Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0655DC34FFE511EDA8D257374AD9E6FC.roa
File:                     0655DC34FFE511EDA8D257374AD9E6FC.roa (raw, json)
Hash identifier:          U0cgRiy+PFuEQwtLIgwaA23RIb/8+8+sOGDdk/oJT94=
Subject key identifier:   86:98:DC:C5:4E:02:12:C1:FA:BE:FE:AF:C1:73:7D:AB:9D:87:06:FD
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0E52
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0655DC34FFE511EDA8D257374AD9E6FC.roa
Signing time:             Wed 31 May 2023 18:57:44 +0000
ROA not before:           Wed 31 May 2023 18:57:40 +0000
ROA not after:            Sat 31 May 2025 18:57:40 +0000
asID:                     834
IP address blocks:        154.16.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Jun 2023 07:32:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3666 (0xe52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 31 18:57:40 2023 GMT
            Not After : May 31 18:57:40 2025 GMT
        Subject: CN=647798a8-a947
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:a9:1e:fe:5f:1f:2e:2f:82:53:23:7c:28:85:
                    be:b9:53:79:1a:ed:4b:3f:c3:67:03:06:8f:3f:23:
                    44:3e:55:24:f4:f9:15:41:05:fd:92:79:33:e1:a5:
                    2d:d3:cf:30:ce:4a:28:a6:e2:35:30:64:7e:eb:0a:
                    72:73:af:cd:19:97:ee:2c:94:41:e4:38:b5:a0:b2:
                    03:fa:a5:f4:bd:1d:93:d7:79:11:a9:07:15:88:2b:
                    90:10:c3:6c:65:3c:64:48:e6:36:aa:a4:07:af:40:
                    df:bf:18:e6:d9:80:ad:84:c0:ff:f9:dc:d7:ee:e6:
                    11:cd:8c:c6:e7:70:05:f5:e2:7b:4d:9e:50:e0:e1:
                    70:1d:89:7e:de:5c:34:cf:8f:e7:7c:63:82:c1:a9:
                    d4:ce:ef:ed:5f:40:b9:a3:9d:11:d7:c6:9b:c8:10:
                    77:1c:c7:97:7a:5a:fe:f3:dd:48:2c:b3:d5:67:51:
                    ba:f6:7a:5c:92:3f:4f:16:ac:6e:66:b6:aa:62:db:
                    99:b6:56:41:06:4b:2a:63:93:88:e3:77:27:c0:61:
                    4d:97:78:c6:a7:bd:4f:a0:85:f2:52:79:2e:5e:f6:
                    04:ba:66:a3:8a:8f:eb:da:71:d6:b1:f4:ba:6e:32:
                    bb:00:e5:56:ba:71:b2:d7:65:d8:26:3d:8a:08:1c:
                    ac:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:98:DC:C5:4E:02:12:C1:FA:BE:FE:AF:C1:73:7D:AB:9D:87:06:FD
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0655DC34FFE511EDA8D257374AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:6a:72:15:1c:a9:08:f2:ad:e7:3e:2f:de:42:2c:af:0f:84:
         aa:1c:d9:5d:15:e3:b0:bb:8d:83:ea:2f:92:3e:ff:6a:eb:28:
         4e:52:73:39:9f:61:fc:d1:ac:7f:9a:c6:4a:15:46:99:f6:d2:
         f5:85:ae:4e:3e:c4:49:22:6a:40:89:59:b7:48:04:8b:fc:10:
         9e:2a:52:68:42:84:a5:24:88:5c:10:83:d9:3a:4d:1f:4f:14:
         94:da:2c:c8:b5:eb:81:06:27:fd:57:bc:04:4c:73:fc:35:0d:
         42:10:6a:a6:d7:b3:42:81:58:a6:15:41:b4:7e:b6:cf:b9:e1:
         58:ea:7c:42:61:63:65:3c:94:0b:38:f1:bc:6c:c9:62:5c:2b:
         62:3e:80:52:45:34:5b:24:4f:cf:86:a8:d2:35:31:c4:e8:b2:
         6e:5d:8c:88:aa:92:dd:ec:1d:79:ce:8d:a8:68:c2:1f:9f:19:
         9a:f1:04:26:df:52:e8:0a:de:04:f5:30:f2:9c:f8:e5:f9:d2:
         81:b9:f7:dd:c4:82:24:21:fb:f5:ef:d1:b2:4e:64:6a:7c:36:
         cf:ca:ea:70:1c:80:28:28:5c:e1:41:b7:f8:8a:73:20:6e:f3:
         c4:5a:dc:e2:0d:74:2a:68:93:fa:62:3d:7a:6d:24:e5:22:4c:
         52:e8:a0:65
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDlIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA1MzExODU3NDBaFw0yNTA1MzExODU3NDBaMBgxFjAU
BgNVBAMTDTY0Nzc5OGE4LWE5NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCaqR7+Xx8uL4JTI3wohb65U3ka7Us/w2cDBo8/I0Q+VST0+RVBBf2SeTPh
pS3TzzDOSiim4jUwZH7rCnJzr80Zl+4slEHkOLWgsgP6pfS9HZPXeRGpBxWIK5AQ
w2xlPGRI5jaqpAevQN+/GObZgK2EwP/53Nfu5hHNjMbncAX14ntNnlDg4XAdiX7e
XDTPj+d8Y4LBqdTO7+1fQLmjnRHXxpvIEHccx5d6Wv7z3Ugss9VnUbr2elySP08W
rG5mtqpi25m2VkEGSypjk4jjdyfAYU2XeManvU+ghfJSeS5e9gS6ZqOKj+vacdax
9LpuMrsA5Va6cbLXZdgmPYoIHKxZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhpjc
xU4CEsH6vv6vwXN9q52HBv0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzA2NTVEQzM0RkZFNTExRURBOEQyNTczNzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENUwDQYJKoZIhvcNAQEL
BQADggEBAKtqchUcqQjyrec+L95CLK8PhKoc2V0V47C7jYPqL5I+/2rrKE5Sczmf
YfzRrH+axkoVRpn20vWFrk4+xEkiakCJWbdIBIv8EJ4qUmhChKUkiFwQg9k6TR9P
FJTaLMi164EGJ/1XvARMc/w1DUIQaqbXs0KBWKYVQbR+ts+54VjqfEJhY2U8lAs4
8bxsyWJcK2I+gFJFNFskT8+GqNI1McTosm5djIiqkt3sHXnOjahowh+fGZrxBCbf
UugK3gT1MPKc+OX50oG5993EgiQh+/Xv0bJOZGp8Ns/K6nAcgCgoXOFBt/iKcyBu
88Ra3OINdCpok/piPXptJOUiTFLooGU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:36 2024 by rpki-client on console-ams.rpki-client.org