Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/Sobornost-RIPE/2Z89Ra-YiPODEABYY0-GS398S1g.roa
File:                     2Z89Ra-YiPODEABYY0-GS398S1g.roa (raw, json)
Hash identifier:          e7JU/ZTTAL3ZLU43/xBJ4u3aA3IXrk+CwI0exhR7kx8=
Subject key identifier:   D9:9F:3D:45:AF:98:88:F3:83:10:00:58:63:4F:86:4B:7F:7C:4B:58
Certificate issuer:       /CN=82a1b27c74e7f5dc030e401c534a61b1bc3ca512
Certificate serial:       02AA
Authority key identifier: 82:A1:B2:7C:74:E7:F5:DC:03:0E:40:1C:53:4A:61:B1:BC:3C:A5:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gqGyfHTn9dwDDkAcU0phsbw8pRI.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/Sobornost-RIPE/2Z89Ra-YiPODEABYY0-GS398S1g.roa
Signing time:             Tue 02 Feb 2021 10:40:47 +0000
ROA not before:           Tue 02 Feb 2021 10:40:47 +0000
ROA not after:            Fri 01 Jul 2022 00:00:00 +0000
asID:                     15562
IP address blocks:        2001:67c:208c::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 682 (0x2aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82a1b27c74e7f5dc030e401c534a61b1bc3ca512
        Validity
            Not Before: Feb  2 10:40:47 2021 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=D99F3D45AF9888F383100058634F864B7F7C4B58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:c4:c2:b5:3e:88:d5:47:96:ff:4b:2a:35:ba:
                    fd:c9:6a:11:e7:91:ba:a6:39:3d:0f:79:86:da:7e:
                    b9:e5:a6:7e:76:33:8c:48:67:31:6a:ff:48:63:25:
                    af:14:81:1c:c7:c9:ba:ef:25:df:00:a5:27:21:9d:
                    94:d6:45:f3:5f:4c:5e:60:75:20:6c:d9:cd:f6:7f:
                    2e:f6:ad:fd:53:33:29:93:21:5f:51:e4:b9:1a:47:
                    a8:bb:90:51:a2:dd:68:59:27:df:a1:58:62:41:ca:
                    e2:f7:83:0e:c8:e9:17:41:61:9f:ae:58:c7:06:56:
                    f3:0c:1e:29:58:ce:2d:5f:01:64:3f:99:bc:b9:6c:
                    64:52:99:5c:97:0b:08:b5:30:f4:a1:60:92:aa:01:
                    3f:1d:f9:05:9b:be:f2:76:86:05:e2:1c:02:3c:b6:
                    7f:25:74:86:79:21:5d:e1:9d:5e:d4:6c:48:93:c0:
                    c7:3e:05:49:23:80:96:94:46:ec:65:0b:16:f8:0e:
                    c3:19:03:d7:0c:1f:7e:a9:2b:1f:a9:ad:21:cc:0a:
                    da:ce:13:35:bc:dc:cc:dd:f8:12:99:76:e0:75:1e:
                    27:87:dc:52:20:91:20:ff:b1:49:d4:09:25:12:5b:
                    b7:3b:19:05:11:ec:55:23:b2:a2:1d:75:72:43:7b:
                    45:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:9F:3D:45:AF:98:88:F3:83:10:00:58:63:4F:86:4B:7F:7C:4B:58
            X509v3 Authority Key Identifier:
                keyid:82:A1:B2:7C:74:E7:F5:DC:03:0E:40:1C:53:4A:61:B1:BC:3C:A5:12

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/Sobornost-RIPE/gqGyfHTn9dwDDkAcU0phsbw8pRI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gqGyfHTn9dwDDkAcU0phsbw8pRI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/Sobornost-RIPE/2Z89Ra-YiPODEABYY0-GS398S1g.roa
                RPKI Notify - URI:https://chloe.sobornost.net/rpki/news-public.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:208c::/48

    Signature Algorithm: sha256WithRSAEncryption
         20:6f:c4:a0:a7:65:a4:6d:ec:bf:ec:c6:40:04:9b:13:8c:81:
         48:ee:1f:64:25:52:88:4c:9c:b8:89:d6:c2:4f:ef:94:56:fe:
         d4:98:a7:2f:de:c9:56:2d:e9:63:c0:2a:02:c2:b0:4a:1d:8e:
         1f:2c:62:26:4d:29:58:fb:68:d2:87:e6:4b:e3:a3:ac:47:54:
         f8:36:6e:2e:c1:10:ab:01:91:b9:4e:d1:9e:4d:0c:14:d3:f4:
         88:f1:86:63:c8:96:cc:5b:21:06:d1:02:e4:21:39:1b:24:68:
         df:d9:c4:e7:6c:a0:62:5d:07:89:29:27:a4:92:46:e5:c5:54:
         15:66:57:73:70:bd:ed:d0:26:98:2f:52:5e:27:fd:b8:2c:4b:
         11:44:90:fc:99:31:fd:f3:e9:16:ae:c7:98:03:d5:a9:80:23:
         fa:49:9a:9e:87:a5:40:a1:4f:c1:5c:96:0c:c4:38:0a:24:e8:
         29:d2:34:ff:ca:18:3a:22:83:52:3d:2c:5d:b3:19:c0:3a:1b:
         e4:9b:9b:ef:e4:e8:db:05:0d:2c:ab:ec:23:8a:b7:fe:3a:8a:
         71:d1:a2:fe:d3:5a:d1:26:42:f8:e9:a3:db:85:8c:40:3f:45:
         4c:ca:a0:f6:0d:d4:23:99:b7:01:82:c8:ae:20:06:b4:20:f4:
         73:68:25:80
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgICAqowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODJh
MWIyN2M3NGU3ZjVkYzAzMGU0MDFjNTM0YTYxYjFiYzNjYTUxMjAeFw0yMTAyMDIx
MDQwNDdaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEQ5OUYzRDQ1QUY5ODg4
RjM4MzEwMDA1ODYzNEY4NjRCN0Y3QzRCNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGxMK1PojVR5b/Syo1uv3JahHnkbqmOT0PeYbafrnlpn52M4xI
ZzFq/0hjJa8UgRzHybrvJd8ApSchnZTWRfNfTF5gdSBs2c32fy72rf1TMymTIV9R
5LkaR6i7kFGi3WhZJ9+hWGJByuL3gw7I6RdBYZ+uWMcGVvMMHilYzi1fAWQ/mby5
bGRSmVyXCwi1MPShYJKqAT8d+QWbvvJ2hgXiHAI8tn8ldIZ5IV3hnV7UbEiTwMc+
BUkjgJaURuxlCxb4DsMZA9cMH36pKx+prSHMCtrOEzW83Mzd+BKZduB1HieH3FIg
kSD/sUnUCSUSW7c7GQUR7FUjsqIddXJDe0VXAgMBAAGjggIIMIICBDAdBgNVHQ4E
FgQU2Z89Ra+YiPODEABYY0+GS398S1gwHwYDVR0jBBgwFoAUgqGyfHTn9dwDDkAc
U0phsbw8pRIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9Tb2Jvcm5vc3Qt
UklQRS9ncUd5ZkhUbjlkd0REa0FjVTBwaHNidzhwUkkuY3JsMGQGCCsGAQUFBwEB
BFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9ncUd5ZkhUbjlkd0REa0FjVTBwaHNidzhwUkkuY2VyMA4GA1Ud
DwEB/wQEAwIHgDCBqwYIKwYBBQUHAQsEgZ4wgZswWwYIKwYBBQUHMAuGT3JzeW5j
Oi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1NvYm9ybm9zdC1SSVBFLzJaODlS
YS1ZaVBPREVBQllZMC1HUzM5OFMxZy5yb2EwPAYIKwYBBQUHMA2GMGh0dHBzOi8v
Y2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL25ld3MtcHVibGljLnhtbDAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwgjDANBgkqhkiG9w0BAQsFAAOCAQEA
IG/EoKdlpG3sv+zGQASbE4yBSO4fZCVSiEycuInWwk/vlFb+1JinL97JVi3pY8Aq
AsKwSh2OHyxiJk0pWPto0ofmS+OjrEdU+DZuLsEQqwGRuU7Rnk0MFNP0iPGGY8iW
zFshBtEC5CE5GyRo39nE52ygYl0HiSknpJJG5cVUFWZXc3C97dAmmC9SXif9uCxL
EUSQ/Jkx/fPpFq7HmAPVqYAj+kmanoelQKFPwVyWDMQ4CiToKdI0/8oYOiKDUj0s
XbMZwDob5Jub7+To2wUNLKvsI4q3/jqKcdGi/tNa0SZC+Omj24WMQD9FTMqg9g3U
I5m3AYLIriAGtCD0c2glgA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org