Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/4dAA0ey5bDAdMCGtR2X92X83GeQ.roa
File:                     4dAA0ey5bDAdMCGtR2X92X83GeQ.roa (raw, json)
Hash identifier:          ARHOPTfgROFqgS6cfXxyMAxSfY6zKc/N2a+UfXcCNEs=
Subject key identifier:   E1:D0:00:D1:EC:B9:6C:30:1D:30:21:AD:47:65:FD:D9:7F:37:19:E4
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0B2D
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4dAA0ey5bDAdMCGtR2X92X83GeQ.roa
Signing time:             Sun 22 Dec 2024 23:55:03 +0000
ROA not before:           Sun 22 Dec 2024 23:55:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2861 (0xb2d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Dec 22 23:55:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=E1D000D1ECB96C301D3021AD4765FDD97F3719E4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:9f:34:29:85:9e:5e:ae:65:a0:3e:bc:b0:ab:
                    9d:45:31:6e:27:ee:87:1d:4c:83:f8:dc:cd:9b:af:
                    b7:50:11:c6:a1:8f:f9:91:45:1a:4b:6e:df:a9:9b:
                    dc:b1:ac:bf:56:93:82:56:0c:de:24:96:4d:a0:c6:
                    ec:ab:97:55:ac:fd:33:6c:05:af:10:4a:9f:64:88:
                    11:ee:eb:48:eb:be:ae:b5:c2:6f:f9:50:ad:28:3d:
                    dc:60:b8:ed:ae:e1:fa:f6:d3:f3:f8:0b:86:60:25:
                    fe:e6:b1:4b:f7:86:f4:fb:73:b1:e5:29:27:94:db:
                    dd:2d:85:0a:47:47:30:67:f6:e6:4c:ed:15:39:2e:
                    18:1f:c1:5b:46:49:0c:95:07:0e:c8:f3:61:07:2f:
                    4e:f8:68:98:0e:88:fe:4b:25:50:dd:33:11:d9:77:
                    2b:b5:9a:1e:8b:a3:84:46:e9:26:58:84:91:d3:23:
                    6d:bf:c9:04:18:d3:e8:54:a7:3f:40:d6:7d:67:6a:
                    20:6d:99:69:c9:22:b5:80:c2:e5:0d:60:eb:69:7f:
                    fc:ae:91:cd:7d:70:b9:7c:17:55:72:29:67:f0:a7:
                    f8:db:60:a8:50:c2:47:2f:fc:35:e6:cf:d5:23:9e:
                    1b:8d:a6:86:d7:38:c0:10:da:82:2b:d2:b9:de:25:
                    34:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:D0:00:D1:EC:B9:6C:30:1D:30:21:AD:47:65:FD:D9:7F:37:19:E4
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/4dAA0ey5bDAdMCGtR2X92X83GeQ.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c8:a3:61:69:a5:32:23:81:c5:3d:ec:6e:ac:d6:80:3f:81:40:
         73:8d:b4:ed:ec:39:8c:14:78:d6:8c:87:44:b0:6d:2d:f7:37:
         56:bb:6c:35:e5:c8:e6:08:f8:7f:1c:be:ad:b8:db:31:4c:c2:
         60:60:2e:a2:bb:0a:20:e3:03:00:b3:f2:bb:b0:a7:a7:4f:44:
         b3:0a:16:83:54:45:13:45:48:21:d3:f2:96:d1:05:00:05:da:
         20:3d:3c:52:5a:c0:cd:22:6b:a9:11:72:19:c8:93:ee:95:3f:
         e1:6c:96:73:80:7d:de:15:47:9e:2b:67:0d:22:10:39:b7:d5:
         8b:a0:26:3b:61:88:30:0d:3a:f5:97:35:9a:ff:28:db:97:14:
         7f:1d:2d:19:6e:8a:29:1c:3d:fa:59:90:3d:ec:7d:a6:ec:a7:
         86:41:76:04:2d:73:dd:26:52:b4:af:35:b3:57:63:96:9a:f2:
         ca:1d:77:8d:89:6e:dd:e3:31:36:47:c4:1d:c4:bd:94:44:ee:
         c2:d3:6c:0d:82:99:50:1c:7e:fa:ac:98:00:f2:75:ce:51:68:
         87:c2:ac:c6:b2:a2:77:a4:19:b3:81:3a:e2:9b:05:06:e4:da:
         6c:31:78:ff:92:5f:94:e4:ca:95:96:d7:a8:23:86:1e:9d:a9:
         fb:a1:fb:c2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCy0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjIy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEUxRDAwMEQxRUNCOTZD
MzAxRDMwMjFBRDQ3NjVGREQ5N0YzNzE5RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVnzQphZ5ermWgPrywq51FMW4n7ocdTIP43M2br7dQEcahj/mR
RRpLbt+pm9yxrL9Wk4JWDN4klk2gxuyrl1Ws/TNsBa8QSp9kiBHu60jrvq61wm/5
UK0oPdxguO2u4fr20/P4C4ZgJf7msUv3hvT7c7HlKSeU290thQpHRzBn9uZM7RU5
LhgfwVtGSQyVBw7I82EHL074aJgOiP5LJVDdMxHZdyu1mh6Lo4RG6SZYhJHTI22/
yQQY0+hUpz9A1n1naiBtmWnJIrWAwuUNYOtpf/yukc19cLl8F1VyKWfwp/jbYKhQ
wkcv/DXmz9UjnhuNpobXOMAQ2oIr0rneJTRXAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQU4dAA0ey5bDAdMCGtR2X92X83GeQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmLzRkQUEwZXk1YkRBZE1D
R3RSMlg5Mlg4M0dlUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAMijYWmlMiOBxT3sbqzWgD+BQHONtO3sOYwU
eNaMh0SwbS33N1a7bDXlyOYI+H8cvq242zFMwmBgLqK7CiDjAwCz8ruwp6dPRLMK
FoNURRNFSCHT8pbRBQAF2iA9PFJawM0ia6kRchnIk+6VP+FslnOAfd4VR54rZw0i
EDm31YugJjthiDANOvWXNZr/KNuXFH8dLRluiikcPfpZkD3sfabsp4ZBdgQtc90m
UrSvNbNXY5aa8sodd42Jbt3jMTZHxB3EvZRE7sLTbA2CmVAcfvqsmADydc5RaIfC
rMayonekGbOBOuKbBQbk2mwxeP+SX5TkypWW16gjhh6dqfuh+8I=
-----END CERTIFICATE-----
Generated at Tue Jun 10 09:03:56 2025 by rpki-client