Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/584B12688A0311EEAB0DB83E4AD9E6FC.roa
File: 584B12688A0311EEAB0DB83E4AD9E6FC.roa (raw, json)
Hash identifier: 1VqVgFeqOza5Aie/cJ3n7vBrsczk5db9hyJUrB5bYiU=
Subject key identifier: 9D:4D:43:F9:13:B7:75:6F:5B:14:1C:44:AD:AF:E4:DD:A0:B8:24:D0
Certificate issuer: /CN=F36AF9EEAF/serialNumber=F9AADD5D45AEC3CC55B1F849E2FCCE076F3D6E34
Certificate serial: 0C89
Authority key identifier: F9:AA:DD:5D:45:AE:C3:CC:55:B1:F8:49:E2:FC:CE:07:6F:3D:6E:34
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/-ardXUWuw8xVsfhJ4vzOB289bjQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/584B12688A0311EEAB0DB83E4AD9E6FC.roa
Signing time: Thu 23 Nov 2023 13:22:27 +0000
ROA not before: Thu 23 Nov 2023 13:22:23 +0000
ROA not after: Tue 22 Nov 2033 13:22:23 +0000
asID: 57351
IP address blocks: 41.191.212.0/22 maxlen: 32
41.242.144.0/21 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 May 2024 07:16:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3209 (0xc89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36AF9EEAF/serialNumber=F9AADD5D45AEC3CC55B1F849E2FCCE076F3D6E34
Validity
Not Before: Nov 23 13:22:23 2023 GMT
Not After : Nov 22 13:22:23 2033 GMT
Subject: CN=655f5212-9920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8d:48:b0:33:83:cf:40:1f:09:0b:73:3e:0b:
5b:14:c0:8d:99:2b:35:f1:bb:e3:7f:19:77:1a:2e:
32:67:5f:ec:95:60:1a:d8:f4:e0:74:1c:d2:7c:d2:
4f:a0:67:f9:cf:61:42:97:df:04:55:c2:80:a8:db:
e3:93:23:70:1b:53:10:91:4d:a6:2a:61:ca:b7:1d:
be:32:5f:b2:8a:dc:18:f1:0c:fd:5e:91:c2:8e:ec:
39:83:3d:33:ab:9f:bc:30:87:46:74:e2:99:6c:e2:
90:d6:92:60:ea:fc:22:4d:f6:37:9f:bd:ec:af:af:
4a:19:99:b6:1c:3d:6e:40:44:5a:20:d3:53:1f:38:
7f:45:9d:0f:67:2a:95:a9:62:81:5e:de:3f:97:5e:
20:2f:17:36:00:b3:95:40:a0:6a:30:73:0a:4d:06:
e3:94:75:b0:c4:ae:a2:47:a7:7b:49:77:fa:ae:b8:
ff:17:56:cb:53:4e:9a:7e:9a:f3:96:e9:06:3f:83:
68:44:09:ab:a9:8a:4b:07:c4:38:c0:8c:4c:89:cb:
e6:a9:46:3e:ac:b8:26:cc:29:ab:45:7f:1f:e8:a9:
9d:5a:ff:40:69:ce:cb:cf:4e:f8:92:34:96:eb:be:
8f:4f:7f:04:16:9d:77:6a:b2:61:74:35:08:80:ef:
51:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:4D:43:F9:13:B7:75:6F:5B:14:1C:44:AD:AF:E4:DD:A0:B8:24:D0
X509v3 Authority Key Identifier:
keyid:F9:AA:DD:5D:45:AE:C3:CC:55:B1:F8:49:E2:FC:CE:07:6F:3D:6E:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/-ardXUWuw8xVsfhJ4vzOB289bjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/-ardXUWuw8xVsfhJ4vzOB289bjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/584B12688A0311EEAB0DB83E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.191.212.0/22
41.242.144.0/21
Signature Algorithm: sha256WithRSAEncryption
80:f9:55:17:ad:11:41:7a:61:0c:16:30:58:f3:1d:73:db:78:
aa:5c:df:c8:04:c6:8e:05:14:cf:14:3b:5b:a2:a5:3a:5e:d3:
97:7d:00:9f:a2:1b:99:39:6d:5d:7e:ff:f5:07:1b:60:48:3a:
59:59:39:6e:ef:58:89:a0:73:14:0d:29:b3:87:0a:2a:0d:ec:
b3:96:1d:fb:77:b9:d1:9d:01:30:e3:7b:1d:0a:6a:ec:8f:ea:
3c:7b:97:82:cd:17:35:9e:a0:48:2e:13:e4:36:9c:42:8e:79:
10:78:63:68:58:0f:8e:12:3f:82:db:cd:f5:56:07:ea:8a:24:
d0:2b:cf:67:31:dd:ac:c5:88:55:9d:67:cd:f4:2f:8b:2d:9c:
92:8c:62:0c:67:af:5f:e3:d9:ea:a3:2e:7a:e0:87:56:6f:ee:
53:dc:d1:cc:ca:d8:b4:c3:a8:bc:02:fe:c8:17:ca:87:a3:ad:
87:08:7e:4d:50:58:c8:c9:27:9f:4a:98:3f:0e:46:0d:7c:e7:
34:9e:95:38:f8:a0:eb:5e:e0:a4:b1:09:31:5d:03:1d:81:11:
76:6a:81:d5:86:32:ba:b9:51:52:38:3c:25:0c:93:2f:39:47:
f2:ad:5e:f3:80:a7:ca:69:50:42:20:47:56:07:45:21:91:16:
9c:86:42:57
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICDIkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QUY5RUVBRjExMC8GA1UEBRMoRjlBQURENUQ0NUFFQzNDQzU1QjFGODQ5RTJGQ0NF
MDc2RjNENkUzNDAeFw0yMzExMjMxMzIyMjNaFw0zMzExMjIxMzIyMjNaMBgxFjAU
BgNVBAMTDTY1NWY1MjEyLTk5MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFjUiwM4PPQB8JC3M+C1sUwI2ZKzXxu+N/GXcaLjJnX+yVYBrY9OB0HNJ8
0k+gZ/nPYUKX3wRVwoCo2+OTI3AbUxCRTaYqYcq3Hb4yX7KK3BjxDP1ekcKO7DmD
PTOrn7wwh0Z04pls4pDWkmDq/CJN9jefveyvr0oZmbYcPW5ARFog01MfOH9FnQ9n
KpWpYoFe3j+XXiAvFzYAs5VAoGowcwpNBuOUdbDErqJHp3tJd/quuP8XVstTTpp+
mvOW6QY/g2hECaupiksHxDjAjEyJy+apRj6suCbMKatFfx/oqZ1a/0BpzsvPTviS
NJbrvo9PfwQWnXdqsmF0NQiA71HbAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUnU1D
+RO3dW9bFBxEra/k3aC4JNAwHwYDVR0jBBgwFoAU+ardXUWuw8xVsfhJ4vzOB289
bjQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkFGOUVFLzkwREVEMENDMERDQzExRTU5QzI1QjcyNEY4QUVBMjI4Ly1hcmRY
VVd1dzh4VnNmaEo0dnpPQjI4OWJqUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLy1hcmRYVVd1dzh4VnNmaEo0dnpPQjI4OWJqUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkFGOUVFLzkwREVEMENDMERDQzExRTU5QzI1QjcyNEY4
QUVBMjI4LzU4NEIxMjY4OEEwMzExRUVBQjBEQjgzRTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAIpv9QDBAMp8pAwDQYJKoZI
hvcNAQELBQADggEBAID5VRetEUF6YQwWMFjzHXPbeKpc38gExo4FFM8UO1uipTpe
05d9AJ+iG5k5bV1+//UHG2BIOllZOW7vWImgcxQNKbOHCioN7LOWHft3udGdATDj
ex0KauyP6jx7l4LNFzWeoEguE+Q2nEKOeRB4Y2hYD44SP4LbzfVWB+qKJNArz2cx
3azFiFWdZ830L4stnJKMYgxnr1/j2eqjLnrgh1Zv7lPc0czK2LTDqLwC/sgXyoej
rYcIfk1QWMjJJ59KmD8ORg185zSelTj4oOte4KSxCTFdAx2BEXZqgdWGMrq5UVI4
PCUMky85R/KtXvOAp8ppUEIgR1YHRSGRFpyGQlc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:22 2024 by rpki-client on console-ams.rpki-client.org