Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/ntYMJh5g2W_a8rLGlIJqln_lr5U.roa
File:                     ntYMJh5g2W_a8rLGlIJqln_lr5U.roa (raw, json)
Hash identifier:          3DK09QK4NpQ5yOt5z1LslXnGsT5MjkgzlbYdOFkrqLM=
Subject key identifier:   9E:D6:0C:26:1E:60:D9:6F:DA:F2:B2:C6:94:82:6A:96:7F:E5:AF:95
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0B27
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ntYMJh5g2W_a8rLGlIJqln_lr5U.roa
Signing time:             Sun 22 Dec 2024 07:55:02 +0000
ROA not before:           Sun 22 Dec 2024 07:55:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2855 (0xb27)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Dec 22 07:55:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9ED60C261E60D96FDAF2B2C694826A967FE5AF95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:50:d2:15:ab:bf:f5:f4:be:8d:a0:70:08:fb:
                    a9:de:4a:03:a4:43:8b:83:e2:5a:24:9c:fa:7d:3e:
                    e7:23:ba:8b:d5:a0:0d:5a:aa:06:4c:77:c5:45:63:
                    ad:43:56:81:76:70:a0:30:25:83:fd:40:b5:0f:4b:
                    f7:37:6b:b8:de:c2:c1:37:9f:af:59:4a:db:42:73:
                    76:1a:a6:ac:37:e8:27:9f:b0:85:ea:50:3b:a0:52:
                    61:ac:6a:8e:ac:93:0a:5e:89:1e:b2:ab:ba:f4:72:
                    95:aa:f6:93:a3:14:37:9d:1e:b4:d7:ca:4b:99:f4:
                    d1:4f:a3:1c:38:c8:da:f2:2e:b8:5a:67:d8:ec:bc:
                    0d:73:bb:ac:91:75:65:8b:56:6d:f8:6a:0b:ab:b7:
                    39:61:91:0f:bb:30:d4:02:04:fd:df:86:2e:93:81:
                    28:1f:b3:ac:9c:67:e3:dd:6e:e3:ea:fb:f1:33:36:
                    7c:fd:5f:ad:72:32:59:80:6e:63:70:aa:02:53:d4:
                    f2:03:cd:6f:46:d8:23:ad:37:bd:8a:87:c6:0b:39:
                    1a:93:cc:14:d0:fd:55:4e:39:00:be:ee:e8:fe:8c:
                    f8:ff:1a:8b:f5:f4:c8:4f:a9:17:7f:f6:6a:59:ce:
                    92:f7:c6:43:61:e9:51:97:e4:fa:77:4b:66:4e:df:
                    fc:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:D6:0C:26:1E:60:D9:6F:DA:F2:B2:C6:94:82:6A:96:7F:E5:AF:95
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/ntYMJh5g2W_a8rLGlIJqln_lr5U.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:a4:b3:ba:36:12:ff:c1:9d:95:e4:c2:39:8f:4b:ab:51:d5:
         6d:8e:55:b3:1c:e5:b9:94:a4:1e:ad:03:8d:16:77:dc:1a:77:
         ad:e4:b2:c4:c4:37:f5:93:5b:01:fa:42:63:75:6b:89:dd:47:
         f5:ab:dc:83:c2:21:18:12:ed:3d:90:4e:48:5f:13:67:db:84:
         82:c8:a4:ec:06:4c:b9:0a:e9:fb:37:5f:f7:1f:c9:c9:7d:dd:
         99:a5:08:1d:51:f6:ae:81:87:64:e1:98:0b:1d:ee:88:87:27:
         bf:6a:bd:19:d6:a5:ac:e6:5a:48:ec:97:9a:b9:12:ce:f5:db:
         63:1b:c1:1c:1b:44:ff:71:0b:ff:16:23:41:81:8b:35:53:71:
         d5:73:21:8f:54:90:19:2d:b3:58:19:66:78:c5:86:e3:41:dd:
         99:04:dd:ab:40:bb:75:48:8f:cd:e0:20:8b:0a:5b:ef:45:ca:
         f0:2e:1e:71:36:67:90:74:5d:05:eb:76:f2:74:f5:e5:50:83:
         26:07:c4:96:ba:8a:4d:a3:41:d1:09:f3:c7:25:3d:4b:7d:f9:
         58:27:5c:53:c3:1b:51:7d:97:0c:28:5b:72:d0:da:9a:bc:3c:
         db:90:d2:7a:d4:85:7b:f3:db:02:d0:c3:3a:d7:0c:05:a5:1c:
         13:d2:87:f6
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCycwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjIw
NzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlFRDYwQzI2MUU2MEQ5
NkZEQUYyQjJDNjk0ODI2QTk2N0ZFNUFGOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNUNIVq7/19L6NoHAI+6neSgOkQ4uD4loknPp9PucjuovVoA1a
qgZMd8VFY61DVoF2cKAwJYP9QLUPS/c3a7jewsE3n69ZSttCc3Yapqw36CefsIXq
UDugUmGsao6skwpeiR6yq7r0cpWq9pOjFDedHrTXykuZ9NFPoxw4yNryLrhaZ9js
vA1zu6yRdWWLVm34agurtzlhkQ+7MNQCBP3fhi6TgSgfs6ycZ+PdbuPq+/EzNnz9
X61yMlmAbmNwqgJT1PIDzW9G2COtN72Kh8YLORqTzBTQ/VVOOQC+7uj+jPj/Gov1
9MhPqRd/9mpZzpL3xkNh6VGX5Pp3S2ZO3/wFAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUntYMJh5g2W/a8rLGlIJqln/lr5UwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL250WU1KaDVnMldfYThy
TEdsSUpxbG5fbHI1VS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAHyks7o2Ev/BnZXkwjmPS6tR1W2OVbMc5bmU
pB6tA40Wd9wad63kssTEN/WTWwH6QmN1a4ndR/Wr3IPCIRgS7T2QTkhfE2fbhILI
pOwGTLkK6fs3X/cfycl93ZmlCB1R9q6Bh2ThmAsd7oiHJ79qvRnWpazmWkjsl5q5
Es7122MbwRwbRP9xC/8WI0GBizVTcdVzIY9UkBkts1gZZnjFhuNB3ZkE3atAu3VI
j83gIIsKW+9FyvAuHnE2Z5B0XQXrdvJ09eVQgyYHxJa6ik2jQdEJ88clPUt9+Vgn
XFPDG1F9lwwoW3LQ2pq8PNuQ0nrUhXvz2wLQwzrXDAWlHBPSh/Y=
-----END CERTIFICATE-----
Generated at Wed Jun 11 07:28:26 2025 by rpki-client