Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/326130623a343334323a3a2f33322d3438203d3e20393137.roa
File:                     326130623a343334323a3a2f33322d3438203d3e20393137.roa (raw, json)
Hash identifier:          6QI7k4LQzShgPMAHtdIAKqKcSIa8lyf90r+LhelLtbY=
Subject key identifier:   79:B6:12:11:9E:53:5B:AD:2A:54:2B:2D:DC:14:4C:18:08:CB:3C:E2
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       7C460D931AAE71DA11EA3BD37E041605A54409A9
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/326130623a343334323a3a2f33322d3438203d3e20393137.roa
Signing time:             Sun 03 Dec 2023 21:38:19 +0000
ROA not before:           Sun 03 Dec 2023 21:33:19 +0000
ROA not after:            Sun 01 Dec 2024 21:38:19 +0000
asID:                     917
IP address blocks:        2a0b:4342::/32 maxlen: 48

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 21:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:46:0d:93:1a:ae:71:da:11:ea:3b:d3:7e:04:16:05:a5:44:09:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec  3 21:33:19 2023 GMT
            Not After : Dec  1 21:38:19 2024 GMT
        Subject: CN=79B612119E535BAD2A542B2DDC144C1808CB3CE2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:32:f5:a8:25:3a:df:59:30:9d:0e:68:9b:60:
                    86:1e:fa:64:18:46:a2:37:1b:cd:67:2f:61:c6:c8:
                    1d:58:73:88:c0:27:71:78:db:f8:aa:bc:41:0a:c7:
                    b7:13:92:26:34:cf:d0:5b:1c:fa:7d:dc:69:49:83:
                    5d:28:f5:bb:15:f6:15:8d:4e:3f:63:44:16:f2:5e:
                    b6:4a:a3:e3:ba:c5:61:51:1d:c3:6c:b5:59:ce:2c:
                    c1:ab:81:15:a6:56:cc:53:f5:d7:3c:65:1f:44:b5:
                    62:43:04:31:bd:74:f4:20:51:06:8d:d3:1e:60:90:
                    ff:76:4e:46:94:1f:f9:9f:80:0c:b4:aa:bb:c1:96:
                    fc:df:99:83:22:95:e7:a0:01:f6:38:62:21:ad:d4:
                    be:97:8c:17:ce:97:b3:0f:0e:fe:b0:fa:74:8c:28:
                    a9:11:da:e6:33:cb:cc:cb:dc:98:f1:07:85:30:79:
                    57:e8:0f:28:06:90:30:82:cb:2e:6b:78:1c:d8:4a:
                    90:39:79:c9:9c:14:c2:f5:83:2a:61:8a:a1:50:72:
                    56:c9:62:ce:62:ea:ca:f9:8e:a4:b8:fb:72:6b:aa:
                    ca:38:f9:2d:b0:1e:72:47:57:af:53:fd:89:c2:fb:
                    f5:c1:df:49:21:6f:2c:93:aa:69:dd:92:da:75:3d:
                    17:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:B6:12:11:9E:53:5B:AD:2A:54:2B:2D:DC:14:4C:18:08:CB:3C:E2
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/326130623a343334323a3a2f33322d3438203d3e20393137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4342::/32

    Signature Algorithm: sha256WithRSAEncryption
         49:4b:74:e2:d9:9f:60:23:6d:a1:da:51:68:b8:11:b5:01:ab:
         6b:c3:9e:8a:fd:6f:c3:b2:64:6b:26:d1:73:4a:00:24:50:86:
         85:97:d3:fd:79:91:90:d1:16:6b:9c:be:4e:be:6b:b5:e1:66:
         c4:28:b8:a2:98:fe:8c:01:20:03:35:5b:af:08:92:05:b3:f3:
         50:3c:bf:31:a7:48:90:c3:ec:69:da:af:00:7f:72:7e:70:2a:
         67:c3:6a:44:da:e4:8f:8e:64:5b:62:39:c5:8f:4d:bb:bc:51:
         14:79:91:bd:1c:db:0d:c8:15:5c:86:a5:43:2a:c1:b6:ab:57:
         46:27:ca:fe:d1:e1:6a:60:7a:5e:5e:c1:3e:8c:fe:02:24:b1:
         b4:28:bd:6e:af:f9:2e:98:ac:8b:07:39:ed:76:c5:12:84:7f:
         5b:16:73:c7:e4:33:46:ea:ee:62:a0:a2:9f:d5:f8:3a:fc:70:
         4e:47:e7:71:02:ff:ff:2d:c8:17:ea:bb:a6:0b:01:bb:3b:33:
         e1:d5:8e:0c:2f:06:40:35:3c:07:3b:3c:24:e9:f8:45:bc:6a:
         1f:29:02:f1:1e:82:87:53:02:c8:7e:34:e5:b5:88:bb:00:2f:
         a5:88:ea:1d:46:f3:de:14:93:68:09:a4:a8:b9:b1:66:c2:12:
         b9:4d:26:da
-----BEGIN CERTIFICATE-----
MIIExTCCA62gAwIBAgIUfEYNkxqucdoR6jvTfgQWBaVECakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMDMyMTMzMTlaFw0yNDEyMDEyMTM4MTlaMDMxMTAvBgNV
BAMTKDc5QjYxMjExOUU1MzVCQUQyQTU0MkIyRERDMTQ0QzE4MDhDQjNDRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKMvWoJTrfWTCdDmibYIYe+mQY
RqI3G81nL2HGyB1Yc4jAJ3F42/iqvEEKx7cTkiY0z9BbHPp93GlJg10o9bsV9hWN
Tj9jRBbyXrZKo+O6xWFRHcNstVnOLMGrgRWmVsxT9dc8ZR9EtWJDBDG9dPQgUQaN
0x5gkP92TkaUH/mfgAy0qrvBlvzfmYMileegAfY4YiGt1L6XjBfOl7MPDv6w+nSM
KKkR2uYzy8zL3JjxB4UweVfoDygGkDCCyy5reBzYSpA5ecmcFML1gyphiqFQclbJ
Ys5i6sr5jqS4+3Jrqso4+S2wHnJHV69T/YnC+/XB30khbyyTqmndktp1PReHAgMB
AAGjggHPMIIByzAdBgNVHQ4EFgQUebYSEZ5TW60qVCst3BRMGAjLPOIwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMHQGCCsGAQUFBwELBGgwZjBkBggrBgEFBQcwC4ZYcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvMzI2MTMwNjIzYTM0MzMzNDMyM2EzYTJmMzMz
MjJkMzQzODIwM2QzZTIwMzkzMTM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgtDQjANBgkqhkiG9w0B
AQsFAAOCAQEASUt04tmfYCNtodpRaLgRtQGra8Oeiv1vw7JkaybRc0oAJFCGhZfT
/XmRkNEWa5y+Tr5rteFmxCi4opj+jAEgAzVbrwiSBbPzUDy/MadIkMPsadqvAH9y
fnAqZ8NqRNrkj45kW2I5xY9Nu7xRFHmRvRzbDcgVXIalQyrBtqtXRifK/tHhamB6
Xl7BPoz+AiSxtCi9bq/5Lpisiwc57XbFEoR/WxZzx+QzRuruYqCin9X4OvxwTkfn
cQL//y3IF+q7pgsBuzsz4dWODC8GQDU8Bzs8JOn4RbxqHykC8R6Ch1MCyH405bWI
uwAvpYjqHUbz3hSTaAmkqLmxZsISuU0m2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org