Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/NR4OItEv__B3UrdAlDXj6wkSrpE.roa
File:                     NR4OItEv__B3UrdAlDXj6wkSrpE.roa (raw, json)
Hash identifier:          5OhD+PudQ0dDB6eo3yWz6vXP55R29kr45lW12OY2B+U=
Subject key identifier:   35:1E:0E:22:D1:2F:FF:F0:77:52:B7:40:94:35:E3:EB:09:12:AE:91
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0B3F
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/NR4OItEv__B3UrdAlDXj6wkSrpE.roa
Signing time:             Tue 24 Dec 2024 23:55:03 +0000
ROA not before:           Tue 24 Dec 2024 23:55:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2879 (0xb3f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Dec 24 23:55:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=351E0E22D12FFFF07752B7409435E3EB0912AE91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:68:90:a5:72:56:7d:b0:c8:73:49:ac:75:8e:
                    36:d8:cb:eb:55:09:32:29:38:c4:a0:41:f1:1b:2f:
                    75:92:93:af:f8:e9:d4:64:39:2b:26:36:13:e1:cb:
                    5c:9c:4d:c8:f2:9c:15:0f:a6:0c:3c:2a:80:96:91:
                    28:f4:52:24:6a:4c:77:96:bb:c0:43:9d:00:f4:c2:
                    d0:35:0a:d6:f7:aa:c2:e8:1c:9b:9b:65:c3:ed:1c:
                    81:88:e8:54:28:0d:8c:1a:4f:04:c4:53:9d:1d:3d:
                    77:15:b4:6c:97:aa:87:56:b3:e9:fe:a2:bf:24:1a:
                    69:aa:b8:a7:fa:9e:25:af:90:a0:d0:11:50:fe:18:
                    e0:03:eb:ef:ab:c5:09:0d:d3:3a:ba:ff:e5:cd:14:
                    43:40:43:09:6c:7e:87:39:9a:eb:3c:69:14:9c:67:
                    1b:07:6b:49:7a:12:1c:d6:83:00:cf:a7:8b:37:af:
                    4d:54:a8:b8:05:7b:f1:f6:50:89:dd:f4:08:85:e1:
                    9f:b8:55:d8:9c:fb:b1:4b:da:ce:46:b4:62:fe:b1:
                    1e:ac:ca:47:c2:72:1a:57:15:78:8e:69:cc:c0:76:
                    37:9c:d5:9a:4e:fc:89:d8:24:25:ce:9d:4e:19:91:
                    11:9a:e0:71:95:bc:ac:1e:24:54:69:36:e2:dd:82:
                    87:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:1E:0E:22:D1:2F:FF:F0:77:52:B7:40:94:35:E3:EB:09:12:AE:91
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/NR4OItEv__B3UrdAlDXj6wkSrpE.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:06:77:f4:bf:59:2b:9b:1c:84:7d:1c:80:cc:8a:75:18:14:
         29:44:22:39:63:47:0f:c8:18:78:33:1a:85:f4:eb:05:b8:b1:
         7c:e2:6e:8f:67:4b:e1:a3:7a:42:60:3f:a8:8d:47:cb:89:c9:
         71:4f:ef:fb:e2:02:07:59:f5:9e:c0:6e:65:c5:cc:6c:59:f6:
         b4:73:2c:a5:26:c3:dc:8f:e4:e6:72:00:2b:ed:f2:6f:a8:28:
         9c:64:8a:81:8d:20:4b:9a:99:1d:b7:e0:a1:38:54:97:93:15:
         e1:bb:30:f6:89:33:2b:11:9a:a0:73:08:0f:0b:69:a9:4c:0f:
         3e:d8:0a:02:c1:bd:3e:f8:4c:c3:c6:40:48:f0:11:3b:f2:74:
         ff:35:a1:3f:9f:b5:30:e5:69:75:57:86:f0:a7:4a:d5:e4:07:
         a6:a5:2f:cd:c5:18:ba:85:8b:50:56:4d:3b:21:be:8d:f8:ce:
         08:a5:9d:09:f0:2e:19:c5:3f:f3:58:b9:90:5e:60:f7:ad:d8:
         8d:e8:ad:7d:c3:ce:31:88:06:c2:50:73:66:42:8f:b3:82:fe:
         bc:a1:03:25:af:63:e0:41:67:12:05:ac:f2:cd:14:f2:4e:5b:
         1f:1d:77:3d:0c:3c:9c:95:2e:11:da:c3:cf:5f:21:17:47:02:
         e7:02:8d:a5
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCz8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjQy
MzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDM1MUUwRTIyRDEyRkZG
RjA3NzUyQjc0MDk0MzVFM0VCMDkxMkFFOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMaJClclZ9sMhzSax1jjbYy+tVCTIpOMSgQfEbL3WSk6/46dRk
OSsmNhPhy1ycTcjynBUPpgw8KoCWkSj0UiRqTHeWu8BDnQD0wtA1Ctb3qsLoHJub
ZcPtHIGI6FQoDYwaTwTEU50dPXcVtGyXqodWs+n+or8kGmmquKf6niWvkKDQEVD+
GOAD6++rxQkN0zq6/+XNFENAQwlsfoc5mus8aRScZxsHa0l6EhzWgwDPp4s3r01U
qLgFe/H2UInd9AiF4Z+4Vdic+7FL2s5GtGL+sR6sykfCchpXFXiOaczAdjec1ZpO
/InYJCXOnU4ZkRGa4HGVvKweJFRpNuLdgodBAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUNR4OItEv//B3UrdAlDXj6wkSrpEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL05SNE9JdEV2X19CM1Vy
ZEFsRFhqNndrU3JwRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAD4Gd/S/WSubHIR9HIDMinUYFClEIjljRw/I
GHgzGoX06wW4sXzibo9nS+GjekJgP6iNR8uJyXFP7/viAgdZ9Z7AbmXFzGxZ9rRz
LKUmw9yP5OZyACvt8m+oKJxkioGNIEuamR234KE4VJeTFeG7MPaJMysRmqBzCA8L
aalMDz7YCgLBvT74TMPGQEjwETvydP81oT+ftTDlaXVXhvCnStXkB6alL83FGLqF
i1BWTTshvo34zgilnQnwLhnFP/NYuZBeYPet2I3orX3DzjGIBsJQc2ZCj7OC/ryh
AyWvY+BBZxIFrPLNFPJOWx8ddz0MPJyVLhHaw89fIRdHAucCjaU=
-----END CERTIFICATE-----
Generated at Tue Jun 10 06:53:07 2025 by rpki-client