Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5620B3028E8211EEA5EFB4DA7D84E21B.roa
File: 5620B3028E8211EEA5EFB4DA7D84E21B.roa (raw, json)
Hash identifier: wg6mCGBkZp2UX3KpSli7V9zmmrTcxRD4kVzM4bu5yGA=
Subject key identifier: 87:B4:E4:E7:AC:7A:1B:7D:60:6A:9F:15:D3:1D:DE:16:C1:55:FC:BA
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 139C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5620B3028E8211EEA5EFB4DA7D84E21B.roa
Signing time: Wed 29 Nov 2023 06:41:34 +0000
ROA not before: Wed 29 Nov 2023 06:41:30 +0000
ROA not after: Sat 29 Nov 2025 06:41:30 +0000
asID: 3356
IP address blocks: 154.16.213.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5020 (0x139c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Nov 29 06:41:30 2023 GMT
Not After : Nov 29 06:41:30 2025 GMT
Subject: CN=6566dd1e-ed90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c0:da:41:39:a8:38:06:33:6b:3d:43:f1:c0:
c5:70:cf:86:83:77:65:84:c1:b6:ce:ec:11:c9:5e:
3c:c4:f3:0b:14:26:a1:91:2e:68:39:eb:91:7b:66:
be:47:84:6c:94:15:b7:fc:4b:09:b1:6c:18:7d:f8:
08:3d:79:0a:7b:4c:eb:28:d0:86:4c:f5:36:09:8b:
60:55:ac:be:bd:62:24:b5:22:4f:cd:49:ac:e0:6d:
60:f3:d0:2c:48:92:f0:67:7b:ea:03:bf:80:bf:af:
2b:32:8e:26:b5:62:74:fd:62:38:4a:8b:f2:b5:17:
69:89:dc:93:51:bf:1f:e4:3a:0e:71:70:b0:f0:e8:
07:27:86:e7:c3:fd:2d:75:c2:03:a2:7f:58:94:d3:
ec:41:5e:c5:b9:16:2f:33:a2:08:c1:36:18:74:57:
8a:ac:0f:5e:ed:98:12:8a:50:00:60:e6:74:d2:89:
19:2e:33:f2:b2:a4:f5:c4:5e:6e:30:8c:95:48:e2:
7d:9f:40:ca:8a:43:76:4f:9a:aa:26:90:c6:cf:18:
35:fa:12:dc:65:2b:45:c5:65:4e:5d:51:aa:7f:3b:
56:81:f8:11:44:a0:34:c9:27:68:13:41:bc:80:8a:
52:65:01:76:2d:31:63:57:9c:22:06:a5:36:3f:94:
97:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B4:E4:E7:AC:7A:1B:7D:60:6A:9F:15:D3:1D:DE:16:C1:55:FC:BA
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5620B3028E8211EEA5EFB4DA7D84E21B.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.213.0/24
Signature Algorithm: sha256WithRSAEncryption
48:42:14:0c:30:f1:7a:73:53:11:58:ee:4c:95:4a:72:71:f1:
1f:52:6e:30:6b:3a:c4:03:5f:f6:f5:e5:8e:6a:b5:e4:6c:97:
98:3f:33:81:6f:d6:ee:01:00:c3:6c:87:1f:bb:c8:bd:75:e3:
65:22:20:62:06:86:55:05:eb:6e:1b:aa:e3:8d:6e:31:b4:29:
83:98:45:00:04:3f:22:09:96:48:b9:01:c5:a2:e0:3a:6e:b9:
59:1b:e8:1f:52:42:d7:ca:8d:0f:46:d3:af:92:e3:ef:4c:f7:
ca:89:7e:d5:33:2a:08:29:45:e8:0e:8a:4d:b2:15:12:2f:49:
d1:84:3f:8a:b7:f4:6a:d6:3c:82:98:d6:f9:3e:c0:dd:24:e8:
de:11:aa:f0:27:40:62:5e:95:cb:9d:15:ec:19:a1:d9:35:48:
28:68:2d:4f:10:73:12:2a:49:24:4e:af:1e:a0:a0:6d:79:c3:
d1:9a:81:88:49:68:c6:43:08:aa:9e:17:b7:67:65:61:fe:40:
1e:7c:81:bb:ef:d6:0f:fe:de:c9:41:21:8e:f2:d3:3e:90:b4:
8f:25:5f:99:1a:88:e0:b9:8f:ed:89:9e:6a:9a:cd:9c:f6:eb:
9a:16:fc:a3:9b:33:04:60:79:f3:8d:7a:76:c1:6b:1c:54:f2:
b9:4a:6d:ed
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE5wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjkwNjQxMzBaFw0yNTExMjkwNjQxMzBaMBgxFjAU
BgNVBAMTDTY1NjZkZDFlLWVkOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCmwNpBOag4BjNrPUPxwMVwz4aDd2WEwbbO7BHJXjzE8wsUJqGRLmg565F7
Zr5HhGyUFbf8SwmxbBh9+Ag9eQp7TOso0IZM9TYJi2BVrL69YiS1Ik/NSazgbWDz
0CxIkvBne+oDv4C/rysyjia1YnT9YjhKi/K1F2mJ3JNRvx/kOg5xcLDw6AcnhufD
/S11wgOif1iU0+xBXsW5Fi8zogjBNhh0V4qsD17tmBKKUABg5nTSiRkuM/KypPXE
Xm4wjJVI4n2fQMqKQ3ZPmqomkMbPGDX6EtxlK0XFZU5dUap/O1aB+BFEoDTJJ2gT
QbyAilJlAXYtMWNXnCIGpTY/lJerAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUh7Tk
56x6G31gap8V0x3eFsFV/LowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU2MjBCMzAyOEU4MjExRUVBNUVGQjREQTdEODRFMjFCLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENUwDQYJKoZIhvcNAQEL
BQADggEBAEhCFAww8XpzUxFY7kyVSnJx8R9SbjBrOsQDX/b15Y5qteRsl5g/M4Fv
1u4BAMNshx+7yL1142UiIGIGhlUF624bquONbjG0KYOYRQAEPyIJlki5AcWi4Dpu
uVkb6B9SQtfKjQ9G06+S4+9M98qJftUzKggpRegOik2yFRIvSdGEP4q39GrWPIKY
1vk+wN0k6N4RqvAnQGJelcudFewZodk1SChoLU8QcxIqSSROrx6goG15w9GagYhJ
aMZDCKqeF7dnZWH+QB58gbvv1g/+3slBIY7y0z6QtI8lX5kaiOC5j+2JnmqazZz2
65oW/KObMwRgefONenbBaxxU8rlKbe0=
-----END CERTIFICATE-----
Generated at Tue Dec 5 12:08:46 2023 by rpki-client on console-ams.rpki-client.org