Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/SHYz6dgHgjUjHZpHFk3bLlDS5OU.roa
File:                     SHYz6dgHgjUjHZpHFk3bLlDS5OU.roa (raw, json)
Hash identifier:          /sCCcy1nhvkiBxyP4mBlFFDPNMkT/A+F6xJd+P2cPX0=
Subject key identifier:   48:76:33:E9:D8:07:82:35:23:1D:9A:47:16:4D:DB:2E:50:D2:E4:E5
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0A46
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/SHYz6dgHgjUjHZpHFk3bLlDS5OU.roa
Signing time:             Wed 27 Nov 2024 07:55:02 +0000
ROA not before:           Wed 27 Nov 2024 07:55:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2630 (0xa46)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Nov 27 07:55:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=487633E9D8078235231D9A47164DDB2E50D2E4E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:a8:23:55:e9:83:51:5e:b4:6a:37:2c:c0:fd:
                    d8:0d:ed:89:42:67:02:69:bd:ec:c2:28:f3:39:2d:
                    51:52:8b:32:7d:50:b6:c3:9e:24:2e:91:c2:75:38:
                    d8:a1:e0:a0:f2:1b:fe:03:71:65:64:ee:54:70:26:
                    36:47:4b:08:c8:03:36:91:0c:62:54:28:13:f8:b9:
                    f7:77:9a:24:37:c9:eb:68:ba:77:af:04:2e:c9:48:
                    d9:64:44:de:4c:d7:a2:89:59:71:72:91:03:c9:25:
                    4c:cb:b9:d2:ec:14:70:38:24:09:13:9b:ff:c8:fc:
                    ed:d6:25:c5:57:2e:f6:29:17:bf:de:30:f1:2f:a2:
                    12:a4:4e:7c:78:5c:a8:c7:e2:b5:b1:d9:41:2f:6b:
                    01:ea:ff:41:06:b8:3a:47:e2:b2:27:f2:4a:17:18:
                    44:71:5f:2e:c8:d4:6f:ad:a9:dd:28:75:5f:ee:32:
                    67:b4:32:f7:37:d4:ff:41:92:db:8e:79:89:ff:f9:
                    72:cd:59:2f:dd:f0:d2:4b:86:8a:7b:e3:f3:fa:6b:
                    77:9f:4a:50:b3:b2:df:ef:1c:1f:f1:a0:17:f3:f9:
                    8b:f3:fb:a8:00:58:13:51:2a:b3:a6:13:8a:9f:01:
                    33:b3:66:70:2f:15:19:8b:86:ba:da:47:12:53:bc:
                    58:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:76:33:E9:D8:07:82:35:23:1D:9A:47:16:4D:DB:2E:50:D2:E4:E5
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/SHYz6dgHgjUjHZpHFk3bLlDS5OU.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:51:0c:ea:25:bc:0d:64:60:f1:6a:ba:32:9f:67:2b:71:94:
         40:de:e8:3e:c5:d4:4c:ab:f7:81:43:e6:81:98:71:7a:9d:19:
         e2:c2:88:b3:54:79:de:af:12:c1:09:a1:69:97:d3:ba:b2:c7:
         c9:51:18:1c:d8:50:9f:5f:25:3f:27:e9:65:85:9c:24:78:10:
         14:ba:5f:c8:fc:78:c9:05:90:21:99:fd:32:49:5f:04:51:95:
         51:7c:c1:55:62:99:eb:fd:41:a7:e5:1f:d7:7f:25:a3:9d:42:
         88:9c:78:0d:52:e1:f0:dd:50:06:13:b0:48:f5:ce:62:db:b3:
         c3:14:56:74:da:53:5f:18:6b:2c:bd:8b:43:f8:9a:8f:ed:ad:
         f7:74:fc:7a:99:d6:e3:0a:32:0f:dc:7b:56:40:a4:2e:33:1b:
         e9:5e:68:42:c7:ab:d1:09:01:e1:29:52:15:17:96:c0:cd:cf:
         b2:3a:2f:dc:13:11:5c:01:1d:c5:c4:b5:a9:e3:d8:6b:83:de:
         e9:e4:85:d1:b9:20:6c:c4:9d:75:a0:93:56:6e:a7:b2:cb:b5:
         f8:41:98:53:41:45:e0:af:31:fa:8b:c7:e1:0b:f7:72:2f:1d:
         85:47:8f:ee:eb:35:8e:d9:fd:0f:85:32:36:d1:bc:48:60:22:
         00:69:44:09
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCkYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMjcw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQ4NzYzM0U5RDgwNzgy
MzUyMzFEOUE0NzE2NEREQjJFNTBEMkU0RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPqCNV6YNRXrRqNyzA/dgN7YlCZwJpvezCKPM5LVFSizJ9ULbD
niQukcJ1ONih4KDyG/4DcWVk7lRwJjZHSwjIAzaRDGJUKBP4ufd3miQ3yetounev
BC7JSNlkRN5M16KJWXFykQPJJUzLudLsFHA4JAkTm//I/O3WJcVXLvYpF7/eMPEv
ohKkTnx4XKjH4rWx2UEvawHq/0EGuDpH4rIn8koXGERxXy7I1G+tqd0odV/uMme0
Mvc31P9BktuOeYn/+XLNWS/d8NJLhop74/P6a3efSlCzst/vHB/xoBfz+Yvz+6gA
WBNRKrOmE4qfATOzZnAvFRmLhrraRxJTvFh/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUSHYz6dgHgjUjHZpHFk3bLlDS5OUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1NIWXo2ZGdIZ2pVakha
cEhGazNiTGxEUzVPVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAENRDOolvA1kYPFqujKfZytxlEDe6D7F1Eyr
94FD5oGYcXqdGeLCiLNUed6vEsEJoWmX07qyx8lRGBzYUJ9fJT8n6WWFnCR4EBS6
X8j8eMkFkCGZ/TJJXwRRlVF8wVVimev9QaflH9d/JaOdQoiceA1S4fDdUAYTsEj1
zmLbs8MUVnTaU18Yayy9i0P4mo/trfd0/HqZ1uMKMg/ce1ZApC4zG+leaELHq9EJ
AeEpUhUXlsDNz7I6L9wTEVwBHcXEtanj2GuD3unkhdG5IGzEnXWgk1Zup7LLtfhB
mFNBReCvMfqLx+EL93IvHYVHj+7rNY7Z/Q+FMjbRvEhgIgBpRAk=
-----END CERTIFICATE-----
Generated at Mon Jun 9 20:58:00 2025 by rpki-client