Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DB5CFB480C1F11ED89C7CEAEF1222468.roa
File:                     DB5CFB480C1F11ED89C7CEAEF1222468.roa (raw, json)
Hash identifier:          LW1Mh/kuJiTBHhocCkKdrPBenFw8A6ThI3IJlOnLmxw=
Subject key identifier:   04:7D:B8:75:FF:AA:5C:ED:80:94:EA:27:F7:A5:EC:A3:24:3B:D4:B4
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       0902
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DB5CFB480C1F11ED89C7CEAEF1222468.roa
Signing time:             Mon 25 Jul 2022 13:44:08 +0000
ROA not before:           Mon 25 Jul 2022 13:44:05 +0000
ROA not after:            Thu 25 Jul 2024 13:44:05 +0000
asID:                     212238
IP address blocks:        154.16.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 Jul 2024 08:42:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2306 (0x902)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jul 25 13:44:05 2022 GMT
            Not After : Jul 25 13:44:05 2024 GMT
        Subject: CN=62de9e28-6035
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:4f:01:f2:42:3e:1b:0e:e3:72:f9:e0:59:08:
                    b9:bd:aa:2f:66:f9:c9:2d:7a:17:2c:bd:b2:4a:94:
                    2e:53:04:2e:25:32:cc:e8:90:db:a0:bd:33:a8:3c:
                    c6:6d:b0:8d:b3:6a:26:fb:b8:89:a2:03:af:26:0b:
                    6f:ea:01:b9:d2:c8:e1:4e:13:df:5f:91:c6:3f:04:
                    61:84:8a:f4:45:4c:da:b9:86:21:d6:4b:cd:17:57:
                    63:91:47:09:95:9b:59:d7:36:50:01:17:66:88:91:
                    4b:8b:f8:5b:3e:30:c1:7e:5e:37:d2:96:df:87:2b:
                    7a:98:80:34:5d:c6:03:9c:f7:34:3a:16:0b:e0:78:
                    ed:05:f9:03:b7:1d:e3:88:14:24:a8:15:48:52:80:
                    65:3d:34:41:47:46:6d:50:ac:c2:39:60:ad:23:e6:
                    36:92:f2:96:6c:a1:96:3b:1a:5a:a3:91:79:1f:b9:
                    74:ce:fa:ac:5a:ce:31:bf:07:4f:7b:4d:09:51:5d:
                    45:27:f3:2e:1d:a1:82:44:89:56:08:cb:d0:55:73:
                    54:67:00:85:ba:3c:11:4a:4d:dd:12:00:b7:02:42:
                    4d:0f:ab:3d:ed:79:bd:fa:41:9c:7b:7f:6e:b3:cb:
                    63:1a:a3:c1:04:56:a0:e7:58:4b:e7:22:4f:6c:de:
                    ff:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:7D:B8:75:FF:AA:5C:ED:80:94:EA:27:F7:A5:EC:A3:24:3B:D4:B4
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DB5CFB480C1F11ED89C7CEAEF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:2b:84:b3:5d:1d:63:dc:9e:52:8a:7f:21:d1:94:a3:f7:ab:
         b5:d7:e1:b2:aa:3c:bb:21:78:cc:9c:d4:5f:ab:ba:0f:68:51:
         b3:44:d0:98:dd:6c:52:b3:15:9c:fe:cc:e5:21:86:c6:8b:3e:
         b4:f0:9e:32:e3:6f:ba:fe:89:f7:2f:b8:c7:42:c9:b7:22:bf:
         45:8a:e4:8b:72:95:df:33:4c:d2:82:d2:25:63:09:2f:f2:6b:
         81:99:95:80:b6:12:c4:bf:98:0c:6a:4d:f8:45:c4:fd:c1:be:
         cd:ef:a7:9b:bc:32:0c:dc:d2:55:89:aa:f6:65:cb:a5:2c:e4:
         b0:f0:39:70:49:9f:a5:1c:e0:7d:5f:a9:39:25:ad:b7:14:a6:
         62:09:93:8b:ef:19:c0:ad:fa:14:4c:a9:00:94:bd:fe:3a:58:
         74:1e:da:05:91:dd:7d:ea:f4:06:f0:78:95:4c:4e:0a:93:a8:
         e7:98:55:db:e8:02:93:66:f4:1a:49:57:eb:07:f4:d6:a7:63:
         51:43:a1:41:12:4e:85:dd:67:d2:b9:12:29:a3:77:a6:c3:76:
         64:6f:c6:0e:2d:ab:77:17:13:09:fa:76:63:8a:b6:cc:c3:3f:
         d6:61:28:7c:cf:e7:60:90:45:f3:51:f2:13:32:33:54:67:82:
         f8:ce:c8:f9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCQIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjA3MjUxMzQ0MDVaFw0yNDA3MjUxMzQ0MDVaMBgxFjAU
BgNVBAMMDTYyZGU5ZTI4LTYwMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+TwHyQj4bDuNy+eBZCLm9qi9m+cktehcsvbJKlC5TBC4lMszokNugvTOo
PMZtsI2zaib7uImiA68mC2/qAbnSyOFOE99fkcY/BGGEivRFTNq5hiHWS80XV2OR
RwmVm1nXNlABF2aIkUuL+Fs+MMF+XjfSlt+HK3qYgDRdxgOc9zQ6FgvgeO0F+QO3
HeOIFCSoFUhSgGU9NEFHRm1QrMI5YK0j5jaS8pZsoZY7GlqjkXkfuXTO+qxazjG/
B097TQlRXUUn8y4doYJEiVYIy9BVc1RnAIW6PBFKTd0SALcCQk0Pqz3teb36QZx7
f26zy2Mao8EEVqDnWEvnIk9s3v8HAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUBH24
df+qXO2AlOon96XsoyQ71LQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RCNUNGQjQ4MEMxRjExRUQ4OUM3Q0VBRUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMMwDQYJKoZIhvcNAQEL
BQADggEBAD8rhLNdHWPcnlKKfyHRlKP3q7XX4bKqPLsheMyc1F+rug9oUbNE0Jjd
bFKzFZz+zOUhhsaLPrTwnjLjb7r+ifcvuMdCybciv0WK5Ityld8zTNKC0iVjCS/y
a4GZlYC2EsS/mAxqTfhFxP3Bvs3vp5u8Mgzc0lWJqvZly6Us5LDwOXBJn6Uc4H1f
qTklrbcUpmIJk4vvGcCt+hRMqQCUvf46WHQe2gWR3X3q9AbweJVMTgqTqOeYVdvo
ApNm9BpJV+sH9NanY1FDoUESToXdZ9K5Eimjd6bDdmRvxg4tq3cXEwn6dmOKtszD
P9ZhKHzP52CQRfNR8hMyM1RngvjOyPk=
-----END CERTIFICATE-----
Generated at Tue Jul 16 10:34:30 2024 by rpki-client on console-fra.rpki-client.org