Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/TfRVWxP5XQvEWgsdrSP6EozE5jQ.roa
File:                     TfRVWxP5XQvEWgsdrSP6EozE5jQ.roa (raw, json)
Hash identifier:          oIS5ekXyPtQ86gJyX80mE0hVRLikxSHAnoelM/TFT4E=
Subject key identifier:   4D:F4:55:5B:13:F9:5D:0B:C4:5A:0B:1D:AD:23:FA:12:8C:C4:E6:34
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0A97
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TfRVWxP5XQvEWgsdrSP6EozE5jQ.roa
Signing time:             Fri 06 Dec 2024 07:55:03 +0000
ROA not before:           Fri 06 Dec 2024 07:55:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2711 (0xa97)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Dec  6 07:55:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4DF4555B13F95D0BC45A0B1DAD23FA128CC4E634
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:02:99:f5:4f:59:76:d9:27:1c:13:cb:70:e4:
                    44:cc:e6:ae:27:3c:58:b3:f2:40:28:f5:36:e5:85:
                    79:55:14:29:8d:e5:fc:7a:7b:f0:42:1b:04:e1:ef:
                    9d:f1:d9:db:7e:ad:07:56:2f:20:d8:77:c8:2b:26:
                    a5:3f:1e:17:37:43:65:a0:00:b7:3b:9b:1c:72:e8:
                    e0:ff:63:0f:2d:9b:a5:e9:b0:5c:eb:96:cd:b4:7f:
                    57:06:6a:8f:d2:9e:8e:d0:d5:ee:c0:32:03:9d:97:
                    a3:73:b6:88:94:97:e2:27:18:37:8c:7b:40:78:e7:
                    c7:a5:9b:e6:ad:da:b1:7f:86:18:37:15:81:4c:04:
                    c3:36:c7:a6:70:6e:2b:57:34:4e:9a:b2:d7:0d:60:
                    59:65:88:36:03:d0:a0:eb:ed:6c:85:26:77:38:3b:
                    ee:d0:f7:1f:32:80:04:8c:04:3b:b2:5b:65:f5:43:
                    98:c2:a9:63:46:88:29:7e:a8:6f:96:3e:68:c7:7c:
                    5b:ad:53:f7:eb:fd:0d:32:2d:11:63:57:c8:a8:73:
                    d3:22:27:32:a8:58:ed:03:47:55:93:76:aa:a8:d5:
                    04:cd:b5:29:69:df:cd:00:8f:c6:0e:d0:a2:34:ea:
                    a8:88:ee:09:70:43:13:3f:ae:fd:c6:6e:66:8b:43:
                    11:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:F4:55:5B:13:F9:5D:0B:C4:5A:0B:1D:AD:23:FA:12:8C:C4:E6:34
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TfRVWxP5XQvEWgsdrSP6EozE5jQ.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:69:25:d8:03:c3:ea:09:8d:b9:66:eb:57:cc:e8:01:5f:6d:
         a2:0e:0a:0f:68:a7:6c:22:6a:51:56:f1:66:b1:8c:93:da:2c:
         99:de:87:3f:eb:71:d9:1b:ab:81:f1:d4:d0:be:42:72:ed:38:
         fb:e6:f6:5c:7b:57:0a:e6:28:0f:7b:e3:30:bd:6e:f5:4e:36:
         d7:2e:ca:20:e2:d1:39:a8:25:6b:b0:86:a1:f0:25:6b:4f:01:
         d1:04:d5:c6:2a:22:24:66:fe:e7:d3:5c:1c:fe:ab:61:74:89:
         0b:dc:25:4b:3c:ce:80:24:3e:43:68:a8:75:be:54:a7:0a:34:
         5b:4b:9e:2e:5e:b4:9c:fa:0a:66:6d:2d:5a:1c:d8:c0:3b:d0:
         ff:1b:0b:7e:56:79:4d:69:f0:ca:cc:35:96:c2:b3:e9:2e:be:
         2e:d9:29:01:53:2b:61:b8:25:6a:99:a4:3d:5e:10:64:4c:20:
         48:ff:13:88:3e:fa:68:5b:fb:91:84:cb:9b:cf:1d:69:ee:2a:
         e6:7e:9a:d0:cb:ad:55:90:a0:78:48:7f:c4:63:a7:34:5a:6b:
         13:8b:01:32:43:02:89:ce:e4:e8:73:2b:95:2c:e2:65:25:59:
         9b:6d:2b:8b:ae:5d:19:96:09:b7:86:51:bd:ac:e8:8c:81:17:
         9c:fb:85:e6
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCpcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMDYw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRERjQ1NTVCMTNGOTVE
MEJDNDVBMEIxREFEMjNGQTEyOENDNEU2MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3Apn1T1l22SccE8tw5ETM5q4nPFiz8kAo9TblhXlVFCmN5fx6
e/BCGwTh753x2dt+rQdWLyDYd8grJqU/Hhc3Q2WgALc7mxxy6OD/Yw8tm6XpsFzr
ls20f1cGao/Sno7Q1e7AMgOdl6NztoiUl+InGDeMe0B458elm+at2rF/hhg3FYFM
BMM2x6ZwbitXNE6astcNYFlliDYD0KDr7WyFJnc4O+7Q9x8ygASMBDuyW2X1Q5jC
qWNGiCl+qG+WPmjHfFutU/fr/Q0yLRFjV8ioc9MiJzKoWO0DR1WTdqqo1QTNtSlp
380Aj8YO0KI06qiI7glwQxM/rv3GbmaLQxH7AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUTfRVWxP5XQvEWgsdrSP6EozE5jQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1RmUlZXeFA1WFF2RVdn
c2RyU1A2RW96RTVqUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAF9pJdgDw+oJjblm61fM6AFfbaIOCg9op2wi
alFW8WaxjJPaLJnehz/rcdkbq4Hx1NC+QnLtOPvm9lx7VwrmKA974zC9bvVONtcu
yiDi0TmoJWuwhqHwJWtPAdEE1cYqIiRm/ufTXBz+q2F0iQvcJUs8zoAkPkNoqHW+
VKcKNFtLni5etJz6CmZtLVoc2MA70P8bC35WeU1p8MrMNZbCs+kuvi7ZKQFTK2G4
JWqZpD1eEGRMIEj/E4g++mhb+5GEy5vPHWnuKuZ+mtDLrVWQoHhIf8RjpzRaaxOL
ATJDAonO5OhzK5Us4mUlWZttK4uuXRmWCbeGUb2s6IyBF5z7heY=
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:30:37 2025 by rpki-client