Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B3234/9E121C0C241011ECB2D06956D8A014CE/BA7D286C89FA11EE8ADEA4244AD9E6FC.roa
File:                     BA7D286C89FA11EE8ADEA4244AD9E6FC.roa (raw, json)
Hash identifier:          e6u4Mpqs1Ulf+sUBuDTfOdO8viIVszZ90vSZAQIFzIQ=
Subject key identifier:   AD:45:27:3D:B1:A2:CF:F0:56:4B:A4:68:01:0B:3F:69:7C:45:3B:C3
Certificate issuer:       /CN=F36B3234AF/serialNumber=03FE5D726F34E93CE1A95D94518E12237AC3E2C6
Certificate serial:       0341
Authority key identifier: 03:FE:5D:72:6F:34:E9:3C:E1:A9:5D:94:51:8E:12:23:7A:C3:E2:C6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/A_5dcm806TzhqV2UUY4SI3rD4sY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B3234/9E121C0C241011ECB2D06956D8A014CE/BA7D286C89FA11EE8ADEA4244AD9E6FC.roa
Signing time:             Thu 23 Nov 2023 12:20:46 +0000
ROA not before:           Thu 23 Nov 2023 12:20:42 +0000
ROA not after:            Tue 22 Nov 2033 12:20:42 +0000
asID:                     5536
IP address blocks:        102.218.128.0/24 maxlen: 32
                          102.218.130.0/24 maxlen: 32
                          102.219.22.0/24 maxlen: 32
                          102.220.125.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Fri 09 Aug 2024 18:07:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 833 (0x341)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B3234AF/serialNumber=03FE5D726F34E93CE1A95D94518E12237AC3E2C6
        Validity
            Not Before: Nov 23 12:20:42 2023 GMT
            Not After : Nov 22 12:20:42 2033 GMT
        Subject: CN=655f439e-1cc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9d:90:fa:36:b3:62:2a:83:ce:70:45:3d:f8:
                    85:c7:92:ea:65:b4:3c:53:14:7b:e8:ad:24:95:3e:
                    eb:83:61:25:da:0f:b5:5e:12:6a:40:10:9a:f0:9a:
                    28:86:6d:22:ab:ef:33:d5:05:95:d7:ad:40:c9:51:
                    6b:83:4e:b2:26:3d:19:17:a6:c3:cc:a5:1d:50:82:
                    6a:f7:5e:77:8a:8a:be:02:7d:2f:6b:f1:85:29:ba:
                    32:4a:e8:9d:cd:7d:ce:0b:0e:d1:ac:b1:bd:19:0a:
                    22:08:9c:a4:bc:68:66:56:87:86:a1:4a:9e:09:55:
                    6c:8f:41:2b:b5:5a:da:d4:96:53:c5:e1:59:96:58:
                    32:3e:71:eb:98:0a:a2:fc:7f:7f:fe:c7:d8:d5:33:
                    a4:c5:ee:d0:95:97:5b:b7:86:aa:a1:4e:85:ca:12:
                    bf:ee:d9:da:ac:e8:bf:8b:e6:2b:86:16:f2:e4:38:
                    8e:eb:29:82:bf:c3:e3:a5:1f:03:68:0a:07:60:7c:
                    81:f4:6e:0d:53:a0:2e:7a:f2:fa:7b:50:8e:d6:77:
                    0e:50:3c:bb:2e:e9:a4:6b:53:3d:c3:35:47:59:ad:
                    a4:4b:3f:c1:fc:d6:9b:d8:08:1d:b6:a6:98:c4:7d:
                    3b:f4:0a:78:8f:b5:9a:e5:4f:73:7c:7d:06:3b:1e:
                    b1:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:45:27:3D:B1:A2:CF:F0:56:4B:A4:68:01:0B:3F:69:7C:45:3B:C3
            X509v3 Authority Key Identifier:
                keyid:03:FE:5D:72:6F:34:E9:3C:E1:A9:5D:94:51:8E:12:23:7A:C3:E2:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B3234/9E121C0C241011ECB2D06956D8A014CE/A_5dcm806TzhqV2UUY4SI3rD4sY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/A_5dcm806TzhqV2UUY4SI3rD4sY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B3234/9E121C0C241011ECB2D06956D8A014CE/BA7D286C89FA11EE8ADEA4244AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.218.128.0/24
                  102.218.130.0/24
                  102.219.22.0/24
                  102.220.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:61:cf:c4:22:6b:e6:3d:17:17:d1:31:83:ba:40:e9:97:ed:
         b1:b5:3c:fc:58:07:3f:e5:88:3b:07:16:c6:1e:d6:22:4d:fc:
         93:2a:4f:51:af:91:c4:24:18:ce:2c:bf:97:d5:57:85:1c:8a:
         1c:f3:ab:fe:35:e2:91:ac:4c:26:ce:c4:b6:7a:d0:72:c0:c7:
         1f:7f:ea:8b:0c:84:8e:a3:5c:b6:78:4b:08:7f:1b:d8:0b:b1:
         d8:84:57:ca:45:7c:ab:47:02:78:84:56:3f:c1:24:d6:8c:23:
         23:be:49:b2:2d:b6:a7:69:f6:d6:e1:cb:eb:9e:91:d8:95:a5:
         bd:93:c3:2e:2e:46:29:9d:a4:20:80:bc:84:c5:ed:33:58:95:
         c1:ad:01:eb:f2:10:67:ee:46:f3:75:f3:23:62:81:08:85:3a:
         78:dc:cd:1e:c4:09:cf:ef:47:00:a2:c2:f8:d8:4f:9c:ae:d5:
         5e:ba:13:31:f6:5e:67:4c:0d:e9:1a:43:b6:70:7d:27:20:1d:
         1b:31:21:b5:9f:c9:3d:db:21:18:1c:d4:88:57:aa:b7:a2:28:
         ca:89:0e:ac:7c:89:10:fd:8f:aa:4d:96:10:87:26:af:af:17:
         c9:ff:00:0a:71:b7:9f:d0:60:14:28:b9:a1:58:44:34:4d:c3:
         42:b9:b3:5c
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICA0EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjMyMzRBRjExMC8GA1UEBRMoMDNGRTVENzI2RjM0RTkzQ0UxQTk1RDk0NTE4RTEy
MjM3QUMzRTJDNjAeFw0yMzExMjMxMjIwNDJaFw0zMzExMjIxMjIwNDJaMBgxFjAU
BgNVBAMTDTY1NWY0MzllLTFjYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDCnZD6NrNiKoPOcEU9+IXHkupltDxTFHvorSSVPuuDYSXaD7VeEmpAEJrw
miiGbSKr7zPVBZXXrUDJUWuDTrImPRkXpsPMpR1Qgmr3XneKir4CfS9r8YUpujJK
6J3Nfc4LDtGssb0ZCiIInKS8aGZWh4ahSp4JVWyPQSu1WtrUllPF4VmWWDI+ceuY
CqL8f3/+x9jVM6TF7tCVl1u3hqqhToXKEr/u2dqs6L+L5iuGFvLkOI7rKYK/w+Ol
HwNoCgdgfIH0bg1ToC568vp7UI7Wdw5QPLsu6aRrUz3DNUdZraRLP8H81pvYCB22
ppjEfTv0CniPtZrlT3N8fQY7HrG1AgMBAAGjggK3MIICszAdBgNVHQ4EFgQUrUUn
PbGiz/BWS6RoAQs/aXxFO8MwHwYDVR0jBBgwFoAUA/5dcm806TzhqV2UUY4SI3rD
4sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkIzMjM0LzlFMTIxQzBDMjQxMDExRUNCMkQwNjk1NkQ4QTAxNENFL0FfNWRj
bTgwNlR6aHFWMlVVWTRTSTNyRDRzWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0FfNWRjbTgwNlR6aHFWMlVVWTRTSTNyRDRzWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkIzMjM0LzlFMTIxQzBDMjQxMDExRUNCMkQwNjk1NkQ4
QTAxNENFL0JBN0QyODZDODlGQTExRUU4QURFQTQyNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABm2oADBABm2oIDBABm2xYD
BABm3H0wDQYJKoZIhvcNAQELBQADggEBAKxhz8Qia+Y9FxfRMYO6QOmX7bG1PPxY
Bz/liDsHFsYe1iJN/JMqT1GvkcQkGM4sv5fVV4Ucihzzq/414pGsTCbOxLZ60HLA
xx9/6osMhI6jXLZ4Swh/G9gLsdiEV8pFfKtHAniEVj/BJNaMIyO+SbIttqdp9tbh
y+uekdiVpb2Twy4uRimdpCCAvITF7TNYlcGtAevyEGfuRvN18yNigQiFOnjczR7E
Cc/vRwCiwvjYT5yu1V66EzH2XmdMDekaQ7ZwfScgHRsxIbWfyT3bIRgc1IhXqrei
KMqJDqx8iRD9j6pNlhCHJq+vF8n/AApxt5/QYBQouaFYRDRNw0K5s1w=
-----END CERTIFICATE-----