Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FF74C/709E8022289E11EF88799A067DDC24C2/AC44CC902A4111EF94814F237DDC24C2.roa
File:                     AC44CC902A4111EF94814F237DDC24C2.roa (raw, json)
Hash identifier:          QGP2ZCvILA7MYi7du2VhmWznz0lIEprwXq86Xm5Lmwk=
Subject key identifier:   C8:F7:CD:DE:6F:1A:15:86:91:FA:71:A0:74:70:F3:C3:DB:D5:25:BC
Certificate issuer:       /CN=F36FF74CAF/serialNumber=78F0A3D3BAC49A14884763D937D3CA1920953B15
Certificate serial:       08
Authority key identifier: 78:F0:A3:D3:BA:C4:9A:14:88:47:63:D9:37:D3:CA:19:20:95:3B:15
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/ePCj07rEmhSIR2PZN9PKGSCVOxU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FF74C/709E8022289E11EF88799A067DDC24C2/AC44CC902A4111EF94814F237DDC24C2.roa
Signing time:             Fri 14 Jun 2024 11:31:42 +0000
ROA not before:           Fri 14 Jun 2024 11:31:39 +0000
ROA not after:            Sat 01 Jun 2030 11:31:39 +0000
asID:                     37088
IP address blocks:        102.67.32.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Jun 2024 13:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8 (0x8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FF74CAF/serialNumber=78F0A3D3BAC49A14884763D937D3CA1920953B15
        Validity
            Not Before: Jun 14 11:31:39 2024 GMT
            Not After : Jun  1 11:31:39 2030 GMT
        Subject: CN=666c2a1e-ee49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:18:73:1d:a2:9b:53:09:2b:2e:3f:a0:52:14:
                    6a:bc:98:06:fc:00:64:89:02:79:b8:d4:7c:0e:4b:
                    05:b8:dd:01:03:35:ac:78:68:e9:77:55:b7:0e:36:
                    5f:45:cf:54:82:92:bb:f4:5b:cf:fd:c0:35:50:7a:
                    6f:f4:4e:52:71:f2:08:60:87:c0:2c:c6:ca:14:96:
                    a9:73:af:25:d9:19:0e:dc:75:dd:54:53:ff:c7:70:
                    0a:b1:4d:99:1b:79:b8:e2:4d:af:78:00:6f:24:3a:
                    92:77:42:b5:4f:50:b5:06:b5:4a:79:0c:d6:c5:16:
                    d1:1b:bb:f4:2f:f8:35:d7:e0:89:c6:b2:77:3d:c8:
                    c7:7e:bb:14:8c:98:33:dc:7e:77:2f:79:83:b4:f6:
                    80:92:b0:36:9c:86:f8:e4:b4:b1:53:78:1c:53:a6:
                    c8:3b:ab:7a:e2:88:54:e9:51:08:f1:18:e2:ee:78:
                    84:c8:dc:ff:0b:e4:7d:50:05:6f:dd:72:ba:a2:1e:
                    2e:44:17:86:16:b6:55:0e:99:58:a2:26:65:d3:d6:
                    e6:75:d3:06:39:65:ac:a0:95:9c:24:ce:72:07:34:
                    a6:a4:53:34:70:dc:48:45:98:27:fb:40:1d:1b:73:
                    0f:d6:f8:45:ab:9e:6f:e0:48:8a:ee:db:8b:d1:b6:
                    50:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:F7:CD:DE:6F:1A:15:86:91:FA:71:A0:74:70:F3:C3:DB:D5:25:BC
            X509v3 Authority Key Identifier:
                keyid:78:F0:A3:D3:BA:C4:9A:14:88:47:63:D9:37:D3:CA:19:20:95:3B:15

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FF74C/709E8022289E11EF88799A067DDC24C2/ePCj07rEmhSIR2PZN9PKGSCVOxU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ePCj07rEmhSIR2PZN9PKGSCVOxU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FF74C/709E8022289E11EF88799A067DDC24C2/AC44CC902A4111EF94814F237DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.67.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         c0:b5:67:05:04:12:02:ef:b6:76:36:83:a7:36:07:89:1c:7e:
         52:53:56:f8:36:a8:f1:75:97:56:32:18:fc:39:26:b0:0f:fa:
         a9:ee:a3:4c:08:93:0c:b4:f8:cb:eb:ea:4c:a7:a6:7a:85:33:
         7f:86:3e:b0:de:63:17:5f:7d:6d:38:32:e9:a0:2b:b5:93:05:
         b6:a6:ff:5b:bb:7a:50:f9:2d:1b:53:79:41:de:03:0e:cc:9c:
         b9:ec:77:11:89:32:68:03:d7:e1:7b:b0:28:87:d8:cf:45:8b:
         5d:33:fb:5b:96:c8:b5:01:83:9b:24:01:29:d2:d6:d4:ce:07:
         f5:b8:e2:6a:69:36:6d:36:12:f8:04:c5:66:3d:38:2f:58:28:
         8b:60:1c:f1:81:e1:ae:5b:b3:d3:36:b1:5b:d9:59:b9:ce:ed:
         2c:dd:79:d6:a0:4f:51:88:61:b1:3a:29:79:0b:0f:c5:66:28:
         8f:b0:b0:64:85:48:55:74:99:61:18:9e:2b:4a:46:c8:0a:73:
         57:6e:6e:57:3b:06:2d:61:12:c6:0d:8e:c3:f8:3f:99:99:6f:
         61:5d:1d:06:23:2b:84:b9:b0:e1:2d:93:95:ee:52:c7:a3:fc:
         c4:65:a8:19:59:c6:62:10:cd:d7:c4:74:9e:13:8a:44:d2:8e:
         97:38:98:4c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
Rjc0Q0FGMTEwLwYDVQQFEyg3OEYwQTNEM0JBQzQ5QTE0ODg0NzYzRDkzN0QzQ0Ex
OTIwOTUzQjE1MB4XDTI0MDYxNDExMzEzOVoXDTMwMDYwMTExMzEzOVowGDEWMBQG
A1UEAxMNNjY2YzJhMWUtZWU0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOkYcx2im1MJKy4/oFIUaryYBvwAZIkCebjUfA5LBbjdAQM1rHho6XdVtw42
X0XPVIKSu/Rbz/3ANVB6b/ROUnHyCGCHwCzGyhSWqXOvJdkZDtx13VRT/8dwCrFN
mRt5uOJNr3gAbyQ6kndCtU9QtQa1SnkM1sUW0Ru79C/4Ndfgicaydz3Ix367FIyY
M9x+dy95g7T2gJKwNpyG+OS0sVN4HFOmyDureuKIVOlRCPEY4u54hMjc/wvkfVAF
b91yuqIeLkQXhha2VQ6ZWKImZdPW5nXTBjllrKCVnCTOcgc0pqRTNHDcSEWYJ/tA
HRtzD9b4Raueb+BIiu7bi9G2UE0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTI983e
bxoVhpH6caB0cPPD29UlvDAfBgNVHSMEGDAWgBR48KPTusSaFIhHY9k308oZIJU7
FTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkY3NEMvNzA5RTgwMjIyODlFMTFFRjg4Nzk5QTA2N0REQzI0QzIvZVBDajA3
ckVtaFNJUjJQWk45UEtHU0NWT3hVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZVBDajA3ckVtaFNJUjJQWk45UEtHU0NWT3hVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkY3NEMvNzA5RTgwMjIyODlFMTFFRjg4Nzk5QTA2N0RE
QzI0QzIvQUM0NENDOTAyQTQxMTFFRjk0ODE0RjIzN0REQzI0QzIucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGZDIDANBgkqhkiG9w0BAQsF
AAOCAQEAwLVnBQQSAu+2djaDpzYHiRx+UlNW+Dao8XWXVjIY/DkmsA/6qe6jTAiT
DLT4y+vqTKemeoUzf4Y+sN5jF199bTgy6aArtZMFtqb/W7t6UPktG1N5Qd4DDsyc
uex3EYkyaAPX4XuwKIfYz0WLXTP7W5bItQGDmyQBKdLW1M4H9bjiamk2bTYS+ATF
Zj04L1goi2Ac8YHhrluz0zaxW9lZuc7tLN151qBPUYhhsTopeQsPxWYoj7CwZIVI
VXSZYRieK0pGyApzV25uVzsGLWESxg2Ow/g/mZlvYV0dBiMrhLmw4S2Tle5Sx6P8
xGWoGVnGYhDN18R0nhOKRNKOlziYTA==
-----END CERTIFICATE-----
Generated at Fri Jun 14 16:26:38 2024 by rpki-client on console.sobornost.net