Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/C8CC9620C75111EE975F8693775412E6.roa
File:                     C8CC9620C75111EE975F8693775412E6.roa (raw, json)
Hash identifier:          +NdH2S5zvXmSKnb1JkD36g5vqbo28nz0BEdNfSBXHKA=
Subject key identifier:   A1:35:6F:70:1A:54:71:D2:59:47:F7:0C:9D:6C:E6:19:B2:E1:29:CE
Certificate issuer:       /CN=F36BF59BAF/serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
Certificate serial:       02
Authority key identifier: E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/C8CC9620C75111EE975F8693775412E6.roa
Signing time:             Fri 09 Feb 2024 13:47:37 +0000
ROA not before:           Fri 09 Feb 2024 13:47:33 +0000
ROA not after:            Fri 07 Feb 2025 13:47:33 +0000
asID:                     37739
IP address blocks:        102.209.240.0/22 maxlen: 22
                          102.209.240.0/23 maxlen: 23
                          102.209.240.0/24 maxlen: 24
                          102.209.241.0/24 maxlen: 24
                          102.209.242.0/23 maxlen: 23
                          102.209.242.0/24 maxlen: 24
                          102.209.243.0/24 maxlen: 24
                          2c0f:2c40::/32 maxlen: 48

Validation:               Failed, certificate revoked on Sat 13 Apr 2024 08:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BF59BAF/serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
        Validity
            Not Before: Feb  9 13:47:33 2024 GMT
            Not After : Feb  7 13:47:33 2025 GMT
        Subject: CN=65c62cf9-7825
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:9b:16:3a:fc:e8:79:89:f0:8f:46:c8:91:b4:
                    dc:51:52:79:38:63:bd:85:8a:03:c7:09:6c:77:c9:
                    3e:dd:8e:21:60:98:2b:cd:cd:41:ab:2f:96:a1:ad:
                    45:c6:58:65:02:1b:d5:3e:c6:57:15:9a:84:b1:27:
                    ed:9c:4a:c0:0c:70:40:d1:31:47:b4:1d:86:c8:76:
                    1f:cc:06:80:c7:e8:69:4f:55:6c:7f:d3:59:d9:79:
                    a2:16:aa:4a:f2:7f:35:fc:fa:29:63:31:05:79:3e:
                    cc:bb:01:ea:15:89:db:72:94:3b:ba:e8:b1:38:76:
                    f6:cf:ff:e2:be:81:d0:71:d7:65:68:7b:e9:c2:e4:
                    73:89:fe:26:a1:d6:5f:64:9d:5c:6e:7b:a9:14:af:
                    3b:d2:21:c9:e0:56:d6:59:8e:91:f0:7e:5f:f1:44:
                    d2:4e:63:45:29:57:db:80:23:2f:7c:55:ed:81:27:
                    ad:0f:cb:64:7f:98:2e:f6:94:2c:24:cc:2a:2d:2d:
                    ee:d3:84:12:e1:5f:04:13:91:45:0f:2b:b4:e7:c8:
                    8b:9a:96:4f:8d:2d:f9:84:37:7b:a0:16:20:bf:31:
                    a1:c3:68:14:3a:0a:2a:86:aa:37:b9:11:29:e4:46:
                    d3:31:91:49:9f:09:7d:49:d6:63:78:9d:41:b8:e1:
                    75:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:35:6F:70:1A:54:71:D2:59:47:F7:0C:9D:6C:E6:19:B2:E1:29:CE
            X509v3 Authority Key Identifier:
                keyid:E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/C8CC9620C75111EE975F8693775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.240.0/22
                IPv6:
                  2c0f:2c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         c5:a7:ea:9e:ed:16:c4:c4:e2:7b:f8:6f:b0:73:13:a3:e9:b5:
         9d:7a:7e:f7:63:e1:a6:5b:93:dc:18:ae:dd:d7:ac:1a:d7:a0:
         60:19:1d:35:b7:86:33:60:b1:32:22:13:67:7c:18:b4:7c:a9:
         35:99:3e:a0:b9:71:e2:9f:6d:78:93:e4:a0:e7:e8:82:e5:5e:
         ef:71:a5:e1:1a:50:52:eb:0b:f2:c1:ff:6b:86:22:1f:9c:d1:
         d7:bb:85:55:95:e3:9a:92:24:49:84:e0:af:b5:67:a7:3d:e4:
         96:d3:b6:10:fa:1b:44:5e:a8:ab:e2:db:be:c3:e6:c5:fe:59:
         74:94:bf:bb:47:ff:9d:4a:44:82:52:f4:56:1d:aa:48:6b:1a:
         7f:49:4f:26:0d:8a:5f:a3:f2:14:14:aa:d0:7f:32:3a:2a:40:
         57:61:73:65:45:1b:13:25:58:54:06:67:a5:6f:5a:d4:9e:51:
         59:32:af:17:82:bc:37:ad:8a:e5:dc:1a:83:1b:52:55:f2:ca:
         59:34:0e:2f:8e:0d:92:80:5b:d3:4a:44:cf:a9:75:16:f5:ad:
         ed:4e:ff:14:58:fa:1b:61:2f:af:98:8a:8c:c9:3b:59:48:34:
         4a:fe:ab:c6:d2:f8:c4:b4:7e:2b:cc:c5:ca:21:31:fc:d5:dd:
         2e:fd:90:0c
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
RjU5QkFGMTEwLwYDVQQFEyhFMDM2QUUwOEZFMDM0MTZGNTg4ODdBOUQxOTVEQkZE
ODZBMjU2MDNDMB4XDTI0MDIwOTEzNDczM1oXDTI1MDIwNzEzNDczM1owGDEWMBQG
A1UEAxMNNjVjNjJjZjktNzgyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALabFjr86HmJ8I9GyJG03FFSeThjvYWKA8cJbHfJPt2OIWCYK83NQasvlqGt
RcZYZQIb1T7GVxWahLEn7ZxKwAxwQNExR7Qdhsh2H8wGgMfoaU9VbH/TWdl5ohaq
SvJ/Nfz6KWMxBXk+zLsB6hWJ23KUO7rosTh29s//4r6B0HHXZWh76cLkc4n+JqHW
X2SdXG57qRSvO9IhyeBW1lmOkfB+X/FE0k5jRSlX24AjL3xV7YEnrQ/LZH+YLvaU
LCTMKi0t7tOEEuFfBBORRQ8rtOfIi5qWT40t+YQ3e6AWIL8xocNoFDoKKoaqN7kR
KeRG0zGRSZ8JfUnWY3idQbjhdUsCAwEAAaOCArQwggKwMB0GA1UdDgQWBBShNW9w
GlRx0llH9wydbOYZsuEpzjAfBgNVHSMEGDAWgBTgNq4I/gNBb1iIep0ZXb/YaiVg
PDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkY1OUIvNEFBQUEyMTRDNzUxMTFFRUEwMkVCMzkyNzc1NDEyRTYvNERhdUNQ
NERRVzlZaUhxZEdWMl8yR29sWUR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNERhdUNQNERRVzlZaUhxZEdWMl8yR29sWUR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkY1OUIvNEFBQUEyMTRDNzUxMTFFRUEwMkVCMzkyNzc1
NDEyRTYvQzhDQzk2MjBDNzUxMTFFRTk3NUY4NjkzNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbR8DANBAIAAjAHAwUALA8s
QDANBgkqhkiG9w0BAQsFAAOCAQEAxafqnu0WxMTie/hvsHMTo+m1nXp+92PhpluT
3Biu3desGtegYBkdNbeGM2CxMiITZ3wYtHypNZk+oLlx4p9teJPkoOfoguVe73Gl
4RpQUusL8sH/a4YiH5zR17uFVZXjmpIkSYTgr7Vnpz3kltO2EPobRF6oq+LbvsPm
xf5ZdJS/u0f/nUpEglL0Vh2qSGsaf0lPJg2KX6PyFBSq0H8yOipAV2FzZUUbEyVY
VAZnpW9a1J5RWTKvF4K8N62K5dwagxtSVfLKWTQOL44NkoBb00pEz6l1FvWt7U7/
FFj6G2Evr5iKjMk7WUg0Sv6rxtL4xLR+K8zFyiEx/NXdLv2QDA==
-----END CERTIFICATE-----