Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630633a3a2f34382d3438203d3e203530353535.roa
File:                     326131323a646434373a383630633a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier:          5jqra/OjEkdlCmNdY3X6oPmDKMUiE1/Q7yXAt6z6K6A=
Subject key identifier:   CE:6E:E9:49:18:5E:B8:D3:52:E7:7E:45:72:80:72:D0:B2:7A:47:C8
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       40B84E82A954EF8E1D7C7E63E8C97247B56D61D7
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630633a3a2f34382d3438203d3e203530353535.roa
Signing time:             Mon 11 Mar 2024 07:12:18 +0000
ROA not before:           Mon 11 Mar 2024 07:07:18 +0000
ROA not after:            Mon 10 Mar 2025 07:12:18 +0000
asID:                     50555
IP address blocks:        2a12:dd47:860c::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:b8:4e:82:a9:54:ef:8e:1d:7c:7e:63:e8:c9:72:47:b5:6d:61:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 11 07:07:18 2024 GMT
            Not After : Mar 10 07:12:18 2025 GMT
        Subject: CN=CE6EE949185EB8D352E77E45728072D0B27A47C8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4d:f2:18:75:0a:7f:cc:02:f9:07:9a:81:14:
                    70:90:23:86:73:5d:e2:de:18:ec:87:ee:ed:6a:6a:
                    3a:de:1a:5d:9e:ad:1e:7d:5e:b7:58:e5:d5:6f:47:
                    c0:47:eb:10:69:a8:28:da:7f:4d:0b:f8:70:6b:b7:
                    fa:87:1e:9a:09:c7:e7:eb:4e:2c:8d:84:b1:c8:14:
                    9b:de:8d:2e:0c:51:6f:cd:77:56:ea:8f:74:17:24:
                    34:0b:31:5b:ce:8a:0b:13:2e:3f:95:06:76:a9:03:
                    a7:ca:db:4a:3f:a8:c1:1f:2f:8f:18:fa:d6:f3:b3:
                    38:91:33:e8:04:fa:b5:67:dd:0b:53:64:f2:2a:90:
                    d7:27:e8:7c:e4:c5:03:61:c9:b6:62:53:d5:d1:ba:
                    bb:81:44:43:70:d0:e6:87:79:c6:51:65:e5:a2:d6:
                    72:ce:82:10:3f:30:f5:a7:db:b4:17:d6:85:5b:ec:
                    99:31:5b:8b:29:b2:05:1b:cf:0d:e9:bd:78:de:3d:
                    8d:17:39:55:4d:15:e0:16:0e:af:9a:65:fa:00:1e:
                    93:87:be:d6:84:a8:3e:ab:8e:53:6d:56:28:14:61:
                    ff:ed:fc:c4:2c:8a:6d:7d:72:47:68:25:c0:21:8a:
                    e5:f8:ef:aa:5d:8b:5c:a7:9a:3b:ff:9c:3a:87:2b:
                    45:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:6E:E9:49:18:5E:B8:D3:52:E7:7E:45:72:80:72:D0:B2:7A:47:C8
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630633a3a2f34382d3438203d3e203530353535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:860c::/48

    Signature Algorithm: sha256WithRSAEncryption
         5b:62:30:86:18:9c:a2:04:f1:9f:bf:32:09:fc:d5:4e:33:34:
         6c:8f:08:e3:18:9c:8c:a9:6a:d9:29:c8:9e:70:06:75:e5:70:
         58:d4:be:15:32:29:40:df:be:b6:17:a7:d3:a6:b5:5d:5d:0f:
         86:26:c8:10:16:dd:cf:fa:fa:74:fe:c9:88:2a:ca:17:df:4b:
         05:ba:06:56:3e:9d:d6:96:be:40:4d:dd:ec:b9:20:6d:99:c5:
         cc:d7:25:a6:39:f8:c6:e1:ec:8f:0b:0a:d4:47:07:76:9f:fa:
         de:91:74:5f:54:f8:77:d4:c7:25:ec:78:2e:c4:03:b1:79:40:
         5c:49:f9:53:a7:cf:4c:04:73:aa:b5:6e:9c:17:cc:81:2f:6b:
         ed:18:60:38:f8:e5:a0:1b:d3:13:7e:90:a5:3d:60:96:3c:92:
         92:f4:41:61:b3:ec:1b:0b:41:b8:93:6b:39:96:58:cd:b3:7b:
         db:56:5e:bc:02:2a:6a:40:68:b7:a9:bd:c6:16:3f:90:23:fb:
         d6:de:84:1e:a5:e0:b8:d5:d3:ce:86:20:56:b2:d9:33:c5:f6:
         09:79:02:e3:ee:85:cd:c6:25:52:0b:55:80:22:24:72:61:cd:
         64:be:7c:52:bb:82:bc:06:c2:80:9a:18:9e:b0:e0:83:50:a7:
         77:ab:1a:b0
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUQLhOgqlU744dfH5j6MlyR7VtYdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTEwNzA3MThaFw0yNTAzMTAwNzEyMThaMDMxMTAvBgNV
BAMTKENFNkVFOTQ5MTg1RUI4RDM1MkU3N0U0NTcyODA3MkQwQjI3QTQ3QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyTfIYdQp/zAL5B5qBFHCQI4Zz
XeLeGOyH7u1qajreGl2erR59XrdY5dVvR8BH6xBpqCjaf00L+HBrt/qHHpoJx+fr
TiyNhLHIFJvejS4MUW/Nd1bqj3QXJDQLMVvOigsTLj+VBnapA6fK20o/qMEfL48Y
+tbzsziRM+gE+rVn3QtTZPIqkNcn6HzkxQNhybZiU9XRuruBRENw0OaHecZRZeWi
1nLOghA/MPWn27QX1oVb7JkxW4spsgUbzw3pvXjePY0XOVVNFeAWDq+aZfoAHpOH
vtaEqD6rjlNtVigUYf/t/MQsim19ckdoJcAhiuX476pdi1ynmjv/nDqHK0XhAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUzm7pSRheuNNS535FcoBy0LJ6R8gwHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGDDANBgkqhkiG9w0BAQsFAAOCAQEA
W2IwhhicogTxn78yCfzVTjM0bI8I4xicjKlq2SnInnAGdeVwWNS+FTIpQN++then
06a1XV0PhibIEBbdz/r6dP7JiCrKF99LBboGVj6d1pa+QE3d7LkgbZnFzNclpjn4
xuHsjwsK1EcHdp/63pF0X1T4d9THJex4LsQDsXlAXEn5U6fPTARzqrVunBfMgS9r
7RhgOPjloBvTE36QpT1gljySkvRBYbPsGwtBuJNrOZZYzbN721ZevAIqakBot6m9
xhY/kCP71t6EHqXguNXTzoYgVrLZM8X2CXkC4+6FzcYlUgtVgCIkcmHNZL58UruC
vAbCgJoYnrDgg1Cnd6sasA==
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:04:34 2024 by rpki-client on console-ams.rpki-client.org