Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/Yf3WnQhYckKI_DE8p65hM7Mefus.roa
File:                     Yf3WnQhYckKI_DE8p65hM7Mefus.roa (raw, json)
Hash identifier:          aaPpTh6q4ITYbaRUBH5s0uo40nQRrWCAd2agJ42O+74=
Subject key identifier:   61:FD:D6:9D:08:58:72:42:88:FC:31:3C:A7:AE:61:33:B3:1E:7E:EB
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0A82
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Yf3WnQhYckKI_DE8p65hM7Mefus.roa
Signing time:             Tue 03 Dec 2024 23:55:02 +0000
ROA not before:           Tue 03 Dec 2024 23:55:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2690 (0xa82)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Dec  3 23:55:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=61FDD69D0858724288FC313CA7AE6133B31E7EEB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:7b:af:01:2b:52:90:60:01:f7:d2:2b:11:8f:
                    c1:bc:16:d6:14:d8:19:9e:5e:5c:2d:44:ef:fe:fe:
                    51:f4:85:fa:f4:5e:65:6b:e4:14:b7:43:98:6a:92:
                    6a:18:7d:e3:ac:f8:28:53:16:be:7e:90:e7:f7:65:
                    1f:97:7d:d9:ef:08:04:e9:bd:be:b2:df:23:e7:d5:
                    0e:fc:58:59:2a:86:95:3b:d1:a9:d9:6b:c5:dd:8a:
                    35:70:dc:32:7b:e1:41:b2:8f:f8:d6:85:df:0a:07:
                    40:c7:ed:45:c6:a7:f1:00:63:d9:9c:62:4c:4a:47:
                    f6:e5:6a:5b:d0:7b:48:42:76:c6:3f:98:df:f5:7a:
                    f5:eb:b2:c5:fa:db:4f:5a:f9:5f:93:f5:f8:71:e5:
                    ca:41:0f:fc:98:9a:d1:94:6e:c5:be:a7:4d:a4:5c:
                    fb:1d:0b:16:ed:67:e4:9d:e7:6b:da:1d:8c:93:08:
                    99:f3:59:27:96:62:5d:9f:bc:93:71:c8:c0:36:98:
                    76:a8:e6:a0:8f:dc:65:50:b4:f5:0e:3f:f2:f0:c4:
                    4e:ca:b4:42:50:e6:79:3a:88:4c:7a:48:cd:1d:5b:
                    3d:af:64:6f:31:25:95:b9:c6:39:f2:b0:27:f4:e3:
                    63:79:ef:e8:ac:1c:f4:fc:67:bd:43:7f:e3:72:ae:
                    dd:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:FD:D6:9D:08:58:72:42:88:FC:31:3C:A7:AE:61:33:B3:1E:7E:EB
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/Yf3WnQhYckKI_DE8p65hM7Mefus.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d7:2d:0a:84:db:70:95:1f:06:1c:21:04:85:f1:82:d9:9a:e4:
         12:76:ab:a6:c9:ce:f0:dc:c9:e9:31:a7:f9:fb:8c:56:5f:aa:
         a3:b3:dc:07:57:cf:90:04:8d:af:33:8e:25:48:63:5e:f0:66:
         da:1f:7b:46:ec:29:73:f5:1e:23:3c:84:57:f4:07:0d:0d:96:
         dd:8b:84:f2:0d:ff:e3:2d:62:66:0b:b6:60:fc:75:d4:d5:c5:
         ed:cd:57:45:a4:71:55:14:7d:bd:21:57:7e:32:36:91:90:db:
         7d:b6:57:80:91:9d:3f:a0:6f:ca:c5:5c:2a:46:86:1a:76:01:
         e7:41:c5:31:e8:28:06:6f:1c:f5:14:06:5e:61:ab:cc:dc:12:
         ee:f0:46:bd:ad:c2:59:48:37:6a:db:59:77:8d:a0:cd:57:d7:
         f9:95:79:4f:45:92:98:ff:53:6f:29:44:0a:9e:3a:7e:34:d6:
         9f:59:b6:d7:8a:42:2b:d5:47:c1:47:2f:70:88:da:c0:16:c9:
         52:33:6d:65:75:1a:eb:e1:a3:5f:a1:e1:ef:b8:36:fe:0b:1a:
         85:12:d1:76:1a:9a:d5:40:f5:95:cf:ef:86:f8:94:bf:f6:a1:
         8c:60:a6:85:c1:a2:02:63:8f:a7:0b:6c:cd:d4:85:cc:4b:65:
         47:14:dc:82
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCoIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMDMy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDYxRkRENjlEMDg1ODcy
NDI4OEZDMzEzQ0E3QUU2MTMzQjMxRTdFRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOe68BK1KQYAH30isRj8G8FtYU2BmeXlwtRO/+/lH0hfr0XmVr
5BS3Q5hqkmoYfeOs+ChTFr5+kOf3ZR+XfdnvCATpvb6y3yPn1Q78WFkqhpU70anZ
a8XdijVw3DJ74UGyj/jWhd8KB0DH7UXGp/EAY9mcYkxKR/blalvQe0hCdsY/mN/1
evXrssX6209a+V+T9fhx5cpBD/yYmtGUbsW+p02kXPsdCxbtZ+Sd52vaHYyTCJnz
WSeWYl2fvJNxyMA2mHao5qCP3GVQtPUOP/LwxE7KtEJQ5nk6iEx6SM0dWz2vZG8x
JZW5xjnysCf042N57+isHPT8Z71Df+Nyrt1ZAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUYf3WnQhYckKI/DE8p65hM7MefuswHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL1lmM1duUWhZY2tLSV9E
RThwNjVoTTdNZWZ1cy5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANctCoTbcJUfBhwhBIXxgtma5BJ2q6bJzvDc
yekxp/n7jFZfqqOz3AdXz5AEja8zjiVIY17wZtofe0bsKXP1HiM8hFf0Bw0Nlt2L
hPIN/+MtYmYLtmD8ddTVxe3NV0WkcVUUfb0hV34yNpGQ2322V4CRnT+gb8rFXCpG
hhp2AedBxTHoKAZvHPUUBl5hq8zcEu7wRr2twllIN2rbWXeNoM1X1/mVeU9Fkpj/
U28pRAqeOn401p9ZtteKQivVR8FHL3CI2sAWyVIzbWV1Guvho1+h4e+4Nv4LGoUS
0XYamtVA9ZXP74b4lL/2oYxgpoXBogJjj6cLbM3UhcxLZUcU3II=
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:42:38 2025 by rpki-client