Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/IN69mWSBm3OrDKid04jvHUAPSdc.roa
File:                     IN69mWSBm3OrDKid04jvHUAPSdc.roa (raw, json)
Hash identifier:          a/o0zmKJabTYwdW/rev6KYxTjMI21dlSDWiM/Fxfz3w=
Subject key identifier:   20:DE:BD:99:64:81:9B:73:AB:0C:A8:9D:D3:88:EF:1D:40:0F:49:D7
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       44D1
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/IN69mWSBm3OrDKid04jvHUAPSdc.roa
Signing time:             Thu 17 Mar 2022 00:30:10 +0000
ROA not before:           Thu 17 Mar 2022 00:30:10 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     51224
IP address blocks:        147.28.3.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17617 (0x44d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Mar 17 00:30:10 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=20DEBD9964819B73AB0CA89DD388EF1D400F49D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:68:77:36:6c:51:e5:2a:f3:1f:69:52:38:23:
                    89:58:d9:ea:c6:c1:c8:46:ca:ca:60:9b:d8:c2:96:
                    33:72:55:64:8d:c5:1e:4b:84:e3:b4:3b:dc:d0:a9:
                    54:0f:5b:6f:b8:7f:64:3c:2a:88:09:d6:0d:e9:eb:
                    8c:8b:42:31:55:bc:53:0f:a8:e9:3b:ed:75:a7:b8:
                    18:e6:24:ec:e2:41:70:19:9c:eb:7e:c5:e0:6b:70:
                    2c:72:4b:65:0b:bb:af:22:88:1d:77:c4:f3:76:b7:
                    63:4c:5c:83:22:46:a3:da:5f:e0:b4:95:42:45:58:
                    c7:00:aa:33:51:fd:d6:e4:ce:2a:3e:96:42:f7:c0:
                    91:d4:83:ba:7d:c2:48:48:5c:16:5d:ff:c4:11:ce:
                    e5:2d:6f:3d:fd:54:46:a6:10:5d:1f:1e:30:c7:3f:
                    06:ba:6c:79:4f:2c:3e:42:79:57:d6:d2:7e:21:36:
                    cb:85:62:cb:52:65:02:ab:3d:3d:69:b2:d6:ff:42:
                    10:a2:97:01:82:37:1b:84:e1:52:ed:7d:18:17:fc:
                    47:a6:d8:9f:11:47:5f:55:8d:1d:b3:db:7e:6e:eb:
                    33:89:52:13:58:c9:ef:83:a0:42:83:b2:a2:85:23:
                    95:84:f0:9c:04:02:4e:8e:f8:3c:40:50:06:35:54:
                    8f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:DE:BD:99:64:81:9B:73:AB:0C:A8:9D:D3:88:EF:1D:40:0F:49:D7
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/IN69mWSBm3OrDKid04jvHUAPSdc.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:12:2c:e0:44:f9:d4:78:d3:11:3b:33:56:3e:af:dd:ff:52:
         cf:4f:3c:34:e7:c8:ed:36:ae:a8:ef:27:7e:c3:f7:25:72:ad:
         6c:59:9b:52:19:32:cb:f8:c6:13:d1:7e:3f:54:8a:29:86:23:
         55:df:c0:b0:c0:b5:0f:f2:95:e9:a2:b2:50:7f:06:48:41:3e:
         21:88:f7:cb:2b:f4:0f:a2:f6:5a:c7:18:93:bd:d4:e5:87:1c:
         7c:05:3c:7c:02:8c:26:0b:54:f1:63:25:12:78:9f:ba:b7:4c:
         4f:a4:18:2e:a6:73:72:c3:6a:a4:43:b0:bf:fd:fc:d9:8c:1b:
         80:cc:8a:50:88:c1:e3:3d:5a:71:d9:cd:74:c7:5b:6b:b7:71:
         37:78:3d:74:35:0b:60:22:4b:35:b7:86:e4:c4:37:6f:a7:aa:
         c7:40:e6:da:6a:20:fa:48:cf:34:1d:d3:a4:15:b3:ea:ac:25:
         da:5f:9f:c9:ad:f7:5f:e6:05:1e:82:0e:d0:ad:90:a0:71:02:
         85:ab:6d:30:aa:3f:d5:43:0c:1a:81:9e:a0:8d:4c:90:4f:fb:
         c7:b9:f4:a4:5e:36:f0:9a:0d:07:2e:71:15:85:8c:6f:46:10:
         cb:39:25:a1:d7:b2:0e:4e:33:17:26:02:8c:c9:d0:32:78:e4:
         f1:b6:f5:bc
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRNEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTcw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDIwREVCRDk5NjQ4MTlC
NzNBQjBDQTg5REQzODhFRjFENDAwRjQ5RDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDaHc2bFHlKvMfaVI4I4lY2erGwchGyspgm9jCljNyVWSNxR5L
hOO0O9zQqVQPW2+4f2Q8KogJ1g3p64yLQjFVvFMPqOk77XWnuBjmJOziQXAZnOt+
xeBrcCxyS2ULu68iiB13xPN2t2NMXIMiRqPaX+C0lUJFWMcAqjNR/dbkzio+lkL3
wJHUg7p9wkhIXBZd/8QRzuUtbz39VEamEF0fHjDHPwa6bHlPLD5CeVfW0n4hNsuF
YstSZQKrPT1pstb/QhCilwGCNxuE4VLtfRgX/Eem2J8RR19VjR2z235u6zOJUhNY
ye+DoEKDsqKFI5WE8JwEAk6O+DxAUAY1VI8PAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUIN69mWSBm3OrDKid04jvHUAPSdcwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9JTjY5bVdTQm0zT3JES2lkMDRqdkhVQVBTZGMucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AEESLOBE+dR40xE7M1Y+r93/Us9PPDTnyO02rqjvJ37D9yVyrWxZm1IZMsv4xhPR
fj9UiimGI1XfwLDAtQ/ylemislB/BkhBPiGI98sr9A+i9lrHGJO91OWHHHwFPHwC
jCYLVPFjJRJ4n7q3TE+kGC6mc3LDaqRDsL/9/NmMG4DMilCIweM9WnHZzXTHW2u3
cTd4PXQ1C2AiSzW3huTEN2+nqsdA5tpqIPpIzzQd06QVs+qsJdpfn8mt91/mBR6C
DtCtkKBxAoWrbTCqP9VDDBqBnqCNTJBP+8e59KReNvCaDQcucRWFjG9GEMs5JaHX
sg5OMxcmAozJ0DJ45PG29bw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org