Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630363a3a2f34382d3438203d3e203530353535.roa
File:                     326131323a646434373a383630363a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier:          WhLiHVWIRrDdTM2/q/GOyUAgwW6kR1FOY914Re+OVhA=
Subject key identifier:   17:4C:A7:C3:C8:74:92:47:A3:E7:7A:A0:BA:95:34:75:26:89:EE:AB
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       3A3B2FACABF226BB43E54C5B9DF7C8AA5CC97228
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630363a3a2f34382d3438203d3e203530353535.roa
Signing time:             Mon 11 Mar 2024 07:12:25 +0000
ROA not before:           Mon 11 Mar 2024 07:07:25 +0000
ROA not after:            Mon 10 Mar 2025 07:12:25 +0000
asID:                     50555
IP address blocks:        2a12:dd47:8606::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:3b:2f:ac:ab:f2:26:bb:43:e5:4c:5b:9d:f7:c8:aa:5c:c9:72:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 11 07:07:25 2024 GMT
            Not After : Mar 10 07:12:25 2025 GMT
        Subject: CN=174CA7C3C8749247A3E77AA0BA9534752689EEAB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:75:00:31:e1:97:a3:a2:87:a0:a6:39:96:fb:
                    03:4d:1d:3f:af:1b:d4:09:c1:4a:8a:20:48:51:b0:
                    33:3b:9e:3b:66:b1:29:3c:19:31:a2:23:9c:a6:94:
                    ac:42:0b:44:a5:e8:0b:f2:93:65:23:88:12:06:b9:
                    df:b0:bd:f1:f6:cf:e9:df:07:15:46:f2:d6:29:34:
                    64:d9:80:39:af:9f:5e:ae:23:08:4c:66:26:a8:5e:
                    f5:7c:8f:1b:26:9a:d0:7b:a8:78:74:cb:13:84:ac:
                    19:cd:35:63:67:6b:38:a2:4c:94:df:ad:52:41:5e:
                    b8:b2:cf:f9:4a:f1:b0:dc:73:09:cf:df:78:f6:ab:
                    eb:71:a0:dd:ba:39:9c:bc:cf:53:20:50:31:aa:fe:
                    ee:6b:89:1d:6d:89:92:68:ce:e2:b5:d6:f3:c0:9c:
                    a9:ef:57:b2:8f:ce:8e:0f:40:a9:6e:e9:9b:d1:0f:
                    a8:de:a1:f3:81:2a:39:29:af:50:8e:ff:7b:3e:fc:
                    de:d6:a1:b1:de:5e:d8:76:36:2e:a8:5e:dd:7e:47:
                    53:96:0e:83:bb:94:41:d3:79:f8:d4:b8:9a:ae:fb:
                    55:8b:a9:84:d8:ee:81:13:75:a8:fa:b1:bd:9a:99:
                    00:f9:f1:3a:1e:ec:53:62:8d:b6:94:29:71:65:f0:
                    dc:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:4C:A7:C3:C8:74:92:47:A3:E7:7A:A0:BA:95:34:75:26:89:EE:AB
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630363a3a2f34382d3438203d3e203530353535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8606::/48

    Signature Algorithm: sha256WithRSAEncryption
         3e:27:4c:93:fb:54:9a:1c:91:7e:c8:68:24:8b:5a:55:84:a2:
         3e:bf:bc:3e:1e:27:d8:9d:c5:09:3b:60:75:73:da:7a:2f:dd:
         79:4d:b7:8a:15:cf:b0:b8:6d:88:b4:1c:57:50:f3:f7:6a:b7:
         96:38:94:dd:2b:80:bc:af:3e:5f:89:d2:49:d2:48:5d:d1:65:
         ae:89:5c:f3:c0:d1:92:a8:81:06:40:87:29:14:cb:69:e8:a3:
         ce:10:00:d8:50:a6:7b:6d:87:0e:df:58:d7:ad:61:01:f7:40:
         23:86:63:8a:f0:a0:a3:56:6b:f6:39:0f:e1:3e:ac:f4:eb:e5:
         99:91:5c:81:ed:c6:86:45:a9:f3:c9:6b:5c:8b:20:b5:db:06:
         c1:1f:fc:a5:7c:41:0f:34:1b:6e:8a:2f:5c:8d:bd:e5:64:ba:
         37:98:b5:11:51:4b:5f:59:e8:be:b4:a3:d6:5d:53:71:89:50:
         55:6f:51:55:86:cc:6b:34:e6:30:38:96:e6:e8:83:3b:3b:7b:
         3c:a4:38:40:6b:c1:b2:d0:b3:bd:af:6a:66:3c:dc:e1:f6:ff:
         04:0e:ea:83:61:fe:fb:09:4f:af:67:d7:57:fd:47:c6:05:19:
         c5:9b:b0:b4:d4:85:1f:ae:70:70:68:18:24:d0:af:de:3e:25:
         84:aa:49:d2
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUOjsvrKvyJrtD5UxbnffIqlzJcigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTEwNzA3MjVaFw0yNTAzMTAwNzEyMjVaMDMxMTAvBgNV
BAMTKDE3NENBN0MzQzg3NDkyNDdBM0U3N0FBMEJBOTUzNDc1MjY4OUVFQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsdQAx4ZejooegpjmW+wNNHT+v
G9QJwUqKIEhRsDM7njtmsSk8GTGiI5ymlKxCC0Sl6Avyk2UjiBIGud+wvfH2z+nf
BxVG8tYpNGTZgDmvn16uIwhMZiaoXvV8jxsmmtB7qHh0yxOErBnNNWNnaziiTJTf
rVJBXriyz/lK8bDccwnP33j2q+txoN26OZy8z1MgUDGq/u5riR1tiZJozuK11vPA
nKnvV7KPzo4PQKlu6ZvRD6jeofOBKjkpr1CO/3s+/N7WobHeXth2Ni6oXt1+R1OW
DoO7lEHTefjUuJqu+1WLqYTY7oETdaj6sb2amQD58Toe7FNijbaUKXFl8NxFAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUF0ynw8h0kkej53qgupU0dSaJ7qswHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDM2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGBjANBgkqhkiG9w0BAQsFAAOCAQEA
PidMk/tUmhyRfshoJItaVYSiPr+8Ph4n2J3FCTtgdXPaei/deU23ihXPsLhtiLQc
V1Dz92q3ljiU3SuAvK8+X4nSSdJIXdFlrolc88DRkqiBBkCHKRTLaeijzhAA2FCm
e22HDt9Y161hAfdAI4ZjivCgo1Zr9jkP4T6s9OvlmZFcge3GhkWp88lrXIsgtdsG
wR/8pXxBDzQbboovXI295WS6N5i1EVFLX1novrSj1l1TcYlQVW9RVYbMazTmMDiW
5uiDOzt7PKQ4QGvBstCzva9qZjzc4fb/BA7qg2H++wlPr2fXV/1HxgUZxZuwtNSF
H65wcGgYJNCv3j4lhKpJ0g==
-----END CERTIFICATE-----
Generated at Thu Oct 3 23:28:32 2024 by rpki-client on console-ams.rpki-client.org