Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/3138352e3233342e3231332e302f32342d3234203d3e20393137.roa
File:                     3138352e3233342e3231332e302f32342d3234203d3e20393137.roa (raw, json)
Hash identifier:          AAA470kRoki3+LnuE3Cis1pKiOnM+lBGsV4K85diJZY=
Subject key identifier:   52:E7:C8:BC:41:3C:E2:7E:D6:F8:3D:C2:F8:F4:B5:4A:79:56:D3:BD
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       07A2C71A1385305102AA1C02CB106FF7F8AE1848
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/3138352e3233342e3231332e302f32342d3234203d3e20393137.roa
Signing time:             Sun 03 Dec 2023 21:38:18 +0000
ROA not before:           Sun 03 Dec 2023 21:33:18 +0000
ROA not after:            Sun 01 Dec 2024 21:38:18 +0000
asID:                     917
IP address blocks:        185.234.213.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 21:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:a2:c7:1a:13:85:30:51:02:aa:1c:02:cb:10:6f:f7:f8:ae:18:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec  3 21:33:18 2023 GMT
            Not After : Dec  1 21:38:18 2024 GMT
        Subject: CN=52E7C8BC413CE27ED6F83DC2F8F4B54A7956D3BD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:dd:f7:f0:68:75:51:e2:73:05:d7:c0:e0:8d:
                    62:69:1b:7f:ad:02:70:1f:7f:2f:b4:1d:e2:1a:fc:
                    0a:fc:95:16:6a:a6:90:18:b4:63:50:d7:06:74:78:
                    de:77:72:aa:f0:fd:c5:7d:d8:f5:b5:9e:bf:2c:18:
                    18:45:bb:fb:8a:57:e7:c8:52:d0:0a:a9:9a:0f:6e:
                    2f:3f:6b:7c:18:3b:1f:ed:fa:9b:77:b9:ba:d6:66:
                    8c:d6:6b:92:3d:17:11:73:32:07:d7:f2:cb:47:b0:
                    03:bf:7f:b0:8f:a7:2a:b9:90:2e:81:39:92:44:07:
                    f3:5c:87:d5:69:66:6a:59:a5:48:48:3d:1a:d4:64:
                    13:6b:d5:02:02:d9:91:20:0b:f2:53:29:c1:19:43:
                    76:2e:f5:65:0a:4d:44:09:82:66:8c:1c:7b:b8:a5:
                    26:24:7e:b2:7a:fb:c2:ec:5c:d5:9e:dd:ed:f8:fc:
                    3b:11:ef:72:34:e7:6c:57:f1:de:2a:cc:b9:58:1c:
                    8f:6c:d4:07:cc:1c:29:27:c2:18:3a:d2:7f:db:0c:
                    7a:7c:87:82:0b:89:41:59:a8:b3:ab:8a:83:db:ea:
                    0b:95:2b:b3:0e:4e:54:44:7f:7e:c7:59:36:24:c2:
                    46:f3:84:b3:90:82:a9:de:bb:cc:8b:9b:ec:14:f2:
                    04:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:E7:C8:BC:41:3C:E2:7E:D6:F8:3D:C2:F8:F4:B5:4A:79:56:D3:BD
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/3138352e3233342e3231332e302f32342d3234203d3e20393137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bc:52:67:3a:f5:ce:b8:6d:67:cc:28:29:06:8e:a5:f6:bb:6c:
         46:f5:05:d9:30:c2:7a:03:ff:dd:dd:6c:d9:95:d7:65:00:ad:
         07:69:70:c3:58:c1:ec:76:67:9b:49:29:db:02:ba:e3:78:26:
         e9:01:f6:aa:b6:82:55:66:58:33:3c:cb:26:2f:b5:71:38:58:
         c5:d6:d9:a0:2d:df:fe:99:d1:bb:c7:98:c1:9a:0e:1f:80:37:
         78:4d:a9:46:0b:b4:a3:b7:aa:78:9f:39:cd:c1:cf:02:f4:99:
         f9:24:4c:d0:50:5d:b9:f0:83:e0:92:92:d5:02:e3:9c:bd:f4:
         42:2c:90:3b:18:f3:ea:65:ca:68:f9:20:81:a9:ea:1f:f6:0c:
         79:48:be:e6:a5:e4:8d:41:2a:b0:36:6a:13:15:51:e5:e2:c0:
         80:c1:7a:f9:cf:9f:77:0d:ba:30:54:e1:60:0e:22:f7:a9:3f:
         b2:38:c2:6b:eb:82:69:cd:06:e9:73:89:e1:ac:0e:da:25:cf:
         f0:d9:18:8e:37:0b:28:7c:f1:59:c8:79:59:c5:54:31:1a:d7:
         ae:6f:51:45:4e:f5:2d:30:23:fc:6e:29:2d:f7:42:b9:72:aa:
         42:e8:14:09:d4:51:d3:4e:5c:46:ea:04:e5:71:c3:2c:dc:8c:
         d7:6f:42:71
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUB6LHGhOFMFECqhwCyxBv9/iuGEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMDMyMTMzMThaFw0yNDEyMDEyMTM4MThaMDMxMTAvBgNV
BAMTKDUyRTdDOEJDNDEzQ0UyN0VENkY4M0RDMkY4RjRCNTRBNzk1NkQzQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr3ffwaHVR4nMF18DgjWJpG3+t
AnAffy+0HeIa/Ar8lRZqppAYtGNQ1wZ0eN53cqrw/cV92PW1nr8sGBhFu/uKV+fI
UtAKqZoPbi8/a3wYOx/t+pt3ubrWZozWa5I9FxFzMgfX8stHsAO/f7CPpyq5kC6B
OZJEB/Nch9VpZmpZpUhIPRrUZBNr1QIC2ZEgC/JTKcEZQ3Yu9WUKTUQJgmaMHHu4
pSYkfrJ6+8LsXNWe3e34/DsR73I052xX8d4qzLlYHI9s1AfMHCknwhg60n/bDHp8
h4ILiUFZqLOrioPb6guVK7MOTlREf37HWTYkwkbzhLOQgqneu8yLm+wU8gRZAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUUufIvEE84n7W+D3C+PS1SnlW070wHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMHgGCCsGAQUFBwELBGwwajBoBggrBgEFBQcwC4ZccnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvMzEzODM1MmUzMjMzMzQyZTMyMzEzMzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnq1TANBgkqhkiG
9w0BAQsFAAOCAQEAvFJnOvXOuG1nzCgpBo6l9rtsRvUF2TDCegP/3d1s2ZXXZQCt
B2lww1jB7HZnm0kp2wK643gm6QH2qraCVWZYMzzLJi+1cThYxdbZoC3f/pnRu8eY
wZoOH4A3eE2pRgu0o7eqeJ85zcHPAvSZ+SRM0FBdufCD4JKS1QLjnL30QiyQOxjz
6mXKaPkgganqH/YMeUi+5qXkjUEqsDZqExVR5eLAgMF6+c+fdw26MFThYA4i96k/
sjjCa+uCac0G6XOJ4awO2iXP8NkYjjcLKHzxWch5WcVUMRrXrm9RRU71LTAj/G4p
LfdCuXKqQugUCdRR005cRuoE5XHDLNyM129CcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org