Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/TjuqtnwDRhKU7_8Im7YtReF7qpE.roa
File:                     TjuqtnwDRhKU7_8Im7YtReF7qpE.roa (raw, json)
Hash identifier:          144GODG+u9yhkBNAXgeSnrie1rBfXwrPgbYQ32o2Ieg=
Subject key identifier:   4E:3B:AA:B6:7C:03:46:12:94:EF:FF:08:9B:B6:2D:45:E1:7B:AA:91
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0BDF
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TjuqtnwDRhKU7_8Im7YtReF7qpE.roa
Signing time:             Sat 11 Jan 2025 15:55:03 +0000
ROA not before:           Sat 11 Jan 2025 15:55:03 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3039 (0xbdf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Jan 11 15:55:03 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=4E3BAAB67C03461294EFFF089BB62D45E17BAA91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5d:5b:98:b1:a9:9f:89:4a:10:e8:0d:fb:50:
                    14:79:11:4c:3e:f8:3e:1e:51:81:f4:03:e2:c3:21:
                    f8:2a:1c:e1:60:33:a2:32:fa:89:8c:40:f1:82:fb:
                    87:8b:cc:c7:6a:56:87:55:5f:32:f7:ff:c6:71:03:
                    66:09:8e:94:ef:33:60:c2:f4:84:68:4a:98:2f:e8:
                    e5:ce:17:32:94:57:9a:26:47:d9:86:d0:a2:db:0a:
                    15:2f:e4:14:27:93:ff:60:a5:2d:25:5f:66:62:1f:
                    d0:2c:c3:5e:ae:c5:f7:33:15:66:01:b3:38:e5:1a:
                    f2:a1:8e:47:bd:e9:5a:13:4a:fe:ee:31:24:d2:cd:
                    d1:c6:38:a7:f3:20:4b:cd:03:3e:ff:31:3a:60:60:
                    86:f1:76:4e:50:c1:e2:46:ea:50:11:b3:a8:9e:6f:
                    3f:c6:a5:8a:fe:44:67:19:74:01:2a:8f:19:d1:e0:
                    4f:8a:00:61:ef:19:c7:81:72:a9:77:42:f2:aa:40:
                    f2:35:55:a3:dd:e8:c3:a8:b5:2d:66:e6:ed:16:ab:
                    28:23:1f:a1:ae:65:ff:f9:67:d4:77:57:5b:10:46:
                    02:3d:da:af:95:66:d8:fd:f5:31:fd:94:1c:4a:e6:
                    ad:93:37:52:38:81:99:d4:0f:cd:e1:6a:e4:eb:21:
                    a5:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:3B:AA:B6:7C:03:46:12:94:EF:FF:08:9B:B6:2D:45:E1:7B:AA:91
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/TjuqtnwDRhKU7_8Im7YtReF7qpE.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:1a:65:0f:89:c6:21:93:7b:ac:04:f7:86:d7:c3:5f:39:fd:
         4a:82:14:bd:67:b4:f5:31:db:64:72:37:3f:4b:af:26:07:fb:
         79:af:0a:21:b3:b8:51:1e:7f:d0:91:bb:4c:18:61:a0:7d:cb:
         6c:04:1f:f2:a9:94:60:09:c5:e0:1f:66:56:79:03:a9:cd:59:
         01:3b:a9:f2:f6:49:b1:06:85:9a:2f:42:1a:ca:dc:a7:08:00:
         4e:28:12:7b:0b:85:77:72:42:d9:d0:e4:09:23:74:e5:25:06:
         36:32:33:1d:af:87:03:2b:83:2f:de:23:d0:f8:5a:c4:ab:b3:
         a9:23:bb:ce:2d:c7:87:77:96:5c:1b:a0:1e:a5:57:3a:63:44:
         a9:05:ee:7a:59:48:15:2a:37:ea:f6:1a:99:b7:67:b9:cf:f7:
         e7:2b:d0:f1:06:b5:8b:9b:2b:02:96:8b:c9:dd:02:2f:87:58:
         1f:09:dd:52:e6:30:40:40:24:8a:23:95:4c:f5:5e:bc:46:88:
         08:bf:e7:91:f3:5b:05:e1:86:86:c0:68:1a:45:39:70:fd:55:
         21:48:2c:49:26:d5:ca:4e:54:82:2c:00:d3:d4:74:5a:82:2c:
         7d:ed:0d:ed:de:96:85:ef:4b:c7:1a:04:ec:38:32:ee:ae:c1:
         9b:61:97:0d
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC98wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMTEx
NTU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRFM0JBQUI2N0MwMzQ2
MTI5NEVGRkYwODlCQjYyRDQ1RTE3QkFBOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7XVuYsamfiUoQ6A37UBR5EUw++D4eUYH0A+LDIfgqHOFgM6Iy
+omMQPGC+4eLzMdqVodVXzL3/8ZxA2YJjpTvM2DC9IRoSpgv6OXOFzKUV5omR9mG
0KLbChUv5BQnk/9gpS0lX2ZiH9Asw16uxfczFWYBszjlGvKhjke96VoTSv7uMSTS
zdHGOKfzIEvNAz7/MTpgYIbxdk5QweJG6lARs6iebz/GpYr+RGcZdAEqjxnR4E+K
AGHvGceBcql3QvKqQPI1VaPd6MOotS1m5u0WqygjH6GuZf/5Z9R3V1sQRgI92q+V
Ztj99TH9lBxK5q2TN1I4gZnUD83hauTrIaWrAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUTjuqtnwDRhKU7/8Im7YtReF7qpEwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1RqdXF0bndEUmhLVTdf
OEltN1l0UmVGN3FwRS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFYaZQ+JxiGTe6wE94bXw185/UqCFL1ntPUx
22RyNz9LryYH+3mvCiGzuFEef9CRu0wYYaB9y2wEH/KplGAJxeAfZlZ5A6nNWQE7
qfL2SbEGhZovQhrK3KcIAE4oEnsLhXdyQtnQ5AkjdOUlBjYyMx2vhwMrgy/eI9D4
WsSrs6kju84tx4d3llwboB6lVzpjRKkF7npZSBUqN+r2Gpm3Z7nP9+cr0PEGtYub
KwKWi8ndAi+HWB8J3VLmMEBAJIojlUz1XrxGiAi/55HzWwXhhobAaBpFOXD9VSFI
LEkm1cpOVIIsANPUdFqCLH3tDe3eloXvS8caBOw4Mu6uwZthlw0=
-----END CERTIFICATE-----
Generated at Tue Jun 10 15:25:57 2025 by rpki-client