Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/18A33342B73C11EDB91600BBF1222468.roa
File: 18A33342B73C11EDB91600BBF1222468.roa (raw, json)
Hash identifier: Ca0N2KqwobiXXQ9z20DrLiJ/D02lAkk0brSyRJPiIFk=
Subject key identifier: 9D:53:4C:3E:A6:64:82:49:20:75:02:7D:4F:B3:BB:89:46:EE:AF:60
Certificate issuer: /CN=F36A854FAF/serialNumber=8BE4035BEBC9C83428B5A27BE85BAC966D76E5CB
Certificate serial: 02
Authority key identifier: 8B:E4:03:5B:EB:C9:C8:34:28:B5:A2:7B:E8:5B:AC:96:6D:76:E5:CB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/i-QDW-vJyDQotaJ76Fuslm125cs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/18A33342B73C11EDB91600BBF1222468.roa
Signing time: Tue 28 Feb 2023 07:47:06 +0000
ROA not before: Tue 28 Feb 2023 07:47:01 +0000
ROA not after: Fri 28 Feb 2025 07:47:01 +0000
asID: 37143
IP address blocks: 41.222.56.0/21 maxlen: 24
2c0f:fb88::/32 maxlen: 64
Validation: Failed, certificate revoked on Fri 11 Aug 2023 11:56:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A854FAF/serialNumber=8BE4035BEBC9C83428B5A27BE85BAC966D76E5CB
Validity
Not Before: Feb 28 07:47:01 2023 GMT
Not After : Feb 28 07:47:01 2025 GMT
Subject: CN=63fdb17a-0789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:93:b0:2a:8d:57:f0:a5:80:86:3c:c7:6b:4a:
b3:5b:36:0b:38:18:e5:a4:ae:a9:83:2a:c7:31:68:
7e:e8:b7:79:d3:6c:10:5a:c3:b8:68:80:27:e5:ee:
79:30:df:84:ca:ad:4b:17:2a:83:00:ac:3b:bb:12:
f0:b7:7f:f2:85:92:8b:35:b7:66:46:39:86:15:52:
48:2a:3e:7c:2a:82:55:fc:87:34:2d:eb:d8:21:71:
53:c1:5e:bc:4f:c8:25:bd:5b:70:1a:cc:3c:7d:e7:
4f:64:6b:33:0a:68:20:8d:3e:44:f3:6e:62:8d:76:
1d:7f:b2:5a:2e:4f:f3:56:3b:07:44:78:66:5d:c1:
39:09:07:5e:d1:cf:2a:2a:79:fc:f1:48:20:69:fe:
73:8c:f2:04:11:31:02:94:69:f0:10:c3:86:45:60:
fa:96:78:b0:9a:5d:35:d7:bd:2f:69:bb:23:f8:c8:
f3:fc:a8:69:1e:e1:20:ed:12:45:eb:04:54:a1:cb:
cb:7c:e6:db:3d:59:93:53:09:e9:97:a9:0f:a2:05:
bc:25:01:68:d2:d5:04:59:8f:f8:1b:ec:82:5d:b4:
a8:a7:7e:aa:7b:ae:77:a3:56:50:dc:ac:d5:93:b2:
58:f7:50:51:c8:86:c6:c6:72:71:98:7b:31:b0:1d:
cd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:53:4C:3E:A6:64:82:49:20:75:02:7D:4F:B3:BB:89:46:EE:AF:60
X509v3 Authority Key Identifier:
keyid:8B:E4:03:5B:EB:C9:C8:34:28:B5:A2:7B:E8:5B:AC:96:6D:76:E5:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/i-QDW-vJyDQotaJ76Fuslm125cs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/i-QDW-vJyDQotaJ76Fuslm125cs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/18A33342B73C11EDB91600BBF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.222.56.0/21
IPv6:
2c0f:fb88::/32
Signature Algorithm: sha256WithRSAEncryption
16:c2:1e:da:c4:0d:94:2e:0d:df:39:43:ee:e8:7b:e0:26:ba:
5e:c4:8c:c7:de:4c:82:ee:4d:2b:ab:7f:21:b2:89:0b:f0:3b:
2c:f7:26:55:be:de:2c:a0:99:87:9f:39:fd:1e:5a:a3:a6:bd:
6d:61:d0:07:ea:38:81:bb:f6:b6:4f:1a:11:91:e1:a9:7c:46:
e9:3b:ad:df:05:60:78:ea:0a:a2:7e:b5:6f:d7:31:c0:c9:07:
34:ca:c4:f4:90:09:ea:f4:57:87:82:35:46:bd:1b:8b:f6:83:
e7:be:2f:bd:cd:96:85:38:e4:93:30:9c:dc:25:3b:b4:33:84:
f5:33:87:df:6f:a5:e5:32:42:30:c3:da:91:e2:61:15:22:e7:
d2:0c:34:ac:ae:b3:d8:0b:a5:07:4a:d3:c6:8e:aa:1e:5e:24:
39:65:93:9d:c2:e6:b2:bc:8f:a7:8a:0a:35:f9:33:13:91:a5:
e6:4a:87:5f:29:27:d7:75:47:02:1c:9a:f7:14:a3:b4:37:75:
7d:68:44:79:df:fe:f0:8f:e3:eb:79:ee:59:2c:fc:9c:66:c5:
b0:06:25:c0:36:e1:72:f0:42:3f:ce:87:bd:de:eb:33:2b:3f:
1c:b5:b9:3a:e8:00:50:d1:03:8b:d0:10:6f:a5:64:61:51:2a:
b8:94:81:56
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZB
ODU0RkFGMTEwLwYDVQQFEyg4QkU0MDM1QkVCQzlDODM0MjhCNUEyN0JFODVCQUM5
NjZENzZFNUNCMB4XDTIzMDIyODA3NDcwMVoXDTI1MDIyODA3NDcwMVowGDEWMBQG
A1UEAwwNNjNmZGIxN2EtMDc4OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKOTsCqNV/ClgIY8x2tKs1s2CzgY5aSuqYMqxzFofui3edNsEFrDuGiAJ+Xu
eTDfhMqtSxcqgwCsO7sS8Ld/8oWSizW3ZkY5hhVSSCo+fCqCVfyHNC3r2CFxU8Fe
vE/IJb1bcBrMPH3nT2RrMwpoII0+RPNuYo12HX+yWi5P81Y7B0R4Zl3BOQkHXtHP
Kip5/PFIIGn+c4zyBBExApRp8BDDhkVg+pZ4sJpdNde9L2m7I/jI8/yoaR7hIO0S
ResEVKHLy3zm2z1Zk1MJ6ZepD6IFvCUBaNLVBFmP+Bvsgl20qKd+qnuud6NWUNys
1ZOyWPdQUciGxsZycZh7MbAdzfcCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSdU0w+
pmSCSSB1An1Ps7uJRu6vYDAfBgNVHSMEGDAWgBSL5ANb68nINCi1onvoW6yWbXbl
yzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTg1NEYvNUU4N0MwNDJCNzM0MTFFREE4RDRDQ0E0RjEyMjI0NjgvaS1RRFct
dkp5RFFvdGFKNzZGdXNsbTEyNWNzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaS1RRFctdkp5RFFvdGFKNzZGdXNsbTEyNWNzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTg1NEYvNUU4N0MwNDJCNzM0MTFFREE4RDRDQ0E0RjEy
MjI0NjgvMThBMzMzNDJCNzNDMTFFREI5MTYwMEJCRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAyneODANBAIAAjAHAwUALA/7
iDANBgkqhkiG9w0BAQsFAAOCAQEAFsIe2sQNlC4N3zlD7uh74Ca6XsSMx95Mgu5N
K6t/IbKJC/A7LPcmVb7eLKCZh585/R5ao6a9bWHQB+o4gbv2tk8aEZHhqXxG6Tut
3wVgeOoKon61b9cxwMkHNMrE9JAJ6vRXh4I1Rr0bi/aD574vvc2WhTjkkzCc3CU7
tDOE9TOH32+l5TJCMMPakeJhFSLn0gw0rK6z2AulB0rTxo6qHl4kOWWTncLmsryP
p4oKNfkzE5Gl5kqHXykn13VHAhya9xSjtDd1fWhEed/+8I/j63nuWSz8nGbFsAYl
wDbhcvBCP86Hvd7rMys/HLW5OugAUNEDi9AQb6VkYVEquJSBVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:22 2024 by rpki-client on console-ams.rpki-client.org