Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Tjfw0VfoiOeDNWjaFd_CvPMUDIg.roa
File:                     Tjfw0VfoiOeDNWjaFd_CvPMUDIg.roa (raw, json)
Hash identifier:          KMjDmI/sHICVrre7CV8eFnKrCvTznVqdHwdkBSDivR8=
Subject key identifier:   4E:37:F0:D1:57:E8:88:E7:83:35:68:DA:15:DF:C2:BC:F3:14:0C:88
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0CB4
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Tjfw0VfoiOeDNWjaFd_CvPMUDIg.roa
Signing time:             Tue 04 Feb 2025 07:55:02 +0000
ROA not before:           Tue 04 Feb 2025 07:55:02 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3252 (0xcb4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Feb  4 07:55:02 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=4E37F0D157E888E7833568DA15DFC2BCF3140C88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:14:32:7a:fd:24:76:d6:67:b1:96:c8:63:28:
                    4b:87:8a:10:a7:60:a1:36:c3:51:2d:9c:f7:a2:21:
                    07:36:3e:4b:be:6f:bc:20:5d:91:4d:01:b2:12:dd:
                    5c:94:6e:d7:30:dd:7d:0e:25:bd:02:ae:54:04:a7:
                    f8:41:a5:ae:03:74:c1:bf:4b:80:8d:fe:ea:c1:0f:
                    ee:c1:a5:b5:22:03:f5:36:82:2d:31:5f:1e:34:ef:
                    5b:73:a8:a2:66:43:cd:22:0a:1c:53:6d:10:3e:e6:
                    5f:ef:ac:59:52:82:17:21:36:6e:61:37:46:8a:17:
                    71:a3:a8:ea:fb:09:4b:7d:57:56:cd:05:1f:c7:70:
                    29:80:e2:c9:96:01:78:bf:00:bd:90:e0:1a:5f:81:
                    51:96:16:f6:a4:8e:4d:80:2d:cc:cf:5a:d8:85:b6:
                    fd:8d:90:f6:f2:e4:f2:18:b5:4d:12:f9:b1:fe:6b:
                    ba:8a:5d:bb:fe:b3:6e:e1:3d:d6:03:9a:28:16:6e:
                    ed:26:79:fe:3c:1c:ea:53:8f:12:71:58:54:a9:9d:
                    35:00:6e:63:cf:e2:1b:9f:ff:aa:7c:94:b3:1d:d2:
                    5a:7a:04:86:f3:10:e2:46:dc:27:d4:87:ce:4e:e9:
                    a3:0d:dc:51:1b:68:e6:f1:c9:0c:2b:59:51:ce:d6:
                    a9:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:37:F0:D1:57:E8:88:E7:83:35:68:DA:15:DF:C2:BC:F3:14:0C:88
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Tjfw0VfoiOeDNWjaFd_CvPMUDIg.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d6:a3:e1:83:0d:92:1b:a0:ad:e7:bc:cf:bf:3a:cd:68:e9:0e:
         9c:61:9b:b0:4b:da:e0:1e:cd:34:6f:46:27:62:09:34:3e:00:
         c8:46:4c:3b:9a:63:f0:ec:49:74:01:da:68:0b:79:07:60:f2:
         4d:ee:93:1a:5b:3a:41:47:f1:2d:3c:cd:ab:ec:a2:db:5b:cb:
         76:2d:b3:4d:28:04:f1:b5:bd:79:51:0a:75:24:77:37:9b:77:
         8e:ca:41:bc:7e:e6:ff:75:97:07:a7:73:a5:b9:3c:22:fa:08:
         ae:d7:ea:65:ea:25:82:63:52:f5:3d:17:6e:97:a3:1e:be:2e:
         67:31:0f:f8:3e:95:4e:5f:e6:57:a0:03:58:31:c2:c9:fd:02:
         c2:ab:77:a9:45:22:e7:2f:68:26:d6:1d:35:cb:c6:95:14:fb:
         b1:69:3b:10:e1:4a:76:a0:f6:f8:93:1f:c4:ea:8d:3f:97:bb:
         89:44:a4:bf:bf:90:d6:73:5e:ab:0e:cb:64:39:3f:e9:81:fe:
         cc:ab:b6:3f:1b:78:66:45:d8:fb:e1:4d:cd:b4:aa:af:55:65:
         df:52:9b:d0:60:06:6a:90:c0:0a:36:b4:3f:2e:e5:f8:92:d5:
         09:1b:b6:52:df:9e:60:d9:dc:94:4e:56:67:1b:0e:ac:ed:31:
         88:55:cd:87
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICDLQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAyMDQw
NzU1MDJaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRFMzdGMEQxNTdFODg4
RTc4MzM1NjhEQTE1REZDMkJDRjMxNDBDODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAFDJ6/SR21mexlshjKEuHihCnYKE2w1EtnPeiIQc2Pku+b7wg
XZFNAbIS3VyUbtcw3X0OJb0CrlQEp/hBpa4DdMG/S4CN/urBD+7BpbUiA/U2gi0x
Xx4071tzqKJmQ80iChxTbRA+5l/vrFlSghchNm5hN0aKF3GjqOr7CUt9V1bNBR/H
cCmA4smWAXi/AL2Q4BpfgVGWFvakjk2ALczPWtiFtv2NkPby5PIYtU0S+bH+a7qK
Xbv+s27hPdYDmigWbu0mef48HOpTjxJxWFSpnTUAbmPP4huf/6p8lLMd0lp6BIbz
EOJG3CfUh85O6aMN3FEbaObxyQwrWVHO1qk3AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUTjfw0VfoiOeDNWjaFd/CvPMUDIgwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1RqZncwVmZvaU9lRE5X
amFGZF9DdlBNVURJZy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANaj4YMNkhugree8z786zWjpDpxhm7BL2uAe
zTRvRidiCTQ+AMhGTDuaY/DsSXQB2mgLeQdg8k3ukxpbOkFH8S08zavsottby3Yt
s00oBPG1vXlRCnUkdzebd47KQbx+5v91lwenc6W5PCL6CK7X6mXqJYJjUvU9F26X
ox6+LmcxD/g+lU5f5legA1gxwsn9AsKrd6lFIucvaCbWHTXLxpUU+7FpOxDhSnag
9viTH8TqjT+Xu4lEpL+/kNZzXqsOy2Q5P+mB/syrtj8beGZF2PvhTc20qq9VZd9S
m9BgBmqQwAo2tD8u5fiS1QkbtlLfnmDZ3JROVmcbDqztMYhVzYc=
-----END CERTIFICATE-----
Generated at Tue Jun 10 01:20:55 2025 by rpki-client