Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/3138382e3234342e39382e302f32332d3234203d3e203530303639.roa
File:                     3138382e3234342e39382e302f32332d3234203d3e203530303639.roa (raw, json)
Hash identifier:          0axSUlGBWg2Imh4V/pQwgCL1n48bZrLSS5BFhIveeW4=
Subject key identifier:   E4:6D:29:C3:71:8C:8E:F6:62:C8:DF:C6:CC:5A:1C:F3:04:77:B2:CF
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       37804104689F1322084B9454C7DCA3EE1E35A305
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/3138382e3234342e39382e302f32332d3234203d3e203530303639.roa
Signing time:             Sun 03 Dec 2023 21:38:23 +0000
ROA not before:           Sun 03 Dec 2023 21:33:23 +0000
ROA not after:            Sun 01 Dec 2024 21:38:23 +0000
asID:                     50069
IP address blocks:        188.244.98.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 21:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:80:41:04:68:9f:13:22:08:4b:94:54:c7:dc:a3:ee:1e:35:a3:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec  3 21:33:23 2023 GMT
            Not After : Dec  1 21:38:23 2024 GMT
        Subject: CN=E46D29C3718C8EF662C8DFC6CC5A1CF30477B2CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a8:f4:76:9e:8b:c9:fa:34:44:2f:c4:d9:8f:
                    04:7b:41:5a:27:59:bc:e9:2d:a1:7b:48:84:0f:5b:
                    10:84:28:c5:41:ca:ef:68:cd:bf:2f:2e:e3:d1:0d:
                    b9:46:70:28:8f:49:76:41:7e:86:fb:c0:31:fd:1b:
                    e8:19:c1:9f:be:89:4e:7d:6c:97:a8:29:cc:04:a4:
                    94:04:1d:64:7f:61:c1:05:30:8c:57:ae:33:50:aa:
                    f9:1f:95:c8:99:60:c1:16:79:1d:fb:4b:68:25:14:
                    ae:7a:9f:2c:7f:cc:d9:45:b5:ee:c1:bb:b4:29:6a:
                    d0:60:07:dc:56:86:8b:d1:d4:bc:b1:f4:12:3d:66:
                    d9:31:a1:fe:99:0b:b7:79:7e:ed:ba:69:10:3e:d0:
                    7e:a4:a4:ed:47:11:dd:7d:f8:b9:37:de:18:71:01:
                    0e:2d:f3:2a:da:ac:f7:04:82:03:e7:8b:71:4b:ea:
                    35:d4:5f:a9:e0:9c:9a:27:22:79:18:18:33:bd:e2:
                    73:17:e9:be:03:83:90:20:3e:84:5d:bd:72:54:43:
                    20:f8:8c:ef:ef:1d:79:2a:0d:8f:79:d9:d3:fe:19:
                    af:f6:52:10:98:3a:79:b1:44:61:06:d4:26:80:bd:
                    87:f7:72:d2:a0:19:2f:c2:57:ab:73:f6:0f:00:d1:
                    ef:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:6D:29:C3:71:8C:8E:F6:62:C8:DF:C6:CC:5A:1C:F3:04:77:B2:CF
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/3138382e3234342e39382e302f32332d3234203d3e203530303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.244.98.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b2:f3:6a:da:4a:bb:76:3a:87:56:c0:16:83:d8:ca:18:f1:09:
         3f:79:c1:85:65:b0:43:36:c4:cf:cf:dc:f2:25:3b:68:82:14:
         1d:61:31:59:e9:42:0c:c5:8b:01:69:34:ba:a4:29:a2:bd:c7:
         0f:ef:3f:29:36:1f:49:55:ef:31:46:06:d6:97:71:de:2a:09:
         cd:84:5d:ca:dd:80:fe:db:27:8f:7b:12:ed:76:f1:61:a2:27:
         c3:3a:34:fb:bc:73:8b:65:c2:f8:e5:bd:bf:84:b2:3f:ca:6a:
         28:fb:cc:e2:12:3d:7a:38:f7:52:b8:dd:1a:71:c4:89:34:34:
         37:6e:df:ae:9a:21:1e:33:62:44:78:10:34:7a:e5:23:3c:5a:
         e8:71:19:b1:7a:c6:99:4f:40:2b:0a:d8:93:9e:01:60:4a:cc:
         af:5e:2a:cd:4a:4e:b9:3a:a4:f3:45:55:c2:93:7c:91:10:cb:
         ae:23:3e:e8:0c:1a:1b:10:9f:9d:8a:7f:57:26:7b:25:78:ff:
         b8:f4:cf:0c:d1:9a:70:e0:74:28:3f:75:fe:65:d0:d1:bc:c9:
         22:d0:5c:a6:b3:ce:4c:c2:6f:8a:d0:dc:02:92:fc:ce:ab:33:
         ca:bf:2d:39:28:fb:67:0e:f0:b1:f1:8b:c2:45:60:ff:37:12:
         c3:7f:77:e4
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIUN4BBBGifEyIIS5RUx9yj7h41owUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMDMyMTMzMjNaFw0yNDEyMDEyMTM4MjNaMDMxMTAvBgNV
BAMTKEU0NkQyOUMzNzE4QzhFRjY2MkM4REZDNkNDNUExQ0YzMDQ3N0IyQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbqPR2novJ+jREL8TZjwR7QVon
WbzpLaF7SIQPWxCEKMVByu9ozb8vLuPRDblGcCiPSXZBfob7wDH9G+gZwZ++iU59
bJeoKcwEpJQEHWR/YcEFMIxXrjNQqvkflciZYMEWeR37S2glFK56nyx/zNlFte7B
u7QpatBgB9xWhovR1Lyx9BI9Ztkxof6ZC7d5fu26aRA+0H6kpO1HEd19+Lk33hhx
AQ4t8yrarPcEggPni3FL6jXUX6ngnJonInkYGDO94nMX6b4Dg5AgPoRdvXJUQyD4
jO/vHXkqDY952dP+Ga/2UhCYOnmxRGEG1CaAvYf3ctKgGS/CV6tz9g8A0e/vAgMB
AAGjggHUMIIB0DAdBgNVHQ4EFgQU5G0pw3GMjvZiyN/GzFoc8wR3ss8wHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMHoGCCsGAQUFBwELBG4wbDBqBggrBgEFBQcwC4ZecnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvMzEzODM4MmUzMjM0MzQyZTM5MzgyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzNTMwMzAzNjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvPRiMA0GCSqG
SIb3DQEBCwUAA4IBAQCy82raSrt2OodWwBaD2MoY8Qk/ecGFZbBDNsTPz9zyJTto
ghQdYTFZ6UIMxYsBaTS6pCmivccP7z8pNh9JVe8xRgbWl3HeKgnNhF3K3YD+2yeP
exLtdvFhoifDOjT7vHOLZcL45b2/hLI/ymoo+8ziEj16OPdSuN0accSJNDQ3bt+u
miEeM2JEeBA0euUjPFrocRmxesaZT0ArCtiTngFgSsyvXirNSk65OqTzRVXCk3yR
EMuuIz7oDBobEJ+din9XJnsleP+49M8M0Zpw4HQoP3X+ZdDRvMki0Fyms85Mwm+K
0NwCkvzOqzPKvy05KPtnDvCx8YvCRWD/NxLDf3fk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org