Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/cbtj30N1LQD3bUk7VEkcCqaETGQ.roa
File:                     cbtj30N1LQD3bUk7VEkcCqaETGQ.roa (raw, json)
Hash identifier:          ZJoXt4bD2F/k59Xmz77QU5rdbdmxbrOgr5T8YEKUmcE=
Subject key identifier:   71:BB:63:DF:43:75:2D:00:F7:6D:49:3B:54:49:1C:0A:A6:84:4C:64
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0AAC
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cbtj30N1LQD3bUk7VEkcCqaETGQ.roa
Signing time:             Sun 08 Dec 2024 15:55:02 +0000
ROA not before:           Sun 08 Dec 2024 15:55:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2732 (0xaac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Dec  8 15:55:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=71BB63DF43752D00F76D493B54491C0AA6844C64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:d7:b8:36:8f:04:c5:bd:64:b9:20:70:df:bb:
                    22:2a:82:38:87:4c:f9:25:87:83:cb:41:16:9e:c2:
                    66:a5:07:17:66:3b:d4:3b:d2:1f:3c:4b:36:96:62:
                    68:b5:2c:0a:7c:f2:4a:3a:4b:c8:00:01:9f:b9:f8:
                    41:99:e0:97:af:24:f9:5a:fc:bf:d9:4f:0c:b1:f2:
                    c0:15:7d:56:36:a3:bd:08:0b:ea:56:73:cd:e9:a0:
                    c5:7d:e3:2b:a2:4d:f1:1f:8d:76:ce:59:f3:89:eb:
                    eb:6a:ba:5c:08:83:32:82:f7:26:8f:c8:57:12:22:
                    bf:26:24:f3:4c:c6:f7:82:5d:10:32:9f:fc:2a:95:
                    8f:d8:ff:56:ec:2f:15:f7:3e:5f:26:dc:0f:5a:c7:
                    e1:c3:f3:4e:b5:a4:09:1e:0b:63:7c:2f:b2:58:18:
                    4d:e8:29:0c:21:7e:a7:8a:69:67:f9:4d:3b:b5:45:
                    89:eb:e6:bf:86:51:00:0b:37:a1:a4:72:9c:2b:61:
                    a0:5a:10:aa:f7:ac:32:cd:88:9d:f5:39:31:9c:e2:
                    22:9d:a7:eb:75:32:11:6f:c8:4a:1b:d7:16:6d:74:
                    05:bb:e3:9f:97:16:8c:79:58:88:7c:24:3b:17:25:
                    cd:60:0c:c6:79:d1:26:b7:cd:ae:76:8c:72:23:95:
                    f3:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:BB:63:DF:43:75:2D:00:F7:6D:49:3B:54:49:1C:0A:A6:84:4C:64
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cbtj30N1LQD3bUk7VEkcCqaETGQ.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:cc:f2:d6:07:4b:a4:d3:84:23:78:89:f6:fa:07:00:38:8d:
         f0:cd:83:42:3f:de:62:16:5f:a5:77:67:b5:19:46:87:ca:71:
         c3:6c:50:3c:1f:db:6c:15:6d:c4:d3:b8:4f:04:4d:b9:64:72:
         8f:b6:9a:7b:06:79:50:b1:39:6c:10:99:42:0f:ef:de:91:26:
         1d:31:e2:cb:8b:98:25:bb:74:a8:3c:47:4a:c4:e9:ca:3c:d2:
         b9:e1:14:d9:a5:1c:f8:1c:82:b8:79:3f:ff:d3:e7:f2:1b:9a:
         f6:16:1a:62:9a:0d:53:80:48:05:c2:83:10:dd:6a:2b:5b:c0:
         e7:7f:94:c4:98:56:cb:fd:79:76:f6:bd:b9:bc:a0:14:31:02:
         b5:7b:05:e5:6c:cf:8e:ff:95:c7:97:b5:08:68:aa:ec:9b:b9:
         16:79:b1:04:9c:96:11:d3:1e:20:8d:24:59:70:9e:fa:00:48:
         a7:bd:0f:d8:e3:45:74:38:cf:d9:03:ce:ac:8b:cc:fb:2a:6c:
         a8:23:0b:07:3f:ea:d5:8e:b9:82:b5:94:bc:b4:5d:b7:08:e3:
         de:48:62:ee:79:cd:b0:74:2a:82:9f:b6:db:13:9d:6d:6a:b2:
         70:47:5d:6f:83:1d:a7:4a:7b:58:b9:2f:26:e1:c8:17:71:ac:
         27:52:be:8e
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMDgx
NTU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDcxQkI2M0RGNDM3NTJE
MDBGNzZENDkzQjU0NDkxQzBBQTY4NDRDNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDz17g2jwTFvWS5IHDfuyIqgjiHTPklh4PLQRaewmalBxdmO9Q7
0h88SzaWYmi1LAp88ko6S8gAAZ+5+EGZ4JevJPla/L/ZTwyx8sAVfVY2o70IC+pW
c83poMV94yuiTfEfjXbOWfOJ6+tqulwIgzKC9yaPyFcSIr8mJPNMxveCXRAyn/wq
lY/Y/1bsLxX3Pl8m3A9ax+HD8061pAkeC2N8L7JYGE3oKQwhfqeKaWf5TTu1RYnr
5r+GUQALN6GkcpwrYaBaEKr3rDLNiJ31OTGc4iKdp+t1MhFvyEob1xZtdAW745+X
Fox5WIh8JDsXJc1gDMZ50Sa3za52jHIjlfNTAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUcbtj30N1LQD3bUk7VEkcCqaETGQwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2NidGozME4xTFFEM2JV
azdWRWtjQ3FhRVRHUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHPM8tYHS6TThCN4ifb6BwA4jfDNg0I/3mIW
X6V3Z7UZRofKccNsUDwf22wVbcTTuE8ETblkco+2mnsGeVCxOWwQmUIP796RJh0x
4suLmCW7dKg8R0rE6co80rnhFNmlHPgcgrh5P//T5/IbmvYWGmKaDVOASAXCgxDd
aitbwOd/lMSYVsv9eXb2vbm8oBQxArV7BeVsz47/lceXtQhoquybuRZ5sQSclhHT
HiCNJFlwnvoASKe9D9jjRXQ4z9kDzqyLzPsqbKgjCwc/6tWOuYK1lLy0XbcI495I
Yu55zbB0KoKfttsTnW1qsnBHXW+DHadKe1i5LybhyBdxrCdSvo4=
-----END CERTIFICATE-----
Generated at Tue Jun 10 02:16:47 2025 by rpki-client