Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa
File:                     326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier:          bCptdjmvnQpm+VU0b5omGZ2gseXuWLCMxMKaXw2vivs=
Subject key identifier:   4C:3D:D2:D2:13:A3:65:EF:89:6E:A2:A0:3E:48:F5:21:9E:CD:C3:71
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       51A0CB0DFE79287FAD0D4DCEBD7F4EAAD0D6DA33
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa
Signing time:             Wed 13 Mar 2024 23:12:52 +0000
ROA not before:           Wed 13 Mar 2024 23:07:52 +0000
ROA not after:            Wed 12 Mar 2025 23:12:52 +0000
asID:                     50555
IP address blocks:        2a12:dd47:8600::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:a0:cb:0d:fe:79:28:7f:ad:0d:4d:ce:bd:7f:4e:aa:d0:d6:da:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 13 23:07:52 2024 GMT
            Not After : Mar 12 23:12:52 2025 GMT
        Subject: CN=4C3DD2D213A365EF896EA2A03E48F5219ECDC371
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:aa:2a:4e:f4:e7:f2:af:d5:49:ab:61:d9:f9:
                    6b:35:fa:b0:09:40:c1:2f:3e:b8:a4:e1:97:8a:6c:
                    6b:d7:9e:58:a9:93:cc:06:82:be:bf:02:bf:0f:28:
                    fa:dc:7c:19:a4:6f:4c:c4:84:0d:54:e6:8a:db:54:
                    93:e9:27:d3:0d:f8:d9:6d:ba:24:2c:24:5e:8b:ae:
                    6b:21:bd:60:2a:68:70:b6:2e:c9:80:f2:b1:c9:57:
                    63:92:a5:b1:27:37:38:d5:2d:ec:6b:eb:5f:c1:7a:
                    df:90:81:e7:c2:10:6a:37:26:31:83:d5:fa:55:c9:
                    cf:e2:94:86:b3:e6:5c:b3:c5:0b:8d:75:b9:76:b9:
                    55:7d:9c:71:e4:4c:6e:c7:d1:c8:a1:74:a4:46:c4:
                    41:a1:d8:6a:4f:fa:cb:dc:2f:35:7e:7e:e7:c2:1b:
                    e7:d7:0e:38:3a:da:85:d6:53:5d:e1:0f:3f:ae:84:
                    04:fb:ba:8d:0f:3d:0f:6b:d1:1d:a5:86:01:b5:25:
                    fd:c1:9a:15:8b:c6:e1:1b:5e:67:1f:79:be:65:54:
                    77:70:0f:83:68:12:c8:9f:ef:7f:b2:60:8c:dd:ec:
                    9c:a1:54:65:3d:79:c0:0a:ce:ae:e3:2b:16:76:79:
                    c9:b6:4f:0e:63:5b:52:4a:fb:98:0e:47:14:1c:9a:
                    1e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:3D:D2:D2:13:A3:65:EF:89:6E:A2:A0:3E:48:F5:21:9E:CD:C3:71
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8600::/48

    Signature Algorithm: sha256WithRSAEncryption
         81:e9:d2:f7:8e:fe:c9:e2:26:17:54:38:ee:71:42:18:64:87:
         4f:3c:14:e7:0c:51:35:c1:b9:ae:83:7a:03:bb:45:c5:09:fa:
         56:95:09:12:c0:ee:74:6b:b0:88:31:19:06:b8:47:3d:95:a0:
         70:62:52:3e:8b:3c:6f:bc:94:0d:d7:97:87:26:be:22:b7:01:
         67:44:d5:64:9b:24:16:94:14:19:59:aa:8b:05:cd:da:e5:86:
         1b:03:75:06:89:24:b0:8d:2b:74:30:83:c3:3c:70:97:e2:34:
         b0:7b:9d:99:1a:0a:74:88:dd:0b:a2:7d:33:82:6a:98:3c:b5:
         73:d5:b1:9e:67:b4:fc:a2:08:7f:88:62:65:cd:5a:9d:1a:61:
         4b:6f:4e:db:80:62:13:53:16:47:45:12:80:78:13:a1:7e:1a:
         78:80:aa:23:2f:6e:76:76:c3:38:cc:d0:53:5c:92:1f:70:2d:
         33:af:79:84:86:d8:ed:12:df:79:5b:4a:34:00:91:87:44:53:
         09:32:60:9e:f4:89:db:be:68:cb:9a:bb:e5:55:3a:af:ca:da:
         6a:27:95:37:32:f9:d0:e5:ee:8e:a4:10:29:4a:9a:54:4a:9f:
         0c:17:c5:3c:f9:5c:2e:3d:af:76:29:5b:23:97:f9:19:1e:dd:
         c7:8b:67:e2
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUUaDLDf55KH+tDU3OvX9OqtDW2jMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTMyMzA3NTJaFw0yNTAzMTIyMzEyNTJaMDMxMTAvBgNV
BAMTKDRDM0REMkQyMTNBMzY1RUY4OTZFQTJBMDNFNDhGNTIxOUVDREMzNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpqipO9Ofyr9VJq2HZ+Ws1+rAJ
QMEvPrik4ZeKbGvXnlipk8wGgr6/Ar8PKPrcfBmkb0zEhA1U5orbVJPpJ9MN+Nlt
uiQsJF6LrmshvWAqaHC2LsmA8rHJV2OSpbEnNzjVLexr61/Bet+QgefCEGo3JjGD
1fpVyc/ilIaz5lyzxQuNdbl2uVV9nHHkTG7H0cihdKRGxEGh2GpP+svcLzV+fufC
G+fXDjg62oXWU13hDz+uhAT7uo0PPQ9r0R2lhgG1Jf3BmhWLxuEbXmcfeb5lVHdw
D4NoEsif73+yYIzd7JyhVGU9ecAKzq7jKxZ2ecm2Tw5jW1JK+5gORxQcmh7JAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUTD3S0hOjZe+JbqKgPkj1IZ7Nw3EwHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGADANBgkqhkiG9w0BAQsFAAOCAQEA
genS947+yeImF1Q47nFCGGSHTzwU5wxRNcG5roN6A7tFxQn6VpUJEsDudGuwiDEZ
BrhHPZWgcGJSPos8b7yUDdeXhya+IrcBZ0TVZJskFpQUGVmqiwXN2uWGGwN1Bokk
sI0rdDCDwzxwl+I0sHudmRoKdIjdC6J9M4JqmDy1c9Wxnme0/KIIf4hiZc1anRph
S29O24BiE1MWR0USgHgToX4aeICqIy9udnbDOMzQU1ySH3AtM695hIbY7RLfeVtK
NACRh0RTCTJgnvSJ275oy5q75VU6r8raaieVNzL50OXujqQQKUqaVEqfDBfFPPlc
Lj2vdilbI5f5GR7dx4tn4g==
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:21:59 2024 by rpki-client on console-fra.rpki-client.org