Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/tFYxgdEiBQnXAGmcfD4DogKJAbI.roa
File:                     tFYxgdEiBQnXAGmcfD4DogKJAbI.roa (raw, json)
Hash identifier:          V4OLFgut/bwwInlpMGUQm5CQRdTP1nZixo5lkM2m6Uo=
Subject key identifier:   B4:56:31:81:D1:22:05:09:D7:00:69:9C:7C:3E:03:A2:02:89:01:B2
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0C63
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tFYxgdEiBQnXAGmcfD4DogKJAbI.roa
Signing time:             Sun 26 Jan 2025 07:55:03 +0000
ROA not before:           Sun 26 Jan 2025 07:55:03 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3171 (0xc63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Jan 26 07:55:03 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=B4563181D1220509D700699C7C3E03A2028901B2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:43:27:df:c8:c9:a5:cd:c6:d9:6d:bb:36:c8:
                    ff:14:f2:46:00:7f:a7:46:dc:48:70:d4:a6:16:96:
                    ea:ca:b9:d6:59:bf:22:5c:ee:21:8c:55:c8:51:92:
                    3f:8f:2d:f5:01:c0:c6:30:29:13:cb:b5:d9:31:1f:
                    59:34:61:6a:5c:59:96:c4:ec:2c:40:27:3b:14:8e:
                    d1:19:f1:ec:a5:f7:ca:11:20:39:f4:7e:d2:a7:6b:
                    7c:7f:87:f5:a7:99:f7:68:5e:bb:52:03:cf:a1:77:
                    16:a7:ec:cd:59:01:4e:0b:5a:55:fb:fe:d1:f1:e0:
                    e0:22:d8:20:86:a1:9b:36:c4:61:df:76:ba:0c:bf:
                    6a:3e:17:b1:03:a4:d6:63:79:5f:91:86:3b:45:cf:
                    cf:c9:8f:3b:ec:45:09:d6:4c:7e:e6:ee:d6:96:2d:
                    0b:8d:f5:ee:19:c9:70:af:03:0c:9c:9a:3c:b8:b4:
                    a9:4e:a1:ce:24:49:e2:56:be:cb:f4:3a:12:80:7f:
                    14:c7:01:f6:d4:b4:47:fd:02:f3:22:97:bc:e0:2b:
                    7c:2c:03:f1:af:2c:d4:77:7a:f2:ee:47:88:73:76:
                    ae:e1:46:0f:eb:e7:5d:7d:c8:00:4c:ce:7f:93:db:
                    d2:c1:ec:3c:ad:fc:41:8c:d7:ce:b9:b0:eb:97:b3:
                    e5:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:56:31:81:D1:22:05:09:D7:00:69:9C:7C:3E:03:A2:02:89:01:B2
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tFYxgdEiBQnXAGmcfD4DogKJAbI.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d9:85:fd:11:56:0b:73:87:33:42:2a:d2:06:8c:8f:26:44:3e:
         d4:b6:eb:e2:0b:ea:7b:88:84:87:f4:c8:d7:4c:e3:5e:db:78:
         41:03:68:2a:7a:df:98:7c:97:65:90:30:47:4b:bd:8a:b6:a1:
         11:79:a8:a7:0a:34:e1:78:a2:2b:97:d3:22:bd:ca:c2:34:03:
         5e:2a:40:1b:10:27:6e:93:c9:f8:38:00:b4:e9:af:cd:f3:90:
         de:09:bf:37:b4:d8:62:6c:b2:f9:d5:3a:b3:3a:51:3b:81:65:
         27:b2:5c:b6:2a:14:51:32:7a:31:78:1c:7a:e6:f2:e6:85:8e:
         51:4a:76:05:69:8c:b8:94:87:36:bd:73:ff:be:51:bb:50:88:
         11:04:b7:53:72:7c:d7:ba:b0:fe:e1:aa:7f:35:ca:d8:07:ef:
         e2:79:16:51:79:5f:13:9a:e8:e1:31:05:9e:e8:8b:1c:96:9b:
         5b:8e:c2:1a:34:a7:9a:b9:09:05:0f:0b:13:7b:a7:89:42:27:
         7a:b7:1b:7b:8e:fe:df:ae:87:1e:ae:8a:b4:25:4c:15:28:e4:
         a2:0a:55:a1:88:d7:a5:3d:5c:49:1f:72:65:26:ad:65:71:30:
         cd:58:94:67:45:9a:aa:83:eb:5e:81:b8:c3:67:52:b6:1c:bc:
         bf:2c:56:ad
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICDGMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNTAxMjYw
NzU1MDNaFw0yNjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEI0NTYzMTgxRDEyMjA1
MDlENzAwNjk5QzdDM0UwM0EyMDI4OTAxQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoQyffyMmlzcbZbbs2yP8U8kYAf6dG3Ehw1KYWlurKudZZvyJc
7iGMVchRkj+PLfUBwMYwKRPLtdkxH1k0YWpcWZbE7CxAJzsUjtEZ8eyl98oRIDn0
ftKna3x/h/WnmfdoXrtSA8+hdxan7M1ZAU4LWlX7/tHx4OAi2CCGoZs2xGHfdroM
v2o+F7EDpNZjeV+RhjtFz8/JjzvsRQnWTH7m7taWLQuN9e4ZyXCvAwycmjy4tKlO
oc4kSeJWvsv0OhKAfxTHAfbUtEf9AvMil7zgK3wsA/GvLNR3evLuR4hzdq7hRg/r
5119yABMzn+T29LB7Dyt/EGM1865sOuXs+UTAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUtFYxgdEiBQnXAGmcfD4DogKJAbIwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3RGWXhnZEVpQlFuWEFH
bWNmRDREb2dLSkFiSS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBANmF/RFWC3OHM0Iq0gaMjyZEPtS26+IL6nuI
hIf0yNdM417beEEDaCp635h8l2WQMEdLvYq2oRF5qKcKNOF4oiuX0yK9ysI0A14q
QBsQJ26Tyfg4ALTpr83zkN4Jvze02GJssvnVOrM6UTuBZSeyXLYqFFEyejF4HHrm
8uaFjlFKdgVpjLiUhza9c/++UbtQiBEEt1NyfNe6sP7hqn81ytgH7+J5FlF5XxOa
6OExBZ7oixyWm1uOwho0p5q5CQUPCxN7p4lCJ3q3G3uO/t+uhx6uirQlTBUo5KIK
VaGI16U9XEkfcmUmrWVxMM1YlGdFmqqD616BuMNnUrYcvL8sVq0=
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:13:01 2025 by rpki-client