Route Origin Authorization

$ rpki-client -vvf rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34372d3437203d3e20323131333231.roa
File:                     326130343a623930373a3a2f34372d3437203d3e20323131333231.roa (raw, json)
Hash identifier:          Lq39teJkQUoxkRoHaZie26pVPfuCHpWCWnFEpbaNv+8=
Subject key identifier:   26:AA:86:61:1C:03:05:09:D8:8E:93:56:BD:66:F6:8A:33:3A:76:37
Certificate issuer:       /CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
Certificate serial:       5035D952FE0BC2A5CB4A72300EA512217C2DD3B5
Authority key identifier: A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer
Subject info access:      rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34372d3437203d3e20323131333231.roa
Signing time:             Mon 27 May 2024 20:11:44 +0000
ROA not before:           Mon 27 May 2024 20:06:44 +0000
ROA not after:            Mon 26 May 2025 20:11:44 +0000
asID:                     211321
IP address blocks:        2a04:b907::/47 maxlen: 47

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:35:d9:52:fe:0b:c2:a5:cb:4a:72:30:0e:a5:12:21:7c:2d:d3:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a81eb3a5eb3df634551a90722bc63ad7e022cac4
        Validity
            Not Before: May 27 20:06:44 2024 GMT
            Not After : May 26 20:11:44 2025 GMT
        Subject: CN=26AA86611C030509D88E9356BD66F68A333A7637
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:e4:5c:c2:10:0c:af:80:20:1b:16:8f:8c:73:
                    ad:26:97:a5:95:ef:be:3a:fe:b9:66:cd:b6:b1:f9:
                    5f:1e:fe:c9:4f:6f:bb:d6:72:37:96:93:42:60:83:
                    2e:a0:c6:31:77:47:ab:94:f8:32:64:de:7d:06:04:
                    f8:8b:7b:da:33:cc:6d:75:a8:30:0e:c0:d9:8e:9e:
                    30:4b:6a:84:12:44:d0:ec:31:e6:fc:a2:c5:ae:67:
                    26:86:24:c0:ea:ae:ce:c6:61:42:6e:61:0b:6c:07:
                    b7:d1:dc:e4:71:d2:7e:7b:49:ac:e2:9a:17:31:06:
                    08:c8:27:12:c7:be:c6:aa:ca:be:52:53:c9:bc:34:
                    d6:ad:02:5b:b6:0f:3c:9c:31:1d:49:04:11:03:b3:
                    cb:99:39:cb:02:41:70:4d:9d:8e:df:c8:c8:7d:44:
                    38:22:f5:5d:8f:51:c3:1e:07:87:c6:87:ac:2d:1a:
                    42:7e:73:6e:53:48:7a:6d:71:86:30:b3:7d:d9:8d:
                    3b:ee:80:27:7c:01:90:10:4f:93:65:ea:17:8a:da:
                    68:9e:d7:52:e5:3f:37:99:0e:f7:cf:95:8e:b7:dd:
                    69:ed:dd:b0:84:80:16:6e:c4:86:04:94:fe:54:d6:
                    de:45:c2:3d:65:42:72:5e:19:ab:c7:94:33:83:49:
                    dd:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:AA:86:61:1C:03:05:09:D8:8E:93:56:BD:66:F6:8A:33:3A:76:37
            X509v3 Authority Key Identifier:
                keyid:A8:1E:B3:A5:EB:3D:F6:34:55:1A:90:72:2B:C6:3A:D7:E0:22:CA:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/A81EB3A5EB3DF634551A90722BC63AD7E022CAC4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qB6zpes99jRVGpByK8Y61-AiysQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.krill.cloud/repo/nlnetlabs/1/326130343a623930373a3a2f34372d3437203d3e20323131333231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:b907::/47

    Signature Algorithm: sha256WithRSAEncryption
         b8:aa:cb:00:76:55:7a:c2:5a:61:e1:b3:d1:92:18:8d:48:6c:
         24:c0:61:46:0a:94:50:ec:80:c9:0d:39:9d:da:49:17:5b:f3:
         95:d2:98:a5:d9:f7:2a:6c:1a:6d:40:98:d8:5c:4d:23:63:a5:
         df:45:ca:27:78:6a:fe:27:a9:50:a4:b4:07:f2:5a:f8:f3:ca:
         7b:de:47:9c:98:20:de:60:76:2e:3e:73:70:8d:5a:39:f8:76:
         ab:c9:58:2f:67:5e:80:2d:98:ee:c2:f6:7b:76:0a:83:e5:dc:
         82:d2:57:20:3a:2a:98:57:99:f1:ca:6c:6b:6a:3a:34:ec:07:
         c5:14:d5:de:26:75:54:8f:16:8a:9d:5c:dc:93:66:40:59:af:
         83:a5:46:b0:99:e7:01:21:cb:23:03:dc:76:d6:67:86:d0:c8:
         9b:9e:2c:50:12:41:c3:7d:ff:82:fa:43:3a:e9:23:4f:4d:d6:
         37:cd:7e:e9:5f:dc:8f:70:36:10:27:94:80:02:7a:5f:63:4b:
         2c:0d:0c:77:81:39:02:90:96:34:90:bc:85:dd:e6:46:1f:32:
         0c:e2:ce:6b:9f:5f:d6:24:35:db:55:ba:85:3a:01:3f:64:b8:
         42:3e:ce:11:ea:4a:04:2f:e3:0e:09:96:b1:96:83:34:62:ad:
         d7:20:85:75
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUUDXZUv4LwqXLSnIwDqUSIXwt07UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgxZWIzYTVlYjNkZjYzNDU1MWE5MDcyMmJjNjNhZDdl
MDIyY2FjNDAeFw0yNDA1MjcyMDA2NDRaFw0yNTA1MjYyMDExNDRaMDMxMTAvBgNV
BAMTKDI2QUE4NjYxMUMwMzA1MDlEODhFOTM1NkJENjZGNjhBMzMzQTc2MzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN5FzCEAyvgCAbFo+Mc60ml6WV
7746/rlmzbax+V8e/slPb7vWcjeWk0Jggy6gxjF3R6uU+DJk3n0GBPiLe9ozzG11
qDAOwNmOnjBLaoQSRNDsMeb8osWuZyaGJMDqrs7GYUJuYQtsB7fR3ORx0n57Sazi
mhcxBgjIJxLHvsaqyr5SU8m8NNatAlu2DzycMR1JBBEDs8uZOcsCQXBNnY7fyMh9
RDgi9V2PUcMeB4fGh6wtGkJ+c25TSHptcYYws33ZjTvugCd8AZAQT5Nl6heK2mie
11LlPzeZDvfPlY633Wnt3bCEgBZuxIYElP5U1t5Fwj1lQnJeGavHlDODSd3ZAgMB
AAGjggHmMIIB4jAdBgNVHQ4EFgQUJqqGYRwDBQnYjpNWvWb2ijM6djcwHwYDVR0j
BBgwFoAUqB6zpes99jRVGpByK8Y61+AiysQwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcnN5bmMua3JpbGwuY2xvdWQvcmVwby9ubG5l
dGxhYnMvMS9BODFFQjNBNUVCM0RGNjM0NTUxQTkwNzIyQkM2M0FEN0UwMjJDQUM0
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUI2enBlczk5alJWR3BCeUs4WTYx
LUFpeXNRLmNlcjCBgQYIKwYBBQUHAQsEdTBzMHEGCCsGAQUFBzALhmVyc3luYzov
L3JzeW5jLmtyaWxsLmNsb3VkL3JlcG8vbmxuZXRsYWJzLzEvMzI2MTMwMzQzYTYy
MzkzMDM3M2EzYTJmMzQzNzJkMzQzNzIwM2QzZTIwMzIzMTMxMzMzMjMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcBKgS5BwAAMA0GCSqGSIb3DQEBCwUAA4IBAQC4qssAdlV6wlph4bPRkhiN
SGwkwGFGCpRQ7IDJDTmd2kkXW/OV0pil2fcqbBptQJjYXE0jY6XfRconeGr+J6lQ
pLQH8lr488p73kecmCDeYHYuPnNwjVo5+HaryVgvZ16ALZjuwvZ7dgqD5dyC0lcg
OiqYV5nxymxrajo07AfFFNXeJnVUjxaKnVzck2ZAWa+DpUawmecBIcsjA9x21meG
0MibnixQEkHDff+C+kM66SNPTdY3zX7pX9yPcDYQJ5SAAnpfY0ssDQx3gTkCkJY0
kLyF3eZGHzIM4s5rn1/WJDXbVbqFOgE/ZLhCPs4R6koEL+MOCZaxloM0Yq3XIIV1
-----END CERTIFICATE-----
Generated at Mon Jun 10 14:02:08 2024 by rpki-client on console-fra.rpki-client.org