Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/pWzk-kxRunZ1Wllbcs8TOc7h0P4.roa
File:                     pWzk-kxRunZ1Wllbcs8TOc7h0P4.roa (raw, json)
Hash identifier:          pPbmomb2c1WPK4Tk52ubSnX9YnanbM3dDkUbWoVSdW8=
Subject key identifier:   A5:6C:E4:FA:4C:51:BA:76:75:5A:59:5B:72:CF:13:39:CE:E1:D0:FE
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       3A
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/pWzk-kxRunZ1Wllbcs8TOc7h0P4.roa
Signing time:             Thu 15 Feb 2024 15:55:03 +0000
ROA not before:           Thu 15 Feb 2024 15:55:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Feb 2024 19:55:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 58 (0x3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Feb 15 15:55:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A56CE4FA4C51BA76755A595B72CF1339CEE1D0FE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:dc:79:85:73:3b:4c:70:44:42:e0:c3:0d:ad:
                    b2:b6:09:55:71:4b:a3:27:82:2b:31:02:86:b7:23:
                    b2:1d:b6:e4:36:33:da:9c:de:23:cc:19:7c:e1:07:
                    73:11:53:70:5c:50:64:42:da:5e:ce:7f:ce:bb:35:
                    fd:8b:df:ad:8b:bf:7c:8c:0d:30:f7:e0:a0:5f:71:
                    b2:8f:66:9f:10:29:f8:e5:1b:08:7c:3e:fb:2d:09:
                    dc:94:f4:a4:a8:1e:8e:78:49:2e:16:a4:11:ad:3c:
                    2b:e9:c1:c8:4b:14:61:b9:1b:56:c3:c1:12:45:96:
                    06:7a:79:f7:0f:c4:5e:9e:71:b8:a8:41:9c:0a:1e:
                    d1:32:c7:f9:77:ca:9d:55:6b:ec:71:52:05:3c:b2:
                    33:c8:16:c6:b2:c1:60:61:5c:e0:32:bc:8c:1d:f2:
                    09:4e:a6:eb:ae:18:a7:04:c1:f1:c1:87:1a:12:32:
                    55:89:b2:8f:82:e8:9f:ca:64:1f:9e:08:80:b1:b9:
                    2f:79:e8:ef:9d:90:86:b8:47:ec:d5:5c:58:c5:e2:
                    c4:61:54:81:7a:ad:a7:1d:fa:09:fc:a9:5a:79:3b:
                    e1:18:95:aa:48:8f:7e:dc:fd:88:6f:64:96:bc:f2:
                    e4:6a:42:a2:46:8c:1f:be:a7:b5:c5:f4:5e:39:ad:
                    42:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:6C:E4:FA:4C:51:BA:76:75:5A:59:5B:72:CF:13:39:CE:E1:D0:FE
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/pWzk-kxRunZ1Wllbcs8TOc7h0P4.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:8e:95:61:04:9f:a1:ae:6b:e8:fa:99:a3:ab:59:1b:e5:e9:
         07:4a:fa:8b:f7:51:f7:41:81:34:d6:e6:14:04:47:8d:d6:cd:
         f9:9d:eb:d5:ff:a2:62:5a:28:fb:c3:29:09:8e:3b:f9:4c:29:
         e9:e3:47:07:b0:30:ac:d8:fc:ec:5c:cb:30:6e:b3:76:d8:56:
         70:55:64:f9:f5:11:a9:d7:75:0b:20:03:2c:1e:ac:b7:3b:9c:
         3b:4a:44:37:df:02:fa:a0:81:31:dc:b0:80:96:f5:84:b6:62:
         0f:c3:5d:6c:bf:dc:c2:49:09:5e:ef:80:6b:a1:bd:4a:77:fa:
         2c:e6:5f:c1:49:74:9f:8d:c8:ac:5b:08:ef:a9:cb:04:87:aa:
         02:8c:10:92:33:0a:4f:06:00:8e:b7:f1:11:00:64:fa:4e:91:
         16:39:01:26:92:cc:fa:f4:57:47:d8:82:eb:5a:69:e4:14:4b:
         19:c1:75:7d:63:3b:e2:2d:a0:d0:1d:74:37:84:61:99:b2:3f:
         35:83:ca:3c:3c:9e:88:46:05:ac:58:b0:e4:51:e7:35:cc:56:
         38:1a:9a:e8:00:85:ba:31:24:fd:c3:91:0b:39:30:10:63:e3:
         f1:ff:27:d5:ee:8f:99:ab:26:63:16:31:12:b2:00:37:52:b2:
         0a:ea:d8:d3
-----BEGIN CERTIFICATE-----
MIIEoTCCA4mgAwIBAgIBOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MWQx
NGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMB4XDTI0MDIxNTE1
NTUwM1oXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoQTU2Q0U0RkE0QzUxQkE3
Njc1NUE1OTVCNzJDRjEzMzlDRUUxRDBGRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMXceYVzO0xwRELgww2tsrYJVXFLoyeCKzEChrcjsh225DYz2pze
I8wZfOEHcxFTcFxQZELaXs5/zrs1/YvfrYu/fIwNMPfgoF9xso9mnxAp+OUbCHw+
+y0J3JT0pKgejnhJLhakEa08K+nByEsUYbkbVsPBEkWWBnp59w/EXp5xuKhBnAoe
0TLH+XfKnVVr7HFSBTyyM8gWxrLBYGFc4DK8jB3yCU6m664YpwTB8cGHGhIyVYmy
j4Lon8pkH54IgLG5L3no752QhrhH7NVcWMXixGFUgXqtpx36CfypWnk74RiVqkiP
ftz9iG9klrzy5GpCokaMH76ntcX0XjmtQvsCAwEAAaOCAb4wggG6MB0GA1UdDgQW
BBSlbOT6TFG6dnVaWVtyzxM5zuHQ/jAfBgNVHSMEGDAWgBRx0U67JV3AWNS/paUc
k/c/gwq4jzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3Nm
L2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMGgGCCsGAQUFBwELBFwwWjBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9jaGxv
ZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubHJzc2YvcFd6ay1reFJ1bloxV2xs
YmNzOFRPYzdoMFA0LnJvYTAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJo
gTANBgkqhkiG9w0BAQsFAAOCAQEALY6VYQSfoa5r6PqZo6tZG+XpB0r6i/dR90GB
NNbmFARHjdbN+Z3r1f+iYloo+8MpCY47+Uwp6eNHB7AwrNj87FzLMG6zdthWcFVk
+fURqdd1CyADLB6stzucO0pEN98C+qCBMdywgJb1hLZiD8NdbL/cwkkJXu+Aa6G9
Snf6LOZfwUl0n43IrFsI76nLBIeqAowQkjMKTwYAjrfxEQBk+k6RFjkBJpLM+vRX
R9iC61pp5BRLGcF1fWM74i2g0B10N4RhmbI/NYPKPDyeiEYFrFiw5FHnNcxWOBqa
6ACFujEk/cORCzkwEGPj8f8n1e6PmasmYxYxErIAN1KyCurY0w==
-----END CERTIFICATE-----
Generated at Thu Feb 15 21:34:55 2024 by rpki-client on console-ams.rpki-client.org