Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/XyHReyKtYbsADq4VIODuNHO5gl8.roa
File:                     XyHReyKtYbsADq4VIODuNHO5gl8.roa (raw, json)
Hash identifier:          dWtcsFoAWvezMnKejIKSRf5DTfIZnXTQxMdmK0Tvjac=
Subject key identifier:   5F:21:D1:7B:22:AD:61:BB:00:0E:AE:15:20:E0:EE:34:73:B9:82:5F
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0BD6
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/XyHReyKtYbsADq4VIODuNHO5gl8.roa
Signing time:             Fri 10 Jan 2025 15:55:02 +0000
ROA not before:           Fri 10 Jan 2025 15:55:02 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3030 (0xbd6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Jan 10 15:55:02 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=5F21D17B22AD61BB000EAE1520E0EE3473B9825F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:54:ae:f2:92:54:9f:af:29:41:45:57:57:46:
                    75:6c:98:2b:ea:63:20:4e:88:a3:4c:16:7d:c0:39:
                    8c:91:33:95:ef:a4:7e:1e:dc:1b:60:d8:ee:1a:7b:
                    f1:65:2a:3c:be:9c:30:c9:4d:98:29:08:26:bf:d4:
                    44:08:f1:45:7f:ce:17:6b:89:80:a9:87:63:7e:dd:
                    19:ab:f1:4e:09:6e:07:97:b8:7c:45:d5:d4:c9:e0:
                    32:d6:81:37:7a:62:a5:9f:20:e7:53:49:81:4e:89:
                    b4:d8:5e:66:e6:23:14:7a:de:1c:f0:36:65:08:16:
                    48:88:40:73:83:eb:98:14:56:a6:e5:6d:95:ab:77:
                    f5:60:01:c5:39:42:92:78:4d:6d:5b:58:06:c7:19:
                    a8:8a:7c:21:bc:e4:58:f5:b0:df:3a:ff:bc:b5:29:
                    9e:b1:9c:18:64:e1:5b:33:89:d1:11:cf:13:be:f4:
                    24:27:dd:a1:82:28:07:41:c0:28:89:7a:75:87:a7:
                    7d:b3:5a:af:ec:59:25:df:91:ab:5c:06:6d:68:36:
                    a7:8c:e5:de:8e:60:d5:bb:a0:f8:8b:15:3e:9a:e6:
                    c4:4c:b2:5c:f1:71:0e:0c:a5:d6:ed:74:01:df:8e:
                    4e:eb:84:46:89:af:b5:1c:ad:bc:f6:9f:77:c8:fa:
                    52:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:21:D1:7B:22:AD:61:BB:00:0E:AE:15:20:E0:EE:34:73:B9:82:5F
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/XyHReyKtYbsADq4VIODuNHO5gl8.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:37:81:a8:70:6a:78:4c:30:03:9c:6d:30:49:38:9a:97:7f:
         cd:67:9a:07:07:aa:f3:7f:52:d2:e1:ee:8f:58:f8:1f:59:14:
         b0:58:4d:2d:34:20:22:f0:dd:b7:22:0c:56:25:cc:a4:a4:11:
         3d:df:37:9b:16:30:6a:f7:24:71:60:10:ca:40:85:67:a4:c5:
         46:3c:d0:bf:61:dc:8f:3a:6b:e8:0c:8e:1d:17:30:ee:23:51:
         71:59:ae:53:76:6d:ae:dd:49:da:12:45:09:64:6f:63:d4:ac:
         a5:e7:8e:82:b0:0e:b9:a3:f3:76:d7:4e:7f:0f:81:99:9d:8d:
         34:1c:72:2b:2f:6f:6b:69:74:50:d1:98:44:94:33:2c:d3:5f:
         0a:c4:e3:39:ca:2d:c7:a6:81:88:1f:c7:63:8f:db:08:2f:6a:
         d8:10:b9:e2:37:3f:b5:96:c4:66:50:65:b2:e1:39:2d:32:56:
         60:d0:12:99:35:41:10:d6:81:2f:fd:34:3b:e9:e6:4e:e0:5a:
         a5:e4:2e:80:32:d1:36:79:1b:2c:18:dd:c5:3f:f3:fc:b3:8d:
         cd:9e:96:7c:29:ea:4d:77:47:2c:70:a1:e5:2b:0a:00:c6:04:
         93:c6:83:05:fe:4d:05:fa:ba:87:c8:14:2f:a4:b7:40:cc:aa:
         70:a8:ac:cf
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICC9YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMTAx
NTU1MDJaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDVGMjFEMTdCMjJBRDYx
QkIwMDBFQUUxNTIwRTBFRTM0NzNCOTgyNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhVK7yklSfrylBRVdXRnVsmCvqYyBOiKNMFn3AOYyRM5XvpH4e
3Btg2O4ae/FlKjy+nDDJTZgpCCa/1EQI8UV/zhdriYCph2N+3Rmr8U4JbgeXuHxF
1dTJ4DLWgTd6YqWfIOdTSYFOibTYXmbmIxR63hzwNmUIFkiIQHOD65gUVqblbZWr
d/VgAcU5QpJ4TW1bWAbHGaiKfCG85Fj1sN86/7y1KZ6xnBhk4VszidERzxO+9CQn
3aGCKAdBwCiJenWHp32zWq/sWSXfkatcBm1oNqeM5d6OYNW7oPiLFT6a5sRMslzx
cQ4MpdbtdAHfjk7rhEaJr7Ucrbz2n3fI+lJdAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUXyHReyKtYbsADq4VIODuNHO5gl8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1h5SFJleUt0WWJzQURx
NFZJT0R1TkhPNWdsOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACo3gahwanhMMAOcbTBJOJqXf81nmgcHqvN/
UtLh7o9Y+B9ZFLBYTS00ICLw3bciDFYlzKSkET3fN5sWMGr3JHFgEMpAhWekxUY8
0L9h3I86a+gMjh0XMO4jUXFZrlN2ba7dSdoSRQlkb2PUrKXnjoKwDrmj83bXTn8P
gZmdjTQccisvb2tpdFDRmESUMyzTXwrE4znKLcemgYgfx2OP2wgvatgQueI3P7WW
xGZQZbLhOS0yVmDQEpk1QRDWgS/9NDvp5k7gWqXkLoAy0TZ5GywY3cU/8/yzjc2e
lnwp6k13RyxwoeUrCgDGBJPGgwX+TQX6uofIFC+kt0DMqnCorM8=
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:53:12 2025 by rpki-client