Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/8ISgs_MVxd5JAOk2M2AML9b37uI.roa
File:                     8ISgs_MVxd5JAOk2M2AML9b37uI.roa (raw, json)
Hash identifier:          Qpv4gB5iTYpjfar4+hH5Zev52IdM5kXelIqnO9meyxE=
Subject key identifier:   F0:84:A0:B3:F3:15:C5:DE:49:00:E9:36:33:60:0C:2F:D6:F7:EE:E2
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       43B1
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/8ISgs_MVxd5JAOk2M2AML9b37uI.roa
Signing time:             Thu 24 Feb 2022 00:30:08 +0000
ROA not before:           Thu 24 Feb 2022 00:30:08 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     47065
IP address blocks:        147.28.3.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17329 (0x43b1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Feb 24 00:30:08 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=F084A0B3F315C5DE4900E93633600C2FD6F7EEE2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:71:5b:93:55:17:c9:3a:c0:ae:b0:8d:8b:68:
                    0e:ac:21:83:ca:9a:18:49:20:9d:d8:9f:51:a2:c2:
                    99:06:50:99:bf:2d:e5:be:62:08:71:79:e9:d3:78:
                    0c:70:12:e7:7f:48:ed:72:1a:7e:55:6d:2d:ce:56:
                    cd:05:12:48:7f:75:d5:a1:e8:34:22:67:77:0b:f8:
                    00:ff:2a:e6:34:6d:a8:db:93:40:d4:5e:39:8f:38:
                    11:95:da:65:d5:84:0b:88:12:70:70:40:ba:7d:65:
                    f6:e3:bc:54:af:b1:e9:cc:65:a7:bb:9c:08:13:d7:
                    0e:a7:62:38:7e:85:0e:a2:24:b5:72:3a:aa:aa:64:
                    09:fb:d2:54:88:fc:f7:01:5d:b1:21:10:15:56:3b:
                    3f:3d:60:aa:ba:27:2c:a8:bb:bb:da:e2:9f:03:a9:
                    1a:c5:20:f1:9d:0c:22:17:85:c8:91:55:24:bb:78:
                    a9:94:b0:d7:af:57:f5:ab:42:1b:9c:58:4f:8b:69:
                    ae:af:ef:d8:6b:73:a0:b8:31:58:cf:25:83:3d:df:
                    89:cb:c4:de:8f:58:fe:e5:86:a1:94:4f:62:24:a4:
                    e7:85:57:14:0c:de:da:d3:51:e6:0f:3a:46:69:cc:
                    d5:3e:bd:0a:c5:75:58:fe:f5:54:70:ca:ee:00:8f:
                    e4:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:84:A0:B3:F3:15:C5:DE:49:00:E9:36:33:60:0C:2F:D6:F7:EE:E2
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/8ISgs_MVxd5JAOk2M2AML9b37uI.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:7b:7b:c2:cc:c5:d3:fd:40:02:b4:1a:17:ba:46:52:2e:a3:
         ac:82:e1:ef:d7:2a:5b:8a:1d:58:01:3d:22:06:da:8a:fb:a5:
         0e:74:79:89:d0:b9:58:f4:a1:23:1b:d0:2c:17:bd:ca:5e:e0:
         e7:1e:ce:94:9b:fa:8c:f8:cb:a3:03:b0:88:82:b2:f1:2b:5e:
         aa:aa:34:0e:93:fc:af:e7:81:0f:86:ad:d5:5e:d3:ca:46:6c:
         0c:83:6e:f9:fd:ae:16:f0:7e:59:dc:f4:9f:c2:77:a4:3a:78:
         57:32:01:7d:87:9d:fb:25:65:67:64:d6:57:09:39:3f:99:4e:
         e7:cb:36:94:cc:ab:9e:82:92:30:9f:03:aa:8e:9f:eb:e8:14:
         02:dd:b5:32:51:76:03:32:6b:80:59:76:be:a0:0f:d0:07:85:
         6e:eb:ec:98:13:68:cc:4f:f4:c6:3b:c9:4b:6c:dc:d4:bd:20:
         fa:62:69:e6:db:20:e4:07:32:78:ee:27:23:97:e8:04:b1:34:
         8d:16:f3:91:ad:8c:6b:d7:e4:32:b6:8a:e7:7c:80:85:ea:27:
         81:42:ab:36:97:4f:0d:b9:8e:3c:a0:2a:5f:82:9c:aa:7e:96:
         a2:d5:4a:18:4b:b1:d9:ff:7f:4e:6c:90:5b:a6:bc:52:b3:8a:
         da:93:c1:5e
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ7EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjQw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEYwODRBMEIzRjMxNUM1
REU0OTAwRTkzNjMzNjAwQzJGRDZGN0VFRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCncVuTVRfJOsCusI2LaA6sIYPKmhhJIJ3Yn1GiwpkGUJm/LeW+
YghxeenTeAxwEud/SO1yGn5VbS3OVs0FEkh/ddWh6DQiZ3cL+AD/KuY0bajbk0DU
XjmPOBGV2mXVhAuIEnBwQLp9ZfbjvFSvsenMZae7nAgT1w6nYjh+hQ6iJLVyOqqq
ZAn70lSI/PcBXbEhEBVWOz89YKq6Jyyou7va4p8DqRrFIPGdDCIXhciRVSS7eKmU
sNevV/WrQhucWE+Laa6v79hrc6C4MVjPJYM934nLxN6PWP7lhqGUT2IkpOeFVxQM
3trTUeYPOkZpzNU+vQrFdVj+9VRwyu4Aj+RNAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQU8ISgs/MVxd5JAOk2M2AML9b37uIwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS84SVNnc19NVnhkNUpBT2syTTJBTUw5YjM3dUkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AGN7e8LMxdP9QAK0Ghe6RlIuo6yC4e/XKluKHVgBPSIG2or7pQ50eYnQuVj0oSMb
0CwXvcpe4OcezpSb+oz4y6MDsIiCsvErXqqqNA6T/K/ngQ+GrdVe08pGbAyDbvn9
rhbwflnc9J/Cd6Q6eFcyAX2HnfslZWdk1lcJOT+ZTufLNpTMq56CkjCfA6qOn+vo
FALdtTJRdgMya4BZdr6gD9AHhW7r7JgTaMxP9MY7yUts3NS9IPpiaebbIOQHMnju
JyOX6ASxNI0W85GtjGvX5DK2iud8gIXqJ4FCqzaXTw25jjygKl+CnKp+lqLVShhL
sdn/f05skFumvFKzitqTwV4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org