Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/3138352e3230392e38372e302f32342d3234203d3e20323037313933.roa
File:                     3138352e3230392e38372e302f32342d3234203d3e20323037313933.roa (raw, json)
Hash identifier:          3zhQlNV46iU9Nqjp0Z97bT7Xk+3rXzT37DQdn1kM4AY=
Subject key identifier:   EF:56:1A:33:99:B1:FD:28:59:B5:C5:D5:8F:F7:6B:E7:8C:02:88:BF
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       0E35C04D6237957AA160140446FB607A111DEB15
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/3138352e3230392e38372e302f32342d3234203d3e20323037313933.roa
Signing time:             Sun 03 Dec 2023 21:38:21 +0000
ROA not before:           Sun 03 Dec 2023 21:33:21 +0000
ROA not after:            Sun 01 Dec 2024 21:38:21 +0000
asID:                     207193
IP address blocks:        185.209.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 21:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:35:c0:4d:62:37:95:7a:a1:60:14:04:46:fb:60:7a:11:1d:eb:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec  3 21:33:21 2023 GMT
            Not After : Dec  1 21:38:21 2024 GMT
        Subject: CN=EF561A3399B1FD2859B5C5D58FF76BE78C0288BF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:49:7f:83:37:1e:5b:d7:5f:54:ba:e8:6d:01:
                    28:df:73:3d:95:28:be:43:d3:53:63:e3:37:5b:e7:
                    6b:75:05:03:68:86:16:c6:b2:27:d8:54:9c:d0:e3:
                    8c:9a:72:fa:1c:54:34:1e:02:c8:4f:e5:31:6d:f8:
                    9c:d3:7a:69:9c:a6:6a:ae:97:73:76:7f:8b:e1:60:
                    6d:bb:d6:d1:33:d1:53:cf:f2:d0:7c:6f:13:ff:fd:
                    0b:cf:92:a3:c7:de:7a:83:66:f9:97:fa:80:f3:34:
                    6c:64:c2:f3:72:37:76:5d:c8:f8:a8:f9:76:47:20:
                    3d:fb:76:29:a6:f5:b0:ab:85:e9:a6:b7:33:8c:b3:
                    85:eb:cb:c9:77:3c:0a:17:cc:96:f7:2a:52:ee:02:
                    e2:1d:f6:90:bb:cb:c4:43:7a:60:c4:77:74:eb:ec:
                    6a:8a:75:61:0a:b2:c7:cf:64:39:28:e9:24:16:a6:
                    fb:f4:0a:91:e1:48:fe:4e:22:b3:3f:57:a9:11:80:
                    ff:9a:74:08:4e:0d:0d:dd:61:46:f9:59:df:db:1b:
                    ac:78:9d:50:b3:d3:f1:b9:46:c9:75:4e:5c:1e:dd:
                    d0:50:b4:c8:fc:b8:c3:22:e0:5c:24:51:9a:b7:e2:
                    cf:d1:45:92:ba:83:9a:28:c2:99:f0:d7:ab:74:04:
                    93:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:56:1A:33:99:B1:FD:28:59:B5:C5:D5:8F:F7:6B:E7:8C:02:88:BF
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/3138352e3230392e38372e302f32342d3234203d3e20323037313933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.209.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:e2:6a:e6:79:14:08:07:90:03:60:32:d4:2a:13:8d:5a:22:
         8c:84:86:2a:c9:f3:ae:ef:2d:6e:ff:66:1c:d0:62:cc:5a:a0:
         e1:f6:7c:fa:7f:20:ad:29:8c:19:e8:ea:33:c3:8c:b7:01:f8:
         b8:5f:40:b7:d3:0c:62:3e:ea:fe:5c:7a:68:b8:61:aa:f4:4a:
         15:70:85:bb:ce:50:5a:ed:01:78:51:2b:80:30:f0:18:ac:40:
         11:85:27:65:61:91:ab:22:3d:88:5d:92:3f:9f:a4:8e:c7:ff:
         f5:d2:d4:4f:73:f9:07:86:e5:c7:70:fe:0d:13:91:74:d0:76:
         0d:a4:64:f8:73:45:e0:8f:8d:71:3e:2d:4d:d3:06:3a:7b:5f:
         a1:85:f4:d8:c3:34:39:40:0a:1c:23:8e:74:45:05:cc:91:26:
         2a:b1:ad:57:09:30:e3:fc:b1:2c:39:b1:d7:2e:9a:52:bb:95:
         61:ef:aa:b3:70:fe:48:0e:7b:ab:c2:51:7b:c6:be:38:6d:d3:
         52:d0:a7:63:2f:aa:eb:38:03:ab:14:0b:33:60:d6:ff:36:bf:
         a6:f5:dc:40:c7:8f:d8:fc:e7:ab:fa:f0:04:b2:65:92:fc:ac:
         17:09:09:04:5b:11:41:bf:be:9c:8e:d4:7f:e4:e4:8c:dc:12:
         8a:27:30:59
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIUDjXATWI3lXqhYBQERvtgehEd6xUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMDMyMTMzMjFaFw0yNDEyMDEyMTM4MjFaMDMxMTAvBgNV
BAMTKEVGNTYxQTMzOTlCMUZEMjg1OUI1QzVENThGRjc2QkU3OEMwMjg4QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdSX+DNx5b119UuuhtASjfcz2V
KL5D01Nj4zdb52t1BQNohhbGsifYVJzQ44yacvocVDQeAshP5TFt+JzTemmcpmqu
l3N2f4vhYG271tEz0VPP8tB8bxP//QvPkqPH3nqDZvmX+oDzNGxkwvNyN3ZdyPio
+XZHID37dimm9bCrhemmtzOMs4Xry8l3PAoXzJb3KlLuAuId9pC7y8RDemDEd3Tr
7GqKdWEKssfPZDko6SQWpvv0CpHhSP5OIrM/V6kRgP+adAhODQ3dYUb5Wd/bG6x4
nVCz0/G5Rsl1Tlwe3dBQtMj8uMMi4FwkUZq34s/RRZK6g5oowpnw16t0BJNzAgMB
AAGjggHWMIIB0jAdBgNVHQ4EFgQU71YaM5mx/ShZtcXVj/dr54wCiL8wHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMHwGCCsGAQUFBwELBHAwbjBsBggrBgEFBQcwC4ZgcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvMzEzODM1MmUzMjMwMzkyZTM4MzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTM5MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC50VcwDQYJ
KoZIhvcNAQELBQADggEBAKbiauZ5FAgHkANgMtQqE41aIoyEhirJ867vLW7/ZhzQ
YsxaoOH2fPp/IK0pjBno6jPDjLcB+LhfQLfTDGI+6v5cemi4Yar0ShVwhbvOUFrt
AXhRK4Aw8BisQBGFJ2VhkasiPYhdkj+fpI7H//XS1E9z+QeG5cdw/g0TkXTQdg2k
ZPhzReCPjXE+LU3TBjp7X6GF9NjDNDlAChwjjnRFBcyRJiqxrVcJMOP8sSw5sdcu
mlK7lWHvqrNw/kgOe6vCUXvGvjht01LQp2Mvqus4A6sUCzNg1v82v6b13EDHj9j8
56v68ASyZZL8rBcJCQRbEUG/vpyO1H/k5IzcEoonMFk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org