Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3D8F9B3AC02F11EE86D03284775412E6.roa
File: 3D8F9B3AC02F11EE86D03284775412E6.roa (raw, json)
Hash identifier: 7kTDMP7DJJOaTFFUuMOzo9/IDzM9XU8SqXm1fLrQe8I=
Subject key identifier: 1E:C9:23:53:11:03:57:25:DE:2D:D6:9A:CD:49:F2:5C:0E:1E:53:B9
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1487
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3D8F9B3AC02F11EE86D03284775412E6.roa
Signing time: Wed 31 Jan 2024 11:52:42 +0000
ROA not before: Wed 31 Jan 2024 11:52:39 +0000
ROA not after: Sat 31 Jan 2026 11:52:39 +0000
asID: 834
IP address blocks: 154.16.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 12:36:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5255 (0x1487)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Jan 31 11:52:39 2024 GMT
Not After : Jan 31 11:52:39 2026 GMT
Subject: CN=65ba348a-8071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d7:5d:ae:3c:81:fe:da:cc:74:d6:b5:ea:ec:
4e:c5:f5:28:31:63:6e:e0:ac:57:b0:36:0b:ef:b1:
9c:de:ea:4e:ed:05:7d:63:5a:5d:97:8b:25:db:5a:
0c:41:f6:ad:56:e6:3f:67:90:32:46:79:27:ce:d8:
ac:c7:fa:23:6f:e3:7d:ff:7b:ab:14:b7:24:c5:0e:
87:52:26:0f:da:b1:a8:5e:43:02:2d:b8:0e:c7:22:
71:ca:7a:0b:7d:1b:90:87:98:63:bf:d0:52:3b:16:
07:10:e4:5f:3b:f5:44:df:83:4d:c4:c8:e0:ca:da:
88:5d:1a:34:de:aa:22:eb:1d:b7:e9:d6:b3:85:65:
77:b6:0c:08:49:a1:3d:02:99:64:4b:83:9c:f4:30:
5c:d7:d0:12:6f:79:40:7b:f1:a5:9a:81:5d:ec:63:
e6:1f:f9:cc:a4:82:d5:98:8f:39:68:f9:e7:f3:ac:
1f:b7:9a:3d:80:f0:9d:5a:95:bd:0b:2b:c0:76:ac:
a9:ea:d6:81:b5:4c:08:57:9b:76:91:58:95:ae:87:
ba:ca:91:61:17:01:2c:55:b9:b4:b5:7d:bb:dc:a8:
80:00:ee:93:c2:4b:26:d8:36:c2:31:fb:fc:4e:aa:
c8:0d:fb:96:54:7c:44:6e:e5:2c:de:11:63:4e:e3:
e1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:C9:23:53:11:03:57:25:DE:2D:D6:9A:CD:49:F2:5C:0E:1E:53:B9
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3D8F9B3AC02F11EE86D03284775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.91.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:86:1b:02:79:72:f7:84:c0:cc:89:52:e1:6c:a5:42:7d:15:
be:c6:e4:cd:bf:15:a6:60:f1:8c:8a:ee:4b:bd:c0:ae:85:4d:
27:6e:0f:53:45:8d:28:84:c7:40:14:21:be:a5:19:2d:5a:c3:
a0:ca:86:c7:a9:cd:9a:3a:f2:91:0a:94:1d:e1:67:72:39:49:
cc:f3:ed:15:82:73:1d:0c:37:75:f5:37:51:d7:ad:a2:fd:ff:
71:28:b0:f9:9f:e8:69:34:c3:ec:95:dc:10:b4:bc:09:fe:8f:
1f:0b:3a:bb:45:03:f5:2b:99:fc:05:b5:ca:e9:81:35:ba:fb:
1d:68:0c:77:d7:56:ed:16:b2:fd:dc:6f:7a:31:71:43:e8:70:
86:f9:49:f3:61:20:1c:8f:af:cb:ea:0d:c7:84:9b:30:37:70:
4f:53:a5:93:fe:9d:be:48:fa:f0:c3:91:00:55:d8:f3:9f:3a:
fe:de:9b:f3:cf:94:c0:0a:a9:2f:72:7a:70:46:58:6d:66:e8:
e3:3e:2c:bd:18:9d:d4:95:30:a1:d9:59:30:c1:fd:49:53:5b:
c2:19:90:a8:47:4a:9b:3b:80:07:01:97:5d:bf:9d:39:4e:45:
8d:03:5b:1b:ee:64:ba:5c:c3:1f:2c:06:4c:27:dd:8c:7b:e2:
54:3a:0a:f0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFIcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAxMzExMTUyMzlaFw0yNjAxMzExMTUyMzlaMBgxFjAU
BgNVBAMTDTY1YmEzNDhhLTgwNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDb112uPIH+2sx01rXq7E7F9SgxY27grFewNgvvsZze6k7tBX1jWl2XiyXb
WgxB9q1W5j9nkDJGeSfO2KzH+iNv433/e6sUtyTFDodSJg/asaheQwItuA7HInHK
egt9G5CHmGO/0FI7FgcQ5F879UTfg03EyODK2ohdGjTeqiLrHbfp1rOFZXe2DAhJ
oT0CmWRLg5z0MFzX0BJveUB78aWagV3sY+Yf+cykgtWYjzlo+efzrB+3mj2A8J1a
lb0LK8B2rKnq1oG1TAhXm3aRWJWuh7rKkWEXASxVubS1fbvcqIAA7pPCSybYNsIx
+/xOqsgN+5ZUfERu5SzeEWNO4+HZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUHskj
UxEDVyXeLdaazUnyXA4eU7kwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzNEOEY5QjNBQzAyRjExRUU4NkQwMzI4NDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFswDQYJKoZIhvcNAQEL
BQADggEBAHuGGwJ5cveEwMyJUuFspUJ9Fb7G5M2/FaZg8YyK7ku9wK6FTSduD1NF
jSiEx0AUIb6lGS1aw6DKhsepzZo68pEKlB3hZ3I5Sczz7RWCcx0MN3X1N1HXraL9
/3EosPmf6Gk0w+yV3BC0vAn+jx8LOrtFA/UrmfwFtcrpgTW6+x1oDHfXVu0Wsv3c
b3oxcUPocIb5SfNhIByPr8vqDceEmzA3cE9TpZP+nb5I+vDDkQBV2POfOv7em/PP
lMAKqS9yenBGWG1m6OM+LL0YndSVMKHZWTDB/UlTW8IZkKhHSps7gAcBl12/nTlO
RY0DWxvuZLpcwx8sBkwn3Yx74lQ6CvA=
-----END CERTIFICATE-----
Generated at Thu Feb 1 16:26:08 2024 by rpki-client on console-ams.rpki-client.org