Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3233203d3e203438303234.roa
File:                     34352e3133312e36382e302f32322d3233203d3e203438303234.roa (raw, json)
Hash identifier:          3qMHeQZ5HHcP+MtWo6xaKyGYHA2PGLawyCLDB7iY8Hk=
Subject key identifier:   2A:A6:17:38:72:76:05:B2:82:BD:E9:2E:9E:63:F9:23:E4:B2:45:3C
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       0D40A51988DDF5B0307D75D53BD39730B194AD39
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3233203d3e203438303234.roa
Signing time:             Sun 03 Dec 2023 21:38:21 +0000
ROA not before:           Sun 03 Dec 2023 21:33:21 +0000
ROA not after:            Sun 01 Dec 2024 21:38:21 +0000
asID:                     48024
IP address blocks:        45.131.68.0/22 maxlen: 23

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 21:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:40:a5:19:88:dd:f5:b0:30:7d:75:d5:3b:d3:97:30:b1:94:ad:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec  3 21:33:21 2023 GMT
            Not After : Dec  1 21:38:21 2024 GMT
        Subject: CN=2AA61738727605B282BDE92E9E63F923E4B2453C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:62:93:3b:6d:33:03:65:71:65:b2:cc:0a:a1:
                    8e:67:37:ab:d8:1e:c5:e0:0c:26:b8:52:e0:13:31:
                    40:56:9d:8f:df:fa:a2:51:e5:15:26:c8:38:3e:8b:
                    99:eb:67:f2:93:a1:b9:64:63:ec:f4:43:99:a7:69:
                    16:f5:05:b9:08:58:86:3a:b1:8a:3e:ff:c8:e5:2a:
                    05:0c:c9:b9:09:e9:25:0d:60:21:fa:99:67:d6:91:
                    05:de:ee:50:c1:2e:e6:9e:c4:4d:b0:74:42:c9:59:
                    be:4e:d4:00:6e:85:8d:f1:48:e6:f6:ea:db:94:6c:
                    7e:30:97:1d:d7:72:67:c5:3e:c0:8e:17:a8:94:16:
                    b0:8e:82:f6:c7:ce:67:e0:f9:82:35:f1:05:d6:77:
                    00:50:50:e5:29:94:76:48:c8:1f:fc:9d:0c:16:6d:
                    9c:81:f9:71:2a:39:66:47:4c:09:c4:b5:a1:e7:02:
                    aa:eb:3e:8b:07:65:13:40:bf:c7:75:6b:22:1a:2d:
                    49:4b:25:55:34:9d:6a:2a:ab:97:70:54:3e:53:d1:
                    0a:96:a1:59:c4:3b:df:26:ac:cf:aa:ce:aa:f1:13:
                    b5:e2:95:c9:eb:46:25:69:ca:9c:81:30:c5:4d:61:
                    36:45:f9:32:42:4c:12:4d:52:ab:2a:a7:1a:e9:6a:
                    d1:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:A6:17:38:72:76:05:B2:82:BD:E9:2E:9E:63:F9:23:E4:B2:45:3C
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3233203d3e203438303234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:3b:2e:e3:01:9e:64:01:ca:c5:53:fd:9f:57:3e:5f:14:39:
         26:6e:f5:8b:24:6d:9d:b2:61:ef:a2:c4:6b:a4:44:d9:31:10:
         86:d8:8d:44:a4:f2:cd:db:2e:54:c7:5a:e4:2b:88:bd:4a:97:
         e2:f9:94:08:7e:f9:36:30:95:c7:ef:a0:c9:68:0d:32:ae:77:
         c0:cb:e4:82:3c:e5:61:47:6d:bf:c9:f0:95:60:75:c0:fd:37:
         40:70:c6:ac:9a:1f:34:30:50:cb:bf:c8:62:75:90:20:cb:44:
         e8:90:29:3f:4d:1c:f7:d7:7f:63:aa:f1:b7:51:26:69:bb:31:
         b1:b5:41:19:a2:24:8e:6f:16:7f:e0:06:31:93:fe:83:df:f1:
         f1:f3:da:cc:e8:92:39:6b:4f:47:83:31:7f:34:49:80:73:f3:
         2c:8b:d5:b8:a1:ba:fb:d4:41:b3:6a:8d:76:a2:95:3f:38:2d:
         fc:70:3d:51:55:b8:fc:c2:6e:59:1a:db:f1:f3:e2:c8:51:1e:
         29:a8:99:6e:72:63:d5:4b:4e:67:3a:f4:ef:d1:f6:ec:f5:35:
         fc:28:ac:d1:5f:1d:31:e1:80:f6:ce:4c:6a:bd:56:33:31:af:
         82:91:95:fc:5e:0b:d6:6a:6a:b7:64:0e:ac:a7:e0:a2:f3:ab:
         a6:bd:b4:0d
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUDUClGYjd9bAwfXXVO9OXMLGUrTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMDMyMTMzMjFaFw0yNDEyMDEyMTM4MjFaMDMxMTAvBgNV
BAMTKDJBQTYxNzM4NzI3NjA1QjI4MkJERTkyRTlFNjNGOTIzRTRCMjQ1M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaYpM7bTMDZXFlsswKoY5nN6vY
HsXgDCa4UuATMUBWnY/f+qJR5RUmyDg+i5nrZ/KToblkY+z0Q5mnaRb1BbkIWIY6
sYo+/8jlKgUMybkJ6SUNYCH6mWfWkQXe7lDBLuaexE2wdELJWb5O1ABuhY3xSOb2
6tuUbH4wlx3XcmfFPsCOF6iUFrCOgvbHzmfg+YI18QXWdwBQUOUplHZIyB/8nQwW
bZyB+XEqOWZHTAnEtaHnAqrrPosHZRNAv8d1ayIaLUlLJVU0nWoqq5dwVD5T0QqW
oVnEO98mrM+qzqrxE7XilcnrRiVpypyBMMVNYTZF+TJCTBJNUqsqpxrpatG3AgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUKqYXOHJ2BbKCvekunmP5I+SyRTwwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMHgGCCsGAQUFBwELBGwwajBoBggrBgEFBQcwC4ZccnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvMzQzNTJlMzEzMzMxMmUzNjM4MmUzMDJmMzIz
MjJkMzIzMzIwM2QzZTIwMzQzODMwMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2DRDANBgkqhkiG
9w0BAQsFAAOCAQEAGTsu4wGeZAHKxVP9n1c+XxQ5Jm71iyRtnbJh76LEa6RE2TEQ
htiNRKTyzdsuVMda5CuIvUqX4vmUCH75NjCVx++gyWgNMq53wMvkgjzlYUdtv8nw
lWB1wP03QHDGrJofNDBQy7/IYnWQIMtE6JApP00c99d/Y6rxt1EmabsxsbVBGaIk
jm8Wf+AGMZP+g9/x8fPazOiSOWtPR4MxfzRJgHPzLIvVuKG6+9RBs2qNdqKVPzgt
/HA9UVW4/MJuWRrb8fPiyFEeKaiZbnJj1UtOZzr079H27PU1/Cis0V8dMeGA9s5M
ar1WMzGvgpGV/F4L1mpqt2QOrKfgovOrpr20DQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org