Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/W7YtUZtnfk1m2Jng_F8dINyc7Eo.roa
File:                     W7YtUZtnfk1m2Jng_F8dINyc7Eo.roa (raw, json)
Hash identifier:          qwT67OhAFjk6E0CRLTVwWxdwEk4oZRRa88v9LHGW+Xw=
Subject key identifier:   5B:B6:2D:51:9B:67:7E:4D:66:D8:99:E0:FC:5F:1D:20:DC:9C:EC:4A
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0B1E
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/W7YtUZtnfk1m2Jng_F8dINyc7Eo.roa
Signing time:             Sat 21 Dec 2024 07:55:02 +0000
ROA not before:           Sat 21 Dec 2024 07:55:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2846 (0xb1e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Dec 21 07:55:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5BB62D519B677E4D66D899E0FC5F1D20DC9CEC4A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:32:25:48:f5:c4:c3:84:e4:a1:43:10:e8:81:
                    67:3f:29:c3:a7:5c:22:89:32:bf:ca:7d:97:6c:a9:
                    11:09:d7:b9:75:75:a4:9b:f2:7c:40:9f:c8:0b:7a:
                    c9:d0:8e:2e:be:86:f0:cd:3f:25:66:80:eb:0e:8e:
                    8c:4c:38:c2:6e:5b:42:bf:93:ee:64:a2:9c:4f:8b:
                    6c:24:57:8e:07:58:b8:8f:05:9b:c7:bb:10:41:3e:
                    37:6b:1c:b9:4f:b7:e4:8f:92:22:0c:17:56:52:3d:
                    4c:fa:c6:7b:d1:06:36:01:92:5b:fa:30:06:d1:40:
                    5d:e7:0f:a9:78:84:01:8c:38:a6:c7:33:4e:87:8a:
                    6c:00:92:a5:df:4a:95:fa:46:77:7c:ab:f8:25:38:
                    97:7d:76:98:1c:6d:0b:19:af:31:aa:02:f9:a2:3f:
                    ae:6d:20:13:78:fc:61:f8:b8:15:3c:d8:e9:aa:39:
                    ca:96:62:26:70:0e:e2:ea:95:26:85:e1:1c:1e:8e:
                    c3:17:16:0e:17:4e:42:3a:ae:0a:88:e2:cb:4f:4a:
                    b4:cb:39:29:05:de:13:f0:53:e2:ed:69:eb:51:0c:
                    cd:97:55:4f:4b:f5:85:6f:a5:14:45:84:01:13:3c:
                    40:a4:85:08:17:42:2f:12:92:91:17:13:86:e9:4e:
                    d5:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:B6:2D:51:9B:67:7E:4D:66:D8:99:E0:FC:5F:1D:20:DC:9C:EC:4A
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/W7YtUZtnfk1m2Jng_F8dINyc7Eo.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:5a:2e:6c:f2:67:67:e6:c2:15:5d:5f:92:31:1c:76:2f:8e:
         73:26:e6:8d:e7:3f:4a:a0:af:6e:8e:32:32:da:66:04:f6:ef:
         8e:fe:67:92:e7:cf:0d:17:6d:3b:59:b0:58:dd:0a:c2:4a:09:
         ce:da:31:cb:47:37:a4:3d:2d:d2:0c:f9:6e:fc:11:11:9e:ff:
         0f:a4:74:c6:f9:51:2c:e8:86:8a:fc:01:13:14:d2:73:a1:d7:
         75:6e:ab:de:f0:c8:2b:0d:ca:35:a1:af:b8:c2:3a:85:6b:c1:
         a4:a9:06:d0:80:7c:94:d7:9b:28:bf:34:27:44:03:07:6f:e0:
         30:26:3a:ed:c8:11:67:a9:a3:ce:e6:21:05:53:b7:09:f2:8c:
         93:bf:66:a7:55:ad:f5:50:08:35:3f:fe:1f:a8:22:79:07:ff:
         76:c2:43:55:02:c9:d5:ba:70:47:28:b2:f0:ed:2c:73:5a:75:
         75:8d:8c:fb:de:34:da:c1:90:cb:35:c8:7b:64:2b:ea:be:66:
         bf:8c:af:39:10:7b:17:66:46:52:a9:d6:f4:98:e1:0a:78:d5:
         e3:bf:0b:06:38:c6:37:75:f1:e9:86:14:84:06:58:43:4a:29:
         7c:aa:7a:cb:1d:8b:42:47:d7:43:bd:33:5f:cf:6b:8a:d8:1b:
         58:a8:76:66
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCx4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjEw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVCQjYyRDUxOUI2NzdF
NEQ2NkQ4OTlFMEZDNUYxRDIwREM5Q0VDNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7MiVI9cTDhOShQxDogWc/KcOnXCKJMr/KfZdsqREJ17l1daSb
8nxAn8gLesnQji6+hvDNPyVmgOsOjoxMOMJuW0K/k+5kopxPi2wkV44HWLiPBZvH
uxBBPjdrHLlPt+SPkiIMF1ZSPUz6xnvRBjYBklv6MAbRQF3nD6l4hAGMOKbHM06H
imwAkqXfSpX6Rnd8q/glOJd9dpgcbQsZrzGqAvmiP65tIBN4/GH4uBU82OmqOcqW
YiZwDuLqlSaF4RwejsMXFg4XTkI6rgqI4stPSrTLOSkF3hPwU+LtaetRDM2XVU9L
9YVvpRRFhAETPECkhQgXQi8SkpEXE4bpTtXPAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUW7YtUZtnfk1m2Jng/F8dINyc7EowHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1c3WXRVWnRuZmsxbTJK
bmdfRjhkSU55YzdFby5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAKxaLmzyZ2fmwhVdX5IxHHYvjnMm5o3nP0qg
r26OMjLaZgT2747+Z5Lnzw0XbTtZsFjdCsJKCc7aMctHN6Q9LdIM+W78ERGe/w+k
dMb5USzohor8ARMU0nOh13Vuq97wyCsNyjWhr7jCOoVrwaSpBtCAfJTXmyi/NCdE
Awdv4DAmOu3IEWepo87mIQVTtwnyjJO/ZqdVrfVQCDU//h+oInkH/3bCQ1UCydW6
cEcosvDtLHNadXWNjPveNNrBkMs1yHtkK+q+Zr+MrzkQexdmRlKp1vSY4Qp41eO/
CwY4xjd18emGFIQGWENKKXyqessdi0JH10O9M1/Pa4rYG1iodmY=
-----END CERTIFICATE-----
Generated at Tue Jun 10 06:54:14 2025 by rpki-client