Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/BUhHYiR5e8UnyAjydZRDZBzcyzM.roa
File:                     BUhHYiR5e8UnyAjydZRDZBzcyzM.roa (raw, json)
Hash identifier:          DIK3jDCtK3CnBIpasAsziMIfB9ZsOx98xBr2m7iOBeo=
Subject key identifier:   05:48:47:62:24:79:7B:C5:27:C8:08:F2:75:94:43:64:1C:DC:CB:33
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0BB2
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/BUhHYiR5e8UnyAjydZRDZBzcyzM.roa
Signing time:             Mon 06 Jan 2025 15:55:03 +0000
ROA not before:           Mon 06 Jan 2025 15:55:03 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2994 (0xbb2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Jan  6 15:55:03 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=0548476224797BC527C808F2759443641CDCCB33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:89:9e:86:e0:f6:4d:13:81:ec:2e:1f:ab:bc:
                    df:f7:07:b8:94:7e:88:5c:20:64:bf:f4:83:9b:c2:
                    59:70:70:f0:64:84:c5:76:56:f1:ad:38:53:0d:30:
                    c0:33:8e:d6:d5:d1:6a:11:02:08:be:33:a8:96:75:
                    f0:d2:b4:a7:79:ec:2c:e9:30:e2:cd:51:29:e3:83:
                    ef:3e:57:5f:97:5d:29:89:1a:5d:74:e3:7d:e5:27:
                    15:f7:41:f6:6d:49:ad:87:6e:a8:25:a3:ab:d0:66:
                    2d:f9:c0:c8:41:8a:1a:d9:cd:3c:c2:d9:98:34:5e:
                    0f:b8:2f:a4:61:90:67:cd:d8:b1:46:6b:22:bd:a3:
                    fe:db:2f:e8:fa:d2:32:fd:62:c3:b8:91:75:f8:79:
                    15:b2:aa:b5:d6:84:ed:d3:37:63:ab:d8:ed:91:97:
                    33:62:c6:85:77:c3:4a:7b:25:c1:4e:ef:05:fb:1d:
                    d8:f0:e0:9b:d8:e9:a0:2a:b6:11:11:d4:11:86:39:
                    51:66:ab:ad:e5:a2:bd:cc:a3:dd:c2:ae:38:85:fd:
                    94:33:7a:be:45:f0:b8:80:cb:90:ba:e4:27:3e:e8:
                    60:7a:79:24:14:19:37:08:c5:d8:55:7f:35:a6:87:
                    1e:f0:f0:7d:9a:9f:cb:b6:56:81:f8:d2:8a:28:78:
                    ff:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:48:47:62:24:79:7B:C5:27:C8:08:F2:75:94:43:64:1C:DC:CB:33
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/BUhHYiR5e8UnyAjydZRDZBzcyzM.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:ee:23:6b:49:5d:94:20:c3:72:c1:e5:11:62:cd:e9:f4:f2:
         fe:4b:39:cb:69:bc:12:0a:4c:cb:84:0e:da:4f:63:f4:dd:b9:
         3c:b1:98:29:5c:88:fe:0b:c9:19:f1:b4:2a:40:38:dd:7a:5b:
         d5:98:54:35:10:7f:53:df:91:4f:6c:a3:95:54:31:35:47:12:
         f1:54:6f:aa:e5:d0:cf:f4:7b:a6:fa:93:1c:54:c0:55:ed:b9:
         0f:f0:f7:69:67:50:c5:7f:01:ad:1f:2c:3e:50:39:ed:6a:5f:
         06:e1:83:b7:12:06:f3:5c:d2:81:ab:c8:e2:45:bc:86:b6:10:
         b0:5d:10:a7:fa:7b:ec:36:ec:83:f9:dc:43:dc:e6:2f:4b:58:
         d8:a1:17:ad:3e:3d:86:54:90:c7:f5:12:a8:73:f6:65:a9:dc:
         2d:be:d3:66:91:54:22:8f:41:62:15:70:10:5f:e3:ec:5c:21:
         dd:3e:d1:68:b8:9e:85:45:4d:5d:7b:6a:1f:85:77:c1:02:0f:
         dc:25:07:d4:6a:68:11:17:fd:04:4b:03:b9:5d:8f:2c:1a:6f:
         1d:13:54:47:22:c4:d6:a5:76:7e:72:d6:2d:d9:5b:82:66:42:
         aa:2f:ab:e5:0a:24:1b:68:b9:6e:e7:a3:17:1b:b2:4f:77:63:
         46:62:4e:3d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC7IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMDYx
NTU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDA1NDg0NzYyMjQ3OTdC
QzUyN0M4MDhGMjc1OTQ0MzY0MUNEQ0NCMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuiZ6G4PZNE4HsLh+rvN/3B7iUfohcIGS/9IObwllwcPBkhMV2
VvGtOFMNMMAzjtbV0WoRAgi+M6iWdfDStKd57CzpMOLNUSnjg+8+V1+XXSmJGl10
433lJxX3QfZtSa2Hbqglo6vQZi35wMhBihrZzTzC2Zg0Xg+4L6RhkGfN2LFGayK9
o/7bL+j60jL9YsO4kXX4eRWyqrXWhO3TN2Or2O2RlzNixoV3w0p7JcFO7wX7Hdjw
4JvY6aAqthER1BGGOVFmq63lor3Mo93CrjiF/ZQzer5F8LiAy5C65Cc+6GB6eSQU
GTcIxdhVfzWmhx7w8H2an8u2VoH40oooeP+VAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUBUhHYiR5e8UnyAjydZRDZBzcyzMwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL0JVaEhZaVI1ZThVbnlB
anlkWlJEWkJ6Y3l6TS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAA7uI2tJXZQgw3LB5RFizen08v5LOctpvBIK
TMuEDtpPY/TduTyxmClciP4LyRnxtCpAON16W9WYVDUQf1PfkU9so5VUMTVHEvFU
b6rl0M/0e6b6kxxUwFXtuQ/w92lnUMV/Aa0fLD5QOe1qXwbhg7cSBvNc0oGryOJF
vIa2ELBdEKf6e+w27IP53EPc5i9LWNihF60+PYZUkMf1Eqhz9mWp3C2+02aRVCKP
QWIVcBBf4+xcId0+0Wi4noVFTV17ah+Fd8ECD9wlB9RqaBEX/QRLA7ldjywabx0T
VEcixNaldn5y1i3ZW4JmQqovq+UKJBtouW7noxcbsk93Y0ZiTj0=
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:08:38 2025 by rpki-client