Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4BEAE3DA288E11EEBA34B9224AD9E6FC.roa
File: 4BEAE3DA288E11EEBA34B9224AD9E6FC.roa (raw, json)
Hash identifier: VgVjp4Rbl20OkPG/zk96AiUOGuRvU57oU7a/Zni/tPs=
Subject key identifier: 5A:9D:BA:98:C0:A8:2C:38:01:0D:88:AE:F1:DC:AD:27:3E:30:A4:EC
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 10C9
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4BEAE3DA288E11EEBA34B9224AD9E6FC.roa
Signing time: Sat 22 Jul 2023 12:50:12 +0000
ROA not before: Sat 22 Jul 2023 12:50:08 +0000
ROA not after: Sat 26 Jul 2025 12:50:08 +0000
asID: 20473
IP address blocks: 154.16.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4297 (0x10c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Jul 22 12:50:08 2023 GMT
Not After : Jul 26 12:50:08 2025 GMT
Subject: CN=64bbd084-77ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b8:90:ca:c6:67:78:07:a6:f4:03:72:f8:9a:
90:df:4d:ed:b4:c4:ef:eb:7d:64:46:c2:9c:68:e6:
a7:05:04:91:96:d4:de:c2:9f:14:24:d8:56:c7:05:
95:55:01:2b:5d:44:90:7f:7b:1e:e0:6c:f4:2c:89:
5d:6c:74:24:70:af:5c:1b:6d:de:ca:39:bd:58:b6:
c4:ba:ac:5b:f2:97:16:5c:9a:04:15:77:c4:bf:d9:
33:8e:81:86:9b:20:c9:5f:38:2c:fd:6a:28:a6:8b:
aa:4e:a4:33:67:21:c5:8b:8f:50:df:55:39:87:c8:
45:e9:e2:40:cf:0d:32:18:48:ad:22:33:42:d4:37:
53:aa:c6:a4:4b:7d:82:11:14:6c:a0:dc:35:54:d0:
a6:8b:b6:9c:16:a5:c6:25:c1:43:fd:f0:5a:1d:4b:
8a:fb:ca:30:f6:b1:a6:1a:91:1a:06:46:9a:7a:f4:
e8:97:1e:e7:48:a9:34:b0:8c:b7:10:be:c8:6b:c5:
ab:95:9f:83:6f:a6:a7:cc:8d:86:b3:23:57:da:d1:
60:6d:08:e3:f0:86:c9:f4:83:2a:9f:ce:27:9f:b9:
45:dc:48:12:74:f9:a3:88:27:6b:eb:27:a5:f9:7c:
fa:0a:f1:6a:02:9e:74:4c:c1:d5:ca:6c:1f:74:97:
1b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:9D:BA:98:C0:A8:2C:38:01:0D:88:AE:F1:DC:AD:27:3E:30:A4:EC
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4BEAE3DA288E11EEBA34B9224AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.89.0/24
Signature Algorithm: sha256WithRSAEncryption
52:96:c0:4c:31:17:62:45:ce:34:cb:34:b3:85:f2:03:27:42:
b5:8e:fc:66:e3:39:ed:3c:a0:a2:ae:35:df:dd:50:0a:e5:ae:
43:1f:81:0e:1e:3e:f0:40:64:8f:90:47:db:84:30:33:72:98:
5a:cb:b6:78:f1:e7:00:7c:84:e2:b9:10:69:3b:4c:13:5b:97:
58:2e:d6:63:ce:54:2b:ed:29:0d:b4:52:f1:7c:fc:47:ea:59:
1a:35:2d:fc:a2:02:ba:fe:64:b2:d0:38:f6:a1:de:67:87:d4:
94:1b:11:a7:ca:f7:fd:be:38:73:73:21:bf:1d:f6:29:43:4f:
b6:e6:7c:cf:88:85:3f:8a:68:a0:98:71:a3:b0:23:c2:ff:db:
b6:df:e9:ba:0a:60:2b:79:09:08:4f:c9:4b:75:71:d6:9b:53:
17:14:c5:5f:4f:3d:3b:72:fe:43:e8:f6:9b:e8:42:bc:a4:16:
64:12:b7:b7:57:dc:cb:0f:bb:23:b3:71:d3:09:e9:5a:2d:13:
92:c4:7f:e3:56:3f:c4:f3:6d:ea:5f:fb:73:b3:61:f8:85:9e:
61:d3:aa:c6:24:f4:6a:1f:57:e6:18:ea:ad:29:d8:20:ce:8a:
fa:f6:ec:c9:e3:56:93:4b:06:82:44:3d:ab:ec:fa:ac:74:ba:
93:f2:48:d5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEMkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA3MjIxMjUwMDhaFw0yNTA3MjYxMjUwMDhaMBgxFjAU
BgNVBAMTDTY0YmJkMDg0LTc3ZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6uJDKxmd4B6b0A3L4mpDfTe20xO/rfWRGwpxo5qcFBJGW1N7CnxQk2FbH
BZVVAStdRJB/ex7gbPQsiV1sdCRwr1wbbd7KOb1YtsS6rFvylxZcmgQVd8S/2TOO
gYabIMlfOCz9aiimi6pOpDNnIcWLj1DfVTmHyEXp4kDPDTIYSK0iM0LUN1OqxqRL
fYIRFGyg3DVU0KaLtpwWpcYlwUP98FodS4r7yjD2saYakRoGRpp69OiXHudIqTSw
jLcQvshrxauVn4NvpqfMjYazI1fa0WBtCOPwhsn0gyqfziefuUXcSBJ0+aOIJ2vr
J6X5fPoK8WoCnnRMwdXKbB90lxvrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUWp26
mMCoLDgBDYiu8dytJz4wpOwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzRCRUFFM0RBMjg4RTExRUVCQTM0QjkyMjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFkwDQYJKoZIhvcNAQEL
BQADggEBAFKWwEwxF2JFzjTLNLOF8gMnQrWO/GbjOe08oKKuNd/dUArlrkMfgQ4e
PvBAZI+QR9uEMDNymFrLtnjx5wB8hOK5EGk7TBNbl1gu1mPOVCvtKQ20UvF8/Efq
WRo1LfyiArr+ZLLQOPah3meH1JQbEafK9/2+OHNzIb8d9ilDT7bmfM+IhT+KaKCY
caOwI8L/27bf6boKYCt5CQhPyUt1cdabUxcUxV9PPTty/kPo9pvoQrykFmQSt7dX
3MsPuyOzcdMJ6VotE5LEf+NWP8Tzbepf+3OzYfiFnmHTqsYk9GofV+YY6q0p2CDO
ivr27MnjVpNLBoJEPavs+qx0upPySNU=
-----END CERTIFICATE-----
Generated at Tue Nov 21 09:22:29 2023 by rpki-client on console-fra.rpki-client.org