Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/h7mqSveamopxUfPk3xTeOCHxRFQ.roa
File:                     h7mqSveamopxUfPk3xTeOCHxRFQ.roa (raw, json)
Hash identifier:          JzeTC3zfE4SkuJCU4MPMckoDw4RmTjf+VP2ZYG/6xMM=
Subject key identifier:   87:B9:AA:4A:F7:9A:9A:8A:71:51:F3:E4:DF:14:DE:38:21:F1:44:54
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       06E5
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/h7mqSveamopxUfPk3xTeOCHxRFQ.roa
Signing time:             Fri 23 Aug 2024 07:55:03 +0000
ROA not before:           Fri 23 Aug 2024 07:55:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 23 Aug 2024 11:55:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1765 (0x6e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Aug 23 07:55:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=87B9AA4AF79A9A8A7151F3E4DF14DE3821F14454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:1b:4e:98:2a:7d:26:a2:1d:b5:42:dd:91:d7:
                    5d:7e:8c:bd:d5:e1:56:a1:f2:10:d1:ac:4d:49:82:
                    8a:c6:1c:cf:e8:77:ec:f3:ab:58:cc:b7:b7:9a:a6:
                    7d:de:27:be:5a:a0:47:d9:8f:70:6e:4e:6c:f3:dd:
                    92:fb:70:41:f7:07:a5:60:1b:66:2c:cc:1d:f4:f9:
                    26:c3:ab:2a:84:86:66:31:f0:cf:27:dd:08:2a:bd:
                    be:c7:41:7e:08:06:e9:e5:0e:df:f0:a2:fe:01:db:
                    4e:65:76:1a:a9:04:38:74:ce:94:9a:69:a2:59:3f:
                    a3:12:21:e7:b4:e8:d9:61:fc:63:fd:1b:f4:55:65:
                    6f:6b:cd:32:0e:65:63:c4:ec:8f:74:dc:62:a8:4b:
                    fb:d6:9d:86:a4:91:14:46:16:92:47:1c:34:c2:d8:
                    62:ab:39:c9:21:7a:f9:d7:0f:7f:fd:c1:58:70:56:
                    c0:8c:b6:6a:cf:2d:7e:9b:f0:98:0e:0b:39:fc:a1:
                    11:60:1d:26:f3:0f:71:7d:7e:fa:1e:b9:e0:c7:8c:
                    73:d3:a4:82:d2:86:bd:86:b4:e1:26:9f:bb:a8:f1:
                    5e:c5:1d:c0:25:ec:d7:52:3f:f7:d8:b6:ed:fc:80:
                    5d:ea:82:2c:00:a2:01:bf:16:06:0a:2d:1b:e8:c5:
                    92:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:B9:AA:4A:F7:9A:9A:8A:71:51:F3:E4:DF:14:DE:38:21:F1:44:54
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/h7mqSveamopxUfPk3xTeOCHxRFQ.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:c0:6a:a1:17:7a:85:0a:0d:ed:3a:4a:df:8e:a3:44:c1:b1:
         fc:f6:d1:4d:9e:23:16:f2:57:80:23:0e:d2:38:16:79:c2:87:
         6c:4a:03:4e:b5:57:a8:05:6c:3e:2d:33:83:c3:64:e0:81:02:
         17:2d:37:84:2a:05:cc:c4:b6:5e:8d:17:41:a7:fc:12:93:f7:
         28:1a:ec:d4:c8:d5:30:a0:24:28:66:c3:9b:33:96:cd:ff:c1:
         d0:28:bc:7f:71:bc:9f:e8:e9:a9:4b:e7:66:79:1b:09:2d:1e:
         4b:b3:1a:b2:b5:00:6e:b2:55:f7:24:bc:f2:1f:47:f9:b7:31:
         97:20:cf:83:bc:ae:22:01:70:2b:a9:ee:2d:1c:a3:53:67:7a:
         0c:1a:f8:73:40:a4:8d:28:47:56:81:86:ee:b3:2d:66:91:e0:
         1a:9e:67:ab:d5:96:51:d3:b3:6f:e0:79:84:4f:b5:8c:92:39:
         68:df:19:3f:13:f6:ca:5d:e8:0d:e2:06:c8:02:1d:6d:54:3a:
         28:e6:d1:42:ca:e9:3c:d2:20:86:19:e1:4c:9f:02:f5:d6:95:
         b3:84:43:df:09:da:4f:45:05:ac:ef:6b:3b:30:1e:78:87:6b:
         83:d7:b9:86:cb:b8:4d:a1:a6:bb:21:65:07:d5:e6:51:c3:84:
         af:c7:91:75
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICBuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA4MjMw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg3QjlBQTRBRjc5QTlB
OEE3MTUxRjNFNERGMTRERTM4MjFGMTQ0NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTG06YKn0moh21Qt2R111+jL3V4Vah8hDRrE1JgorGHM/od+zz
q1jMt7eapn3eJ75aoEfZj3BuTmzz3ZL7cEH3B6VgG2YszB30+SbDqyqEhmYx8M8n
3Qgqvb7HQX4IBunlDt/wov4B205ldhqpBDh0zpSaaaJZP6MSIee06Nlh/GP9G/RV
ZW9rzTIOZWPE7I903GKoS/vWnYakkRRGFpJHHDTC2GKrOckhevnXD3/9wVhwVsCM
tmrPLX6b8JgOCzn8oRFgHSbzD3F9fvoeueDHjHPTpILShr2GtOEmn7uo8V7FHcAl
7NdSP/fYtu38gF3qgiwAogG/FgYKLRvoxZJnAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUh7mqSveamopxUfPk3xTeOCHxRFQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2g3bXFTdmVhbW9weFVm
UGszeFRlT0NIeFJGUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBABvAaqEXeoUKDe06St+Oo0TBsfz20U2eIxby
V4AjDtI4FnnCh2xKA061V6gFbD4tM4PDZOCBAhctN4QqBczEtl6NF0Gn/BKT9yga
7NTI1TCgJChmw5szls3/wdAovH9xvJ/o6alL52Z5GwktHkuzGrK1AG6yVfckvPIf
R/m3MZcgz4O8riIBcCup7i0co1Nnegwa+HNApI0oR1aBhu6zLWaR4BqeZ6vVllHT
s2/geYRPtYySOWjfGT8T9spd6A3iBsgCHW1UOijm0ULK6TzSIIYZ4UyfAvXWlbOE
Q98J2k9FBazvazswHniHa4PXuYbLuE2hprshZQfV5lHDhK/HkXU=
-----END CERTIFICATE-----
Generated at Fri Aug 23 16:39:16 2024 by rpki-client on console-ams.rpki-client.org