Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/Sobornost-RIPE/kPOFlEAQwFak_mNOyREAW8K045c.roa
File:                     kPOFlEAQwFak_mNOyREAW8K045c.roa (raw, json)
Hash identifier:          Y0twqzEyejIvYDz2vOTexCI23ct9UsVtlXptT01O44E=
Subject key identifier:   90:F3:85:94:40:10:C0:56:A4:FE:63:4E:C9:11:00:5B:C2:B4:E3:97
Certificate issuer:       /CN=82a1b27c74e7f5dc030e401c534a61b1bc3ca512
Certificate serial:       0296
Authority key identifier: 82:A1:B2:7C:74:E7:F5:DC:03:0E:40:1C:53:4A:61:B1:BC:3C:A5:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gqGyfHTn9dwDDkAcU0phsbw8pRI.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/Sobornost-RIPE/kPOFlEAQwFak_mNOyREAW8K045c.roa
Signing time:             Tue 02 Feb 2021 05:40:46 +0000
ROA not before:           Tue 02 Feb 2021 05:40:46 +0000
ROA not after:            Fri 01 Jul 2022 00:00:00 +0000
asID:                     15562
IP address blocks:        2001:67c:208c::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 662 (0x296)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82a1b27c74e7f5dc030e401c534a61b1bc3ca512
        Validity
            Not Before: Feb  2 05:40:46 2021 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=90F385944010C056A4FE634EC911005BC2B4E397
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:d7:d3:f5:65:33:63:80:a0:6f:3c:6b:76:fe:
                    4c:5c:f7:f5:d8:0a:a4:b2:6a:5b:c0:e0:c8:d4:6d:
                    8a:79:b5:55:14:4f:30:a6:20:e3:23:14:ce:52:e9:
                    9d:70:d9:4e:e5:55:65:e2:30:7d:e7:90:3b:3f:6e:
                    62:2c:75:0a:e7:cf:a5:0d:92:7e:b0:93:89:3e:fe:
                    0c:8e:2e:20:49:8f:f1:21:18:d6:15:f0:b3:f4:e4:
                    59:90:cc:16:7d:07:98:96:4f:4f:50:4e:e9:73:b9:
                    ff:5f:9f:16:eb:62:4c:ac:60:c2:7c:68:f0:53:30:
                    be:b5:7c:46:86:92:af:8c:69:86:62:ce:26:80:06:
                    cd:a5:80:73:24:62:25:17:0e:a9:60:5a:ee:c8:96:
                    b4:6c:19:cb:4e:bb:0e:cf:c5:6e:9d:e6:fa:97:52:
                    c8:3f:7c:3b:03:40:04:e0:b2:36:6e:41:58:34:23:
                    cc:4b:68:7e:d1:42:57:04:42:d7:2d:a2:71:33:09:
                    d5:ac:65:0c:af:9c:a4:4b:5d:87:9f:27:49:64:f7:
                    69:30:e0:64:e5:cd:72:a2:6b:25:25:dc:a2:e1:60:
                    fc:e4:db:8e:70:37:18:a3:c2:1c:bb:d3:ee:c7:29:
                    1a:1a:15:9b:db:a2:1c:e6:c4:7e:49:f5:42:79:35:
                    50:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:F3:85:94:40:10:C0:56:A4:FE:63:4E:C9:11:00:5B:C2:B4:E3:97
            X509v3 Authority Key Identifier:
                keyid:82:A1:B2:7C:74:E7:F5:DC:03:0E:40:1C:53:4A:61:B1:BC:3C:A5:12

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/Sobornost-RIPE/gqGyfHTn9dwDDkAcU0phsbw8pRI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gqGyfHTn9dwDDkAcU0phsbw8pRI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/Sobornost-RIPE/kPOFlEAQwFak_mNOyREAW8K045c.roa
                RPKI Notify - URI:https://chloe.sobornost.net/rpki/news-public.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:208c::/48

    Signature Algorithm: sha256WithRSAEncryption
         b3:33:f7:42:80:f2:64:8d:3d:47:c2:ce:c6:7f:88:78:d6:75:
         f0:6f:77:92:a2:70:32:39:ef:3d:df:a8:1d:89:ac:ed:5f:ba:
         8a:65:64:61:ac:39:71:49:eb:4e:f9:63:51:6d:c1:cc:88:d3:
         d8:89:e4:d8:72:51:5a:49:df:c5:c3:ed:52:b1:c0:fd:0e:0c:
         d9:0d:fc:ad:ad:5e:50:31:27:64:ee:9b:b1:45:66:b3:9f:f8:
         ff:4a:56:78:e5:7c:da:5b:40:15:74:60:84:81:0e:68:b6:db:
         b3:05:97:5b:fd:e6:ec:0b:98:cc:0e:5d:2a:9c:bd:1c:26:8f:
         88:eb:4b:a6:88:a5:6a:b9:0f:be:18:e6:0b:cb:44:29:a1:93:
         d1:5a:0c:81:19:45:a9:f9:a1:db:95:05:e9:b9:b8:5c:3b:0e:
         8a:3f:f4:72:73:6d:ee:d7:7a:d6:e8:a9:95:db:be:52:c7:10:
         5f:f1:6e:44:a7:64:bb:09:44:39:f9:37:a5:33:67:56:71:00:
         7f:1d:4a:c9:c1:b2:37:20:00:07:41:8c:8e:d0:9e:a2:2d:46:
         9b:f4:05:a0:46:9d:0c:0b:e0:69:db:35:fe:0b:ab:56:25:eb:
         df:19:3e:f0:fc:f1:a3:00:9a:96:d1:27:d3:1d:71:cf:2c:12:
         e7:85:27:ce
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgICApYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODJh
MWIyN2M3NGU3ZjVkYzAzMGU0MDFjNTM0YTYxYjFiYzNjYTUxMjAeFw0yMTAyMDIw
NTQwNDZaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDkwRjM4NTk0NDAxMEMw
NTZBNEZFNjM0RUM5MTEwMDVCQzJCNEUzOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCY19P1ZTNjgKBvPGt2/kxc9/XYCqSyalvA4MjUbYp5tVUUTzCm
IOMjFM5S6Z1w2U7lVWXiMH3nkDs/bmIsdQrnz6UNkn6wk4k+/gyOLiBJj/EhGNYV
8LP05FmQzBZ9B5iWT09QTulzuf9fnxbrYkysYMJ8aPBTML61fEaGkq+MaYZiziaA
Bs2lgHMkYiUXDqlgWu7IlrRsGctOuw7PxW6d5vqXUsg/fDsDQATgsjZuQVg0I8xL
aH7RQlcEQtctonEzCdWsZQyvnKRLXYefJ0lk92kw4GTlzXKiayUl3KLhYPzk245w
Nxijwhy70+7HKRoaFZvbohzmxH5J9UJ5NVCNAgMBAAGjggIIMIICBDAdBgNVHQ4E
FgQUkPOFlEAQwFak/mNOyREAW8K045cwHwYDVR0jBBgwFoAUgqGyfHTn9dwDDkAc
U0phsbw8pRIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9Tb2Jvcm5vc3Qt
UklQRS9ncUd5ZkhUbjlkd0REa0FjVTBwaHNidzhwUkkuY3JsMGQGCCsGAQUFBwEB
BFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9ncUd5ZkhUbjlkd0REa0FjVTBwaHNidzhwUkkuY2VyMA4GA1Ud
DwEB/wQEAwIHgDCBqwYIKwYBBQUHAQsEgZ4wgZswWwYIKwYBBQUHMAuGT3JzeW5j
Oi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1NvYm9ybm9zdC1SSVBFL2tQT0Zs
RUFRd0Zha19tTk95UkVBVzhLMDQ1Yy5yb2EwPAYIKwYBBQUHMA2GMGh0dHBzOi8v
Y2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL25ld3MtcHVibGljLnhtbDAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwgjDANBgkqhkiG9w0BAQsFAAOCAQEA
szP3QoDyZI09R8LOxn+IeNZ18G93kqJwMjnvPd+oHYms7V+6imVkYaw5cUnrTvlj
UW3BzIjT2Ink2HJRWknfxcPtUrHA/Q4M2Q38ra1eUDEnZO6bsUVms5/4/0pWeOV8
2ltAFXRghIEOaLbbswWXW/3m7AuYzA5dKpy9HCaPiOtLpoilarkPvhjmC8tEKaGT
0VoMgRlFqfmh25UF6bm4XDsOij/0cnNt7td61uipldu+UscQX/FuRKdkuwlEOfk3
pTNnVnEAfx1KycGyNyAAB0GMjtCeoi1Gm/QFoEadDAvgads1/gurViXr3xk+8Pzx
owCaltEn0x1xzywS54Unzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org