Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/326130663a336230333a3a2f33322d3438203d3e203538333133.roa
File:                     326130663a336230333a3a2f33322d3438203d3e203538333133.roa (raw, json)
Hash identifier:          d7s7cdxJQ/ZnnQgYTwewd30RtycytMvie1GGpq/msyw=
Subject key identifier:   16:6D:8E:63:38:A0:0F:82:B4:43:2F:0E:0A:4E:C6:FD:AC:01:8F:67
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       0886857175FBA24991E2422915D5CE3DAACFE536
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/326130663a336230333a3a2f33322d3438203d3e203538333133.roa
Signing time:             Sun 03 Dec 2023 21:38:17 +0000
ROA not before:           Sun 03 Dec 2023 21:33:17 +0000
ROA not after:            Sun 01 Dec 2024 21:38:17 +0000
asID:                     58313
IP address blocks:        2a0f:3b03::/32 maxlen: 48

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 21:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:86:85:71:75:fb:a2:49:91:e2:42:29:15:d5:ce:3d:aa:cf:e5:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec  3 21:33:17 2023 GMT
            Not After : Dec  1 21:38:17 2024 GMT
        Subject: CN=166D8E6338A00F82B4432F0E0A4EC6FDAC018F67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:7d:11:f4:2d:b3:fe:c0:df:33:44:13:fd:59:
                    c4:69:47:3a:84:4d:ba:0d:fa:a1:7c:44:bb:18:ab:
                    5a:5e:04:02:8e:fe:64:7e:1e:41:54:1a:10:3c:4e:
                    9c:54:6b:af:af:27:80:c1:89:3b:ab:14:2a:f4:1e:
                    37:e7:b2:32:b5:6f:b2:bf:97:53:a8:ef:af:37:c9:
                    ef:69:ad:6d:d2:b0:46:b0:cb:ad:8c:54:ca:90:d6:
                    77:88:6f:78:c2:1c:47:60:bc:cf:cb:fb:c2:b9:c2:
                    7d:ff:5d:53:47:97:9b:88:34:03:8e:62:15:ab:94:
                    20:54:42:b3:e1:db:af:5f:36:84:8f:eb:1f:55:ae:
                    e0:ca:a1:4e:46:d1:7e:50:b6:60:39:2f:73:ca:12:
                    53:ca:e1:92:3c:81:fa:32:c0:3a:c2:78:35:0d:f2:
                    a8:2b:10:85:4a:bc:30:54:0f:8b:43:57:55:98:0c:
                    97:01:04:d0:35:c9:7c:74:dc:c7:34:f5:0d:70:0c:
                    17:3d:81:76:eb:d7:d8:ec:5b:71:b7:22:ad:5a:96:
                    97:a9:d5:25:c6:12:80:f9:64:ea:79:30:d2:83:f4:
                    19:9e:34:e9:4e:c2:3d:36:42:43:c7:b5:8e:60:e2:
                    db:22:c8:44:c1:75:84:ec:af:13:cc:dc:4f:2c:a3:
                    d9:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:6D:8E:63:38:A0:0F:82:B4:43:2F:0E:0A:4E:C6:FD:AC:01:8F:67
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/326130663a336230333a3a2f33322d3438203d3e203538333133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:3b03::/32

    Signature Algorithm: sha256WithRSAEncryption
         aa:c2:1e:5b:52:ae:71:fc:1a:5f:c7:58:40:1a:1b:b1:34:f7:
         85:be:8f:0a:e2:5d:5d:cd:ea:42:0e:5c:4e:d6:c6:4d:e2:8c:
         1d:c5:83:4e:c2:8a:d2:05:da:48:8f:98:7f:3b:0a:46:a5:fc:
         61:42:c2:aa:4c:e0:be:23:8f:7f:ef:9d:d9:41:f5:4c:c1:4c:
         28:1b:49:0a:d6:e1:0f:33:c4:82:e6:04:fb:6a:00:bd:4d:8b:
         ed:5b:e9:f3:d3:7a:77:e2:59:ec:08:f7:a5:66:14:81:ed:95:
         db:e3:c8:88:d1:6c:f8:65:5f:f5:eb:05:c1:d6:2d:0a:98:1a:
         24:13:6e:d5:b0:65:dd:29:1c:91:cd:11:90:20:e0:29:c7:5c:
         aa:6b:72:15:b2:62:ec:9d:eb:b3:7b:9e:35:dd:8c:2e:f4:10:
         32:20:3c:5a:9d:1b:a3:5c:ee:71:e4:54:7d:d2:e7:2e:7c:d1:
         ce:f1:a0:1d:fb:a0:6a:d6:db:4d:18:5d:67:c7:c0:86:dd:ff:
         d4:5f:45:96:23:1d:25:f1:f7:f9:3f:60:85:3e:a7:91:f2:c7:
         43:83:35:ee:8d:17:fb:17:97:da:0e:f2:42:8a:0b:d2:ce:47:
         2e:99:b3:1d:48:f0:55:db:a0:6c:46:3c:9f:f7:45:2b:3c:1c:
         b7:42:37:30
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUCIaFcXX7okmR4kIpFdXOParP5TYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMDMyMTMzMTdaFw0yNDEyMDEyMTM4MTdaMDMxMTAvBgNV
BAMTKDE2NkQ4RTYzMzhBMDBGODJCNDQzMkYwRTBBNEVDNkZEQUMwMThGNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3fRH0LbP+wN8zRBP9WcRpRzqE
TboN+qF8RLsYq1peBAKO/mR+HkFUGhA8TpxUa6+vJ4DBiTurFCr0HjfnsjK1b7K/
l1Oo7683ye9prW3SsEawy62MVMqQ1neIb3jCHEdgvM/L+8K5wn3/XVNHl5uINAOO
YhWrlCBUQrPh269fNoSP6x9VruDKoU5G0X5QtmA5L3PKElPK4ZI8gfoywDrCeDUN
8qgrEIVKvDBUD4tDV1WYDJcBBNA1yXx03Mc09Q1wDBc9gXbr19jsW3G3Iq1alpep
1SXGEoD5ZOp5MNKD9BmeNOlOwj02QkPHtY5g4tsiyETBdYTsrxPM3E8so9mLAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUFm2OYzigD4K0Qy8OCk7G/awBj2cwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMHgGCCsGAQUFBwELBGwwajBoBggrBgEFBQcwC4ZccnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvMzI2MTMwNjYzYTMzNjIzMDMzM2EzYTJmMzMz
MjJkMzQzODIwM2QzZTIwMzUzODMzMzEzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoPOwMwDQYJKoZI
hvcNAQELBQADggEBAKrCHltSrnH8Gl/HWEAaG7E094W+jwriXV3N6kIOXE7Wxk3i
jB3Fg07CitIF2kiPmH87Ckal/GFCwqpM4L4jj3/vndlB9UzBTCgbSQrW4Q8zxILm
BPtqAL1Ni+1b6fPTenfiWewI96VmFIHtldvjyIjRbPhlX/XrBcHWLQqYGiQTbtWw
Zd0pHJHNEZAg4CnHXKprchWyYuyd67N7njXdjC70EDIgPFqdG6Nc7nHkVH3S5y58
0c7xoB37oGrW200YXWfHwIbd/9RfRZYjHSXx9/k/YIU+p5Hyx0ODNe6NF/sXl9oO
8kKKC9LORy6Zsx1I8FXboGxGPJ/3RSs8HLdCNzA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org