Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/662848D4640111EDBD8EAFE9F1222468.roa
File:                     662848D4640111EDBD8EAFE9F1222468.roa (raw, json)
Hash identifier:          NuQU0rGlnw6lXQpPAmlHjex/7Nx/Kqfw+EGR0thh4ZY=
Subject key identifier:   67:13:A9:33:CB:6E:1D:16:B9:F1:51:30:C5:C8:E3:88:02:E6:66:BE
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       08E2
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/662848D4640111EDBD8EAFE9F1222468.roa
Signing time:             Mon 14 Nov 2022 09:47:49 +0000
ROA not before:           Mon 14 Nov 2022 09:47:46 +0000
ROA not after:            Sat 16 Nov 2024 09:47:46 +0000
asID:                     174
IP address blocks:        102.129.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Nov 2024 07:46:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2274 (0x8e2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Nov 14 09:47:46 2022 GMT
            Not After : Nov 16 09:47:46 2024 GMT
        Subject: CN=63720ec5-fd9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:37:c0:97:ef:b4:cd:81:8f:21:a4:9d:da:b5:
                    b8:c5:fd:03:83:9a:d3:c2:7d:1d:0a:a0:ff:71:48:
                    b2:7a:a9:93:cd:0f:07:e8:70:67:dc:46:4a:2c:92:
                    cf:d4:ab:bb:46:6f:cf:df:7a:b8:a0:c8:50:f9:13:
                    71:49:df:af:a8:18:f2:fc:cf:c1:02:20:a0:c0:63:
                    3f:6b:0a:e9:55:b0:77:0e:40:39:c7:b8:fb:5a:f0:
                    52:59:b6:9e:90:2f:03:de:82:fb:24:36:71:29:f1:
                    0f:bb:54:29:c3:79:99:aa:5e:fa:7d:b1:cc:48:0f:
                    e5:0b:51:e9:d3:9c:ec:4c:65:82:e3:9a:15:61:bd:
                    6b:e9:d5:3c:05:73:18:d8:a5:9e:ec:e3:06:3f:c1:
                    fa:d8:01:03:b3:1a:75:8c:8f:9d:8c:f5:a3:79:25:
                    ec:07:00:fa:84:5d:57:8f:19:a8:0e:b8:2c:a5:3a:
                    e1:23:52:ab:35:03:78:60:cc:f6:99:3f:19:be:6a:
                    d2:0d:f6:5e:62:c0:4d:bf:b5:c5:09:25:29:27:3f:
                    7e:ec:11:09:18:fe:51:84:c4:57:6d:8d:29:a1:ea:
                    c8:21:33:29:5d:7c:89:c9:0e:20:68:e7:cb:26:3c:
                    c3:85:b5:64:20:3b:d3:b8:52:0d:57:3f:98:85:9b:
                    28:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:13:A9:33:CB:6E:1D:16:B9:F1:51:30:C5:C8:E3:88:02:E6:66:BE
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/662848D4640111EDBD8EAFE9F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:5b:49:30:b0:cd:1b:a3:81:cd:c5:85:86:33:9d:c1:7c:bf:
         b3:09:28:f6:cc:09:24:73:d9:a0:9a:cb:e4:9c:50:88:b9:8e:
         71:cb:3c:32:f6:02:ca:16:49:9e:23:0e:24:66:a5:cf:e5:de:
         2c:41:18:08:5f:0d:db:11:ec:c0:0f:f7:3a:53:0f:f2:fe:7f:
         d7:05:3a:3e:65:3b:23:6e:36:f0:60:f4:68:35:0b:fa:b9:88:
         b2:8e:62:c7:fd:f0:2b:5b:dc:1b:a8:8c:77:f7:43:24:77:22:
         fc:81:59:e4:1f:d6:b8:7c:94:0f:41:b3:8e:bd:c7:a5:b0:06:
         e5:cd:20:55:27:ab:85:ab:48:95:71:4a:eb:9d:2c:53:54:62:
         f4:78:d5:c4:7f:4f:f7:09:54:5d:f4:cd:da:83:c5:4a:70:c0:
         c9:df:df:0d:c7:45:94:39:7b:40:a1:50:c3:45:07:ab:93:80:
         fe:c8:81:5a:bd:80:d4:5c:a2:53:ed:31:3a:ce:d8:51:46:b6:
         d3:33:14:f8:06:95:29:3f:c7:e1:29:c1:bb:9a:37:1d:17:0c:
         5a:c9:ee:c4:9e:0b:33:53:64:fe:13:7c:b4:63:dc:d1:18:ef:
         ea:cf:e7:e8:68:81:03:5f:fb:64:21:a9:a1:ae:ba:0f:43:9a:
         a5:82:88:6f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCOIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMjExMTQwOTQ3NDZaFw0yNDExMTYwOTQ3NDZaMBgxFjAU
BgNVBAMMDTYzNzIwZWM1LWZkOWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDcN8CX77TNgY8hpJ3atbjF/QODmtPCfR0KoP9xSLJ6qZPNDwfocGfcRkos
ks/Uq7tGb8/ferigyFD5E3FJ36+oGPL8z8ECIKDAYz9rCulVsHcOQDnHuPta8FJZ
tp6QLwPegvskNnEp8Q+7VCnDeZmqXvp9scxID+ULUenTnOxMZYLjmhVhvWvp1TwF
cxjYpZ7s4wY/wfrYAQOzGnWMj52M9aN5JewHAPqEXVePGagOuCylOuEjUqs1A3hg
zPaZPxm+atIN9l5iwE2/tcUJJSknP37sEQkY/lGExFdtjSmh6sghMyldfInJDiBo
58smPMOFtWQgO9O4Ug1XP5iFmyidAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZxOp
M8tuHRa58VEwxcjjiALmZr4wHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzY2Mjg0OEQ0NjQwMTExRURCRDhFQUZFOUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgeowDQYJKoZIhvcNAQEL
BQADggEBALJbSTCwzRujgc3FhYYzncF8v7MJKPbMCSRz2aCay+ScUIi5jnHLPDL2
AsoWSZ4jDiRmpc/l3ixBGAhfDdsR7MAP9zpTD/L+f9cFOj5lOyNuNvBg9Gg1C/q5
iLKOYsf98Ctb3BuojHf3QyR3IvyBWeQf1rh8lA9Bs469x6WwBuXNIFUnq4WrSJVx
SuudLFNUYvR41cR/T/cJVF30zdqDxUpwwMnf3w3HRZQ5e0ChUMNFB6uTgP7IgVq9
gNRcolPtMTrO2FFGttMzFPgGlSk/x+EpwbuaNx0XDFrJ7sSeCzNTZP4TfLRj3NEY
7+rP5+hogQNf+2QhqaGuug9DmqWCiG8=
-----END CERTIFICATE-----
Generated at Tue Nov 12 10:08:33 2024 by rpki-client on console-fra.rpki-client.org