Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4576CC0E0C3111EE84AA237D4AD9E6FC.roa
File: 4576CC0E0C3111EE84AA237D4AD9E6FC.roa (raw, json)
Hash identifier: SFD62auPkRCFKdes4HVIf1/sLSIIIuMYDkB7kds2BB0=
Subject key identifier: 66:E0:02:4A:D1:52:BA:C9:8A:D6:31:91:2C:E6:B8:B3:C9:84:B7:1B
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0FA1
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4576CC0E0C3111EE84AA237D4AD9E6FC.roa
Signing time: Fri 16 Jun 2023 10:33:45 +0000
ROA not before: Fri 16 Jun 2023 10:33:41 +0000
ROA not after: Sun 15 Jun 2025 10:33:41 +0000
asID: 200482
IP address blocks: 154.16.218.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4001 (0xfa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Jun 16 10:33:41 2023 GMT
Not After : Jun 15 10:33:41 2025 GMT
Subject: CN=648c3a89-13bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2e:64:0d:cf:20:7d:ab:21:51:25:f2:3f:5f:
3a:61:86:11:e4:a9:bc:bd:89:c4:31:01:90:4a:13:
49:53:fa:32:2b:94:08:bf:89:bb:41:16:00:28:eb:
90:d2:ff:81:9c:31:8a:23:03:b5:65:79:67:c4:3b:
6c:80:a3:e1:fd:f0:18:a2:7d:33:b9:df:72:f8:de:
0d:47:95:df:ea:ff:f7:68:54:a0:9b:42:a1:d8:00:
e0:40:e8:30:f5:e6:3c:99:6d:9d:33:a0:d4:38:a1:
cd:af:55:a7:c5:c4:82:a3:09:69:a3:7d:d8:a0:30:
ac:51:e0:97:78:dd:7e:a1:e6:e4:39:81:3a:25:19:
fd:a5:1a:19:94:b0:fe:13:f6:ff:d8:97:ca:82:96:
da:3a:cf:b0:5a:18:be:e1:cb:3e:3d:f7:6e:20:20:
83:d2:71:a9:2a:d6:e9:d5:7b:16:64:fb:9e:3b:c7:
f0:ca:db:8c:fd:85:ac:db:8f:0e:99:33:a9:13:94:
ca:9d:ce:1a:6c:95:bc:01:1c:f6:02:4a:5c:6e:90:
4a:91:3f:78:5c:09:26:80:46:b0:63:72:86:db:d7:
63:ae:6c:a7:fd:cd:74:0b:7d:72:81:e2:fe:52:10:
96:21:d3:45:dd:fa:02:34:ab:df:40:34:76:0c:0a:
5c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E0:02:4A:D1:52:BA:C9:8A:D6:31:91:2C:E6:B8:B3:C9:84:B7:1B
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4576CC0E0C3111EE84AA237D4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.218.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:0b:60:31:bb:ce:2f:9d:44:a4:35:b9:26:42:e3:c7:d6:36:
87:32:7d:8a:de:15:02:96:3d:88:4c:4d:51:43:82:00:be:18:
06:55:0d:03:2c:92:a8:0d:45:4a:7d:91:06:41:91:b6:b2:9a:
8d:44:6d:bb:61:99:3d:7f:55:fc:b2:12:ad:93:2d:2a:5d:2f:
82:5e:8f:2e:7a:49:b6:ff:55:5d:fa:40:51:13:b5:24:1d:5e:
cd:8b:6c:6a:26:ad:fd:31:99:45:19:c4:26:50:47:92:96:82:
61:2c:2d:f2:99:35:49:a3:50:d5:7b:a3:20:fd:25:43:9e:46:
de:ce:9c:8b:5c:6c:32:2b:81:03:b9:41:32:09:7f:b5:32:4d:
1b:ae:63:ab:a6:04:44:42:15:c7:df:29:37:22:cf:1e:09:29:
8f:82:e6:cc:06:0b:5b:05:e1:43:05:4e:02:ec:75:46:1d:ff:
cb:d4:81:71:80:2a:1e:c1:a0:4d:36:98:fd:3c:0f:85:1b:88:
5a:b2:73:51:7a:f9:23:e0:b1:6b:c1:79:00:dd:74:55:46:4e:
02:87:b4:bc:a8:16:4c:fb:a9:bc:0c:ea:c1:22:e2:ad:a3:c4:
11:7f:d7:9d:a0:cf:22:aa:47:19:93:1f:00:17:1f:a4:57:7a:
b9:a6:40:0a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD6EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MTYxMDMzNDFaFw0yNTA2MTUxMDMzNDFaMBgxFjAU
BgNVBAMTDTY0OGMzYTg5LTEzYmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDLmQNzyB9qyFRJfI/XzphhhHkqby9icQxAZBKE0lT+jIrlAi/ibtBFgAo
65DS/4GcMYojA7VleWfEO2yAo+H98BiifTO533L43g1Hld/q//doVKCbQqHYAOBA
6DD15jyZbZ0zoNQ4oc2vVafFxIKjCWmjfdigMKxR4Jd43X6h5uQ5gTolGf2lGhmU
sP4T9v/Yl8qClto6z7BaGL7hyz49924gIIPScakq1unVexZk+547x/DK24z9hazb
jw6ZM6kTlMqdzhpslbwBHPYCSlxukEqRP3hcCSaARrBjcobb12OubKf9zXQLfXKB
4v5SEJYh00Xd+gI0q99ANHYMClwxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZuAC
StFSusmK1jGRLOa4s8mEtxswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQ1NzZDQzBFMEMzMTExRUU4NEFBMjM3RDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENowDQYJKoZIhvcNAQEL
BQADggEBAJ8LYDG7zi+dRKQ1uSZC48fWNocyfYreFQKWPYhMTVFDggC+GAZVDQMs
kqgNRUp9kQZBkbaymo1EbbthmT1/VfyyEq2TLSpdL4Jejy56Sbb/VV36QFETtSQd
Xs2LbGomrf0xmUUZxCZQR5KWgmEsLfKZNUmjUNV7oyD9JUOeRt7OnItcbDIrgQO5
QTIJf7UyTRuuY6umBERCFcffKTcizx4JKY+C5swGC1sF4UMFTgLsdUYd/8vUgXGA
Kh7BoE02mP08D4UbiFqyc1F6+SPgsWvBeQDddFVGTgKHtLyoFkz7qbwM6sEi4q2j
xBF/152gzyKqRxmTHwAXH6RXermmQAo=
-----END CERTIFICATE-----
Generated at Tue Aug 1 10:24:03 2023 by rpki-client on console-ams.rpki-client.org