Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3234203d3e203335343837.roa
File:                     34352e3133312e36382e302f32322d3234203d3e203335343837.roa (raw, json)
Hash identifier:          iaxVxp/I3DiR/QxzJeRT1HHKeCOJzLHNmggOQl7LxN0=
Subject key identifier:   CA:00:27:1A:6E:B7:13:F1:10:49:F9:0C:92:A6:FF:46:A1:AA:31:83
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       77DBB6FC367114AF9590B9ED9E297CD089E11459
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3234203d3e203335343837.roa
Signing time:             Sun 03 Dec 2023 21:38:19 +0000
ROA not before:           Sun 03 Dec 2023 21:33:19 +0000
ROA not after:            Sun 01 Dec 2024 21:38:19 +0000
asID:                     35487
IP address blocks:        45.131.68.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 21:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:db:b6:fc:36:71:14:af:95:90:b9:ed:9e:29:7c:d0:89:e1:14:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec  3 21:33:19 2023 GMT
            Not After : Dec  1 21:38:19 2024 GMT
        Subject: CN=CA00271A6EB713F11049F90C92A6FF46A1AA3183
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f7:f2:d6:9e:61:1e:ba:76:83:94:ba:30:c1:
                    3f:25:17:42:4f:bf:7a:35:c1:94:9d:6b:6f:d5:ad:
                    ff:95:91:f4:ff:c8:31:e2:3a:46:20:f2:ce:0f:df:
                    3a:47:24:85:be:0d:b0:89:55:f9:fe:18:77:20:3e:
                    cf:63:3b:c3:83:4a:8d:7d:2a:c3:2c:c0:1c:3d:7a:
                    47:9e:e3:24:73:06:c2:ac:d8:b7:26:8d:3c:41:92:
                    6e:22:9c:87:6b:fb:b1:48:c1:8c:c8:c2:92:cf:4d:
                    52:fb:ce:3b:9c:64:1a:5d:12:a4:cd:69:0b:ab:53:
                    64:d4:8f:ea:ba:37:f2:29:08:37:3f:1e:35:02:0d:
                    39:b4:6e:20:71:d5:d3:2d:3d:4b:21:ee:db:7f:b1:
                    a7:dd:4f:53:fb:62:a9:90:4a:cf:c2:c7:6a:d9:f1:
                    c3:d6:c5:8e:fe:2d:7f:c2:66:aa:42:ac:a3:25:3b:
                    68:66:d6:16:52:c3:02:c3:dc:4c:6b:9f:c8:80:f7:
                    c8:8a:cd:43:48:ed:9d:21:64:58:fd:0b:29:c8:19:
                    a2:3f:02:73:ab:54:db:e7:ae:1d:7e:59:45:e4:83:
                    e3:a4:e4:aa:17:1d:86:3d:8c:56:e4:5e:88:e7:30:
                    72:c3:e4:a0:43:ed:91:62:8f:c4:1c:35:0c:bd:ef:
                    9c:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:00:27:1A:6E:B7:13:F1:10:49:F9:0C:92:A6:FF:46:A1:AA:31:83
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3234203d3e203335343837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         62:fc:7e:34:52:74:61:86:17:b7:fe:d3:31:c8:cd:51:b0:1c:
         0d:70:bd:da:57:ca:a8:a9:04:47:67:3d:5c:2d:17:5a:4d:74:
         8b:f5:6b:5d:56:8e:c8:dd:28:79:d8:4b:2e:e6:8f:3d:c6:14:
         ef:31:a8:77:74:97:a5:60:d1:bf:ea:f9:eb:df:67:7f:e8:7e:
         0b:2a:92:64:06:5c:1e:5c:6c:f6:34:32:e8:d9:8e:1e:90:4a:
         e8:01:47:23:0f:67:b2:b3:97:e7:60:45:b9:b3:f1:06:68:8d:
         d5:99:76:8b:9b:41:08:b3:cd:a3:ab:f0:ed:79:18:17:a4:57:
         e4:3d:9b:9b:f9:ff:82:67:f7:53:6a:5b:f5:46:93:74:b4:1d:
         b9:e6:9a:59:b5:b3:b0:d7:5f:94:f0:f8:f5:24:a8:6d:c7:64:
         5e:b2:98:3b:71:90:55:c4:4e:19:81:0b:3b:b4:42:6f:94:0a:
         7c:4f:32:33:19:bd:3a:f3:61:fa:f6:96:75:60:fd:5d:ab:91:
         cb:90:22:f9:69:ca:1f:f4:54:27:31:42:e3:47:7f:f3:f5:e2:
         4b:27:b2:84:35:3c:68:49:63:3f:b9:7c:33:0d:14:6a:78:47:
         9f:21:cb:db:c1:da:31:5f:93:01:a9:a3:dd:61:13:c1:b9:0f:
         87:3b:77:b7
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUd9u2/DZxFK+VkLntnil80InhFFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMDMyMTMzMTlaFw0yNDEyMDEyMTM4MTlaMDMxMTAvBgNV
BAMTKENBMDAyNzFBNkVCNzEzRjExMDQ5RjkwQzkyQTZGRjQ2QTFBQTMxODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ9/LWnmEeunaDlLowwT8lF0JP
v3o1wZSda2/Vrf+VkfT/yDHiOkYg8s4P3zpHJIW+DbCJVfn+GHcgPs9jO8ODSo19
KsMswBw9ekee4yRzBsKs2LcmjTxBkm4inIdr+7FIwYzIwpLPTVL7zjucZBpdEqTN
aQurU2TUj+q6N/IpCDc/HjUCDTm0biBx1dMtPUsh7tt/safdT1P7YqmQSs/Cx2rZ
8cPWxY7+LX/CZqpCrKMlO2hm1hZSwwLD3Exrn8iA98iKzUNI7Z0hZFj9CynIGaI/
AnOrVNvnrh1+WUXkg+Ok5KoXHYY9jFbkXojnMHLD5KBD7ZFij8QcNQy975xbAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUygAnGm63E/EQSfkMkqb/RqGqMYMwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMHgGCCsGAQUFBwELBGwwajBoBggrBgEFBQcwC4ZccnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvMzQzNTJlMzEzMzMxMmUzNjM4MmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzMzNTM0MzgzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2DRDANBgkqhkiG
9w0BAQsFAAOCAQEAYvx+NFJ0YYYXt/7TMcjNUbAcDXC92lfKqKkER2c9XC0XWk10
i/VrXVaOyN0oedhLLuaPPcYU7zGod3SXpWDRv+r5699nf+h+CyqSZAZcHlxs9jQy
6NmOHpBK6AFHIw9nsrOX52BFubPxBmiN1Zl2i5tBCLPNo6vw7XkYF6RX5D2bm/n/
gmf3U2pb9UaTdLQdueaaWbWzsNdflPD49SSobcdkXrKYO3GQVcROGYELO7RCb5QK
fE8yMxm9OvNh+vaWdWD9XauRy5Ai+WnKH/RUJzFC40d/8/XiSyeyhDU8aEljP7l8
Mw0UanhHnyHL28HaMV+TAamj3WETwbkPhzt3tw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org