Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3384EA085DE411EEA3A62C294AD9E6FC.roa
File: 3384EA085DE411EEA3A62C294AD9E6FC.roa (raw, json)
Hash identifier: ujG/98P6SinDAWGEJ0HiNeXRvZCF+WX3UWWrbPULBBk=
Subject key identifier: 3A:95:3C:E0:C7:6B:E8:C6:61:14:B5:C6:A4:77:30:0E:30:E8:C0:80
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 128F
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3384EA085DE411EEA3A62C294AD9E6FC.roa
Signing time: Thu 28 Sep 2023 09:48:39 +0000
ROA not before: Thu 28 Sep 2023 09:48:36 +0000
ROA not after: Tue 30 Sep 2025 09:48:36 +0000
asID: 213060
IP address blocks: 154.16.100.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4751 (0x128f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Sep 28 09:48:36 2023 GMT
Not After : Sep 30 09:48:36 2025 GMT
Subject: CN=65154bf7-8a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cb:14:27:55:4d:51:30:3e:c5:8b:ce:dd:c6:
f4:31:b0:4c:84:9c:7e:20:7d:49:9f:dc:0e:e5:a1:
7f:91:13:7d:42:bf:1e:e5:90:0f:73:6e:91:35:87:
5a:fe:0a:20:2f:c6:e5:24:6e:32:54:dc:23:ab:3f:
ee:68:67:70:29:f8:9d:2d:03:30:46:e4:db:49:fe:
07:99:51:51:97:1d:a9:de:0e:55:6a:e2:56:f1:2b:
cb:01:e6:70:7c:f6:e7:cd:04:17:95:33:b4:47:44:
78:77:8e:5c:c3:9c:6d:a0:46:6f:b4:c1:6f:53:10:
02:53:6f:a8:b4:8d:69:0b:17:b6:91:47:e9:55:b6:
09:6b:61:4e:34:d4:6e:cd:8b:e4:43:00:53:a2:76:
e0:94:6e:42:27:b4:75:ce:00:48:67:dd:67:b9:b8:
1b:38:78:a6:d8:cb:f3:18:af:5d:17:a1:24:34:c9:
31:69:34:37:30:ac:bc:d2:2f:38:af:63:c7:63:1c:
04:27:e3:00:dc:f0:38:5c:17:06:fa:89:00:d5:21:
3e:b2:6d:9f:d8:6d:a4:9d:61:08:3a:5c:35:71:6e:
c8:25:cf:7e:c4:a4:8d:f6:e4:47:b8:7e:a1:31:29:
c1:b7:dd:b3:39:fd:db:5c:02:0f:f9:fc:55:0e:5e:
70:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:95:3C:E0:C7:6B:E8:C6:61:14:B5:C6:A4:77:30:0E:30:E8:C0:80
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3384EA085DE411EEA3A62C294AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.100.0/23
Signature Algorithm: sha256WithRSAEncryption
37:53:ca:78:12:48:f4:8a:ac:fc:5d:c4:4a:f7:aa:d7:07:47:
34:3f:c6:7a:56:3f:81:a9:8d:e3:6b:85:6f:39:d4:5e:80:f6:
62:b5:d9:55:70:08:04:b0:7c:84:78:9f:c5:94:0b:bf:eb:28:
5f:21:f6:a9:f4:1f:08:1a:e2:55:d3:a7:07:79:09:5c:5a:a9:
70:56:31:84:57:35:76:fb:66:ba:58:84:53:82:cf:ea:1a:c4:
3f:06:97:c4:22:13:61:fa:35:97:02:7f:55:f7:1c:cf:3f:5f:
9c:c3:10:55:89:cb:e0:af:d6:db:e3:c3:b7:ab:93:e8:38:e8:
59:8a:12:8a:5a:45:bc:d5:22:aa:60:97:65:42:07:32:bb:13:
6b:67:cc:45:2b:5e:f9:b3:59:92:3b:ed:92:03:8c:59:9f:35:
4f:5b:6c:94:8c:e5:fb:22:24:c4:df:d5:ec:b7:ab:9a:77:16:
d2:70:4c:a7:3e:eb:55:98:56:5d:27:5e:c0:e6:5d:8f:8d:ef:
b4:d6:fd:4e:85:e6:d1:6b:71:92:bc:56:1a:69:89:c0:7e:d7:
08:cb:93:32:11:b1:5d:f8:07:45:6f:25:82:60:8b:b6:6f:16:
2b:bd:e4:5c:6a:16:42:c5:21:e1:57:e2:22:ef:88:e8:1f:68:
f1:83:8a:c2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEo8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MjgwOTQ4MzZaFw0yNTA5MzAwOTQ4MzZaMBgxFjAU
BgNVBAMTDTY1MTU0YmY3LThhNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDNyxQnVU1RMD7Fi87dxvQxsEyEnH4gfUmf3A7loX+RE31Cvx7lkA9zbpE1
h1r+CiAvxuUkbjJU3COrP+5oZ3Ap+J0tAzBG5NtJ/geZUVGXHaneDlVq4lbxK8sB
5nB89ufNBBeVM7RHRHh3jlzDnG2gRm+0wW9TEAJTb6i0jWkLF7aRR+lVtglrYU40
1G7Ni+RDAFOiduCUbkIntHXOAEhn3We5uBs4eKbYy/MYr10XoSQ0yTFpNDcwrLzS
LzivY8djHAQn4wDc8DhcFwb6iQDVIT6ybZ/YbaSdYQg6XDVxbsglz37EpI325Ee4
fqExKcG33bM5/dtcAg/5/FUOXnBxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUOpU8
4Mdr6MZhFLXGpHcwDjDowIAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzMzODRFQTA4NURFNDExRUVBM0E2MkMyOTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaEGQwDQYJKoZIhvcNAQEL
BQADggEBADdTyngSSPSKrPxdxEr3qtcHRzQ/xnpWP4GpjeNrhW851F6A9mK12VVw
CASwfIR4n8WUC7/rKF8h9qn0Hwga4lXTpwd5CVxaqXBWMYRXNXb7ZrpYhFOCz+oa
xD8Gl8QiE2H6NZcCf1X3HM8/X5zDEFWJy+Cv1tvjw7erk+g46FmKEopaRbzVIqpg
l2VCBzK7E2tnzEUrXvmzWZI77ZIDjFmfNU9bbJSM5fsiJMTf1ey3q5p3FtJwTKc+
61WYVl0nXsDmXY+N77TW/U6F5tFrcZK8VhppicB+1wjLkzIRsV34B0VvJYJgi7Zv
Fiu95FxqFkLFIeFX4iLviOgfaPGDisI=
-----END CERTIFICATE-----
Generated at Thu Sep 28 12:01:20 2023 by rpki-client on console-ams.rpki-client.org