Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Sa61C7ekQPTyIEykFt2F9SOeD5E.roa
File:                     Sa61C7ekQPTyIEykFt2F9SOeD5E.roa (raw, json)
Hash identifier:          X6kHtL0BZvND3geV11qR0Wxj4ZubFn6/icWm/TjrCjM=
Subject key identifier:   49:AE:B5:0B:B7:A4:40:F4:F2:20:4C:A4:16:DD:85:F5:23:9E:0F:91
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       01F3
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Sa61C7ekQPTyIEykFt2F9SOeD5E.roa
Signing time:             Thu 04 Apr 2024 15:55:04 +0000
ROA not before:           Thu 04 Apr 2024 15:55:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 19:55:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 499 (0x1f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Apr  4 15:55:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=49AEB50BB7A440F4F2204CA416DD85F5239E0F91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:eb:a3:ce:a3:47:c3:e5:c5:d4:4b:e7:8d:4a:
                    48:bc:bc:eb:38:7d:60:0f:73:3a:29:20:a8:38:6c:
                    ba:48:d0:0c:81:d5:5d:05:7a:93:46:aa:eb:07:34:
                    d8:7b:d3:50:da:e4:6c:c4:07:93:cf:29:5f:42:48:
                    9b:d7:80:f2:3a:92:60:2a:6b:3a:ec:41:31:dd:52:
                    e3:66:6e:1b:ae:04:12:d6:02:57:8c:23:9b:c2:a6:
                    a4:b2:3c:11:2d:b5:d5:78:3c:f1:f5:a2:b6:e4:36:
                    25:fb:a5:53:17:4b:f7:40:06:3e:67:5b:35:bb:66:
                    c0:e1:ed:d7:d7:42:57:cd:fe:3d:51:a8:17:b6:40:
                    da:aa:2d:9e:59:3a:30:b4:87:53:48:16:87:35:f4:
                    77:52:09:de:26:45:ac:0b:48:4d:c8:b9:e5:b7:da:
                    04:f4:ef:0b:f9:35:49:77:5a:31:95:a6:42:2a:a5:
                    e9:f7:30:d4:79:52:8e:e7:72:98:8e:90:17:1a:09:
                    55:3b:08:f5:a3:d1:3e:c6:f5:4c:0c:44:43:8c:53:
                    6f:f0:a5:76:48:e0:8e:67:db:2a:75:0a:d7:29:c7:
                    2b:8d:5e:cc:63:fd:56:e2:35:96:8a:d0:88:89:49:
                    58:22:c2:28:7b:d9:c1:72:0d:2f:05:bc:43:0a:95:
                    43:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:AE:B5:0B:B7:A4:40:F4:F2:20:4C:A4:16:DD:85:F5:23:9E:0F:91
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Sa61C7ekQPTyIEykFt2F9SOeD5E.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:45:82:e2:19:b6:19:82:49:44:eb:b1:8f:79:c0:b0:6f:4e:
         1c:e9:bb:59:39:46:03:16:f1:30:8d:83:a3:49:93:3c:c0:52:
         71:93:13:ec:ab:b6:13:4c:70:ac:b6:75:0e:d9:f6:d9:cf:1a:
         11:eb:3a:00:ea:ac:8b:58:a4:2c:a7:1f:6b:4f:f4:28:0b:22:
         94:ec:6c:f7:1d:33:34:cf:4e:ff:c3:18:8f:2d:bb:cc:bb:95:
         e5:d4:3e:98:6b:7d:da:9a:2b:95:22:43:6f:31:11:a5:42:0f:
         5e:4e:95:24:09:f0:cd:57:bc:32:61:75:22:d6:46:ef:82:d9:
         ee:48:07:ee:af:7d:cd:ef:27:ad:d5:c2:c2:f1:5b:6f:da:13:
         85:e9:3a:f7:eb:fd:df:8f:11:b1:fe:5d:ad:43:ba:92:29:5b:
         96:0d:43:86:f6:c6:30:8e:40:4f:5e:ea:70:df:30:e0:a0:7a:
         7b:94:ce:c4:91:c5:e6:ec:66:7e:31:aa:bc:b5:c9:9e:a6:08:
         56:e4:7b:c6:4d:c6:86:8b:91:0f:e8:e4:ab:a8:61:7d:b3:6a:
         e4:cc:f2:4d:b6:da:a1:d5:07:67:d1:16:cf:b4:5e:2c:18:ca:
         4c:06:ec:4e:2a:b1:09:11:a9:77:88:00:89:5c:68:c7:63:fe:
         58:2e:1f:12
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAfMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MDQx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQ5QUVCNTBCQjdBNDQw
RjRGMjIwNENBNDE2REQ4NUY1MjM5RTBGOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDd66POo0fD5cXUS+eNSki8vOs4fWAPczopIKg4bLpI0AyB1V0F
epNGqusHNNh701Da5GzEB5PPKV9CSJvXgPI6kmAqazrsQTHdUuNmbhuuBBLWAleM
I5vCpqSyPBEttdV4PPH1orbkNiX7pVMXS/dABj5nWzW7ZsDh7dfXQlfN/j1RqBe2
QNqqLZ5ZOjC0h1NIFoc19HdSCd4mRawLSE3IueW32gT07wv5NUl3WjGVpkIqpen3
MNR5Uo7ncpiOkBcaCVU7CPWj0T7G9UwMREOMU2/wpXZI4I5n2yp1CtcpxyuNXsxj
/VbiNZaK0IiJSVgiwih72cFyDS8FvEMKlUMfAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUSa61C7ekQPTyIEykFt2F9SOeD5EwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1NhNjFDN2VrUVBUeUlF
eWtGdDJGOVNPZUQ1RS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBALFFguIZthmCSUTrsY95wLBvThzpu1k5RgMW
8TCNg6NJkzzAUnGTE+yrthNMcKy2dQ7Z9tnPGhHrOgDqrItYpCynH2tP9CgLIpTs
bPcdMzTPTv/DGI8tu8y7leXUPphrfdqaK5UiQ28xEaVCD15OlSQJ8M1XvDJhdSLW
Ru+C2e5IB+6vfc3vJ63VwsLxW2/aE4XpOvfr/d+PEbH+Xa1DupIpW5YNQ4b2xjCO
QE9e6nDfMOCgenuUzsSRxebsZn4xqry1yZ6mCFbke8ZNxoaLkQ/o5KuoYX2zauTM
8k222qHVB2fRFs+0XiwYykwG7E4qsQkRqXeIAIlcaMdj/lguHxI=
-----END CERTIFICATE-----
Generated at Thu Apr 4 22:56:36 2024 by rpki-client on console-ams.rpki-client.org