Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/uplift/9SmCZ-8lHhCch-RzAta9RG5ZMoc.roa
File:                     9SmCZ-8lHhCch-RzAta9RG5ZMoc.roa (raw, json)
Hash identifier:          PsRIBf2pbDRn0FUHdJUywdpOglx1aWLH1N/sh3ByZFA=
Subject key identifier:   F5:29:82:67:EF:25:1E:10:9C:87:E4:73:02:D6:BD:44:6E:59:32:87
Certificate issuer:       /CN=ce8a019fb3ab4b1018d36a34f87a567a4478a506
Certificate serial:       04
Authority key identifier: CE:8A:01:9F:B3:AB:4B:10:18:D3:6A:34:F8:7A:56:7A:44:78:A5:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zooBn7OrSxAY02o0-HpWekR4pQY.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/uplift/9SmCZ-8lHhCch-RzAta9RG5ZMoc.roa
Signing time:             Sun 11 Feb 2024 11:49:05 +0000
ROA not before:           Sun 11 Feb 2024 11:49:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1880
IP address blocks:        2001:67c:2938::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce8a019fb3ab4b1018d36a34f87a567a4478a506
        Validity
            Not Before: Feb 11 11:49:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=F5298267EF251E109C87E47302D6BD446E593287
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:8b:74:fb:5f:d8:f1:44:9c:d1:00:04:7f:75:
                    bc:d6:0f:fc:4c:b6:6c:f3:81:e8:db:6f:e6:dc:35:
                    c6:16:43:a3:34:4c:b9:8b:4e:ae:85:a7:5f:d7:fc:
                    b1:16:b6:9d:f2:0b:14:8a:cd:c7:61:68:20:4e:f5:
                    2a:28:94:0d:9c:45:2c:29:14:91:0f:7c:40:fa:5e:
                    27:65:54:4a:fa:5d:31:2d:bc:51:9b:4b:42:46:2d:
                    2c:91:41:aa:00:8b:28:74:fc:f3:c7:ab:85:a1:90:
                    3a:22:50:2e:2e:d2:54:a6:c6:46:2e:a0:01:a9:17:
                    49:6f:18:f1:97:9f:5d:bb:e1:f0:22:7e:e4:ef:5e:
                    90:ca:48:75:e6:02:07:96:35:f4:ca:4b:77:34:a1:
                    09:fa:17:ce:01:9b:5c:a9:78:69:b1:ac:8d:bb:29:
                    43:13:a8:02:19:37:e6:73:57:62:98:9b:af:92:0e:
                    ec:37:87:4e:5f:ba:11:27:2f:61:52:95:27:d9:bd:
                    0a:29:cd:9f:15:de:a2:fb:cd:5f:08:25:fc:96:79:
                    05:7d:33:c2:36:e9:bd:ea:b3:5f:91:2b:24:2c:95:
                    5e:c4:60:bc:1e:62:88:92:c0:f1:e4:36:49:6f:a7:
                    4c:ed:f6:6d:69:5d:cc:ac:98:7f:eb:5f:64:15:49:
                    16:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:29:82:67:EF:25:1E:10:9C:87:E4:73:02:D6:BD:44:6E:59:32:87
            X509v3 Authority Key Identifier:
                keyid:CE:8A:01:9F:B3:AB:4B:10:18:D3:6A:34:F8:7A:56:7A:44:78:A5:06

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/uplift/zooBn7OrSxAY02o0-HpWekR4pQY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zooBn7OrSxAY02o0-HpWekR4pQY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/uplift/9SmCZ-8lHhCch-RzAta9RG5ZMoc.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2938::/48

    Signature Algorithm: sha256WithRSAEncryption
         8a:18:50:4b:47:67:95:56:98:fb:08:27:18:19:76:f1:38:82:
         5d:56:d7:c4:ca:7c:fc:00:4e:ec:27:89:dd:72:fc:0c:cc:aa:
         90:33:0d:b9:c8:c2:a0:c0:69:dc:ed:25:d1:0b:0e:d3:17:68:
         db:fa:71:64:86:da:2f:c3:5e:a6:22:36:cd:08:f5:0f:c3:25:
         12:b8:0c:1d:0b:a4:92:63:a4:b5:a4:fd:02:97:cf:e8:fd:86:
         c6:9d:87:ab:f1:a5:47:50:ed:7f:de:94:6e:05:ef:ac:5f:f9:
         cc:80:49:0c:2a:ec:97:54:0d:7d:a4:42:82:85:12:ee:05:91:
         e2:41:2a:64:e1:95:3a:9f:a1:f4:d5:66:1f:c4:e3:81:5c:76:
         f4:2a:54:57:45:02:6a:3a:0d:ae:3a:ba:dc:fb:f2:52:b2:32:
         34:91:c9:d1:3f:17:42:b0:d4:9e:d6:64:ee:a8:59:87:e1:c9:
         7c:6f:cf:57:11:0b:85:3b:2f:2d:48:84:36:0c:52:eb:1a:27:
         41:43:85:f9:13:25:53:c1:6b:24:9c:51:77:e1:5d:a1:a1:e1:
         83:25:27:9d:e5:5b:65:5a:20:14:6a:2a:13:ed:49:25:26:fe:
         96:38:95:0b:d7:96:17:35:72:d0:e8:10:2d:d6:9d:4c:a2:93:
         75:1a:5e:74
-----BEGIN CERTIFICATE-----
MIIEmjCCA4KgAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhjZThh
MDE5ZmIzYWI0YjEwMThkMzZhMzRmODdhNTY3YTQ0NzhhNTA2MB4XDTI0MDIxMTEx
NDkwNVoXDTI1MDcwMTAwMDAwMFowMzExMC8GA1UEAxMoRjUyOTgyNjdFRjI1MUUx
MDlDODdFNDczMDJENkJENDQ2RTU5MzI4NzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKKLdPtf2PFEnNEABH91vNYP/Ey2bPOB6Ntv5tw1xhZDozRMuYtO
roWnX9f8sRa2nfILFIrNx2FoIE71KiiUDZxFLCkUkQ98QPpeJ2VUSvpdMS28UZtL
QkYtLJFBqgCLKHT888erhaGQOiJQLi7SVKbGRi6gAakXSW8Y8ZefXbvh8CJ+5O9e
kMpIdeYCB5Y19MpLdzShCfoXzgGbXKl4abGsjbspQxOoAhk35nNXYpibr5IO7DeH
Tl+6EScvYVKVJ9m9CinNnxXeovvNXwgl/JZ5BX0zwjbpveqzX5ErJCyVXsRgvB5i
iJLA8eQ2SW+nTO32bWldzKyYf+tfZBVJFqECAwEAAaOCAbcwggGzMB0GA1UdDgQW
BBT1KYJn7yUeEJyH5HMC1r1EblkyhzAfBgNVHSMEGDAWgBTOigGfs6tLEBjTajT4
elZ6RHilBjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFgGA1UdHwRRME8wTaBL
oEmGR3JzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL3VwbGlmdC96b29C
bjdPclN4QVkwMm8wLUhwV2VrUjRwUVkuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC96b29CbjdPclN4QVkwMm8wLUhwV2VrUjRwUVkuY2VyMA4GA1UdDwEB/wQEAwIH
gDBjBggrBgEFBQcBCwRXMFUwUwYIKwYBBQUHMAuGR3JzeW5jOi8vY2hsb2Uuc29i
b3Jub3N0Lm5ldC9ycGtpL3VwbGlmdC85U21DWi04bEhoQ2NoLVJ6QXRhOVJHNVpN
b2Mucm9hMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCk4MA0GCSqG
SIb3DQEBCwUAA4IBAQCKGFBLR2eVVpj7CCcYGXbxOIJdVtfEynz8AE7sJ4ndcvwM
zKqQMw25yMKgwGnc7SXRCw7TF2jb+nFkhtovw16mIjbNCPUPwyUSuAwdC6SSY6S1
pP0Cl8/o/YbGnYer8aVHUO1/3pRuBe+sX/nMgEkMKuyXVA19pEKChRLuBZHiQSpk
4ZU6n6H01WYfxOOBXHb0KlRXRQJqOg2uOrrc+/JSsjI0kcnRPxdCsNSe1mTuqFmH
4cl8b89XEQuFOy8tSIQ2DFLrGidBQ4X5EyVTwWsknFF34V2hoeGDJSed5VtlWiAU
aioT7UklJv6WOJUL15YXNXLQ6BAt1p1MopN1Gl50
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:55 2024 by rpki-client on console-fra.rpki-client.org