Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/X5uqU8NbKwc3GHPZF55LP55KrFw.roa
File:                     X5uqU8NbKwc3GHPZF55LP55KrFw.roa (raw, json)
Hash identifier:          aeN73dBqm8/RcFnCuQ/1YN+BtWzuIJMn2igTsNsR73w=
Subject key identifier:   5F:9B:AA:53:C3:5B:2B:07:37:18:73:D9:17:9E:4B:3F:9E:4A:AC:5C
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0427
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/X5uqU8NbKwc3GHPZF55LP55KrFw.roa
Signing time:             Thu 06 Jun 2024 07:55:03 +0000
ROA not before:           Thu 06 Jun 2024 07:55:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 06 Jun 2024 11:55:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1063 (0x427)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Jun  6 07:55:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5F9BAA53C35B2B07371873D9179E4B3F9E4AAC5C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:64:4b:04:1f:44:bb:44:84:0c:9b:84:ec:d3:
                    df:c8:7b:1d:a5:d8:a1:40:8f:fc:3e:3e:6a:6d:04:
                    b8:38:97:5c:30:52:fd:58:d2:0f:2f:7b:45:f9:d8:
                    71:02:33:b5:67:df:06:14:a7:b2:e9:0c:2e:8b:be:
                    d0:c9:0c:a8:9b:e4:36:e9:dd:11:73:ec:b9:0b:91:
                    10:a3:01:c0:b8:10:08:e0:5b:d1:a1:28:4b:79:66:
                    b0:2a:6b:94:a2:bb:00:0c:bf:bc:19:5b:c3:7c:ec:
                    b9:5c:ed:b9:5b:8f:c6:a7:44:d3:42:95:c0:da:36:
                    84:c8:49:e6:22:c0:24:7f:c6:56:a6:06:5e:ce:7a:
                    a8:97:74:81:9a:97:97:c8:eb:f6:92:5c:eb:ac:58:
                    16:38:32:d6:f3:bf:72:8c:67:87:36:15:dc:e9:a8:
                    2a:ea:7c:78:c7:ae:7c:3c:24:ca:2c:d8:a1:f8:e4:
                    92:7c:3b:b8:15:6e:a5:76:00:33:b0:eb:ea:c2:7c:
                    52:18:c3:0f:90:06:ac:3e:c1:48:e7:1b:f7:6e:7f:
                    5a:24:fc:ec:5c:fa:e9:58:ad:b9:b6:f5:33:99:12:
                    1f:06:52:2e:e8:dc:2c:f3:70:f8:36:57:c4:47:05:
                    95:9d:f6:c0:df:52:71:cb:fc:7a:1e:fc:c4:75:6c:
                    9f:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:9B:AA:53:C3:5B:2B:07:37:18:73:D9:17:9E:4B:3F:9E:4A:AC:5C
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/X5uqU8NbKwc3GHPZF55LP55KrFw.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:77:03:41:80:4c:a2:71:0e:68:df:b0:65:7e:a9:81:f2:96:
         0c:cd:e7:d4:f2:66:02:c7:41:ea:16:65:db:ec:40:8d:19:2f:
         06:23:67:c7:e2:9a:13:0f:6a:ed:b8:ae:60:67:8a:cb:80:08:
         e4:89:39:96:53:b4:8b:32:16:45:92:ad:14:0c:bf:5d:f3:48:
         fc:2f:db:42:34:4b:65:12:fe:1e:a4:70:b3:d4:be:7b:48:c8:
         a5:c0:bb:ba:c1:dc:70:21:a4:b9:12:e8:e3:2a:fb:37:00:ef:
         65:99:40:77:b4:d1:0e:ff:21:12:9e:63:14:f8:cb:83:7a:50:
         ca:a9:35:4c:8b:75:07:9f:12:46:ff:ee:7d:bb:0d:76:c1:4c:
         30:13:89:79:1b:45:2a:04:21:04:b3:8b:e5:e1:72:e5:dd:86:
         6f:62:e6:66:d4:71:98:99:79:68:1e:bc:d3:2c:ef:bb:b9:88:
         d9:da:f5:83:c3:ba:df:b1:95:02:ef:4b:a7:13:1d:ac:de:44:
         2d:f2:ba:84:d0:c3:3f:ad:e5:2d:38:cd:a1:14:6f:4c:ca:9c:
         24:fe:7a:54:07:7a:aa:3e:ad:b2:6c:30:df:fe:26:a4:eb:59:
         c6:e6:e6:e0:58:df:c4:20:37:78:d1:23:4d:e0:91:11:d7:00:
         a7:93:64:08
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBCcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA2MDYw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVGOUJBQTUzQzM1QjJC
MDczNzE4NzNEOTE3OUU0QjNGOUU0QUFDNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcZEsEH0S7RIQMm4Ts09/Iex2l2KFAj/w+PmptBLg4l1wwUv1Y
0g8ve0X52HECM7Vn3wYUp7LpDC6LvtDJDKib5Dbp3RFz7LkLkRCjAcC4EAjgW9Gh
KEt5ZrAqa5SiuwAMv7wZW8N87Llc7blbj8anRNNClcDaNoTISeYiwCR/xlamBl7O
eqiXdIGal5fI6/aSXOusWBY4Mtbzv3KMZ4c2FdzpqCrqfHjHrnw8JMos2KH45JJ8
O7gVbqV2ADOw6+rCfFIYww+QBqw+wUjnG/duf1ok/Oxc+ulYrbm29TOZEh8GUi7o
3CzzcPg2V8RHBZWd9sDfUnHL/Hoe/MR1bJ8bAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUX5uqU8NbKwc3GHPZF55LP55KrFwwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1g1dXFVOE5iS3djM0dI
UFpGNTVMUDU1S3JGdy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAIJ3A0GATKJxDmjfsGV+qYHylgzN59TyZgLH
QeoWZdvsQI0ZLwYjZ8fimhMPau24rmBnisuACOSJOZZTtIsyFkWSrRQMv13zSPwv
20I0S2US/h6kcLPUvntIyKXAu7rB3HAhpLkS6OMq+zcA72WZQHe00Q7/IRKeYxT4
y4N6UMqpNUyLdQefEkb/7n27DXbBTDATiXkbRSoEIQSzi+XhcuXdhm9i5mbUcZiZ
eWgevNMs77u5iNna9YPDut+xlQLvS6cTHazeRC3yuoTQwz+t5S04zaEUb0zKnCT+
elQHeqo+rbJsMN/+JqTrWcbm5uBY38QgN3jRI03gkRHXAKeTZAg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org