Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630313a3a2f34382d3438203d3e203530353535.roa
File:                     326131323a646434373a383630313a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier:          xB9YMf9WLWlWJJykuB4jTj50Tz2/aBV24p0/bWTRB1I=
Subject key identifier:   36:EC:F6:6B:6F:C0:EA:BE:D2:0B:8E:60:2D:8C:B1:AE:AC:BA:B7:6C
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       5099F70869F4E5D8BC81B585117726EFEABC8A5A
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630313a3a2f34382d3438203d3e203530353535.roa
Signing time:             Mon 11 Mar 2024 07:12:25 +0000
ROA not before:           Mon 11 Mar 2024 07:07:25 +0000
ROA not after:            Mon 10 Mar 2025 07:12:25 +0000
asID:                     50555
IP address blocks:        2a12:dd47:8601::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:99:f7:08:69:f4:e5:d8:bc:81:b5:85:11:77:26:ef:ea:bc:8a:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 11 07:07:25 2024 GMT
            Not After : Mar 10 07:12:25 2025 GMT
        Subject: CN=36ECF66B6FC0EABED20B8E602D8CB1AEACBAB76C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:79:ce:30:4c:c5:a5:4d:8a:b4:c8:75:9b:68:
                    69:dd:9b:4a:3c:ad:f7:89:a3:58:16:ac:82:eb:40:
                    87:2c:76:42:bd:5b:59:0f:fa:e1:58:e4:4d:dd:e9:
                    85:23:e7:de:aa:21:f3:dd:b0:45:08:25:55:80:22:
                    8b:d7:f4:53:d4:bb:3f:02:05:fb:36:16:07:c3:9b:
                    f2:91:d7:e0:98:74:fc:92:c6:38:6f:0f:5e:b5:3b:
                    8f:ec:74:62:b3:fa:25:77:97:8b:95:eb:5e:30:d2:
                    da:04:62:9f:fb:83:75:ac:8e:59:0b:59:fc:2a:3f:
                    d1:5b:5c:55:65:68:08:fd:8e:ac:c4:ac:f5:f4:80:
                    ed:0f:7c:94:cb:81:29:ff:ba:5d:a5:3f:a7:d4:a2:
                    2c:13:45:9c:09:f2:87:33:cf:65:29:df:24:d6:a5:
                    ae:e2:e5:6d:fc:21:68:b7:a8:8c:a8:71:af:ee:9c:
                    6b:e4:a3:4f:37:c6:b3:d9:33:62:6a:03:d4:28:17:
                    cc:cb:5d:96:a7:5d:86:87:75:40:18:cf:77:84:36:
                    95:35:45:67:55:86:2d:64:e5:d9:8b:f5:a3:49:b4:
                    0e:8c:6e:a2:70:69:9e:ab:00:28:5c:33:8d:6b:fb:
                    63:92:6d:90:d4:0f:d4:1d:49:0b:00:ff:21:44:75:
                    f3:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:EC:F6:6B:6F:C0:EA:BE:D2:0B:8E:60:2D:8C:B1:AE:AC:BA:B7:6C
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630313a3a2f34382d3438203d3e203530353535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8601::/48

    Signature Algorithm: sha256WithRSAEncryption
         9d:82:6b:c0:ee:16:7d:06:df:a3:19:02:0a:72:b9:77:48:8d:
         0d:f3:da:86:1e:77:3a:ae:e4:d1:3a:eb:46:a7:6d:97:b8:eb:
         aa:77:88:00:1a:fa:6f:fd:68:30:5f:e4:46:5e:2a:6e:93:07:
         5b:6c:e0:50:f2:6f:3d:05:cf:80:9d:62:61:49:58:26:a5:ae:
         a5:06:14:b9:97:c6:ce:19:e1:86:12:a9:14:75:fc:32:bd:94:
         2c:c5:9f:7c:01:5d:e3:9d:9a:61:2d:ba:f3:82:73:71:a7:26:
         f6:77:49:c1:cc:4d:b8:f9:59:84:82:93:1c:29:e2:4d:7c:21:
         8c:96:3f:f8:a6:79:60:f2:bb:ec:ba:17:3a:76:5d:4c:b5:98:
         02:ee:fd:b0:ef:23:45:63:be:72:29:17:4b:ed:f3:70:95:fd:
         7f:b2:8f:bc:3d:11:04:77:12:ed:3c:86:41:57:40:a8:3c:14:
         06:75:8a:56:72:eb:74:08:64:c6:3c:67:31:11:d0:46:7b:0f:
         a9:13:6c:01:87:95:03:32:69:eb:73:d0:d1:c0:7c:6f:00:40:
         96:6d:05:b1:7e:97:2b:aa:b9:fe:ee:44:0c:4d:5d:2c:16:93:
         7f:3c:a5:60:1a:88:14:48:23:84:c9:cd:03:fd:03:44:8e:cd:
         83:59:67:1a
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUUJn3CGn05di8gbWFEXcm7+q8ilowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTEwNzA3MjVaFw0yNTAzMTAwNzEyMjVaMDMxMTAvBgNV
BAMTKDM2RUNGNjZCNkZDMEVBQkVEMjBCOEU2MDJEOENCMUFFQUNCQUI3NkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKec4wTMWlTYq0yHWbaGndm0o8
rfeJo1gWrILrQIcsdkK9W1kP+uFY5E3d6YUj596qIfPdsEUIJVWAIovX9FPUuz8C
Bfs2FgfDm/KR1+CYdPySxjhvD161O4/sdGKz+iV3l4uV614w0toEYp/7g3WsjlkL
WfwqP9FbXFVlaAj9jqzErPX0gO0PfJTLgSn/ul2lP6fUoiwTRZwJ8oczz2Up3yTW
pa7i5W38IWi3qIyoca/unGvko083xrPZM2JqA9QoF8zLXZanXYaHdUAYz3eENpU1
RWdVhi1k5dmL9aNJtA6MbqJwaZ6rAChcM41r+2OSbZDUD9QdSQsA/yFEdfPVAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUNuz2a2/A6r7SC45gLYyxrqy6t2wwHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGATANBgkqhkiG9w0BAQsFAAOCAQEA
nYJrwO4WfQbfoxkCCnK5d0iNDfPahh53Oq7k0TrrRqdtl7jrqneIABr6b/1oMF/k
Rl4qbpMHW2zgUPJvPQXPgJ1iYUlYJqWupQYUuZfGzhnhhhKpFHX8Mr2ULMWffAFd
452aYS2684Jzcacm9ndJwcxNuPlZhIKTHCniTXwhjJY/+KZ5YPK77LoXOnZdTLWY
Au79sO8jRWO+cikXS+3zcJX9f7KPvD0RBHcS7TyGQVdAqDwUBnWKVnLrdAhkxjxn
MRHQRnsPqRNsAYeVAzJp63PQ0cB8bwBAlm0FsX6XK6q5/u5EDE1dLBaTfzylYBqI
FEgjhMnNA/0DRI7Ng1lnGg==
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:21:59 2024 by rpki-client on console-fra.rpki-client.org