Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/Sobornost-RIPE/utY3yu2GMAwPCx9j-Bx036N3qCo.roa
File:                     utY3yu2GMAwPCx9j-Bx036N3qCo.roa (raw, json)
Hash identifier:          sAxFcv3+DSv/lRhFVlGycEJON9PL0rjwrjM9PS0D9ho=
Subject key identifier:   BA:D6:37:CA:ED:86:30:0C:0F:0B:1F:63:F8:1C:74:DF:A3:77:A8:2A
Certificate issuer:       /CN=82a1b27c74e7f5dc030e401c534a61b1bc3ca512
Certificate serial:       0272
Authority key identifier: 82:A1:B2:7C:74:E7:F5:DC:03:0E:40:1C:53:4A:61:B1:BC:3C:A5:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gqGyfHTn9dwDDkAcU0phsbw8pRI.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/Sobornost-RIPE/utY3yu2GMAwPCx9j-Bx036N3qCo.roa
Signing time:             Mon 01 Feb 2021 20:40:43 +0000
ROA not before:           Mon 01 Feb 2021 20:40:43 +0000
ROA not after:            Fri 01 Jul 2022 00:00:00 +0000
asID:                     15562
IP address blocks:        2001:67c:208c::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 626 (0x272)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82a1b27c74e7f5dc030e401c534a61b1bc3ca512
        Validity
            Not Before: Feb  1 20:40:43 2021 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=BAD637CAED86300C0F0B1F63F81C74DFA377A82A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:20:3b:e9:4f:02:ed:f0:07:63:1b:01:ab:b6:
                    78:ed:fc:fb:08:1c:01:ce:bc:19:b4:b1:dc:4f:80:
                    fd:82:4f:32:10:17:96:8e:f6:be:f9:39:d9:ab:ef:
                    7d:c4:63:a8:84:1d:35:57:eb:46:fc:2f:5f:ac:ee:
                    8e:4d:78:92:fc:48:06:49:94:05:90:1d:60:49:d1:
                    fb:99:41:bb:f5:89:d6:ad:5d:f8:7f:f6:e6:d2:77:
                    1e:8d:dd:38:1a:b6:fb:bd:8a:de:f5:09:33:ac:bf:
                    31:28:50:73:dd:08:fc:4a:c5:c5:a5:49:9c:4b:de:
                    56:e0:46:e9:e6:e2:7e:24:95:42:6f:9d:9f:a7:32:
                    c3:e4:15:fd:2e:e8:49:1a:a1:27:8a:ad:46:ea:fa:
                    4e:87:39:62:18:5b:1b:a4:4d:a8:15:a8:9b:99:cb:
                    9f:7a:42:1f:8f:4a:41:4c:08:98:00:02:fc:91:d1:
                    36:1b:36:84:b5:96:a9:d7:8f:7b:f9:67:e2:cc:17:
                    23:cd:7b:49:63:1f:55:86:95:ec:fb:03:20:28:b5:
                    41:aa:6d:5f:73:fa:05:17:00:ad:3a:0c:91:66:37:
                    80:d9:3e:9f:80:1e:f8:ca:46:6c:3e:41:1b:56:7e:
                    5a:90:a7:e3:6e:02:18:ab:64:9e:b4:cd:c0:6c:9e:
                    b0:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:D6:37:CA:ED:86:30:0C:0F:0B:1F:63:F8:1C:74:DF:A3:77:A8:2A
            X509v3 Authority Key Identifier:
                keyid:82:A1:B2:7C:74:E7:F5:DC:03:0E:40:1C:53:4A:61:B1:BC:3C:A5:12

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/Sobornost-RIPE/gqGyfHTn9dwDDkAcU0phsbw8pRI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gqGyfHTn9dwDDkAcU0phsbw8pRI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/Sobornost-RIPE/utY3yu2GMAwPCx9j-Bx036N3qCo.roa
                RPKI Notify - URI:https://chloe.sobornost.net/rpki/news-public.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:208c::/48

    Signature Algorithm: sha256WithRSAEncryption
         c8:4d:23:d7:59:0a:4d:73:8a:d5:71:b3:40:55:fe:6a:fb:13:
         8f:23:21:ea:21:61:71:af:e8:fe:da:7f:4a:f8:0b:5f:f0:ba:
         9c:9c:51:dc:a1:83:aa:34:ab:14:74:72:5b:e4:98:02:5d:63:
         f0:78:aa:a4:eb:ae:34:0f:73:1b:ca:52:2e:11:fc:3c:9b:d8:
         e8:82:64:1f:84:c3:24:31:35:e5:6e:7a:c9:2e:16:e1:d8:ff:
         aa:38:67:c3:f1:df:84:29:65:5c:82:8a:35:6a:62:c3:85:19:
         33:c9:c4:99:a9:f3:62:de:19:5b:85:e3:95:ae:76:ad:ba:27:
         64:cb:17:43:67:6c:46:c8:cf:dd:ef:dc:13:05:a3:c4:44:ba:
         b7:0d:8b:a9:3a:73:8a:d2:ab:be:97:e8:e7:b3:cd:94:81:c3:
         da:7d:71:23:ff:f7:b3:86:fe:45:a8:48:73:3c:32:fb:a8:a0:
         0e:5b:8b:fc:ed:5f:ef:06:84:11:d8:39:d9:e6:97:10:ce:a2:
         83:03:5a:ca:ec:1f:4b:76:2f:2c:f2:b6:5f:1f:39:17:2a:6b:
         41:c8:3b:b5:97:2c:ae:b0:d2:bc:09:50:73:77:94:e3:44:dd:
         10:35:9f:27:b3:dd:99:6b:45:7c:4c:85:d7:38:44:ef:a3:2a:
         0e:57:9a:c9
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgICAnIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODJh
MWIyN2M3NGU3ZjVkYzAzMGU0MDFjNTM0YTYxYjFiYzNjYTUxMjAeFw0yMTAyMDEy
MDQwNDNaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKEJBRDYzN0NBRUQ4NjMw
MEMwRjBCMUY2M0Y4MUM3NERGQTM3N0E4MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTIDvpTwLt8AdjGwGrtnjt/PsIHAHOvBm0sdxPgP2CTzIQF5aO
9r75Odmr733EY6iEHTVX60b8L1+s7o5NeJL8SAZJlAWQHWBJ0fuZQbv1idatXfh/
9ubSdx6N3Tgatvu9it71CTOsvzEoUHPdCPxKxcWlSZxL3lbgRunm4n4klUJvnZ+n
MsPkFf0u6EkaoSeKrUbq+k6HOWIYWxukTagVqJuZy596Qh+PSkFMCJgAAvyR0TYb
NoS1lqnXj3v5Z+LMFyPNe0ljH1WGlez7AyAotUGqbV9z+gUXAK06DJFmN4DZPp+A
HvjKRmw+QRtWflqQp+NuAhirZJ60zcBsnrArAgMBAAGjggIIMIICBDAdBgNVHQ4E
FgQUutY3yu2GMAwPCx9j+Bx036N3qCowHwYDVR0jBBgwFoAUgqGyfHTn9dwDDkAc
U0phsbw8pRIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9Tb2Jvcm5vc3Qt
UklQRS9ncUd5ZkhUbjlkd0REa0FjVTBwaHNidzhwUkkuY3JsMGQGCCsGAQUFBwEB
BFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9ncUd5ZkhUbjlkd0REa0FjVTBwaHNidzhwUkkuY2VyMA4GA1Ud
DwEB/wQEAwIHgDCBqwYIKwYBBQUHAQsEgZ4wgZswWwYIKwYBBQUHMAuGT3JzeW5j
Oi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1NvYm9ybm9zdC1SSVBFL3V0WTN5
dTJHTUF3UEN4OWotQngwMzZOM3FDby5yb2EwPAYIKwYBBQUHMA2GMGh0dHBzOi8v
Y2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL25ld3MtcHVibGljLnhtbDAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwgjDANBgkqhkiG9w0BAQsFAAOCAQEA
yE0j11kKTXOK1XGzQFX+avsTjyMh6iFhca/o/tp/SvgLX/C6nJxR3KGDqjSrFHRy
W+SYAl1j8HiqpOuuNA9zG8pSLhH8PJvY6IJkH4TDJDE15W56yS4W4dj/qjhnw/Hf
hCllXIKKNWpiw4UZM8nEmanzYt4ZW4Xjla52rbonZMsXQ2dsRsjP3e/cEwWjxES6
tw2LqTpzitKrvpfo57PNlIHD2n1xI//3s4b+RahIczwy+6igDluL/O1f7waEEdg5
2eaXEM6igwNayuwfS3YvLPK2Xx85FyprQcg7tZcsrrDSvAlQc3eU40TdEDWfJ7Pd
mWtFfEyF1zhE76MqDleayQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:53 2023 by rpki-client on console-ams.rpki-client.org