Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3234203d3e20393137.roa
File:                     34352e3133312e36382e302f32322d3234203d3e20393137.roa (raw, json)
Hash identifier:          jFSz1f+soyd6xW8vCulXv9lLQRCWrmdsLjnM+SAxQjE=
Subject key identifier:   FD:DF:6F:A8:DB:22:19:EF:A3:63:01:E7:26:54:8C:82:71:7D:D1:FA
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       20C036BE82DDA0EE4109C8EB093DC034D6F91214
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3234203d3e20393137.roa
Signing time:             Sun 03 Dec 2023 21:38:24 +0000
ROA not before:           Sun 03 Dec 2023 21:33:24 +0000
ROA not after:            Sun 01 Dec 2024 21:38:24 +0000
asID:                     917
IP address blocks:        45.131.68.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 21:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:c0:36:be:82:dd:a0:ee:41:09:c8:eb:09:3d:c0:34:d6:f9:12:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec  3 21:33:24 2023 GMT
            Not After : Dec  1 21:38:24 2024 GMT
        Subject: CN=FDDF6FA8DB2219EFA36301E726548C82717DD1FA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:44:c3:2b:61:1e:d4:51:1d:c6:65:02:c4:2c:
                    37:2d:6d:0e:a8:86:f3:ae:df:a8:d4:28:51:7f:5d:
                    04:60:96:61:db:7a:82:64:fc:ec:b4:91:aa:eb:a8:
                    ab:88:b3:23:00:ad:07:32:bd:ae:d3:e5:d2:c0:2b:
                    4f:06:f0:e9:d0:3b:c4:76:eb:7f:22:72:b3:8e:9c:
                    9c:e5:aa:5b:26:a2:54:b2:91:c3:09:ac:54:74:ec:
                    1b:48:93:24:70:60:5c:61:a3:1e:6f:da:b1:dc:d9:
                    73:4e:06:34:58:0f:dd:25:4d:4e:61:45:7e:06:52:
                    f3:e5:25:a5:b1:3d:98:6c:6f:54:24:a1:f9:c2:d8:
                    5a:78:59:d8:ce:39:3a:78:67:1c:2c:8f:e1:ca:c0:
                    5f:a1:98:48:52:b1:c9:fe:65:ef:cf:12:92:a5:0d:
                    53:0a:19:20:d2:78:06:df:fa:22:51:d9:03:31:7f:
                    46:42:02:b0:53:2f:69:8e:cc:93:5f:ec:b1:2e:d2:
                    8b:31:14:78:e4:e5:2f:23:b5:c3:e3:98:a7:46:f8:
                    7f:af:70:0b:b8:b9:b9:58:dc:6a:91:6c:5a:f7:cf:
                    65:fc:f8:89:a0:84:fe:8d:3c:3d:fe:5d:15:db:6a:
                    39:80:c3:45:62:05:41:96:69:5c:21:9e:b2:e8:4b:
                    94:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:DF:6F:A8:DB:22:19:EF:A3:63:01:E7:26:54:8C:82:71:7D:D1:FA
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/34352e3133312e36382e302f32322d3234203d3e20393137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.131.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         51:21:f6:5f:81:d1:90:de:a7:2e:ad:cd:01:ba:29:c2:bc:81:
         c1:89:aa:96:05:07:bd:39:cf:81:1b:b8:ec:ce:6d:3b:36:25:
         80:2e:be:37:2b:78:75:8f:7a:e5:df:08:af:4c:6c:18:c0:19:
         fc:1d:67:95:bf:3e:08:46:dd:da:ea:60:e4:ca:96:a5:2e:28:
         88:f9:ca:33:b5:9f:20:b6:6f:1c:56:da:23:0a:4b:3f:81:43:
         8d:c3:8f:2f:b8:9e:74:8b:92:15:12:56:b3:96:4b:47:5a:27:
         58:2d:2c:56:06:f8:b4:6d:7b:bb:04:41:5c:b7:dc:5c:38:fa:
         53:30:2a:ef:a2:e8:8f:c5:c0:6b:a6:aa:3e:98:ee:a9:50:78:
         27:86:5e:96:76:36:9c:0c:59:af:b3:9a:d0:19:1c:43:4c:1c:
         9f:b1:bf:69:85:72:21:02:99:e4:6f:08:d4:68:d3:8c:62:e1:
         6e:57:ff:f4:50:8e:a0:a8:00:06:87:45:d1:ce:a1:7d:64:dc:
         89:08:9e:0c:04:27:73:64:5c:df:04:83:93:c7:03:8e:36:bb:
         27:ce:83:61:0f:fe:d1:32:e1:82:57:a9:1d:7f:95:a5:b7:a3:
         80:d4:36:92:fd:32:82:2a:5d:60:af:d9:82:35:9c:a9:dd:e5:
         3c:2f:67:4a
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIUIMA2voLdoO5BCcjrCT3ANNb5EhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMDMyMTMzMjRaFw0yNDEyMDEyMTM4MjRaMDMxMTAvBgNV
BAMTKEZEREY2RkE4REIyMjE5RUZBMzYzMDFFNzI2NTQ4QzgyNzE3REQxRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIRMMrYR7UUR3GZQLELDctbQ6o
hvOu36jUKFF/XQRglmHbeoJk/Oy0karrqKuIsyMArQcyva7T5dLAK08G8OnQO8R2
638icrOOnJzlqlsmolSykcMJrFR07BtIkyRwYFxhox5v2rHc2XNOBjRYD90lTU5h
RX4GUvPlJaWxPZhsb1QkofnC2Fp4WdjOOTp4Zxwsj+HKwF+hmEhSscn+Ze/PEpKl
DVMKGSDSeAbf+iJR2QMxf0ZCArBTL2mOzJNf7LEu0osxFHjk5S8jtcPjmKdG+H+v
cAu4ublY3GqRbFr3z2X8+ImghP6NPD3+XRXbajmAw0ViBUGWaVwhnrLoS5SvAgMB
AAGjggHOMIIByjAdBgNVHQ4EFgQU/d9vqNsiGe+jYwHnJlSMgnF90fowHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMHQGCCsGAQUFBwELBGgwZjBkBggrBgEFBQcwC4ZYcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvMzQzNTJlMzEzMzMxMmUzNjM4MmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzkzMTM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYNEMA0GCSqGSIb3DQEB
CwUAA4IBAQBRIfZfgdGQ3qcurc0BuinCvIHBiaqWBQe9Oc+BG7jszm07NiWALr43
K3h1j3rl3wivTGwYwBn8HWeVvz4IRt3a6mDkypalLiiI+coztZ8gtm8cVtojCks/
gUONw48vuJ50i5IVElazlktHWidYLSxWBvi0bXu7BEFct9xcOPpTMCrvouiPxcBr
pqo+mO6pUHgnhl6WdjacDFmvs5rQGRxDTByfsb9phXIhApnkbwjUaNOMYuFuV//0
UI6gqAAGh0XRzqF9ZNyJCJ4MBCdzZFzfBIOTxwOONrsnzoNhD/7RMuGCV6kdf5Wl
t6OA1DaS/TKCKl1gr9mCNZyp3eU8L2dK
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org