Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D34ED1825C3811EE8D9FD24F4AD9E6FC.roa
File: D34ED1825C3811EE8D9FD24F4AD9E6FC.roa (raw, json)
Hash identifier: VOBDjWVxdCj3s6/JLAh5o0qyEl7oJJbiNqPZv0ImpVw=
Subject key identifier: 43:0D:07:0F:03:C6:D6:EF:16:49:86:90:0E:04:9F:45:79:24:55:55
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1280
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D34ED1825C3811EE8D9FD24F4AD9E6FC.roa
Signing time: Tue 26 Sep 2023 06:49:23 +0000
ROA not before: Tue 26 Sep 2023 06:49:19 +0000
ROA not after: Fri 26 Sep 2025 06:49:19 +0000
asID: 212238
IP address blocks: 154.16.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4736 (0x1280)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Sep 26 06:49:19 2023 GMT
Not After : Sep 26 06:49:19 2025 GMT
Subject: CN=65127ef3-ca17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c3:ad:ca:f2:b3:39:4d:bf:0e:f9:2b:90:d8:
54:3d:b7:be:9a:84:39:d8:64:96:f2:0b:ec:c7:1d:
da:f2:23:14:69:61:c7:87:85:0f:9e:6e:ee:a1:7a:
c9:1c:c3:47:07:de:ef:50:6d:e8:2b:d7:36:52:02:
4a:13:c7:96:28:c9:e3:36:68:ac:3a:38:7e:d8:e8:
73:21:e3:c8:a4:db:37:51:f5:d8:20:3a:07:fa:3c:
d1:01:a7:29:05:83:f4:10:89:23:70:e0:5e:87:22:
ed:37:ba:ac:c4:b0:61:58:70:ed:a6:14:cf:49:1e:
40:94:34:00:77:46:d8:33:bd:61:a8:2f:9d:61:d5:
86:2a:a7:f5:75:c2:da:05:58:07:8b:d0:af:f5:44:
ad:87:11:73:07:5e:91:4f:ed:b3:d7:56:21:f1:69:
42:9b:b8:e7:f3:76:75:04:e6:f1:98:82:51:88:6f:
26:b9:4b:16:66:f9:50:9c:e3:cc:a7:e3:0a:f6:a1:
e7:3e:ff:1f:d0:2a:a3:67:82:15:bb:bf:0d:59:9c:
3d:24:ab:e3:49:8a:44:73:67:36:e5:2a:81:d1:61:
e6:a9:4b:ad:98:0a:af:a8:1e:24:4f:d0:82:9a:a0:
21:fb:d0:7b:26:5d:d5:2d:25:b7:64:25:c6:74:8f:
3e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:0D:07:0F:03:C6:D6:EF:16:49:86:90:0E:04:9F:45:79:24:55:55
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D34ED1825C3811EE8D9FD24F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.153.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:c9:7e:ee:b2:ca:e1:0e:ea:09:bc:54:77:7f:c4:d2:83:e6:
88:2b:a9:d4:62:c9:b1:b3:bf:51:b9:f3:7d:39:3d:0a:2d:03:
c4:d1:ed:bb:d4:77:f3:db:79:8f:05:cd:d7:ed:85:26:77:f7:
9b:43:17:bf:51:b3:4c:9a:a2:b5:1f:0d:24:eb:8b:13:63:3d:
17:70:50:1a:e0:08:23:a1:42:3d:84:f4:71:59:fd:52:9d:10:
45:1d:e2:06:08:16:20:8d:11:8d:8d:c2:56:e9:82:dd:a2:c3:
2b:fa:41:fa:be:2b:7c:1a:8a:7e:bf:e3:de:5e:53:9b:cf:7d:
d8:d8:3a:16:a2:3a:31:86:cb:df:3b:e2:b0:93:ed:65:af:98:
69:88:41:a4:b7:7f:41:f9:bd:2d:28:01:0c:7f:87:f9:35:8e:
1d:2e:51:c6:be:1c:1d:da:66:1a:8e:c8:da:9f:45:99:da:75:
42:bd:7d:eb:53:f4:3e:76:8f:96:e7:66:25:92:49:bc:75:d1:
3b:a6:15:27:46:e8:69:2a:7e:61:3a:2d:09:3e:c2:a4:d4:88:
2c:92:b7:4f:0c:8b:c6:da:6a:f6:57:5a:2e:b3:62:c4:43:02:
d2:32:5b:c1:9f:e6:0a:1a:17:8e:42:67:c1:02:b9:a3:6b:1a:
87:7d:a3:47
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEoAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MjYwNjQ5MTlaFw0yNTA5MjYwNjQ5MTlaMBgxFjAU
BgNVBAMTDTY1MTI3ZWYzLWNhMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPw63K8rM5Tb8O+SuQ2FQ9t76ahDnYZJbyC+zHHdryIxRpYceHhQ+ebu6h
eskcw0cH3u9Qbegr1zZSAkoTx5YoyeM2aKw6OH7Y6HMh48ik2zdR9dggOgf6PNEB
pykFg/QQiSNw4F6HIu03uqzEsGFYcO2mFM9JHkCUNAB3RtgzvWGoL51h1YYqp/V1
wtoFWAeL0K/1RK2HEXMHXpFP7bPXViHxaUKbuOfzdnUE5vGYglGIbya5SxZm+VCc
48yn4wr2oec+/x/QKqNnghW7vw1ZnD0kq+NJikRzZzblKoHRYeapS62YCq+oHiRP
0IKaoCH70HsmXdUtJbdkJcZ0jz4BAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQw0H
DwPG1u8WSYaQDgSfRXkkVVUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0QzNEVEMTgyNUMzODExRUU4RDlGRDI0RjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJkwDQYJKoZIhvcNAQEL
BQADggEBAKXJfu6yyuEO6gm8VHd/xNKD5ogrqdRiybGzv1G58305PQotA8TR7bvU
d/PbeY8FzdfthSZ395tDF79Rs0yaorUfDSTrixNjPRdwUBrgCCOhQj2E9HFZ/VKd
EEUd4gYIFiCNEY2Nwlbpgt2iwyv6Qfq+K3wain6/495eU5vPfdjYOhaiOjGGy987
4rCT7WWvmGmIQaS3f0H5vS0oAQx/h/k1jh0uUca+HB3aZhqOyNqfRZnadUK9fetT
9D52j5bnZiWSSbx10TumFSdG6GkqfmE6LQk+wqTUiCySt08Mi8baavZXWi6zYsRD
AtIyW8Gf5goaF45CZ8ECuaNrGod9o0c=
-----END CERTIFICATE-----
Generated at Thu Oct 5 16:21:25 2023 by rpki-client on console-ams.rpki-client.org