Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34302d3430203d3e2030.roa
File:                     326131323a646434373a383630303a3a2f34302d3430203d3e2030.roa (raw, json)
Hash identifier:          bVgB6CY0EAnJitkx1Xv6J5wT2KqsqRck5c0cRpR6E6U=
Subject key identifier:   95:32:A7:CB:2C:85:2A:48:E2:4E:94:A3:5D:F7:0C:EA:28:C1:49:8E
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       4728A42406490ADD05D73312F7D06AF0533B10ED
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34302d3430203d3e2030.roa
Signing time:             Wed 13 Mar 2024 22:12:50 +0000
ROA not before:           Wed 13 Mar 2024 22:07:50 +0000
ROA not after:            Wed 12 Mar 2025 22:12:50 +0000
asID:                     0
IP address blocks:        2a12:dd47:8600::/40 maxlen: 40

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:28:a4:24:06:49:0a:dd:05:d7:33:12:f7:d0:6a:f0:53:3b:10:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 13 22:07:50 2024 GMT
            Not After : Mar 12 22:12:50 2025 GMT
        Subject: CN=9532A7CB2C852A48E24E94A35DF70CEA28C1498E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:6c:29:7a:9a:af:11:21:c4:b3:11:38:df:00:
                    5a:db:53:31:c2:4a:89:bb:bf:77:f8:b1:31:00:6e:
                    56:0c:6d:99:15:15:df:3a:97:3c:71:62:d6:5b:26:
                    99:f3:ef:88:48:65:7a:eb:74:70:21:47:b8:f9:60:
                    22:a4:af:11:a2:38:5d:44:d5:f0:79:97:98:8f:ea:
                    c4:7e:fe:ec:e5:be:ca:bd:bc:48:6d:c9:6d:e1:d5:
                    4e:4f:d9:c7:f6:3b:52:68:55:df:47:35:60:11:84:
                    59:21:e7:24:53:88:89:71:2c:91:ff:0e:01:51:69:
                    31:ab:8e:0f:64:8a:1f:c6:f1:28:a5:ad:5a:4c:95:
                    ba:62:45:8d:b5:94:a6:d5:5f:ee:8d:a6:3b:63:44:
                    af:98:48:77:27:b3:81:16:5c:d5:44:32:94:42:a1:
                    1b:84:ad:fe:d9:8d:a6:38:20:b0:1d:3a:38:d7:84:
                    28:ec:a2:e6:10:d4:5f:ee:a7:93:5b:21:4b:65:d4:
                    61:3a:5a:e4:10:99:8b:25:f9:4d:43:c6:3b:d0:34:
                    10:23:99:cf:0f:12:80:2a:3d:e3:08:30:ab:81:c5:
                    ec:00:86:d9:0e:c7:e2:42:3e:30:4c:3b:ea:bf:3c:
                    17:41:9f:ed:ea:df:f9:ec:cc:39:00:cc:d3:f7:1e:
                    64:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:32:A7:CB:2C:85:2A:48:E2:4E:94:A3:5D:F7:0C:EA:28:C1:49:8E
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34302d3430203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8600::/40

    Signature Algorithm: sha256WithRSAEncryption
         15:ca:9b:9c:8a:fe:44:87:29:72:67:c0:88:fb:2b:cd:42:79:
         4b:cf:34:16:7d:ee:d7:b0:e1:c8:13:6d:cb:5c:24:f1:73:2a:
         97:07:cc:0a:05:89:20:11:ce:f0:1f:7c:1b:43:de:ff:dd:65:
         9b:bc:a0:f1:fe:9f:bb:b5:88:2e:b8:30:40:56:6c:24:20:98:
         83:eb:40:a1:03:e5:b2:99:02:7e:95:95:32:e6:7f:2a:a5:b4:
         a0:92:e0:d3:8c:5e:69:4a:48:13:9e:5f:93:0b:a5:ec:44:ff:
         5b:bd:b0:c5:41:68:a2:48:3a:d1:95:63:9c:0a:50:3a:45:50:
         a0:5e:97:64:69:bc:22:ca:8a:e0:69:06:50:e0:e4:d3:92:9b:
         54:f9:89:d8:9c:29:13:31:2b:35:db:98:c8:b2:75:d2:6a:3c:
         4b:6b:9e:0f:1f:6c:cb:61:db:92:bb:2d:b9:7f:f7:40:2e:a3:
         85:39:ac:8c:96:50:fb:3b:48:68:b2:01:31:51:70:11:d7:a2:
         e9:51:74:f3:91:91:06:1d:96:c0:64:89:f5:e0:0c:5e:b9:df:
         9e:f5:97:3f:20:fd:ce:b7:96:dc:1f:e2:44:5b:b7:c1:51:f7:
         23:26:a2:2e:95:2a:0f:a9:f5:f0:d8:b0:79:7a:d1:f9:3e:d8:
         d7:69:37:9e
-----BEGIN CERTIFICATE-----
MIIE4jCCA8qgAwIBAgIURyikJAZJCt0F1zMS99Bq8FM7EO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTMyMjA3NTBaFw0yNTAzMTIyMjEyNTBaMDMxMTAvBgNV
BAMTKDk1MzJBN0NCMkM4NTJBNDhFMjRFOTRBMzVERjcwQ0VBMjhDMTQ5OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtbCl6mq8RIcSzETjfAFrbUzHC
Som7v3f4sTEAblYMbZkVFd86lzxxYtZbJpnz74hIZXrrdHAhR7j5YCKkrxGiOF1E
1fB5l5iP6sR+/uzlvsq9vEhtyW3h1U5P2cf2O1JoVd9HNWARhFkh5yRTiIlxLJH/
DgFRaTGrjg9kih/G8SilrVpMlbpiRY21lKbVX+6NpjtjRK+YSHcns4EWXNVEMpRC
oRuErf7ZjaY4ILAdOjjXhCjsouYQ1F/up5NbIUtl1GE6WuQQmYsl+U1DxjvQNBAj
mc8PEoAqPeMIMKuBxewAhtkOx+JCPjBMO+q/PBdBn+3q3/nszDkAzNP3HmQRAgMB
AAGjggHsMIIB6DAdBgNVHQ4EFgQUlTKnyyyFKkjiTpSjXfcM6ijBSY4wHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgYQGCCsGAQUFBwELBHgwdjB0BggrBgEFBQcwC4ZocnN5
bmM6Ly9yZXBvLmthZ2wubWUvcnBraS9LZWF0b25BR0xhaXItVEVTVC8xLzMyNjEz
MTMyM2E2NDY0MzQzNzNhMzgzNjMwMzAzYTNhMmYzNDMwMmQzNDMwMjAzZDNlMjAz
MC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQS
MBAwDgQCAAIwCAMGACoS3UeGMA0GCSqGSIb3DQEBCwUAA4IBAQAVypuciv5Ehyly
Z8CI+yvNQnlLzzQWfe7XsOHIE23LXCTxcyqXB8wKBYkgEc7wH3wbQ97/3WWbvKDx
/p+7tYguuDBAVmwkIJiD60ChA+WymQJ+lZUy5n8qpbSgkuDTjF5pSkgTnl+TC6Xs
RP9bvbDFQWiiSDrRlWOcClA6RVCgXpdkabwiyorgaQZQ4OTTkptU+YnYnCkTMSs1
25jIsnXSajxLa54PH2zLYduSuy25f/dALqOFOayMllD7O0hosgExUXAR16LpUXTz
kZEGHZbAZIn14Axeud+e9Zc/IP3Ot5bcH+JEW7fBUfcjJqIulSoPqfXw2LB5etH5
PtjXaTee
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:21:59 2024 by rpki-client on console-fra.rpki-client.org