Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D8BC050CFEED11EDA539AF4C4AD9E6FC.roa
File:                     D8BC050CFEED11EDA539AF4C4AD9E6FC.roa (raw, json)
Hash identifier:          cxFkf9j6a2bENyVZW6xgJEaBCxIwHIfnBqpPfCdRkWg=
Subject key identifier:   2D:FE:A9:DC:07:45:7C:E8:AF:67:99:77:9C:48:D7:44:E0:06:EE:9D
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0DFA
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D8BC050CFEED11EDA539AF4C4AD9E6FC.roa
Signing time:             Tue 30 May 2023 13:28:22 +0000
ROA not before:           Tue 30 May 2023 13:28:17 +0000
ROA not after:            Sat 31 May 2025 13:28:17 +0000
asID:                     61317
IP address blocks:        154.16.194.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 31 Aug 2024 15:38:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3578 (0xdfa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: May 30 13:28:17 2023 GMT
            Not After : May 31 13:28:17 2025 GMT
        Subject: CN=6475f9f5-f128
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:73:20:08:d2:5d:da:cb:42:d8:ac:0f:d2:ec:
                    de:4f:01:f5:d0:3e:06:a9:e3:1e:0a:1d:0a:2f:4a:
                    f7:e4:9a:19:c1:1e:da:3c:f4:b4:92:3a:65:94:12:
                    6b:9d:44:f0:4e:86:1b:86:fd:ff:2e:8d:85:9e:3b:
                    af:cc:cb:56:15:ff:47:3d:c2:96:3c:a4:b2:64:30:
                    5b:63:8f:c4:22:92:7c:2a:91:e9:31:ef:cd:ae:e2:
                    44:76:0b:56:96:ec:24:29:9f:b5:6b:97:d3:86:4a:
                    d4:78:c7:97:f6:df:9b:77:68:48:5a:b9:21:b2:a3:
                    0a:2d:dc:c0:cf:e3:a1:07:24:e2:71:62:ca:32:5b:
                    aa:7f:03:b1:92:a8:90:a5:d5:55:fe:16:95:84:25:
                    0f:f2:fb:a4:04:ac:08:fb:42:14:16:ee:73:14:89:
                    1b:0e:ea:84:80:e2:46:df:71:fd:61:a8:89:0c:c4:
                    9b:62:28:92:42:6d:1c:64:0a:30:8c:a9:79:17:d3:
                    d1:d4:01:de:8e:b1:be:56:f7:54:26:cf:ab:ae:25:
                    9d:1c:96:11:74:74:6c:13:c6:35:d7:54:1a:16:22:
                    b8:34:c0:8b:26:d4:ca:83:d8:b3:47:5a:ae:8c:87:
                    e4:5c:49:52:bb:81:64:44:0e:c7:ea:5d:83:4a:82:
                    cb:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:FE:A9:DC:07:45:7C:E8:AF:67:99:77:9C:48:D7:44:E0:06:EE:9D
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D8BC050CFEED11EDA539AF4C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:9f:09:13:d9:fa:8e:95:24:35:42:14:39:93:92:3e:d1:31:
         ed:de:57:5d:23:4e:a5:bd:04:9a:af:0e:9d:f2:34:9b:81:2d:
         49:b7:ee:59:21:91:ff:93:33:7b:47:b2:77:17:9c:27:3e:a3:
         2a:a8:88:9b:26:f9:f4:d9:ed:ca:93:ef:66:4e:4f:74:63:7f:
         d3:a2:e7:13:bd:0d:03:b4:a1:58:5a:a3:df:d4:c0:e2:aa:e4:
         b4:bb:2e:26:e9:d5:c7:31:f9:d0:81:71:bd:f0:3c:f9:d4:77:
         77:0a:17:75:94:f3:5c:d7:50:1a:a8:fc:35:bd:07:d4:21:14:
         f9:5d:42:db:78:00:4e:4c:3d:14:55:c4:1f:33:da:f1:ce:4a:
         11:7b:69:56:40:77:11:34:34:b9:92:4b:60:ea:ef:2e:38:15:
         9d:ef:7f:a4:6b:2f:45:32:86:7e:7e:1f:a6:fe:67:3d:bf:ec:
         bb:5e:e5:43:cb:59:7b:02:4b:ec:97:f5:ca:76:b9:2e:fe:df:
         36:f7:6b:69:7e:f0:bd:b3:3d:52:5e:3c:28:05:fd:61:35:40:
         c2:9a:1f:e3:66:a5:14:e0:1a:b4:5f:89:70:03:72:e9:25:99:
         9d:c7:b5:7f:f0:0c:bc:f7:7a:99:7e:6f:66:fa:1a:2c:1f:25:
         84:4a:8b:d1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDfowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA1MzAxMzI4MTdaFw0yNTA1MzExMzI4MTdaMBgxFjAU
BgNVBAMTDTY0NzVmOWY1LWYxMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDcyAI0l3ay0LYrA/S7N5PAfXQPgap4x4KHQovSvfkmhnBHto89LSSOmWU
EmudRPBOhhuG/f8ujYWeO6/My1YV/0c9wpY8pLJkMFtjj8Qiknwqkekx782u4kR2
C1aW7CQpn7Vrl9OGStR4x5f235t3aEhauSGyowot3MDP46EHJOJxYsoyW6p/A7GS
qJCl1VX+FpWEJQ/y+6QErAj7QhQW7nMUiRsO6oSA4kbfcf1hqIkMxJtiKJJCbRxk
CjCMqXkX09HUAd6Osb5W91Qmz6uuJZ0clhF0dGwTxjXXVBoWIrg0wIsm1MqD2LNH
Wq6Mh+RcSVK7gWREDsfqXYNKgssLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQULf6p
3AdFfOivZ5l3nEjXROAG7p0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q4QkMwNTBDRkVFRDExRURBNTM5QUY0QzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMIwDQYJKoZIhvcNAQEL
BQADggEBAA2fCRPZ+o6VJDVCFDmTkj7RMe3eV10jTqW9BJqvDp3yNJuBLUm37lkh
kf+TM3tHsncXnCc+oyqoiJsm+fTZ7cqT72ZOT3Rjf9Oi5xO9DQO0oVhao9/UwOKq
5LS7Libp1ccx+dCBcb3wPPnUd3cKF3WU81zXUBqo/DW9B9QhFPldQtt4AE5MPRRV
xB8z2vHOShF7aVZAdxE0NLmSS2Dq7y44FZ3vf6RrL0Uyhn5+H6b+Zz2/7Lte5UPL
WXsCS+yX9cp2uS7+3zb3a2l+8L2zPVJePCgF/WE1QMKaH+NmpRTgGrRfiXADcukl
mZ3HtX/wDLz3epl+b2b6GiwfJYRKi9E=
-----END CERTIFICATE-----
Generated at Sat Aug 31 16:28:24 2024 by rpki-client on console-ams.rpki-client.org