Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3234203d3e203537353738.roa
File:                     34352e3133312e36382e302f32322d3234203d3e203537353738.roa (raw, json)
Hash identifier:          GoLv45OxGbNsPrv0kTSFpbXWg7NEB8sGUhVTQ1xuIOw=
Subject key identifier:   6F:30:E8:36:38:28:90:01:A3:74:8D:4D:C4:24:33:0E:8F:41:4F:A3
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       22200F11CC18DB7EEA63532D2B93750C33463019
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3234203d3e203537353738.roa
Signing time:             Sun 03 Dec 2023 21:38:18 +0000
ROA not before:           Sun 03 Dec 2023 21:33:18 +0000
ROA not after:            Sun 01 Dec 2024 21:38:18 +0000
asID:                     57578
IP address blocks:        45.131.68.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 21:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:20:0f:11:cc:18:db:7e:ea:63:53:2d:2b:93:75:0c:33:46:30:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec  3 21:33:18 2023 GMT
            Not After : Dec  1 21:38:18 2024 GMT
        Subject: CN=6F30E83638289001A3748D4DC424330E8F414FA3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:34:8d:ec:ea:b2:69:df:79:54:28:53:75:0a:
                    1b:bf:f6:ed:34:1e:bb:78:80:d9:11:1f:e6:6b:f6:
                    a7:35:4e:5c:95:dd:ed:6f:49:fc:ee:99:d5:b2:88:
                    59:7f:cc:5f:36:43:55:3d:60:cb:70:fc:29:e2:05:
                    23:04:a6:9a:3d:bf:aa:fa:36:b8:cb:46:93:c5:de:
                    9a:a6:d6:25:a4:14:0e:2f:4b:1e:58:74:6f:fd:83:
                    61:d6:10:fb:be:51:57:b6:fc:d2:26:40:a6:00:ec:
                    86:9a:79:4f:46:2d:08:c5:31:4b:f7:61:c1:0c:cd:
                    55:cb:7a:bd:d6:db:66:b5:4e:03:b8:3c:0d:a4:ed:
                    17:56:eb:a2:62:aa:22:3a:92:d8:c3:7c:8b:96:b6:
                    ea:4e:48:8b:ed:8e:7f:21:7e:b6:80:34:6c:2d:9e:
                    7c:c7:d6:11:9b:de:4d:c4:12:c7:e8:aa:c4:84:dd:
                    7f:cd:70:5a:a7:ae:97:57:6e:22:bd:db:b8:09:6c:
                    90:2f:c8:07:2f:6f:bc:e2:44:2c:1e:39:20:f4:ca:
                    45:4d:0c:72:5a:43:cb:97:9a:86:fa:2c:03:83:8c:
                    3a:ee:4e:06:96:98:5a:b6:76:0c:36:c7:c5:ac:10:
                    50:72:95:53:3b:b0:f6:53:25:ca:54:30:e5:03:77:
                    0e:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:30:E8:36:38:28:90:01:A3:74:8D:4D:C4:24:33:0E:8F:41:4F:A3
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3234203d3e203537353738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5b:92:d3:44:eb:25:b1:c6:34:e5:4d:09:6d:ee:12:7d:6a:f2:
         76:aa:7f:30:e0:f3:0a:25:df:06:35:54:b5:05:63:95:62:2a:
         28:c0:03:32:c9:36:32:ad:90:1d:7c:03:33:21:55:e6:75:3d:
         62:18:92:78:a2:68:a5:ce:e1:1e:ae:c6:ec:bf:d7:b9:53:04:
         54:98:dd:fb:28:5d:2a:1d:84:0a:98:01:ef:7e:54:fa:02:10:
         c8:87:7d:90:5d:e9:96:13:37:b8:dd:ce:6c:2d:94:44:1c:ab:
         96:60:d2:5b:65:0f:92:1d:60:7c:43:29:bf:f6:39:c0:4c:b4:
         4a:75:c0:c9:fb:19:80:d3:c2:7d:ef:6f:5b:3d:96:5e:b7:b7:
         ae:ec:89:06:98:86:95:ab:a4:76:d9:d5:70:4d:77:d6:90:74:
         0d:89:d6:c7:ff:3c:85:7a:6e:8e:48:3d:25:79:1b:a8:ee:cf:
         d5:c8:24:f7:c3:5e:fe:36:18:5c:69:77:5f:e6:b0:39:1c:d6:
         d5:49:8b:af:8f:80:98:ef:1c:09:92:e2:d2:21:f8:f4:5c:cd:
         60:d0:45:73:18:4b:aa:89:1d:f5:39:8b:9f:83:77:8d:59:43:
         cf:dd:2a:9e:51:ae:0a:27:68:85:3f:bc:b6:e5:da:f0:de:1a:
         7a:a8:72:37
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUIiAPEcwY237qY1MtK5N1DDNGMBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMDMyMTMzMThaFw0yNDEyMDEyMTM4MThaMDMxMTAvBgNV
BAMTKDZGMzBFODM2MzgyODkwMDFBMzc0OEQ0REM0MjQzMzBFOEY0MTRGQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaNI3s6rJp33lUKFN1Chu/9u00
Hrt4gNkRH+Zr9qc1TlyV3e1vSfzumdWyiFl/zF82Q1U9YMtw/CniBSMEppo9v6r6
NrjLRpPF3pqm1iWkFA4vSx5YdG/9g2HWEPu+UVe2/NImQKYA7IaaeU9GLQjFMUv3
YcEMzVXLer3W22a1TgO4PA2k7RdW66JiqiI6ktjDfIuWtupOSIvtjn8hfraANGwt
nnzH1hGb3k3EEsfoqsSE3X/NcFqnrpdXbiK927gJbJAvyAcvb7ziRCweOSD0ykVN
DHJaQ8uXmob6LAODjDruTgaWmFq2dgw2x8WsEFBylVM7sPZTJcpUMOUDdw4dAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUbzDoNjgokAGjdI1NxCQzDo9BT6MwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMHgGCCsGAQUFBwELBGwwajBoBggrBgEFBQcwC4ZccnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvMzQzNTJlMzEzMzMxMmUzNjM4MmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzUzNzM1MzczOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2DRDANBgkqhkiG
9w0BAQsFAAOCAQEAW5LTROslscY05U0Jbe4SfWrydqp/MODzCiXfBjVUtQVjlWIq
KMADMsk2Mq2QHXwDMyFV5nU9YhiSeKJopc7hHq7G7L/XuVMEVJjd+yhdKh2ECpgB
735U+gIQyId9kF3plhM3uN3ObC2URByrlmDSW2UPkh1gfEMpv/Y5wEy0SnXAyfsZ
gNPCfe9vWz2WXre3ruyJBpiGlaukdtnVcE131pB0DYnWx/88hXpujkg9JXkbqO7P
1cgk98Ne/jYYXGl3X+awORzW1UmLr4+AmO8cCZLi0iH49FzNYNBFcxhLqokd9TmL
n4N3jVlDz90qnlGuCidohT+8tuXa8N4aeqhyNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org