Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/zUwyUwT_mhehX_6KzfF3ft9E8Sk.roa
File:                     zUwyUwT_mhehX_6KzfF3ft9E8Sk.roa (raw, json)
Hash identifier:          YyjB3TG4FhjK2MqWFubYtO4Fym5PtMaj4WQ9+w5n18E=
Subject key identifier:   CD:4C:32:53:04:FF:9A:17:A1:5F:FE:8A:CD:F1:77:7E:DF:44:F1:29
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       02AD
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/zUwyUwT_mhehX_6KzfF3ft9E8Sk.roa
Signing time:             Thu 25 Apr 2024 07:55:04 +0000
ROA not before:           Thu 25 Apr 2024 07:55:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Apr 2024 11:55:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 685 (0x2ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Apr 25 07:55:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=CD4C325304FF9A17A15FFE8ACDF1777EDF44F129
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:91:60:5a:1c:06:1a:40:cd:44:d8:0f:69:36:
                    54:b4:34:d6:92:ab:8d:11:81:9e:be:24:e8:d1:da:
                    6d:27:a2:7e:c5:40:db:62:d2:bd:1d:ff:b1:fc:d9:
                    6b:c8:4a:d4:d2:f3:e3:f7:0f:75:00:19:ba:19:d1:
                    a7:74:df:11:32:26:bd:07:e6:f4:6c:17:22:21:fe:
                    aa:a2:b8:27:ac:d0:e0:0b:bf:94:20:93:f3:59:5d:
                    17:f3:82:1c:9f:fa:81:79:0f:ab:46:60:94:2e:82:
                    65:30:a5:e8:25:08:dd:33:d9:6a:a6:b9:9b:c6:55:
                    95:ba:b1:63:ca:27:91:d4:18:2b:14:54:97:bb:f9:
                    55:ea:1a:17:1c:79:a0:67:3f:47:f2:cd:6c:54:14:
                    8a:f2:cf:a0:b8:eb:f7:f2:9e:2c:f6:d9:30:6b:b0:
                    16:2e:f1:29:34:69:15:fb:7b:f3:11:62:49:55:3c:
                    28:df:b6:f7:4c:e0:fb:ee:a9:1a:bc:ad:f3:77:94:
                    8c:82:f2:14:4c:58:1f:16:21:2b:07:23:a2:91:c6:
                    85:fd:b0:13:bf:1c:88:b9:b7:97:3a:43:2b:9e:ea:
                    ce:e5:5e:f6:a9:42:bf:23:e0:6b:90:53:f2:3d:20:
                    4e:6e:d3:85:7f:0f:ae:e1:1d:4a:6a:9e:90:23:0e:
                    63:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:4C:32:53:04:FF:9A:17:A1:5F:FE:8A:CD:F1:77:7E:DF:44:F1:29
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/zUwyUwT_mhehX_6KzfF3ft9E8Sk.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:cb:42:d9:1b:92:91:64:ea:66:66:86:4d:3b:45:55:d1:a1:
         28:c6:04:fd:41:d7:89:cb:90:a9:56:76:07:17:45:a2:ce:02:
         d7:7a:49:6a:85:8c:17:8e:fb:9a:4c:7b:0c:75:86:53:1b:ee:
         9f:4e:e9:07:43:0e:82:ec:8f:3f:18:5a:ea:95:e7:aa:e2:2c:
         aa:98:8a:55:cb:59:8c:98:22:dc:29:cc:c3:30:59:a8:69:2e:
         8b:01:2e:93:51:00:54:dd:3e:d9:2e:59:d9:b2:51:86:cd:7e:
         c2:0b:cf:2f:39:8b:68:8e:89:94:e0:d2:34:69:94:ad:d5:e8:
         00:25:2d:3d:c7:66:83:a5:05:51:95:b8:ae:aa:a6:89:44:dd:
         64:aa:84:6c:c9:0b:90:b7:09:e6:64:cb:25:37:49:18:5e:37:
         a7:f3:00:06:6e:8f:f6:cd:ed:30:ec:b3:52:d1:e6:22:41:df:
         63:50:60:64:bd:4b:03:16:29:4f:8f:5d:13:34:dc:b7:2b:33:
         1e:13:13:0c:02:7a:42:dc:78:01:73:d3:d6:3d:30:21:cb:58:
         70:7b:76:33:d2:61:9a:a3:7a:2c:ec:f3:54:ba:0a:af:61:13:
         c8:a3:40:98:2c:7e:6a:93:b4:5e:e2:4b:d8:36:bf:bf:48:cc:
         b4:cf:08:9d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAq0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDA0MjUw
NzU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKENENEMzMjUzMDRGRjlB
MTdBMTVGRkU4QUNERjE3NzdFREY0NEYxMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBkWBaHAYaQM1E2A9pNlS0NNaSq40RgZ6+JOjR2m0non7FQNti
0r0d/7H82WvIStTS8+P3D3UAGboZ0ad03xEyJr0H5vRsFyIh/qqiuCes0OALv5Qg
k/NZXRfzghyf+oF5D6tGYJQugmUwpeglCN0z2WqmuZvGVZW6sWPKJ5HUGCsUVJe7
+VXqGhcceaBnP0fyzWxUFIryz6C46/fyniz22TBrsBYu8Sk0aRX7e/MRYklVPCjf
tvdM4PvuqRq8rfN3lIyC8hRMWB8WISsHI6KRxoX9sBO/HIi5t5c6Qyue6s7lXvap
Qr8j4GuQU/I9IE5u04V/D67hHUpqnpAjDmOVAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUzUwyUwT/mhehX/6KzfF3ft9E8SkwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3pVd3lVd1RfbWhlaFhf
Nkt6ZkYzZnQ5RThTay5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHjLQtkbkpFk6mZmhk07RVXRoSjGBP1B14nL
kKlWdgcXRaLOAtd6SWqFjBeO+5pMewx1hlMb7p9O6QdDDoLsjz8YWuqV56riLKqY
ilXLWYyYItwpzMMwWahpLosBLpNRAFTdPtkuWdmyUYbNfsILzy85i2iOiZTg0jRp
lK3V6AAlLT3HZoOlBVGVuK6qpolE3WSqhGzJC5C3CeZkyyU3SRheN6fzAAZuj/bN
7TDss1LR5iJB32NQYGS9SwMWKU+PXRM03LcrMx4TEwwCekLceAFz09Y9MCHLWHB7
djPSYZqjeizs81S6Cq9hE8ijQJgsfmqTtF7iS9g2v79IzLTPCJ0=
-----END CERTIFICATE-----
Generated at Thu Apr 25 15:37:20 2024 by rpki-client on console-ams.rpki-client.org