w2lwjJEqYtifGLILjAfBgNVHSMEGDAWgBSSLSbGaw9O+FI1jjvZ4abxtV17
hzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Nzk3MkYvNjExMDcwNUM5MDEwMTFFRDk0NzUzOTlCRjEyMjI0Njgva2kwbXht
c1BUdmhTTlk0NzJlR204YlZkZTRjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMva2kwbXhtc1BUdmhTTlk0NzJlR204YlZkZTRjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Nzk3MkYvNjExMDcwNUM5MDEwMTFFRDk0NzUzOTlCRjEy
MjI0NjgvMDNCMjVDNDg5MDEyMTFFREI5NTJDMjlGRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBsWcQDANBAIAAjAHAwUALA/z
SDANBgkqhkiG9w0BAQsFAAOCAQEAtgjh4pKKgdkSn8NMD4XFgYuV82ABFMZX8OZa
RlElBp6ueO9t3pCnjr46COytxKNGPw6bUUPG1Cn7UQRt7XZ80gWBS00LDNJlR3hG
OTjGRjmF5dNJdSeNM4uJiqmi2ur6Kdg/pzHCzmBS7DSNN6jfm2ouL2+xyQ7hu7u6
p81vGrY4PVVEsP4uUk3Lx7CXQeP7f7g/42bTFAaRVbpuvuHblVc6+vMaOGgXc1r7
o2kdqrtjTCZ1DHN+R02SNCB1DjQUqDwiRxXlrHBQw8JUS49xwnidRiQk0IdPghnw
THBOuKpm+V2y0xd0+RF9VzOuFqBMR1+/h9WwQt6oIINn/fP2Ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-ams.rpki-client.org