Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630393a3a2f34382d3438203d3e203530353535.roa
File:                     326131323a646434373a383630393a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier:          1rnTFeDfRItQJKSerIoroO/PmIgosaC04bWnM0thBoA=
Subject key identifier:   22:99:DF:0A:E2:A4:93:C7:DB:61:63:E2:17:01:FB:40:68:13:69:AF
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       620E6243DFFA5B4103B72B75D5CDBD3E2A3A9E47
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630393a3a2f34382d3438203d3e203530353535.roa
Signing time:             Mon 11 Mar 2024 07:12:30 +0000
ROA not before:           Mon 11 Mar 2024 07:07:30 +0000
ROA not after:            Mon 10 Mar 2025 07:12:30 +0000
asID:                     50555
IP address blocks:        2a12:dd47:8609::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:0e:62:43:df:fa:5b:41:03:b7:2b:75:d5:cd:bd:3e:2a:3a:9e:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 11 07:07:30 2024 GMT
            Not After : Mar 10 07:12:30 2025 GMT
        Subject: CN=2299DF0AE2A493C7DB6163E21701FB40681369AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:56:2b:69:b0:61:e2:28:fc:f5:02:3c:97:da:
                    c1:eb:71:3f:e2:be:eb:27:a8:39:9f:8a:a3:09:29:
                    d6:27:fc:05:9d:40:5b:db:25:93:20:3b:57:8b:9f:
                    67:7a:6f:09:b3:95:18:04:96:73:d0:5a:b5:3b:42:
                    b4:ce:12:4d:c4:59:27:9c:af:6c:c7:df:b2:51:ca:
                    d2:59:7c:cf:9d:ac:0a:ad:21:fd:05:88:46:97:79:
                    be:67:c8:1b:56:8b:7e:f8:84:01:7e:21:3e:e2:7e:
                    4d:5f:cf:3c:65:c2:65:a7:2e:bc:cb:05:ab:e1:05:
                    e3:c2:5c:cf:6b:f3:cf:b3:20:10:ac:bb:41:17:a1:
                    63:e4:81:06:bc:1b:98:0b:92:69:c9:90:0e:d9:8f:
                    c3:80:68:1f:46:ff:b4:f8:a8:2a:03:41:01:ce:2b:
                    d4:12:45:1e:f1:b4:38:d3:8f:95:13:8e:a8:e4:14:
                    e9:35:b2:41:aa:bd:1f:f5:d9:c1:9c:51:c5:79:9e:
                    8d:da:5d:6f:f5:55:32:4d:cf:85:da:a0:ee:7b:e2:
                    bc:c4:d0:60:94:1d:da:b1:26:de:21:3b:4c:09:0a:
                    1c:2a:f0:eb:3c:60:c5:02:98:73:a8:cf:2d:35:65:
                    e1:97:ab:be:94:f4:ee:00:da:ee:82:ec:77:38:9a:
                    4b:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:99:DF:0A:E2:A4:93:C7:DB:61:63:E2:17:01:FB:40:68:13:69:AF
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630393a3a2f34382d3438203d3e203530353535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8609::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:88:8a:e9:94:1f:75:eb:db:c6:d9:b8:4d:13:e6:a3:36:5a:
         05:43:4d:81:16:1f:cd:4b:df:8b:a6:bb:a6:92:2f:d9:2f:97:
         e9:44:13:81:cf:96:ce:4f:8a:83:86:f0:6b:9f:d6:90:85:a8:
         8f:8a:07:4c:f3:fe:b3:fd:7c:04:d4:87:cf:df:d6:c0:10:8b:
         bf:15:e4:e0:09:0a:6f:11:a3:a9:32:25:27:83:34:fe:1f:61:
         0a:d0:6e:f1:88:dd:fc:3d:cd:51:a1:49:f0:dc:38:e7:b8:94:
         eb:f4:a5:0c:d9:8d:a1:d8:02:3c:13:79:c7:d8:47:ec:47:fa:
         cb:6d:ce:c7:e6:ff:bd:94:14:14:31:7f:7a:d0:f9:da:c9:7e:
         2f:ff:ef:2f:c1:c3:e9:fd:0f:48:12:bd:df:b9:c1:49:a9:e3:
         05:98:9b:02:00:b3:34:40:d9:14:99:7d:e1:51:31:93:6a:76:
         f9:df:79:4d:4a:d9:b3:a1:31:d2:e2:f2:f8:5a:0e:a1:10:86:
         cf:dd:c2:bd:d5:cb:dd:5a:b9:88:6e:a2:1c:f0:b4:ed:76:4c:
         37:45:5d:08:e7:af:01:63:ef:0f:69:32:09:8a:91:f9:66:25:
         19:6d:55:96:78:43:22:3e:52:3a:13:39:c0:63:9a:aa:73:9b:
         c9:d2:47:aa
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUYg5iQ9/6W0EDtyt11c29Pio6nkcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTEwNzA3MzBaFw0yNTAzMTAwNzEyMzBaMDMxMTAvBgNV
BAMTKDIyOTlERjBBRTJBNDkzQzdEQjYxNjNFMjE3MDFGQjQwNjgxMzY5QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7VitpsGHiKPz1AjyX2sHrcT/i
vusnqDmfiqMJKdYn/AWdQFvbJZMgO1eLn2d6bwmzlRgElnPQWrU7QrTOEk3EWSec
r2zH37JRytJZfM+drAqtIf0FiEaXeb5nyBtWi374hAF+IT7ifk1fzzxlwmWnLrzL
BavhBePCXM9r88+zIBCsu0EXoWPkgQa8G5gLkmnJkA7Zj8OAaB9G/7T4qCoDQQHO
K9QSRR7xtDjTj5UTjqjkFOk1skGqvR/12cGcUcV5no3aXW/1VTJNz4XaoO574rzE
0GCUHdqxJt4hO0wJChwq8Os8YMUCmHOozy01ZeGXq76U9O4A2u6C7Hc4mktfAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUIpnfCuKkk8fbYWPiFwH7QGgTaa8wHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGCTANBgkqhkiG9w0BAQsFAAOCAQEA
poiK6ZQfdevbxtm4TRPmozZaBUNNgRYfzUvfi6a7ppIv2S+X6UQTgc+Wzk+Kg4bw
a5/WkIWoj4oHTPP+s/18BNSHz9/WwBCLvxXk4AkKbxGjqTIlJ4M0/h9hCtBu8Yjd
/D3NUaFJ8Nw457iU6/SlDNmNodgCPBN5x9hH7Ef6y23Ox+b/vZQUFDF/etD52sl+
L//vL8HD6f0PSBK937nBSanjBZibAgCzNEDZFJl94VExk2p2+d95TUrZs6Ex0uLy
+FoOoRCGz93CvdXL3Vq5iG6iHPC07XZMN0VdCOevAWPvD2kyCYqR+WYlGW1VlnhD
Ij5SOhM5wGOaqnObydJHqg==
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:21:59 2024 by rpki-client on console-fra.rpki-client.org