Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D70D2DB8A54A11EE8C80263BD25BE465.roa
File: D70D2DB8A54A11EE8C80263BD25BE465.roa (raw, json)
Hash identifier: DSaDF9eqaLSFOYQ9Tl8iSPSvYIf8mWN8j+s8J1+kTwo=
Subject key identifier: 89:6F:21:27:7A:2E:1D:9F:25:B3:F8:36:9A:83:15:88:23:3C:57:1F
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1407
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D70D2DB8A54A11EE8C80263BD25BE465.roa
Signing time: Thu 28 Dec 2023 06:32:15 +0000
ROA not before: Thu 28 Dec 2023 06:32:12 +0000
ROA not after: Sun 28 Dec 2025 06:32:12 +0000
asID: 3320
IP address blocks: 154.16.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5127 (0x1407)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Dec 28 06:32:12 2023 GMT
Not After : Dec 28 06:32:12 2025 GMT
Subject: CN=658d166f-9a1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f8:9a:45:61:82:82:14:06:12:b4:70:2d:f0:
cd:be:32:5b:63:fd:5d:9d:d5:bc:12:73:6f:bd:d9:
a0:5c:6b:99:20:37:ac:11:31:35:c5:29:7a:92:32:
62:99:da:d1:2a:5e:49:8d:70:fa:2f:84:f2:17:7a:
07:0b:0d:c7:86:78:c0:c4:93:fc:31:ac:9d:e6:5e:
f8:c3:b1:1c:2b:c1:27:18:64:7d:cf:6d:aa:e5:f5:
97:5a:79:e8:cc:2e:44:a6:6f:21:94:da:a8:9f:d6:
4b:ae:c0:d9:57:28:d9:48:e5:41:89:ad:23:2b:79:
a3:af:ea:80:13:a6:84:15:f7:7f:28:e6:9a:39:bf:
f4:89:8a:eb:74:50:4a:88:95:6f:38:70:81:de:de:
b7:b1:92:19:3b:9d:1c:3c:92:4a:9b:f3:3c:14:e6:
bb:ea:55:d9:8e:57:7d:43:ce:67:44:b7:13:12:15:
b5:4d:94:44:01:04:bb:94:d6:bb:66:89:aa:a6:d3:
09:3f:75:34:08:17:9c:43:59:ae:25:a0:de:cd:5b:
94:3e:8b:4f:6e:7b:8b:3d:aa:df:4f:02:db:52:68:
15:cc:13:1d:50:72:54:21:bf:a8:28:88:e6:b6:c5:
47:d7:6f:d4:00:ff:ce:04:b0:10:20:71:98:cd:56:
fd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6F:21:27:7A:2E:1D:9F:25:B3:F8:36:9A:83:15:88:23:3C:57:1F
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D70D2DB8A54A11EE8C80263BD25BE465.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.207.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:ff:6b:34:f4:3e:58:c4:17:e1:11:7b:05:23:e4:fb:1b:7f:
f8:bb:f1:e7:b4:bf:b8:82:e2:c4:bf:1c:b9:85:62:31:b3:de:
59:dd:ee:68:a9:db:6d:70:45:b5:fc:ee:66:30:f6:3e:31:bc:
a1:f9:07:83:71:56:6a:d5:e5:63:d9:b7:f3:f0:f5:24:b8:af:
86:93:81:b4:5d:91:6b:48:cc:32:86:96:20:73:cb:b9:7a:e9:
36:ef:35:68:33:5d:9d:b3:ca:cf:20:2e:39:5f:ad:4e:bf:53:
ce:c2:37:f3:5f:12:9d:87:20:4c:20:0a:6f:e4:73:0f:40:7f:
66:40:45:58:36:3b:4d:c9:41:18:b3:28:04:b4:5d:20:e7:65:
3b:3e:ca:59:73:62:f1:ed:3a:ea:c4:27:96:75:2e:51:f4:f6:
c7:3a:52:f8:d7:87:84:95:b5:35:58:18:e8:f6:7f:a4:49:c6:
62:c9:f9:8e:82:dd:0d:c3:86:01:49:e4:d4:02:57:1e:58:b6:
2b:4a:ae:90:9d:4b:1b:f3:23:f7:65:f0:9e:6e:37:9f:1e:86:
d0:b3:14:4c:4d:9f:fa:30:06:d0:5d:6b:86:2b:7a:62:4c:9d:
4a:14:a8:4a:de:5c:3a:52:76:9f:5b:9b:e8:7b:fe:f3:b4:03:
b4:65:7b:44
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFAcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzEyMjgwNjMyMTJaFw0yNTEyMjgwNjMyMTJaMBgxFjAU
BgNVBAMTDTY1OGQxNjZmLTlhMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/+JpFYYKCFAYStHAt8M2+Mltj/V2d1bwSc2+92aBca5kgN6wRMTXFKXqS
MmKZ2tEqXkmNcPovhPIXegcLDceGeMDEk/wxrJ3mXvjDsRwrwScYZH3Pbarl9Zda
eejMLkSmbyGU2qif1kuuwNlXKNlI5UGJrSMreaOv6oATpoQV938o5po5v/SJiut0
UEqIlW84cIHe3rexkhk7nRw8kkqb8zwU5rvqVdmOV31DzmdEtxMSFbVNlEQBBLuU
1rtmiaqm0wk/dTQIF5xDWa4loN7NW5Q+i09ue4s9qt9PAttSaBXMEx1QclQhv6go
iOa2xUfXb9QA/84EsBAgcZjNVv0tAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUiW8h
J3ouHZ8ls/g2moMViCM8Vx8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q3MEQyREI4QTU0QTExRUU4QzgwMjYzQkQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEM8wDQYJKoZIhvcNAQEL
BQADggEBAG//azT0PljEF+ERewUj5Psbf/i78ee0v7iC4sS/HLmFYjGz3lnd7mip
221wRbX87mYw9j4xvKH5B4NxVmrV5WPZt/Pw9SS4r4aTgbRdkWtIzDKGliBzy7l6
6TbvNWgzXZ2zys8gLjlfrU6/U87CN/NfEp2HIEwgCm/kcw9Af2ZARVg2O03JQRiz
KAS0XSDnZTs+yllzYvHtOurEJ5Z1LlH09sc6UvjXh4SVtTVYGOj2f6RJxmLJ+Y6C
3Q3DhgFJ5NQCVx5YtitKrpCdSxvzI/dl8J5uN58ehtCzFExNn/owBtBda4YremJM
nUoUqEreXDpSdp9bm+h7/vO0A7Rle0Q=
-----END CERTIFICATE-----
Generated at Fri Dec 29 08:55:15 2023 by rpki-client on console-ams.rpki-client.org