Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/qFhvgoZ6hBZ_bUTCjl4o6qvqq_Q.roa
File:                     qFhvgoZ6hBZ_bUTCjl4o6qvqq_Q.roa (raw, json)
Hash identifier:          KEt/3r7UUzD3vlQ0RElMxqANAoolm/bBM5G1uXZEpMk=
Subject key identifier:   A8:58:6F:82:86:7A:84:16:7F:6D:44:C2:8E:5E:28:EA:AB:EA:AB:F4
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0B1B
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/qFhvgoZ6hBZ_bUTCjl4o6qvqq_Q.roa
Signing time:             Fri 20 Dec 2024 23:55:02 +0000
ROA not before:           Fri 20 Dec 2024 23:55:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2843 (0xb1b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Dec 20 23:55:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A8586F82867A84167F6D44C28E5E28EAABEAABF4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:ba:8e:e7:4a:c4:29:bd:8d:9a:24:e8:5b:f4:
                    f1:e4:f5:37:cc:14:90:63:5b:3d:7b:2b:5e:ba:09:
                    4e:62:6b:ad:8b:bd:8e:e7:04:8c:3d:ca:62:10:68:
                    0b:9e:3e:af:07:45:3f:5f:f1:d5:7b:55:5a:51:b9:
                    62:46:1f:e7:94:41:cc:1f:3c:ad:c6:6b:26:41:df:
                    56:ee:2d:54:bc:b7:26:0a:bb:71:2a:7c:83:6e:95:
                    ed:4d:60:58:2a:55:b1:1c:49:48:fc:02:9e:81:69:
                    fd:06:92:f6:85:9e:53:8b:a4:47:40:30:0e:38:c6:
                    d7:76:6b:3c:38:a3:43:ba:bf:10:ef:c7:30:7c:c9:
                    6a:1b:4a:94:a1:57:d5:eb:13:3c:74:f9:07:8d:f8:
                    f6:70:d9:1b:5b:a1:95:bd:80:9a:aa:d2:62:a8:07:
                    f5:4e:f9:4a:4f:4d:d7:84:01:db:be:9e:d2:4d:03:
                    22:9b:ef:e8:e1:fe:0a:60:ef:28:5b:16:b9:e9:af:
                    c5:a2:74:ef:27:94:53:6c:05:85:65:84:27:07:74:
                    22:8d:95:6c:c0:e8:d9:27:67:e5:53:ae:c9:38:85:
                    e5:df:bc:52:04:13:ea:af:96:67:de:de:4b:ad:95:
                    f4:f1:37:a5:9d:8e:eb:e9:76:49:b3:71:dc:ee:ce:
                    37:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:58:6F:82:86:7A:84:16:7F:6D:44:C2:8E:5E:28:EA:AB:EA:AB:F4
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/qFhvgoZ6hBZ_bUTCjl4o6qvqq_Q.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:34:f2:c5:8c:41:8e:4c:4d:5b:01:43:4a:a3:42:ae:99:c0:
         ad:b3:51:a1:2d:a4:3f:83:46:9b:ba:12:80:72:f6:9c:78:bb:
         89:8e:a0:76:61:05:f9:19:f0:4f:e4:84:ef:24:99:4e:68:79:
         65:5e:ff:9d:e1:f5:23:71:2f:5a:cd:e9:50:ac:9f:89:33:74:
         fa:c8:ec:7b:6e:29:5a:21:69:0b:5b:98:a2:cc:c8:4d:4f:36:
         f6:cb:d1:35:72:05:4d:a3:14:06:1a:32:1a:46:ec:c2:d5:17:
         5e:11:ad:77:74:b6:4e:09:7c:88:36:68:e3:34:e0:ca:ba:c5:
         ff:a6:28:3a:df:ab:27:3e:66:50:1a:71:57:4c:3f:35:63:63:
         a4:f7:e4:d7:15:92:d6:5f:c2:d2:49:59:ca:6e:6d:89:1d:df:
         c0:4e:92:e1:e4:c2:df:8f:db:6f:30:13:5b:cf:e9:92:c3:3f:
         29:60:4b:01:5d:6a:ee:1d:47:51:6b:ba:f3:12:1c:19:01:6e:
         57:47:cd:ba:c4:4d:fd:8e:92:ca:98:1c:83:a3:ea:2e:6a:db:
         03:0c:d8:04:5e:b3:47:07:c5:9d:b5:15:50:b1:60:dc:a5:44:
         b7:4b:d7:e2:9a:ab:1a:64:02:9c:26:2c:4f:cf:20:39:10:3f:
         bf:b8:79:bf
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCxswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDEyMjAy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEE4NTg2RjgyODY3QTg0
MTY3RjZENDRDMjhFNUUyOEVBQUJFQUFCRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcuo7nSsQpvY2aJOhb9PHk9TfMFJBjWz17K166CU5ia62LvY7n
BIw9ymIQaAuePq8HRT9f8dV7VVpRuWJGH+eUQcwfPK3GayZB31buLVS8tyYKu3Eq
fINule1NYFgqVbEcSUj8Ap6Baf0GkvaFnlOLpEdAMA44xtd2azw4o0O6vxDvxzB8
yWobSpShV9XrEzx0+QeN+PZw2RtboZW9gJqq0mKoB/VO+UpPTdeEAdu+ntJNAyKb
7+jh/gpg7yhbFrnpr8WidO8nlFNsBYVlhCcHdCKNlWzA6NknZ+VTrsk4heXfvFIE
E+qvlmfe3kutlfTxN6WdjuvpdkmzcdzuzjdzAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUqFhvgoZ6hBZ/bUTCjl4o6qvqq/QwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3FGaHZnb1o2aEJaX2JV
VENqbDRvNnF2cXFfUS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAFE08sWMQY5MTVsBQ0qjQq6ZwK2zUaEtpD+D
Rpu6EoBy9px4u4mOoHZhBfkZ8E/khO8kmU5oeWVe/53h9SNxL1rN6VCsn4kzdPrI
7HtuKVohaQtbmKLMyE1PNvbL0TVyBU2jFAYaMhpG7MLVF14RrXd0tk4JfIg2aOM0
4Mq6xf+mKDrfqyc+ZlAacVdMPzVjY6T35NcVktZfwtJJWcpubYkd38BOkuHkwt+P
228wE1vP6ZLDPylgSwFdau4dR1FruvMSHBkBbldHzbrETf2OksqYHIOj6i5q2wMM
2ARes0cHxZ21FVCxYNylRLdL1+KaqxpkApwmLE/PIDkQP7+4eb8=
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:14:10 2025 by rpki-client