Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/7BA42AD88A0311EEBF995B3F4AD9E6FC.roa
File: 7BA42AD88A0311EEBF995B3F4AD9E6FC.roa (raw, json)
Hash identifier: 0Ym5HXXRy0LLswZq4LfBILLgiRJEAi/diubdKJDpih0=
Subject key identifier: 24:B3:D6:01:D3:24:D9:AE:B7:DC:A6:EE:C7:18:36:52:AD:29:66:46
Certificate issuer: /CN=F36AF9EEAF/serialNumber=F9AADD5D45AEC3CC55B1F849E2FCCE076F3D6E34
Certificate serial: 0C8B
Authority key identifier: F9:AA:DD:5D:45:AE:C3:CC:55:B1:F8:49:E2:FC:CE:07:6F:3D:6E:34
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/-ardXUWuw8xVsfhJ4vzOB289bjQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/7BA42AD88A0311EEBF995B3F4AD9E6FC.roa
Signing time: Thu 23 Nov 2023 13:23:26 +0000
ROA not before: Thu 23 Nov 2023 13:23:23 +0000
ROA not after: Tue 22 Nov 2033 13:23:23 +0000
asID: 45020
IP address blocks: 41.191.212.0/22 maxlen: 32
41.242.144.0/21 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 May 2024 07:17:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3211 (0xc8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36AF9EEAF/serialNumber=F9AADD5D45AEC3CC55B1F849E2FCCE076F3D6E34
Validity
Not Before: Nov 23 13:23:23 2023 GMT
Not After : Nov 22 13:23:23 2033 GMT
Subject: CN=655f524e-be52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:df:73:e9:bd:87:73:fc:e1:5a:70:4f:47:b9:
dd:8e:dd:a0:09:57:3f:f3:64:7a:09:63:7d:7e:18:
b8:24:fa:17:57:20:8d:57:78:6e:c7:f3:39:d1:6f:
8b:63:20:78:9a:d9:15:c2:3a:58:de:00:a1:26:95:
d3:93:01:3b:7c:95:62:4b:b9:5a:5f:13:a8:a5:35:
c7:04:74:e8:6c:72:0a:b3:d3:ad:be:a2:26:c9:da:
17:27:95:a3:18:14:9b:02:49:c9:fd:8b:dd:a2:6c:
1a:82:53:f9:8e:2f:6a:80:84:c7:63:bb:13:11:3a:
6a:1f:36:8d:94:34:8e:26:84:5e:8a:35:11:5e:ab:
36:1b:cd:da:e8:ee:51:03:e0:c7:d1:44:a5:bd:6e:
46:32:d9:f2:6a:bf:f1:59:d4:f2:9c:b1:36:8e:fa:
95:87:26:93:be:1d:9d:58:fd:4a:67:6a:07:3f:df:
1c:11:3c:ac:ff:58:dd:73:75:0f:5e:d5:8a:8c:c6:
c9:69:01:00:c7:5f:a3:08:7e:0d:e1:5e:bd:76:04:
1e:c1:a0:b1:27:96:a5:c6:d1:65:35:7c:af:da:e2:
64:aa:ef:6c:55:e3:f5:d2:a9:5e:19:5b:04:e5:0b:
d2:91:87:1a:ea:b5:98:40:69:82:95:d5:45:72:50:
c7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B3:D6:01:D3:24:D9:AE:B7:DC:A6:EE:C7:18:36:52:AD:29:66:46
X509v3 Authority Key Identifier:
keyid:F9:AA:DD:5D:45:AE:C3:CC:55:B1:F8:49:E2:FC:CE:07:6F:3D:6E:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/-ardXUWuw8xVsfhJ4vzOB289bjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/-ardXUWuw8xVsfhJ4vzOB289bjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/7BA42AD88A0311EEBF995B3F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.191.212.0/22
41.242.144.0/21
Signature Algorithm: sha256WithRSAEncryption
51:ff:7a:8c:1f:4c:fb:69:77:f3:7b:f5:3b:5d:0d:e6:2e:14:
d8:75:f8:c6:0b:62:64:9f:e6:d0:f6:13:59:eb:b1:7b:e1:f1:
82:5f:a4:ff:83:28:ae:89:0b:b2:e2:b8:0a:50:de:65:73:75:
25:56:a4:76:2b:dd:58:fd:ce:e1:db:0e:ea:fc:7c:5c:fd:2d:
76:09:55:50:15:66:c3:e9:bf:69:b9:9a:e6:bd:a0:49:c2:1c:
7a:91:fa:bc:de:16:55:a5:6d:37:f7:6e:d8:14:e2:fc:4d:fb:
35:7b:5f:cd:b2:f1:56:20:65:94:fa:62:91:3e:9b:fc:0d:93:
c5:6a:cf:cd:4d:f9:ef:8a:70:e2:b4:26:89:33:3d:2a:f9:59:
29:6e:fb:1d:2c:c0:09:fe:0b:cd:e1:ff:ba:fe:1b:1b:75:75:
c6:70:82:fb:08:e0:76:37:47:e0:1d:18:49:9e:0d:c0:7f:6f:
be:16:ca:9e:0a:2f:3e:a7:bd:ea:47:d2:2d:5b:af:d1:ba:95:
3e:48:0c:ce:d7:a3:f1:0e:17:a0:c4:e5:fb:be:93:fb:1d:e2:
88:d3:3f:14:af:1b:06:05:ea:65:ea:00:77:6d:6f:29:05:ee:
ba:d3:64:a4:ff:57:8b:a2:0a:6f:6e:52:a1:ab:4b:39:7e:40:
26:7e:df:15
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICDIswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QUY5RUVBRjExMC8GA1UEBRMoRjlBQURENUQ0NUFFQzNDQzU1QjFGODQ5RTJGQ0NF
MDc2RjNENkUzNDAeFw0yMzExMjMxMzIzMjNaFw0zMzExMjIxMzIzMjNaMBgxFjAU
BgNVBAMTDTY1NWY1MjRlLWJlNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDX33PpvYdz/OFacE9Hud2O3aAJVz/zZHoJY31+GLgk+hdXII1XeG7H8znR
b4tjIHia2RXCOljeAKEmldOTATt8lWJLuVpfE6ilNccEdOhscgqz062+oibJ2hcn
laMYFJsCScn9i92ibBqCU/mOL2qAhMdjuxMROmofNo2UNI4mhF6KNRFeqzYbzdro
7lED4MfRRKW9bkYy2fJqv/FZ1PKcsTaO+pWHJpO+HZ1Y/Upnagc/3xwRPKz/WN1z
dQ9e1YqMxslpAQDHX6MIfg3hXr12BB7BoLEnlqXG0WU1fK/a4mSq72xV4/XSqV4Z
WwTlC9KRhxrqtZhAaYKV1UVyUMe5AgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUJLPW
AdMk2a633Kbuxxg2Uq0pZkYwHwYDVR0jBBgwFoAU+ardXUWuw8xVsfhJ4vzOB289
bjQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkFGOUVFLzkwREVEMENDMERDQzExRTU5QzI1QjcyNEY4QUVBMjI4Ly1hcmRY
VVd1dzh4VnNmaEo0dnpPQjI4OWJqUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLy1hcmRYVVd1dzh4VnNmaEo0dnpPQjI4OWJqUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkFGOUVFLzkwREVEMENDMERDQzExRTU5QzI1QjcyNEY4
QUVBMjI4LzdCQTQyQUQ4OEEwMzExRUVCRjk5NUIzRjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAIpv9QDBAMp8pAwDQYJKoZI
hvcNAQELBQADggEBAFH/eowfTPtpd/N79TtdDeYuFNh1+MYLYmSf5tD2E1nrsXvh
8YJfpP+DKK6JC7LiuApQ3mVzdSVWpHYr3Vj9zuHbDur8fFz9LXYJVVAVZsPpv2m5
mua9oEnCHHqR+rzeFlWlbTf3btgU4vxN+zV7X82y8VYgZZT6YpE+m/wNk8Vqz81N
+e+KcOK0JokzPSr5WSlu+x0swAn+C83h/7r+Gxt1dcZwgvsI4HY3R+AdGEmeDcB/
b74Wyp4KLz6nvepH0i1br9G6lT5IDM7Xo/EOF6DE5fu+k/sd4ojTPxSvGwYF6mXq
AHdtbykF7rrTZKT/V4uiCm9uUqGrSzl+QCZ+3xU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:50 2024 by rpki-client on console-fra.rpki-client.org