Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/D5z7StUBydEALltDZQbY4QzHzBo.roa
File:                     D5z7StUBydEALltDZQbY4QzHzBo.roa (raw, json)
Hash identifier:          hmLPnT43BFNFyF+b1MAubSdEtVeJMRl7x9rgKYoZ/9o=
Subject key identifier:   0F:9C:FB:4A:D5:01:C9:D1:00:2E:5B:43:65:06:D8:E1:0C:C7:CC:1A
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       472B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/D5z7StUBydEALltDZQbY4QzHzBo.roa
Signing time:             Fri 29 Apr 2022 00:30:09 +0000
ROA not before:           Fri 29 Apr 2022 00:30:09 +0000
ROA not after:            Sat 01 Apr 2023 22:21:14 +0000
asID:                     47065
IP address blocks:        147.28.9.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18219 (0x472b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Apr 29 00:30:09 2022 GMT
            Not After : Apr  1 22:21:14 2023 GMT
        Subject: CN=0F9CFB4AD501C9D1002E5B436506D8E10CC7CC1A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:cd:b8:d0:9d:9b:cf:af:f7:02:ef:b0:7f:4f:
                    e6:a6:28:79:ac:5a:6d:e3:56:e7:5a:06:e6:33:ab:
                    d6:5a:90:1c:05:e2:10:52:77:70:38:bd:51:e8:a6:
                    15:23:36:3f:0b:aa:59:b8:0c:13:cb:48:26:9e:76:
                    67:57:b2:48:9b:78:69:13:99:f7:ae:be:cd:55:cd:
                    0e:61:01:f5:4a:13:2d:47:a9:78:1c:be:c1:7c:06:
                    d9:c4:06:a9:fc:74:c1:b8:a3:b0:d2:6c:09:fe:e8:
                    38:d9:9c:c3:e9:ae:09:81:3d:86:e7:c3:c4:b4:db:
                    2e:db:fc:90:dd:fc:12:4e:ca:49:58:db:6e:c1:11:
                    4b:8e:c6:f1:0c:18:c4:c1:29:61:d7:03:80:9f:ca:
                    da:aa:bc:2f:e9:87:cc:a3:e2:60:45:f3:51:27:d9:
                    e7:d7:34:1e:66:52:d9:df:a9:8d:55:5e:d3:c4:70:
                    9a:3a:b3:96:b0:c5:da:51:f9:ba:e8:79:a9:c6:a5:
                    bf:55:5f:f2:61:7d:9b:a4:00:b8:47:b9:2c:4f:3f:
                    dc:7f:29:ef:7a:f3:00:e3:00:81:bf:92:12:aa:c1:
                    49:94:20:25:78:62:8e:63:42:d6:4b:15:14:95:d7:
                    60:2e:ac:c3:cf:1d:23:41:13:17:5c:db:c9:98:e8:
                    13:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:9C:FB:4A:D5:01:C9:D1:00:2E:5B:43:65:06:D8:E1:0C:C7:CC:1A
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/D5z7StUBydEALltDZQbY4QzHzBo.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:e0:03:29:3b:bd:ff:cf:e1:68:69:4b:9c:7e:a2:8e:97:08:
         99:97:f2:c5:5f:44:05:db:b6:5a:84:77:f2:ba:6d:d1:5a:9c:
         bd:32:0f:cc:09:91:2a:09:00:37:58:fd:21:5a:8a:c5:b8:2f:
         b4:e2:7c:69:22:9d:e3:3a:ab:88:b4:ce:bb:22:8c:74:46:c9:
         ba:f5:51:d7:36:89:1d:4a:8b:2a:23:da:eb:89:eb:71:11:b1:
         fb:18:fc:74:d8:c4:b4:61:09:4e:58:0f:71:b0:d4:22:17:f7:
         16:dc:48:a4:83:b1:76:0e:6f:fd:cf:78:8a:ed:12:45:0d:49:
         9d:d1:d5:7b:58:c5:ec:1d:04:dd:44:f1:2a:68:d1:d1:0b:04:
         ec:80:90:b6:6e:02:33:93:ed:a9:33:c7:88:1d:d5:ba:95:7d:
         f6:4e:64:4b:9a:9f:74:64:39:27:7c:ad:3a:0f:74:0d:27:57:
         b6:89:c3:57:32:f6:5a:07:8d:96:bf:41:2f:c5:04:b9:f8:f6:
         0d:08:e5:9c:9a:69:28:de:fc:ca:b5:09:d6:b1:0e:a6:16:52:
         20:6a:41:95:9a:e9:d7:09:51:a6:e3:8b:6a:a8:a7:94:cc:3d:
         5f:ec:27:bf:37:71:2e:21:29:b1:aa:04:f7:09:e6:be:49:51:
         d2:6e:b1:05
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRyswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0Mjkw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDBGOUNGQjRBRDUwMUM5
RDEwMDJFNUI0MzY1MDZEOEUxMENDN0NDMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1zbjQnZvPr/cC77B/T+amKHmsWm3jVudaBuYzq9ZakBwF4hBS
d3A4vVHophUjNj8Lqlm4DBPLSCaedmdXskibeGkTmfeuvs1VzQ5hAfVKEy1HqXgc
vsF8BtnEBqn8dMG4o7DSbAn+6DjZnMPprgmBPYbnw8S02y7b/JDd/BJOyklY227B
EUuOxvEMGMTBKWHXA4CfytqqvC/ph8yj4mBF81En2efXNB5mUtnfqY1VXtPEcJo6
s5awxdpR+broeanGpb9VX/JhfZukALhHuSxPP9x/Ke968wDjAIG/khKqwUmUICV4
Yo5jQtZLFRSV12AurMPPHSNBExdc28mY6BM/AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUD5z7StUBydEALltDZQbY4QzHzBowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9ENXo3U3RVQnlkRUFMbHREWlFiWTRRekh6Qm8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AHrgAyk7vf/P4WhpS5x+oo6XCJmX8sVfRAXbtlqEd/K6bdFanL0yD8wJkSoJADdY
/SFaisW4L7TifGkineM6q4i0zrsijHRGybr1Udc2iR1Kiyoj2uuJ63ERsfsY/HTY
xLRhCU5YD3Gw1CIX9xbcSKSDsXYOb/3PeIrtEkUNSZ3R1XtYxewdBN1E8Spo0dEL
BOyAkLZuAjOT7akzx4gd1bqVffZOZEuan3RkOSd8rToPdA0nV7aJw1cy9loHjZa/
QS/FBLn49g0I5ZyaaSje/Mq1CdaxDqYWUiBqQZWa6dcJUabji2qop5TMPV/sJ783
cS4hKbGqBPcJ5r5JUdJusQU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org