Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/k9EIa59FtOcpIXYc3x9tExeOOmU.roa
File:                     k9EIa59FtOcpIXYc3x9tExeOOmU.roa (raw, json)
Hash identifier:          PkPohrG2W0bPWNxQihJm56ryJWmuW/RstP1Zpy2ayo4=
Subject key identifier:   93:D1:08:6B:9F:45:B4:E7:29:21:76:1C:DF:1F:6D:13:17:8E:3A:65
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0ABB
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/k9EIa59FtOcpIXYc3x9tExeOOmU.roa
Signing time:             Tue 10 Dec 2024 07:55:03 +0000
ROA not before:           Tue 10 Dec 2024 07:55:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2747 (0xabb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Dec 10 07:55:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=93D1086B9F45B4E72921761CDF1F6D13178E3A65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:cc:1a:6d:7d:57:cd:c4:5a:ac:e1:8d:6b:61:
                    6a:31:ab:11:7f:35:26:68:13:b5:b5:e4:98:fd:70:
                    8d:d9:88:71:ed:28:f2:6f:91:73:94:df:3b:d3:b0:
                    b8:87:07:93:38:c4:bb:68:78:e5:12:72:ae:5c:36:
                    6d:39:d8:9f:27:14:28:3c:99:07:08:e7:0f:96:2f:
                    59:a4:b3:2d:fc:db:4e:5b:b2:22:ca:ba:2b:03:ef:
                    dd:6a:16:63:99:5b:c4:2c:e2:d7:2d:bf:90:5f:9a:
                    d4:c4:c0:5f:a0:af:13:7f:c4:ea:58:68:66:8e:55:
                    56:ba:0b:9a:8f:a3:de:93:5c:54:a1:97:44:c9:79:
                    9e:da:d3:10:4c:fc:1e:92:97:87:43:56:b8:ae:ad:
                    8d:7d:27:60:e7:9c:49:98:59:18:d2:08:e6:78:54:
                    f3:26:d8:38:ad:76:9d:12:4e:a7:c5:03:b0:bb:74:
                    c8:b3:95:9a:53:93:8e:64:0c:3d:39:10:67:7a:78:
                    d1:b5:9e:53:32:58:96:3b:6e:38:75:bf:1e:af:f9:
                    9c:3e:c9:70:7e:43:9c:de:69:e9:3d:76:da:73:a7:
                    39:96:19:02:00:8f:38:dd:3b:a5:14:e8:3f:90:ce:
                    df:fe:c1:03:32:51:07:d3:d7:04:b1:56:49:d4:b7:
                    5c:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:D1:08:6B:9F:45:B4:E7:29:21:76:1C:DF:1F:6D:13:17:8E:3A:65
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/k9EIa59FtOcpIXYc3x9tExeOOmU.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         db:cc:7d:1e:97:2e:ad:5c:a4:02:93:73:b3:9d:3e:ce:bd:ec:
         04:fe:24:93:2f:73:98:a0:78:4d:c4:35:55:b0:ab:99:0b:7c:
         76:0a:e8:db:d8:d4:b2:3a:b8:6a:43:98:b2:e8:ae:87:ea:ee:
         35:25:f3:7c:89:84:21:94:67:88:78:43:f8:a1:69:6b:7f:c0:
         9e:a0:f7:23:3a:88:82:15:43:96:02:d0:30:cd:c7:1e:45:e5:
         6e:08:1a:94:32:e6:8c:ee:34:22:db:37:7e:58:2c:42:fb:30:
         57:2b:de:29:71:8c:7e:b1:9e:de:f6:6b:1d:60:03:e5:fa:7b:
         90:53:38:68:58:88:d7:6c:d1:59:45:bf:6a:1c:a3:0f:25:71:
         43:6b:5d:86:dd:f6:c5:dd:69:fe:75:8e:0a:72:85:82:cc:b4:
         c6:21:d4:a6:27:2f:e7:34:cb:f2:16:af:aa:ab:8c:ac:df:b2:
         17:1a:af:eb:0a:39:ea:a1:65:be:fa:19:a9:3a:56:1e:80:50:
         0c:9c:77:4e:d6:5b:1c:ba:00:48:3b:cd:55:7b:51:67:28:c9:
         93:95:f2:d0:98:6e:89:81:e3:1e:87:27:5d:00:a5:00:65:7b:
         47:a5:3a:9b:44:d2:99:0c:dc:e1:0d:63:ca:72:68:48:20:5d:
         43:ca:10:b2
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCrswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMTAw
NzU1MDNaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDkzRDEwODZCOUY0NUI0
RTcyOTIxNzYxQ0RGMUY2RDEzMTc4RTNBNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBzBptfVfNxFqs4Y1rYWoxqxF/NSZoE7W15Jj9cI3ZiHHtKPJv
kXOU3zvTsLiHB5M4xLtoeOUScq5cNm052J8nFCg8mQcI5w+WL1mksy38205bsiLK
uisD791qFmOZW8Qs4tctv5BfmtTEwF+grxN/xOpYaGaOVVa6C5qPo96TXFShl0TJ
eZ7a0xBM/B6Sl4dDVriurY19J2DnnEmYWRjSCOZ4VPMm2Ditdp0STqfFA7C7dMiz
lZpTk45kDD05EGd6eNG1nlMyWJY7bjh1vx6v+Zw+yXB+Q5zeaek9dtpzpzmWGQIA
jzjdO6UU6D+Qzt/+wQMyUQfT1wSxVknUt1yRAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUk9EIa59FtOcpIXYc3x9tExeOOmUwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL2s5RUlhNTlGdE9jcElY
WWMzeDl0RXhlT09tVS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANvMfR6XLq1cpAKTc7OdPs697AT+JJMvc5ig
eE3ENVWwq5kLfHYK6NvY1LI6uGpDmLLorofq7jUl83yJhCGUZ4h4Q/ihaWt/wJ6g
9yM6iIIVQ5YC0DDNxx5F5W4IGpQy5ozuNCLbN35YLEL7MFcr3ilxjH6xnt72ax1g
A+X6e5BTOGhYiNds0VlFv2ocow8lcUNrXYbd9sXdaf51jgpyhYLMtMYh1KYnL+c0
y/IWr6qrjKzfshcar+sKOeqhZb76Gak6Vh6AUAycd07WWxy6AEg7zVV7UWcoyZOV
8tCYbomB4x6HJ10ApQBle0elOptE0pkM3OENY8pyaEggXUPKELI=
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:54:25 2025 by rpki-client