Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/tdf-mjyZlkvxOCKCiJDRSVm-k0A.roa
File:                     tdf-mjyZlkvxOCKCiJDRSVm-k0A.roa (raw, json)
Hash identifier:          SL0HPAO1yzT66hxS9Y1XvZ14X1bqgK268FYWlRzwXhc=
Subject key identifier:   B5:D7:FE:9A:3C:99:96:4B:F1:38:22:82:88:90:D1:49:59:BE:93:40
Certificate issuer:       /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial:       0A67
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tdf-mjyZlkvxOCKCiJDRSVm-k0A.roa
Signing time:             Sat 30 Nov 2024 23:55:02 +0000
ROA not before:           Sat 30 Nov 2024 23:55:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        194.104.129.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2663 (0xa67)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
        Validity
            Not Before: Nov 30 23:55:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=B5D7FE9A3C99964BF13822828890D14959BE9340
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:ec:1c:61:8a:30:cc:51:0c:cb:d7:33:2e:4f:
                    4e:62:d3:98:a3:93:50:96:10:90:f7:af:e5:57:31:
                    92:16:34:47:b6:5b:82:33:a4:9b:53:c2:61:f4:e0:
                    7d:01:0a:29:a3:bb:46:3d:53:d1:6a:28:63:01:a6:
                    36:f9:f5:9d:0e:72:5e:dd:58:fa:59:1e:ef:f6:e9:
                    3a:1a:b3:e8:5f:1b:e7:14:0c:55:7a:9a:04:93:31:
                    37:2d:de:fa:e0:f3:78:5a:48:fc:96:df:07:01:00:
                    5d:6a:c9:9b:0f:ba:32:b4:ea:2d:1c:4e:9d:ea:21:
                    7e:7d:19:1a:af:f9:11:a0:ff:b9:31:37:52:18:d1:
                    c3:d5:3a:0f:89:9f:11:87:1f:a9:79:55:db:c6:04:
                    5c:72:13:cc:8c:a5:98:bf:d3:09:d6:33:e8:74:a5:
                    23:97:68:e1:85:8e:d4:04:39:d5:bc:33:4b:89:fb:
                    09:6c:95:8e:84:b5:1e:1a:d9:4f:ee:be:d4:cd:14:
                    67:36:23:46:cd:f0:52:e9:92:c6:6c:5a:5f:ed:fe:
                    40:da:12:48:e0:a5:0a:44:39:2e:e8:fc:c0:14:91:
                    22:5f:c0:0f:a1:61:97:fb:45:0d:f2:9a:bf:f5:52:
                    f5:65:83:c6:20:a9:20:a8:af:e8:28:23:45:9f:6d:
                    fb:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:D7:FE:9A:3C:99:96:4B:F1:38:22:82:88:90:D1:49:59:BE:93:40
            X509v3 Authority Key Identifier:
                keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/tdf-mjyZlkvxOCKCiJDRSVm-k0A.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:81:31:f1:aa:3d:c8:b7:5f:82:c2:01:7b:d2:6a:a8:e5:cd:
         fb:8d:3a:bd:61:c6:2c:e1:c5:d5:c3:1b:8b:d0:e9:a4:92:65:
         15:15:10:ef:e4:c8:20:a5:72:97:da:28:3e:ad:84:fe:64:d3:
         0c:2c:bb:0a:14:4f:f7:71:55:b9:d8:1c:e0:f1:a8:39:c0:55:
         41:50:27:53:90:92:a7:5f:6c:d7:bf:56:cc:b8:bc:35:1f:7b:
         b1:97:04:b1:7f:d3:61:d0:3e:6e:e6:26:87:9c:34:4e:c2:55:
         a1:da:4d:e2:dd:1a:75:60:db:c6:d4:9b:cb:44:7d:32:cc:79:
         87:f3:ee:5c:9a:7d:c6:dc:28:98:0f:4f:af:3a:dc:67:ad:f5:
         18:d2:ca:b7:e6:43:41:ad:71:87:4b:cc:c6:89:e2:90:1b:57:
         e8:63:da:2f:ce:94:e6:b3:94:43:62:c4:4d:ab:a5:0e:84:16:
         56:2f:67:73:bf:b5:13:4e:61:6d:45:f8:14:b1:ff:a4:2a:66:
         c9:8e:16:87:fc:25:9a:d6:3a:05:5c:09:29:be:fb:08:ff:97:
         6b:7c:c6:3a:1c:63:8b:e7:8b:02:c5:c4:6c:2f:e6:d9:32:a7:
         1c:cc:09:d9:8e:33:54:7d:38:cd:03:cb:f3:86:0d:3b:20:bb:
         f5:4b:dc:aa
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICCmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDExMzAy
MzU1MDJaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEI1RDdGRTlBM0M5OTk2
NEJGMTM4MjI4Mjg4OTBEMTQ5NTlCRTkzNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE7BxhijDMUQzL1zMuT05i05ijk1CWEJD3r+VXMZIWNEe2W4Iz
pJtTwmH04H0BCimju0Y9U9FqKGMBpjb59Z0Ocl7dWPpZHu/26Toas+hfG+cUDFV6
mgSTMTct3vrg83haSPyW3wcBAF1qyZsPujK06i0cTp3qIX59GRqv+RGg/7kxN1IY
0cPVOg+JnxGHH6l5VdvGBFxyE8yMpZi/0wnWM+h0pSOXaOGFjtQEOdW8M0uJ+wls
lY6EtR4a2U/uvtTNFGc2I0bN8FLpksZsWl/t/kDaEkjgpQpEOS7o/MAUkSJfwA+h
YZf7RQ3ymr/1UvVlg8YgqSCor+goI0Wfbfu/AgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUtdf+mjyZlkvxOCKCiJDRSVm+k0AwHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL3RkZi1tanlabGt2eE9D
S0NpSkRSU1ZtLWswQS5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBACCBMfGqPci3X4LCAXvSaqjlzfuNOr1hxizh
xdXDG4vQ6aSSZRUVEO/kyCClcpfaKD6thP5k0wwsuwoUT/dxVbnYHODxqDnAVUFQ
J1OQkqdfbNe/Vsy4vDUfe7GXBLF/02HQPm7mJoecNE7CVaHaTeLdGnVg28bUm8tE
fTLMeYfz7lyafcbcKJgPT6863Get9RjSyrfmQ0GtcYdLzMaJ4pAbV+hj2i/OlOaz
lENixE2rpQ6EFlYvZ3O/tRNOYW1F+BSx/6QqZsmOFof8JZrWOgVcCSm++wj/l2t8
xjocY4vniwLFxGwv5tkypxzMCdmOM1R9OM0Dy/OGDTsgu/VL3Ko=
-----END CERTIFICATE-----
Generated at Wed Jun 11 06:18:26 2025 by rpki-client