Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/hbxZJ-XGli3uFIfLWDbkLet78FU.roa
File:                     hbxZJ-XGli3uFIfLWDbkLet78FU.roa (raw, json)
Hash identifier:          JdBTUCY8NVA/XpJ9TClnY7tFhNsxkhIA+2MRNP74UlE=
Subject key identifier:   85:BC:59:27:E5:C6:96:2D:EE:14:87:CB:58:36:E4:2D:EB:7B:F0:55
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0A07
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hbxZJ-XGli3uFIfLWDbkLet78FU.roa
Signing time:             Wed 20 Nov 2024 07:55:02 +0000
ROA not before:           Wed 20 Nov 2024 07:55:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Nov 2024 11:55:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2567 (0xa07)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Nov 20 07:55:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=85BC5927E5C6962DEE1487CB5836E42DEB7BF055
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:b9:3f:72:50:5c:02:51:9b:2b:17:93:f1:70:
                    ec:88:49:83:0d:a6:ee:3f:b4:92:da:aa:c2:9e:c2:
                    74:eb:fd:d9:38:a9:fa:d8:79:2a:17:d5:cc:67:e4:
                    3a:37:03:ab:43:f2:3c:85:c6:97:e5:a7:5d:d0:a2:
                    74:51:73:9d:25:65:90:d3:46:a7:30:4c:32:0c:2b:
                    4c:ad:72:9b:fa:4b:d8:c6:7a:96:fd:ea:b3:8d:c8:
                    24:47:6d:90:b6:29:58:e2:28:ea:33:a4:f5:74:e6:
                    43:b4:f0:2b:e9:03:25:f9:8d:34:7c:b5:ca:0b:ad:
                    7c:ea:91:2a:41:ea:f9:a5:97:37:d6:3c:82:92:a1:
                    ef:f7:a9:90:c9:13:28:e3:8d:2b:d3:9f:6d:3c:2e:
                    3e:83:7f:11:dc:5b:0d:d8:fb:26:5e:9e:37:21:f2:
                    91:d0:5f:ff:ac:63:ef:52:1f:22:92:c4:cc:be:55:
                    da:09:55:fd:59:52:b9:1c:cc:f4:20:45:9c:f7:78:
                    e6:03:9e:22:3a:78:ff:0f:21:cb:de:3b:5b:09:2a:
                    55:63:8a:05:e8:4c:93:34:51:61:67:f9:ef:3a:9b:
                    04:f3:46:42:0b:52:a0:17:4d:72:22:75:18:e0:66:
                    4f:6c:d6:db:51:ac:97:c1:6a:70:ed:c6:ce:60:b7:
                    70:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:BC:59:27:E5:C6:96:2D:EE:14:87:CB:58:36:E4:2D:EB:7B:F0:55
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/hbxZJ-XGli3uFIfLWDbkLet78FU.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:2d:bf:19:f5:98:f9:e6:f6:f4:bc:16:c3:cc:7a:62:e0:56:
         1d:0e:77:d1:f6:02:d4:39:21:39:7a:f7:5f:a7:47:3c:cc:c4:
         76:db:a0:de:bc:d6:a7:52:22:b7:23:4c:c6:ad:82:bc:81:51:
         b4:62:c7:76:94:58:01:a7:31:8e:f6:98:33:41:02:6c:fd:6c:
         52:6a:55:97:0b:80:99:a0:1e:08:e4:f4:55:de:77:bf:89:96:
         11:8f:1a:8b:33:36:61:b6:c9:e2:68:7b:d2:25:bd:06:f7:30:
         db:24:5d:47:2f:cb:24:9a:50:d9:76:07:27:5c:42:14:a7:bd:
         71:0d:84:c0:1c:94:22:6d:ab:9f:2e:91:4e:f1:c6:cb:ec:df:
         5c:a7:ef:a6:12:46:f5:4a:1f:ff:44:9b:e9:98:04:81:b2:7a:
         fd:59:8c:5a:99:77:ea:63:a4:85:66:b5:1a:78:b1:a7:34:91:
         7b:a5:74:8a:4b:a6:9f:3a:0b:e7:1c:55:b7:04:b9:60:46:d2:
         e2:22:ab:86:f2:03:24:fb:eb:a3:1b:b0:a6:8d:32:e6:bf:94:
         5f:61:a1:9f:b7:bd:0e:47:05:1a:0f:55:2b:c9:f5:f3:5f:2b:
         16:d9:8a:6e:6e:7e:b9:25:4b:8f:c5:41:e6:31:37:9f:45:f1:
         7a:04:cd:b2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCgcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMjAw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg1QkM1OTI3RTVDNjk2
MkRFRTE0ODdDQjU4MzZFNDJERUI3QkYwNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEuT9yUFwCUZsrF5PxcOyISYMNpu4/tJLaqsKewnTr/dk4qfrY
eSoX1cxn5Do3A6tD8jyFxpflp13QonRRc50lZZDTRqcwTDIMK0ytcpv6S9jGepb9
6rONyCRHbZC2KVjiKOozpPV05kO08CvpAyX5jTR8tcoLrXzqkSpB6vmllzfWPIKS
oe/3qZDJEyjjjSvTn208Lj6DfxHcWw3Y+yZenjch8pHQX/+sY+9SHyKSxMy+VdoJ
Vf1ZUrkczPQgRZz3eOYDniI6eP8PIcveO1sJKlVjigXoTJM0UWFn+e86mwTzRkIL
UqAXTXIidRjgZk9s1ttRrJfBanDtxs5gt3D9AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUhbxZJ+XGli3uFIfLWDbkLet78FUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2hieFpKLVhHbGkzdUZJ
ZkxXRGJrTGV0NzhGVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAB8tvxn1mPnm9vS8FsPMemLgVh0Od9H2AtQ5
ITl691+nRzzMxHbboN681qdSIrcjTMatgryBUbRix3aUWAGnMY72mDNBAmz9bFJq
VZcLgJmgHgjk9FXed7+JlhGPGoszNmG2yeJoe9IlvQb3MNskXUcvyySaUNl2Bydc
QhSnvXENhMAclCJtq58ukU7xxsvs31yn76YSRvVKH/9Em+mYBIGyev1ZjFqZd+pj
pIVmtRp4sac0kXuldIpLpp86C+ccVbcEuWBG0uIiq4byAyT766MbsKaNMua/lF9h
oZ+3vQ5HBRoPVSvJ9fNfKxbZim5ufrklS4/FQeYxN59F8XoEzbI=
-----END CERTIFICATE-----
Generated at Wed Nov 20 15:03:34 2024 by rpki-client on console-fra.rpki-client.org