Route Origin Authorization

$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930343a3a2f34382d3438203d3e20323131333231.roa
File:                     326130343a623930343a3a2f34382d3438203d3e20323131333231.roa (raw, json)
Hash identifier:          3v7/sUja6QUO3xtJPkW6GXre1KLK7qvB7KPENWcSWhQ=
Subject key identifier:   44:B6:6B:73:99:D3:7D:56:7E:7F:07:11:6B:AF:05:C8:AE:EC:FB:B9
Certificate issuer:       /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial:       41A8AAB31CA93C966FFB984A53C99853AAA4213D
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access:      rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930343a3a2f34382d3438203d3e20323131333231.roa
Signing time:             Mon 27 May 2024 20:11:45 +0000
ROA not before:           Mon 27 May 2024 20:06:45 +0000
ROA not after:            Mon 26 May 2025 20:11:45 +0000
asID:                     211321
IP address blocks:        2a04:b904::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:a8:aa:b3:1c:a9:3c:96:6f:fb:98:4a:53:c9:98:53:aa:a4:21:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
        Validity
            Not Before: May 27 20:06:45 2024 GMT
            Not After : May 26 20:11:45 2025 GMT
        Subject: CN=44B66B7399D37D567E7F07116BAF05C8AEECFBB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:28:83:c7:f8:ca:77:28:96:91:8f:0f:e7:75:
                    32:5c:81:19:9c:4b:68:85:94:e2:fd:20:99:ef:e7:
                    fe:c5:c7:23:a0:1e:ea:36:fc:e1:4b:29:87:29:f3:
                    d4:93:69:b6:39:9f:0d:a5:3e:50:5e:d6:6b:54:33:
                    a8:3a:21:de:a4:38:7a:98:53:9b:81:2b:fc:89:a0:
                    b9:ea:10:2d:c3:d5:b7:c7:fd:93:21:c5:b2:ed:1f:
                    57:4a:2a:92:4e:1c:b2:a2:62:f3:39:03:87:98:6d:
                    1f:64:0b:53:99:7a:70:05:29:0e:a9:cf:a6:7a:18:
                    0d:ba:13:4d:cf:6e:f2:ab:06:2c:5b:aa:f7:28:ee:
                    9a:97:d7:2f:87:ec:c4:a8:0f:ae:ae:b0:4d:90:e6:
                    1c:29:17:32:f3:cc:35:01:93:15:b8:99:5f:24:2e:
                    7e:7f:06:84:fa:db:a8:ed:df:95:0f:86:80:a7:88:
                    0d:5e:bd:2d:ec:2a:79:90:30:de:15:79:25:e6:30:
                    a8:0b:8f:cf:e3:49:a6:a4:78:ed:12:3c:e3:ce:c4:
                    10:6f:ad:ed:fb:d2:d6:33:39:f9:0a:61:7c:04:54:
                    7a:e8:45:66:46:b1:81:9f:9c:52:bd:1f:d0:23:9d:
                    d1:72:8e:ad:61:4b:e9:46:24:42:28:8a:98:b4:67:
                    0e:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:B6:6B:73:99:D3:7D:56:7E:7F:07:11:6B:AF:05:C8:AE:EC:FB:B9
            X509v3 Authority Key Identifier:
                keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930343a3a2f34382d3438203d3e20323131333231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:b904::/48

    Signature Algorithm: sha256WithRSAEncryption
         5a:bc:82:20:bc:94:2e:48:48:f5:2b:d6:45:a8:a0:b9:d7:fe:
         e8:9a:22:c5:2a:22:db:23:d1:33:ed:18:1b:36:5c:e5:77:0d:
         6a:79:b5:00:73:08:69:07:d0:4d:d9:17:c4:54:bd:b1:5f:8e:
         3c:b8:17:db:9c:8f:53:52:60:31:18:72:4b:94:b6:0e:6e:60:
         0e:29:07:d1:43:bb:07:94:ae:90:b1:1e:7e:19:04:ab:77:c1:
         65:21:fc:e0:75:d0:d6:01:2a:98:e4:32:3a:82:a1:70:5e:94:
         c9:90:65:6d:b0:ab:4f:05:dc:5e:74:eb:6c:4d:52:eb:14:56:
         6f:a7:87:d9:a5:af:14:0c:ab:5b:c2:78:b2:b4:48:d7:4c:1c:
         a3:7d:12:04:10:be:83:ee:7b:4b:95:1e:79:51:7f:58:ea:2d:
         f3:3f:d5:5c:6f:8c:6f:21:8c:3d:32:38:c7:e3:19:7a:4c:f4:
         0e:72:99:e1:c9:04:4d:03:e5:f8:d3:e4:76:62:d6:89:ee:bb:
         d0:f6:1b:b8:09:91:57:bc:8c:52:0b:6d:2d:d8:cf:58:db:8c:
         04:00:d7:75:80:00:a5:4e:21:d2:14:07:88:f2:08:40:cc:ed:
         c7:63:72:79:05:67:70:7f:cb:96:e8:c0:cf:65:bc:a5:af:06:
         a1:f8:15:27
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUQaiqsxypPJZv+5hKU8mYU6qkIT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yNDA1MjcyMDA2NDVaFw0yNTA1MjYyMDExNDVaMDMxMTAvBgNV
BAMTKDQ0QjY2QjczOTlEMzdENTY3RTdGMDcxMTZCQUYwNUM4QUVFQ0ZCQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgKIPH+Mp3KJaRjw/ndTJcgRmc
S2iFlOL9IJnv5/7FxyOgHuo2/OFLKYcp89STabY5nw2lPlBe1mtUM6g6Id6kOHqY
U5uBK/yJoLnqEC3D1bfH/ZMhxbLtH1dKKpJOHLKiYvM5A4eYbR9kC1OZenAFKQ6p
z6Z6GA26E03PbvKrBixbqvco7pqX1y+H7MSoD66usE2Q5hwpFzLzzDUBkxW4mV8k
Ln5/BoT626jt35UPhoCniA1evS3sKnmQMN4VeSXmMKgLj8/jSaakeO0SPOPOxBBv
re370tYzOfkKYXwEVHroRWZGsYGfnFK9H9AjndFyjq1hS+lGJEIoipi0Zw7hAgMB
AAGjggHmMIIB4jAdBgNVHQ4EFgQURLZrc5nTfVZ+fwcRa68FyK7s+7kwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjCBgQYIKwYBBQUHAQsEdTBzMHEGCCsGAQUFBzALhmVyc3luYzov
L3JzeW5jLmtyaWxsLmNsb3VkL3JlcG8vbmxuZXRsYWJzLzEvMzI2MTMwMzQzYTYy
MzkzMDM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTMxMzMzMjMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgS5BAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBavIIgvJQuSEj1K9ZFqKC5
1/7omiLFKiLbI9Ez7RgbNlzldw1qebUAcwhpB9BN2RfEVL2xX448uBfbnI9TUmAx
GHJLlLYObmAOKQfRQ7sHlK6QsR5+GQSrd8FlIfzgddDWASqY5DI6gqFwXpTJkGVt
sKtPBdxedOtsTVLrFFZvp4fZpa8UDKtbwniytEjXTByjfRIEEL6D7ntLlR55UX9Y
6i3zP9Vcb4xvIYw9MjjH4xl6TPQOcpnhyQRNA+X40+R2YtaJ7rvQ9hu4CZFXvIxS
C20t2M9Y24wEANd1gAClTiHSFAeI8ghAzO3HY3J5BWdwf8uW6MDPZbylrwah+BUn
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:08 2024 by rpki-client on console-fra.rpki-client.org