Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/274F7ED69DAA11EFB97C1A4D762E951A.roa
File: 274F7ED69DAA11EFB97C1A4D762E951A.roa (raw, json)
Hash identifier: tYvgDn7cdpOWM96Yxld13MKc5BylIiXqZoXvL/E3O+M=
Subject key identifier: 97:51:0B:28:6A:10:81:CA:7F:96:38:11:46:D0:A2:DB:78:37:7A:42
Certificate issuer: /CN=F36F6A4DAF/serialNumber=CA941F10D8010F95C8049E0102DCCAA883D9A0DB
Certificate serial: 07
Authority key identifier: CA:94:1F:10:D8:01:0F:95:C8:04:9E:01:02:DC:CA:A8:83:D9:A0:DB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ypQfENgBD5XIBJ4BAtzKqIPZoNs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/274F7ED69DAA11EFB97C1A4D762E951A.roa
Signing time: Fri 08 Nov 2024 08:19:20 +0000
ROA not before: Fri 08 Nov 2024 08:19:16 +0000
ROA not after: Sun 30 Nov 2025 08:19:16 +0000
asID: 329303
IP address blocks: 102.207.120.0/22 maxlen: 24
2c0f:51c0::/32 maxlen: 64
Validation: Failed, certificate revoked on Sat 09 Nov 2024 06:46:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F6A4DAF/serialNumber=CA941F10D8010F95C8049E0102DCCAA883D9A0DB
Validity
Not Before: Nov 8 08:19:16 2024 GMT
Not After : Nov 30 08:19:16 2025 GMT
Subject: CN=672dc988-ffdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:f0:3c:eb:d9:be:9c:a9:8a:20:8a:df:64:
8d:0b:43:ac:60:c9:06:59:9b:1d:a2:93:aa:a0:57:
a4:1a:e1:62:76:bb:0f:99:c8:75:d8:e9:d6:ba:26:
64:63:f5:a5:9c:94:a5:a6:fe:56:05:c8:03:0a:00:
b1:b7:a8:75:03:6f:43:ba:66:70:ff:e0:66:4a:5f:
55:0c:8d:ee:dc:b9:fc:00:b6:94:19:dc:f2:29:de:
8c:41:65:1d:03:55:44:72:d3:86:8b:a1:11:eb:ab:
a0:43:37:86:7f:f6:9f:ce:5d:1f:47:ff:2e:f1:98:
0d:d6:9e:63:bc:05:85:e8:10:a0:9c:f4:3b:0f:51:
f4:08:e9:3e:38:91:6e:0b:7c:31:a3:55:a2:6a:c9:
01:81:36:36:20:57:65:25:de:1c:bd:69:91:27:61:
57:5a:34:28:d3:a3:2d:cb:09:77:93:e8:55:f6:91:
6d:2e:9e:e2:7d:d4:d8:af:1b:94:6b:f9:c6:e3:8c:
df:59:70:8b:90:c0:26:84:a5:5a:87:9e:27:22:a9:
da:60:bc:dc:4a:21:5d:d3:6c:29:80:84:0a:b2:39:
8f:51:95:19:c9:70:07:31:2b:e9:96:3c:33:e5:d7:
38:8b:7a:77:93:60:27:a1:9b:4c:c4:b5:69:ff:4c:
c9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:51:0B:28:6A:10:81:CA:7F:96:38:11:46:D0:A2:DB:78:37:7A:42
X509v3 Authority Key Identifier:
keyid:CA:94:1F:10:D8:01:0F:95:C8:04:9E:01:02:DC:CA:A8:83:D9:A0:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/ypQfENgBD5XIBJ4BAtzKqIPZoNs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ypQfENgBD5XIBJ4BAtzKqIPZoNs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/274F7ED69DAA11EFB97C1A4D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.207.120.0/22
IPv6:
2c0f:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
86:cc:14:5d:fa:f9:7a:4a:d1:7c:2b:53:14:43:a4:70:df:59:
3b:aa:f2:cb:34:fe:0d:57:3b:fe:9c:d2:2c:ac:cd:a2:22:81:
7b:23:b3:e9:07:79:8b:f0:f0:6d:b4:e0:7d:02:99:b6:d8:e7:
2e:ab:8c:2d:1a:4c:7f:08:0e:67:a8:e5:51:de:e5:ff:9c:64:
90:1e:17:02:2b:6e:85:7f:ec:63:64:3b:44:96:24:ad:d8:ba:
97:7c:fd:5d:5f:0b:04:49:b6:96:58:e0:c5:b8:7f:39:73:81:
db:14:3a:2a:12:60:0b:c7:73:b2:c5:3b:c2:76:cb:c4:c0:0b:
c0:10:f1:57:05:fb:c4:ce:03:fe:a2:7a:e6:2c:d7:8d:20:8d:
2b:4e:1d:22:e3:09:a5:08:d8:d3:0b:2c:91:21:3e:16:94:2c:
99:cf:a3:2d:5b:0d:c0:f6:35:75:c0:cd:ed:bf:97:17:e9:76:
46:d3:3c:c5:b0:44:08:5a:7b:3e:14:ea:d8:5a:51:f0:63:81:
f3:c5:f7:23:a9:a8:f4:6b:21:6f:04:30:c9:4d:03:a4:f6:13:
20:55:f0:63:d9:a8:99:c1:b6:03:06:38:49:24:47:f5:22:1e:
74:92:fb:ed:bb:1f:6f:4a:d6:72:62:00:0f:c1:8a:ac:16:df:
b6:15:e6:6a
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
NkE0REFGMTEwLwYDVQQFEyhDQTk0MUYxMEQ4MDEwRjk1QzgwNDlFMDEwMkRDQ0FB
ODgzRDlBMERCMB4XDTI0MTEwODA4MTkxNloXDTI1MTEzMDA4MTkxNlowGDEWMBQG
A1UEAxMNNjcyZGM5ODgtZmZkZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0C8Dzr2b6cqYogit9kjQtDrGDJBlmbHaKTqqBXpBrhYna7D5nIddjp1rom
ZGP1pZyUpab+VgXIAwoAsbeodQNvQ7pmcP/gZkpfVQyN7ty5/AC2lBnc8inejEFl
HQNVRHLThouhEeuroEM3hn/2n85dH0f/LvGYDdaeY7wFhegQoJz0Ow9R9AjpPjiR
bgt8MaNVomrJAYE2NiBXZSXeHL1pkSdhV1o0KNOjLcsJd5PoVfaRbS6e4n3U2K8b
lGv5xuOM31lwi5DAJoSlWoeeJyKp2mC83EohXdNsKYCECrI5j1GVGclwBzEr6ZY8
M+XXOIt6d5NgJ6GbTMS1af9MyZECAwEAAaOCArQwggKwMB0GA1UdDgQWBBSXUQso
ahCByn+WOBFG0KLbeDd6QjAfBgNVHSMEGDAWgBTKlB8Q2AEPlcgEngEC3Mqog9mg
2zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjZBNEQvQUUxQTAwQzg5QjNDMTFFRjlFOTcyNTdGNzYyRTk1MUEveXBRZkVO
Z0JENVhJQko0QkF0ektxSVBab05zLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveXBRZkVOZ0JENVhJQko0QkF0ektxSVBab05zLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjZBNEQvQUUxQTAwQzg5QjNDMTFFRjlFOTcyNTdGNzYy
RTk1MUEvMjc0RjdFRDY5REFBMTFFRkI5N0MxQTRENzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbPeDANBAIAAjAHAwUALA9R
wDANBgkqhkiG9w0BAQsFAAOCAQEAhswUXfr5ekrRfCtTFEOkcN9ZO6ryyzT+DVc7
/pzSLKzNoiKBeyOz6Qd5i/DwbbTgfQKZttjnLquMLRpMfwgOZ6jlUd7l/5xkkB4X
AituhX/sY2Q7RJYkrdi6l3z9XV8LBEm2lljgxbh/OXOB2xQ6KhJgC8dzssU7wnbL
xMALwBDxVwX7xM4D/qJ65izXjSCNK04dIuMJpQjY0wsskSE+FpQsmc+jLVsNwPY1
dcDN7b+XF+l2RtM8xbBECFp7PhTq2FpR8GOB88X3I6mo9GshbwQwyU0DpPYTIFXw
Y9momcG2AwY4SSRH9SIedJL77bsfb0rWcmIAD8GKrBbfthXmag==
-----END CERTIFICATE-----
Generated at Sat Nov 9 08:24:32 2024 by rpki-client on console-ams.rpki-client.org