Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630613a3a2f34382d3438203d3e203530353535.roa
File:                     326131323a646434373a383630613a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier:          UUvAqv9dTkpD3vnCpeK0nyckqw5fsjh4xIE1BuffKT4=
Subject key identifier:   1E:4A:8C:78:37:7D:F0:E6:82:F3:9F:F0:0E:50:02:5A:E8:56:36:A4
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       3FC28223D446D04E658D03BE9D37F25B06BD49A8
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630613a3a2f34382d3438203d3e203530353535.roa
Signing time:             Mon 11 Mar 2024 07:12:34 +0000
ROA not before:           Mon 11 Mar 2024 07:07:34 +0000
ROA not after:            Mon 10 Mar 2025 07:12:34 +0000
asID:                     50555
IP address blocks:        2a12:dd47:860a::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:c2:82:23:d4:46:d0:4e:65:8d:03:be:9d:37:f2:5b:06:bd:49:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 11 07:07:34 2024 GMT
            Not After : Mar 10 07:12:34 2025 GMT
        Subject: CN=1E4A8C78377DF0E682F39FF00E50025AE85636A4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:51:d2:92:3b:d9:19:55:3f:bb:10:0a:20:7f:
                    37:f9:b9:24:ef:0d:e9:dd:b8:ed:fb:83:25:7f:29:
                    1e:8a:07:f4:20:cd:98:b8:cb:8b:7f:ea:79:47:bd:
                    e0:77:cb:38:ff:72:0f:65:81:8b:81:d1:cb:23:fc:
                    cf:ba:5c:48:c9:35:4b:fc:13:23:8f:57:ed:97:83:
                    b0:cd:b4:ee:59:56:5a:e1:bb:24:84:7e:92:79:0a:
                    e4:7c:96:98:19:59:f8:9e:e5:29:90:3a:76:d1:e4:
                    c4:6b:c6:f6:59:21:8e:77:45:72:4f:a5:e8:7c:72:
                    30:ec:85:78:f7:2d:e1:62:fc:4b:01:1b:d8:5d:3f:
                    ca:ee:36:f9:67:f4:58:b6:7e:a1:ee:aa:ba:72:d3:
                    3f:8c:29:d2:d4:7e:f4:79:2f:bb:53:4e:4c:b8:0c:
                    d0:34:70:de:60:90:50:6a:3d:bb:b6:0b:b3:4b:6d:
                    2d:6c:d6:a5:c3:6f:23:a8:9c:55:1b:17:74:37:dc:
                    f3:12:12:07:08:ec:2a:9d:46:41:2e:a7:e4:de:46:
                    31:87:0f:4a:92:ff:c0:ec:72:24:f7:ff:f2:e0:71:
                    7b:dc:50:4e:1a:56:89:21:da:0a:79:df:ff:e5:50:
                    7a:5f:a8:d2:ab:3d:ef:72:af:c2:03:d9:26:f7:55:
                    92:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:4A:8C:78:37:7D:F0:E6:82:F3:9F:F0:0E:50:02:5A:E8:56:36:A4
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630613a3a2f34382d3438203d3e203530353535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:860a::/48

    Signature Algorithm: sha256WithRSAEncryption
         31:9c:45:2b:16:49:9c:0e:89:1b:05:24:36:7c:05:42:52:d9:
         1b:8d:ec:41:f6:d0:ea:82:01:58:ec:38:6e:50:9d:f4:91:83:
         1e:15:db:8e:67:c3:58:f5:cc:7d:94:3b:97:69:5c:73:90:cd:
         fa:df:4c:b5:3b:74:36:bc:f0:a1:bb:22:e4:38:89:66:d5:ce:
         d1:99:be:ac:13:e6:4e:6f:ae:34:10:a2:83:96:9b:ee:02:7b:
         13:bc:91:ea:20:05:1b:33:6f:e4:f4:ce:e7:de:3b:8f:7f:ba:
         8d:54:3f:92:4e:33:d0:03:5c:82:d8:87:d7:c5:51:8a:da:30:
         bb:28:44:44:25:7f:65:c3:b1:ce:52:fd:64:bf:19:e7:30:ad:
         a0:f4:c3:d3:40:07:b1:a8:e2:93:93:26:d6:b8:e5:c8:11:06:
         c2:83:1d:9f:32:ed:83:a8:44:be:93:40:1c:d8:b9:62:0b:99:
         c3:ed:f3:7b:01:5e:6e:11:62:0f:2e:2f:45:4b:a6:74:ae:f9:
         9f:d0:2b:13:62:5b:a0:7d:32:c2:27:f6:39:05:44:ea:2c:72:
         8d:51:be:8e:a5:4b:ae:9a:eb:47:95:98:5b:07:f9:b3:20:b3:
         a0:39:0f:ef:25:e4:41:b6:74:4b:47:30:d5:c6:e6:8e:57:b8:
         c0:34:1e:90
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUP8KCI9RG0E5ljQO+nTfyWwa9SagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTEwNzA3MzRaFw0yNTAzMTAwNzEyMzRaMDMxMTAvBgNV
BAMTKDFFNEE4Qzc4Mzc3REYwRTY4MkYzOUZGMDBFNTAwMjVBRTg1NjM2QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMUdKSO9kZVT+7EAogfzf5uSTv
DenduO37gyV/KR6KB/QgzZi4y4t/6nlHveB3yzj/cg9lgYuB0csj/M+6XEjJNUv8
EyOPV+2Xg7DNtO5ZVlrhuySEfpJ5CuR8lpgZWfie5SmQOnbR5MRrxvZZIY53RXJP
peh8cjDshXj3LeFi/EsBG9hdP8ruNvln9Fi2fqHuqrpy0z+MKdLUfvR5L7tTTky4
DNA0cN5gkFBqPbu2C7NLbS1s1qXDbyOonFUbF3Q33PMSEgcI7CqdRkEup+TeRjGH
D0qS/8DsciT3//LgcXvcUE4aVokh2gp53//lUHpfqNKrPe9yr8ID2Sb3VZJbAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUHkqMeDd98OaC85/wDlACWuhWNqQwHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGCjANBgkqhkiG9w0BAQsFAAOCAQEA
MZxFKxZJnA6JGwUkNnwFQlLZG43sQfbQ6oIBWOw4blCd9JGDHhXbjmfDWPXMfZQ7
l2lcc5DN+t9MtTt0Nrzwobsi5DiJZtXO0Zm+rBPmTm+uNBCig5ab7gJ7E7yR6iAF
GzNv5PTO5947j3+6jVQ/kk4z0ANcgtiH18VRitowuyhERCV/ZcOxzlL9ZL8Z5zCt
oPTD00AHsajik5Mm1rjlyBEGwoMdnzLtg6hEvpNAHNi5YguZw+3zewFebhFiDy4v
RUumdK75n9ArE2JboH0ywif2OQVE6ixyjVG+jqVLrprrR5WYWwf5syCzoDkP7yXk
QbZ0S0cw1cbmjle4wDQekA==
-----END CERTIFICATE-----
Generated at Thu Oct 3 23:36:09 2024 by rpki-client on console-fra.rpki-client.org