Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/IPHYTT-Gpz72hRKC03Sd73zlshA.roa
File:                     IPHYTT-Gpz72hRKC03Sd73zlshA.roa (raw, json)
Hash identifier:          yWoIoFtGtGIYharZByAMSuyTwqTFQmQKuWmm3/7MojE=
Subject key identifier:   20:F1:D8:4D:3F:86:A7:3E:F6:85:12:82:D3:74:9D:EF:7C:E5:B2:10
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       4341
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/IPHYTT-Gpz72hRKC03Sd73zlshA.roa
Signing time:             Wed 16 Feb 2022 00:30:07 +0000
ROA not before:           Wed 16 Feb 2022 00:30:07 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     47065
IP address blocks:        147.28.9.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17217 (0x4341)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Feb 16 00:30:07 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=20F1D84D3F86A73EF6851282D3749DEF7CE5B210
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:24:b6:ff:98:91:07:a9:fd:eb:91:bf:7b:93:
                    5e:38:c2:a7:ab:0c:6d:e3:4a:fc:d7:e1:07:14:8f:
                    ac:8f:ee:65:8b:a6:20:2f:e3:61:8f:90:b7:aa:40:
                    1a:09:db:4b:c5:b4:8a:7f:0a:d8:a4:25:d8:b4:f9:
                    77:56:a9:c4:9b:bf:cf:c4:27:10:fc:de:60:20:21:
                    28:37:ad:11:ca:6d:1a:6a:af:dc:17:ed:15:ad:3d:
                    d3:43:f6:75:7f:fc:3d:14:db:3a:db:e8:e5:36:42:
                    27:50:99:40:51:2c:21:80:64:8e:7a:fd:62:14:91:
                    a8:de:9b:a6:63:50:a9:de:16:b7:64:b1:32:60:cd:
                    27:ad:ff:8d:1b:f9:9f:37:03:c1:ea:2a:6f:a7:86:
                    4d:86:d0:19:f3:ed:16:19:f0:fa:1a:0f:67:6c:95:
                    fe:cb:87:cb:d8:78:30:03:4d:71:af:ad:63:e2:08:
                    5f:e8:9f:f9:c9:10:ee:da:58:f4:f4:32:66:d5:6e:
                    a5:3b:ec:9d:f3:9c:ff:bb:95:ff:2b:f2:0c:30:e9:
                    62:b2:a4:7d:4e:0a:b7:94:a3:96:bb:82:cf:a6:4b:
                    2a:2b:51:d7:43:f9:9c:e0:89:5d:88:65:8f:e2:08:
                    67:e7:66:54:0e:b9:50:72:12:fb:f0:31:51:3f:91:
                    86:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:F1:D8:4D:3F:86:A7:3E:F6:85:12:82:D3:74:9D:EF:7C:E5:B2:10
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/IPHYTT-Gpz72hRKC03Sd73zlshA.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:25:b8:4b:ed:97:6b:8c:de:f4:26:ad:12:1d:c2:7a:35:27:
         e1:db:5a:f7:4b:0a:68:94:5b:33:f7:45:c8:3d:18:f8:6d:d3:
         71:8e:5c:65:80:e6:d3:c2:63:35:9a:d9:1e:83:69:d0:22:1f:
         69:95:b4:ca:c6:b6:3d:c5:72:77:e2:e8:18:06:c2:be:b3:af:
         48:de:ab:08:aa:ef:0a:63:25:58:52:44:c0:d7:ae:84:a5:8d:
         8e:1f:d3:4b:67:c2:05:ec:72:24:62:05:8b:e1:d8:d0:5a:cc:
         12:e5:dc:94:18:7a:4a:78:93:66:7c:ca:76:db:1b:09:dd:b9:
         1d:04:37:f3:86:29:de:74:e4:86:44:54:19:a2:d5:78:73:7e:
         ec:ee:12:8f:f5:50:6a:06:81:57:f1:10:3f:ad:e5:8b:62:61:
         9f:4f:9d:7c:83:d7:27:e9:84:ff:e4:64:1b:67:6f:37:b9:7b:
         5f:b5:99:46:6a:7b:a0:2c:c2:95:eb:57:d0:de:36:99:41:cc:
         03:3b:96:09:be:0b:90:1a:61:e2:4e:e4:7c:25:b8:db:98:2a:
         09:4d:8c:be:e1:27:51:37:c2:0f:4d:9e:70:49:92:f5:22:fe:
         b2:cf:59:c8:3d:80:38:41:6c:49:03:04:3f:15:a7:fa:82:0c:
         56:f2:25:91
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ0EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTYw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDIwRjFEODREM0Y4NkE3
M0VGNjg1MTI4MkQzNzQ5REVGN0NFNUIyMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOJLb/mJEHqf3rkb97k144wqerDG3jSvzX4QcUj6yP7mWLpiAv
42GPkLeqQBoJ20vFtIp/CtikJdi0+XdWqcSbv8/EJxD83mAgISg3rRHKbRpqr9wX
7RWtPdND9nV//D0U2zrb6OU2QidQmUBRLCGAZI56/WIUkajem6ZjUKneFrdksTJg
zSet/40b+Z83A8HqKm+nhk2G0Bnz7RYZ8PoaD2dslf7Lh8vYeDADTXGvrWPiCF/o
n/nJEO7aWPT0MmbVbqU77J3znP+7lf8r8gww6WKypH1OCreUo5a7gs+mSyorUddD
+ZzgiV2IZY/iCGfnZlQOuVByEvvwMVE/kYZjAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUIPHYTT+Gpz72hRKC03Sd73zlshAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9JUEhZVFQtR3B6NzJoUktDMDNTZDczemxzaEEucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAkwDQYJKoZIhvcNAQELBQADggEB
AHcluEvtl2uM3vQmrRIdwno1J+HbWvdLCmiUWzP3Rcg9GPht03GOXGWA5tPCYzWa
2R6DadAiH2mVtMrGtj3Fcnfi6BgGwr6zr0jeqwiq7wpjJVhSRMDXroSljY4f00tn
wgXsciRiBYvh2NBazBLl3JQYekp4k2Z8ynbbGwnduR0EN/OGKd505IZEVBmi1Xhz
fuzuEo/1UGoGgVfxED+t5YtiYZ9PnXyD1yfphP/kZBtnbze5e1+1mUZqe6AswpXr
V9DeNplBzAM7lgm+C5AaYeJO5HwluNuYKglNjL7hJ1E3wg9NnnBJkvUi/rLPWcg9
gDhBbEkDBD8Vp/qCDFbyJZE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org