Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D7B70/311539A0AD6111ED8C82DB9DF1222468/F4C53C92AD6111EDB689E79FF1222468.roa
File: F4C53C92AD6111EDB689E79FF1222468.roa (raw, json)
Hash identifier: GuXRJvFUvpo+gmX6GJIVbShpfeFA35CsZYgEII2ZbN0=
Subject key identifier: FB:4F:39:18:1D:71:58:08:33:0F:F3:76:84:CF:D9:F1:25:AF:C6:24
Certificate issuer: /CN=F36D7B70AF/serialNumber=D5DBEBCD7C1BEFF284357FF0647AC8B749620FD4
Certificate serial: 02
Authority key identifier: D5:DB:EB:CD:7C:1B:EF:F2:84:35:7F:F0:64:7A:C8:B7:49:62:0F:D4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/1dvrzXwb7_KENX_wZHrIt0liD9Q.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D7B70/311539A0AD6111ED8C82DB9DF1222468/F4C53C92AD6111EDB689E79FF1222468.roa
Signing time: Wed 15 Feb 2023 18:52:55 +0000
ROA not before: Wed 15 Feb 2023 18:52:51 +0000
ROA not after: Mon 28 Feb 2033 18:52:51 +0000
asID: 328339
IP address blocks: 102.223.2.0/24 maxlen: 24
2c0f:1600::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 Feb 2023 04:47:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D7B70AF/serialNumber=D5DBEBCD7C1BEFF284357FF0647AC8B749620FD4
Validity
Not Before: Feb 15 18:52:51 2023 GMT
Not After : Feb 28 18:52:51 2033 GMT
Subject: CN=63ed2a07-2c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:36:cc:e0:f6:63:f5:cc:16:27:51:a4:5e:4a:
87:2c:aa:f1:c6:75:ad:30:d3:32:a0:ed:a6:c2:fe:
c8:68:a6:ab:f6:45:5a:98:e4:9c:03:fb:87:3f:72:
95:bb:f9:4a:cc:c5:0f:5b:62:e8:b1:ae:5b:81:b8:
dd:ba:c3:2f:46:5e:2b:15:20:e5:41:85:76:b6:e8:
19:06:95:e6:c9:4d:0c:74:07:42:a6:67:89:7b:c8:
29:00:61:18:09:20:d6:26:09:5b:83:dc:e9:42:77:
e4:55:21:83:07:45:9f:03:41:e9:f1:4e:00:49:99:
f0:82:a5:8c:7a:ea:c4:f1:70:ef:eb:66:f5:2e:7f:
e7:4c:1a:04:3c:fe:7c:14:a9:3d:5c:e1:ce:8b:5c:
5f:89:8a:5f:ca:b5:d5:e5:7a:e3:b2:21:30:a4:d5:
57:5d:ee:c4:25:bc:e2:eb:f1:f2:3d:2c:57:45:7c:
09:e8:b8:72:01:4a:f1:42:eb:cc:20:cf:ef:8d:2e:
c4:27:02:d5:74:ef:8f:2b:00:63:10:f6:41:87:bf:
e1:21:52:03:03:5e:49:f1:cb:cf:39:9e:a8:1d:bc:
4a:26:cb:3c:1c:dd:2c:d1:31:27:7b:43:c8:f3:49:
2c:21:54:4f:55:98:02:5d:69:8b:e1:18:a6:0f:77:
91:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4F:39:18:1D:71:58:08:33:0F:F3:76:84:CF:D9:F1:25:AF:C6:24
X509v3 Authority Key Identifier:
keyid:D5:DB:EB:CD:7C:1B:EF:F2:84:35:7F:F0:64:7A:C8:B7:49:62:0F:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D7B70/311539A0AD6111ED8C82DB9DF1222468/1dvrzXwb7_KENX_wZHrIt0liD9Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/1dvrzXwb7_KENX_wZHrIt0liD9Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D7B70/311539A0AD6111ED8C82DB9DF1222468/F4C53C92AD6111EDB689E79FF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.223.2.0/24
IPv6:
2c0f:1600::/32
Signature Algorithm: sha256WithRSAEncryption
64:eb:2a:27:85:9a:69:21:ea:2d:b6:33:91:10:42:50:15:33:
52:55:bc:11:18:ee:97:b4:4f:13:d0:0c:43:42:a8:82:44:fb:
ff:a0:25:d7:d8:fd:95:e8:7e:11:b0:63:a7:c8:f1:59:92:f8:
59:7d:ec:22:6f:30:ef:15:d9:41:c0:75:82:87:8d:cf:e8:29:
52:d1:74:86:ef:f7:e8:38:9d:b8:9c:34:c7:17:db:ad:cd:a3:
86:78:ee:7e:e4:cf:00:e7:9d:db:6f:8e:8f:6e:aa:fd:f4:b8:
0d:7b:7d:06:12:c6:26:72:e1:d6:88:e8:aa:ee:cd:0b:db:48:
91:46:8e:07:a5:87:73:84:03:0a:fc:f8:0e:fd:76:2c:97:9e:
7a:e9:e0:9e:7f:e6:0d:cb:5b:5e:46:f0:c4:b6:80:5e:2e:61:
7a:42:bf:41:a1:e1:ba:58:10:5e:e8:66:ea:05:4e:f7:55:f1:
21:cc:96:19:6e:74:81:f3:a4:04:a0:0f:ae:ad:e9:d4:eb:4c:
23:86:52:f3:12:98:55:71:da:66:64:d6:ec:4f:ff:ed:02:b2:
a3:a1:a8:4d:f9:23:77:5e:e0:79:5d:3f:3e:51:a2:4d:eb:44:
2a:43:42:b2:8b:8c:e0:bd:4e:12:13:21:1f:4f:e9:14:fc:9b:
c8:e7:ad:5b
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZE
N0I3MEFGMTEwLwYDVQQFEyhENURCRUJDRDdDMUJFRkYyODQzNTdGRjA2NDdBQzhC
NzQ5NjIwRkQ0MB4XDTIzMDIxNTE4NTI1MVoXDTMzMDIyODE4NTI1MVowGDEWMBQG
A1UEAwwNNjNlZDJhMDctMmMyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKc2zOD2Y/XMFidRpF5Khyyq8cZ1rTDTMqDtpsL+yGimq/ZFWpjknAP7hz9y
lbv5SszFD1ti6LGuW4G43brDL0ZeKxUg5UGFdrboGQaV5slNDHQHQqZniXvIKQBh
GAkg1iYJW4Pc6UJ35FUhgwdFnwNB6fFOAEmZ8IKljHrqxPFw7+tm9S5/50waBDz+
fBSpPVzhzotcX4mKX8q11eV647IhMKTVV13uxCW84uvx8j0sV0V8Cei4cgFK8ULr
zCDP740uxCcC1XTvjysAYxD2QYe/4SFSAwNeSfHLzzmeqB28SibLPBzdLNExJ3tD
yPNJLCFUT1WYAl1pi+EYpg93kUcCAwEAAaOCArQwggKwMB0GA1UdDgQWBBT7TzkY
HXFYCDMP83aEz9nxJa/GJDAfBgNVHSMEGDAWgBTV2+vNfBvv8oQ1f/Bkesi3SWIP
1DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDdCNzAvMzExNTM5QTBBRDYxMTFFRDhDODJEQjlERjEyMjI0NjgvMWR2cnpY
d2I3X0tFTlhfd1pIckl0MGxpRDlRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMWR2cnpYd2I3X0tFTlhfd1pIckl0MGxpRDlRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDdCNzAvMzExNTM5QTBBRDYxMTFFRDhDODJEQjlERjEy
MjI0NjgvRjRDNTNDOTJBRDYxMTFFREI2ODlFNzlGRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAGbfAjANBAIAAjAHAwUALA8W
ADANBgkqhkiG9w0BAQsFAAOCAQEAZOsqJ4WaaSHqLbYzkRBCUBUzUlW8ERjul7RP
E9AMQ0KogkT7/6Al19j9leh+EbBjp8jxWZL4WX3sIm8w7xXZQcB1goeNz+gpUtF0
hu/36DiduJw0xxfbrc2jhnjufuTPAOed22+Oj26q/fS4DXt9BhLGJnLh1ojoqu7N
C9tIkUaOB6WHc4QDCvz4Dv12LJeeeungnn/mDctbXkbwxLaAXi5hekK/QaHhulgQ
Xuhm6gVO91XxIcyWGW50gfOkBKAPrq3p1OtMI4ZS8xKYVXHaZmTW7E//7QKyo6Go
Tfkjd17geV0/PlGiTetEKkNCsouM4L1OEhMhH0/pFPybyOetWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:53 2024 by rpki-client on console-fra.rpki-client.org