Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/E86E3A1AD0CA11EEBDA7219D775412E6.roa
File:                     E86E3A1AD0CA11EEBDA7219D775412E6.roa (raw, json)
Hash identifier:          5QMpSlVnce7XjSS/w7q5Xay7FjTDaZTbNlzY1Xs2A+4=
Subject key identifier:   0F:5D:0E:C0:D9:E0:DD:43:8A:B0:4D:D4:9D:4B:BF:3C:0B:D2:40:B9
Certificate issuer:       /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial:       0F85
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/E86E3A1AD0CA11EEBDA7219D775412E6.roa
Signing time:             Wed 21 Feb 2024 15:07:20 +0000
ROA not before:           Wed 21 Feb 2024 15:07:16 +0000
ROA not after:            Sat 21 Feb 2026 15:07:16 +0000
asID:                     7018
IP address blocks:        102.129.178.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 28 Aug 2024 06:40:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3973 (0xf85)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
        Validity
            Not Before: Feb 21 15:07:16 2024 GMT
            Not After : Feb 21 15:07:16 2026 GMT
        Subject: CN=65d611a8-aef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:58:68:86:c2:c5:6e:1e:f5:f4:a8:e2:7f:52:
                    6a:c3:b8:30:00:4d:01:25:c8:77:0e:07:6a:48:ff:
                    41:60:13:54:ed:2d:1b:74:35:c6:7e:96:78:95:fb:
                    16:b1:86:61:14:3c:a7:75:04:52:71:d1:e0:ea:58:
                    15:73:26:fb:f1:69:47:c2:9a:38:46:42:54:b2:62:
                    60:3b:f8:6b:12:05:19:cd:c8:9d:d3:b2:8c:c3:5e:
                    09:5b:26:12:a1:b9:90:3a:34:af:3c:ea:90:04:9a:
                    d5:c0:1a:58:f6:fc:14:b7:bc:69:38:1c:a5:29:cb:
                    fe:30:af:87:ae:15:23:a1:67:35:09:e9:0f:4a:e1:
                    e4:1e:d5:71:00:a0:c3:1a:3d:ca:05:64:9a:eb:88:
                    07:31:5e:83:46:77:80:2c:42:11:26:7b:3a:94:37:
                    cb:c9:c5:41:65:38:56:3d:5b:02:30:d3:1a:72:4b:
                    5a:aa:81:a6:9b:43:69:66:e7:ec:7a:47:8c:6c:36:
                    1c:19:d2:bb:4f:de:4a:d4:a9:5d:0e:e7:df:cc:06:
                    26:c4:95:f8:83:17:86:32:e1:3c:fd:c8:aa:91:4f:
                    d5:52:90:ec:f4:97:45:a9:f6:a7:a9:97:94:d5:ca:
                    97:7d:81:91:de:e6:99:97:38:ce:e7:ac:b2:cb:2a:
                    86:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:5D:0E:C0:D9:E0:DD:43:8A:B0:4D:D4:9D:4B:BF:3C:0B:D2:40:B9
            X509v3 Authority Key Identifier:
                keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/E86E3A1AD0CA11EEBDA7219D775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.129.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:71:90:66:c3:a6:bd:02:26:e7:ff:a9:94:6f:c9:2e:88:85:
         8d:47:9d:58:98:59:b2:12:33:1b:d3:45:df:6d:22:a3:49:88:
         f8:48:41:7b:dc:f4:d8:b0:5c:fa:6f:eb:0a:58:9c:04:46:17:
         c2:4b:ba:46:5c:56:8a:d8:2f:df:d4:aa:d3:66:aa:8e:28:26:
         ee:75:4c:40:68:4a:df:d9:ff:07:ef:cb:dc:0b:59:26:48:2f:
         c5:88:53:ee:37:4b:93:6c:67:97:d4:50:8a:fc:79:87:e4:20:
         c0:52:9b:1f:5b:d2:c1:1b:c9:cb:62:b0:07:88:d3:34:f2:9a:
         2c:2b:7f:36:60:b3:9e:c9:9c:12:f8:ba:70:d7:96:dd:de:7c:
         61:51:6f:a4:b2:ef:bf:53:0a:78:d0:95:bb:92:48:d9:1e:6d:
         af:88:85:21:95:f1:fe:4a:5f:a5:d5:e4:04:2a:07:00:90:58:
         37:62:ed:94:10:8a:ab:e5:fb:bd:a9:4f:51:d9:60:2e:65:4b:
         a8:0e:b3:e2:50:75:1b:fa:5b:fc:5e:c1:61:ae:0e:b0:f9:c0:
         dd:03:ea:b7:42:49:15:84:9e:f9:09:2e:28:b7:79:bb:28:12:
         2f:e1:1b:0e:64:90:f6:ac:5e:ce:2f:f6:17:33:c0:6a:db:b8:
         a9:0f:c9:5d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD4UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDAyMjExNTA3MTZaFw0yNjAyMjExNTA3MTZaMBgxFjAU
BgNVBAMTDTY1ZDYxMWE4LWFlZjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8WGiGwsVuHvX0qOJ/UmrDuDAATQElyHcOB2pI/0FgE1TtLRt0NcZ+lniV
+xaxhmEUPKd1BFJx0eDqWBVzJvvxaUfCmjhGQlSyYmA7+GsSBRnNyJ3TsozDXglb
JhKhuZA6NK886pAEmtXAGlj2/BS3vGk4HKUpy/4wr4euFSOhZzUJ6Q9K4eQe1XEA
oMMaPcoFZJrriAcxXoNGd4AsQhEmezqUN8vJxUFlOFY9WwIw0xpyS1qqgaabQ2lm
5+x6R4xsNhwZ0rtP3krUqV0O59/MBibElfiDF4Yy4Tz9yKqRT9VSkOz0l0Wp9qep
l5TVypd9gZHe5pmXOM7nrLLLKoYrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUD10O
wNng3UOKsE3UnUu/PAvSQLkwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4L0U4NkUzQTFBRDBDQTExRUVCREE3MjE5RDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgbIwDQYJKoZIhvcNAQEL
BQADggEBAEZxkGbDpr0CJuf/qZRvyS6IhY1HnViYWbISMxvTRd9tIqNJiPhIQXvc
9NiwXPpv6wpYnARGF8JLukZcVorYL9/UqtNmqo4oJu51TEBoSt/Z/wfvy9wLWSZI
L8WIU+43S5NsZ5fUUIr8eYfkIMBSmx9b0sEbyctisAeI0zTymiwrfzZgs57JnBL4
unDXlt3efGFRb6Sy779TCnjQlbuSSNkeba+IhSGV8f5KX6XV5AQqBwCQWDdi7ZQQ
iqvl+72pT1HZYC5lS6gOs+JQdRv6W/xewWGuDrD5wN0D6rdCSRWEnvkJLii3ebso
Ei/hGw5kkPasXs4v9hczwGrbuKkPyV0=
-----END CERTIFICATE-----
Generated at Wed Aug 28 09:44:45 2024 by rpki-client on console-fra.rpki-client.org