Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/WKrLrxaGpAbrjLXkABbBpXSk9mk.roa
File:                     WKrLrxaGpAbrjLXkABbBpXSk9mk.roa (raw, json)
Hash identifier:          hmoDcPBhLTk7N38VnhZQBVfcnlY8pidtS3W6psobtN4=
Subject key identifier:   58:AA:CB:AF:16:86:A4:06:EB:8C:B5:E4:00:16:C1:A5:74:A4:F6:69
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0CAE
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WKrLrxaGpAbrjLXkABbBpXSk9mk.roa
Signing time:             Mon 03 Feb 2025 15:55:03 +0000
ROA not before:           Mon 03 Feb 2025 15:55:03 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3246 (0xcae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Feb  3 15:55:03 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=58AACBAF1686A406EB8CB5E40016C1A574A4F669
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:b6:14:88:d5:13:9c:56:1a:3a:55:78:ac:e1:
                    f8:ed:aa:1d:a5:7e:98:c9:97:1b:e2:fe:72:fc:07:
                    99:d8:8c:3c:f4:99:8d:e0:64:ab:62:e4:b4:49:10:
                    fb:c2:c0:b0:9c:60:15:97:18:a6:b0:25:55:15:d7:
                    4b:fa:8d:59:97:f0:59:f1:32:3d:2f:28:4e:8f:80:
                    43:38:a3:8f:3b:13:93:11:c9:c3:93:c7:73:07:db:
                    8f:d8:23:aa:76:50:22:b3:0c:af:54:04:be:d7:3d:
                    2a:2b:70:61:8a:22:af:f3:7f:de:61:10:32:c4:d7:
                    79:72:f9:b4:91:15:69:b1:16:bd:71:22:f4:44:03:
                    23:45:bd:c2:e0:64:d4:73:ea:bc:b3:71:56:e2:32:
                    a1:4a:6e:0c:30:47:9c:b8:3f:21:ef:43:f8:3c:f1:
                    8f:d3:b0:c8:2e:e7:4d:77:b7:68:98:8b:80:e3:5e:
                    f6:cb:5a:a8:2a:e0:e7:1a:bc:9f:9f:fe:9b:73:2b:
                    cb:c5:fe:1f:8d:d0:f2:94:e3:75:76:ba:c9:83:b0:
                    df:c8:8c:e5:46:69:b3:e8:23:28:00:ab:d3:2b:ac:
                    8d:e7:a3:c4:fe:e4:5c:cd:58:57:5b:3c:84:af:50:
                    4e:52:5a:b7:f5:99:20:21:ba:2c:05:3b:34:df:7f:
                    94:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:AA:CB:AF:16:86:A4:06:EB:8C:B5:E4:00:16:C1:A5:74:A4:F6:69
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/WKrLrxaGpAbrjLXkABbBpXSk9mk.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:63:c1:10:6a:10:ac:c9:ad:22:e4:17:be:8c:31:d6:e1:52:
         3b:c5:25:db:8b:8c:52:dc:de:d2:d6:eb:5a:9a:f9:cc:94:01:
         1d:26:11:e6:cf:df:86:ef:7d:28:71:7e:ab:d9:29:e2:1c:6d:
         a1:45:a8:d7:69:9a:f8:f8:10:30:77:28:0d:46:2f:5b:7a:f4:
         74:49:c2:f1:1b:00:25:ec:d4:97:99:ac:18:d7:06:2d:8d:a4:
         7f:2e:42:06:18:74:5e:fc:a4:4a:6f:c8:75:db:df:9c:26:cb:
         15:4f:2e:cc:4e:b2:32:4b:90:f2:16:10:9a:7e:e8:bf:b4:2f:
         1c:0c:88:64:d8:3f:f1:05:8f:c5:b7:19:4e:9d:ac:6f:ac:aa:
         b7:b3:b3:ce:b3:33:c3:77:4c:2e:e3:45:5c:33:0f:0c:9a:86:
         ae:e4:81:e1:87:6b:b2:5e:4c:2a:e7:9e:1f:81:44:70:64:6e:
         ed:06:9b:84:cc:06:85:35:9d:d9:c4:6b:75:19:ae:5e:87:64:
         95:71:38:af:46:38:b0:ed:8e:ba:66:b7:79:6a:e7:94:cf:7d:
         a9:0f:9b:df:9a:ce:89:66:2f:e1:cc:16:5e:57:ec:f0:12:67:
         8e:90:cc:fb:ac:76:c5:8e:6b:14:e0:d4:5e:f4:d5:cc:77:25:
         b1:33:01:a0
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICDK4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAyMDMx
NTU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDU4QUFDQkFGMTY4NkE0
MDZFQjhDQjVFNDAwMTZDMUE1NzRBNEY2NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGthSI1ROcVho6VXis4fjtqh2lfpjJlxvi/nL8B5nYjDz0mY3g
ZKti5LRJEPvCwLCcYBWXGKawJVUV10v6jVmX8FnxMj0vKE6PgEM4o487E5MRycOT
x3MH24/YI6p2UCKzDK9UBL7XPSorcGGKIq/zf95hEDLE13ly+bSRFWmxFr1xIvRE
AyNFvcLgZNRz6ryzcVbiMqFKbgwwR5y4PyHvQ/g88Y/TsMgu5013t2iYi4DjXvbL
Wqgq4OcavJ+f/ptzK8vF/h+N0PKU43V2usmDsN/IjOVGabPoIygAq9MrrI3no8T+
5FzNWFdbPISvUE5SWrf1mSAhuiwFOzTff5TRAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUWKrLrxaGpAbrjLXkABbBpXSk9mkwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1dLckxyeGFHcEFicmpM
WGtBQmJCcFhTazltay5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEpjwRBqEKzJrSLkF76MMdbhUjvFJduLjFLc
3tLW61qa+cyUAR0mEebP34bvfShxfqvZKeIcbaFFqNdpmvj4EDB3KA1GL1t69HRJ
wvEbACXs1JeZrBjXBi2NpH8uQgYYdF78pEpvyHXb35wmyxVPLsxOsjJLkPIWEJp+
6L+0LxwMiGTYP/EFj8W3GU6drG+sqrezs86zM8N3TC7jRVwzDwyahq7kgeGHa7Je
TCrnnh+BRHBkbu0Gm4TMBoU1ndnEa3UZrl6HZJVxOK9GOLDtjrpmt3lq55TPfakP
m9+azolmL+HMFl5X7PASZ46QzPusdsWOaxTg1F701cx3JbEzAaA=
-----END CERTIFICATE-----
Generated at Fri Jun 13 15:23:10 2025 by rpki-client