Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/NYJuv1mM4Zat7V1MH8MLjJdLlPg.roa
File:                     NYJuv1mM4Zat7V1MH8MLjJdLlPg.roa (raw, json)
Hash identifier:          epF14caTb9tVOyje2iqsBREN4gT2N2hYpuLs7kPDnk8=
Subject key identifier:   35:82:6E:BF:59:8C:E1:96:AD:ED:5D:4C:1F:C3:0B:8C:97:4B:94:F8
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       4388
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NYJuv1mM4Zat7V1MH8MLjJdLlPg.roa
Signing time:             Mon 21 Feb 2022 00:30:07 +0000
ROA not before:           Mon 21 Feb 2022 00:30:07 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     51224
IP address blocks:        147.28.3.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17288 (0x4388)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Feb 21 00:30:07 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=35826EBF598CE196ADED5D4C1FC30B8C974B94F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:7b:c8:16:4a:78:a8:d0:14:7e:be:ed:62:4f:
                    0c:b9:7d:04:9a:2c:b5:9a:ac:b4:75:21:39:28:2d:
                    48:99:2f:27:d4:5a:30:f7:45:df:d7:b9:99:30:c3:
                    4b:17:a0:f2:94:fa:d8:fe:82:e5:1c:9d:18:a8:09:
                    c1:d1:f1:ff:fa:0a:95:f2:aa:47:e2:40:ba:fe:54:
                    be:83:ca:57:13:5d:8f:2c:f0:15:13:2c:ce:36:08:
                    26:7e:d9:7c:a4:71:a2:da:3c:b5:c8:c7:2b:7f:81:
                    c4:b6:11:32:81:2b:f5:25:b9:69:53:f6:8d:16:ac:
                    aa:92:1e:fa:9a:44:10:41:4a:2b:8f:38:2c:e5:20:
                    96:53:37:16:b6:d7:fe:27:60:fc:e6:73:a7:4b:be:
                    ec:8c:80:d0:bd:42:20:86:b3:b1:6f:10:83:ca:c2:
                    e9:fc:d1:33:04:bd:2f:cc:b7:5e:f0:91:3a:f9:84:
                    07:33:ba:a5:e7:05:3e:4f:aa:21:09:95:2d:78:e5:
                    2f:20:7a:aa:56:28:7f:66:5b:dc:d1:15:4d:f4:b0:
                    fd:ad:c2:56:51:b3:de:ab:c6:2e:41:d2:b2:12:c8:
                    b3:62:63:41:a3:ad:b5:59:6a:34:35:f4:9d:45:13:
                    cc:c6:75:21:67:f7:14:43:49:e0:7a:88:c5:e6:45:
                    5b:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:82:6E:BF:59:8C:E1:96:AD:ED:5D:4C:1F:C3:0B:8C:97:4B:94:F8
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NYJuv1mM4Zat7V1MH8MLjJdLlPg.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:2e:a0:cf:22:c3:2c:9e:6f:1c:53:76:41:7e:d0:d0:15:c2:
         1f:e0:fc:9e:6b:cf:f9:76:52:24:d7:b4:ba:ca:cd:d1:03:41:
         0a:1b:e3:3f:fc:91:4c:b0:c5:a2:2e:45:8e:6a:56:7e:7a:a8:
         93:23:16:21:51:b9:55:e4:9e:83:3d:d6:04:94:52:58:e9:4b:
         25:db:3f:6d:6d:d9:29:1c:bd:7c:07:af:3a:f6:b7:d7:df:41:
         3c:40:30:bf:2d:a3:ae:6a:12:45:0a:4f:8b:a6:94:94:4b:73:
         1f:89:3f:a8:a0:9e:18:d0:ce:ff:fd:78:98:8a:a5:b9:13:d9:
         00:43:3c:b4:6f:73:31:5c:aa:ef:6d:a5:d5:a0:d4:ce:26:c9:
         45:92:8d:b4:a4:47:56:a9:4a:1c:de:b7:d8:56:d5:66:05:63:
         5b:fa:cf:7e:ea:bb:f8:6f:b8:46:bb:cd:9e:da:e3:4d:00:61:
         92:bc:53:6c:af:98:64:4e:5d:d2:fd:7c:1c:48:1d:c8:95:b1:
         db:f1:ff:ab:f2:0b:bd:1f:53:a4:5d:74:e7:c8:1e:67:60:f4:
         67:6d:8f:95:24:f3:f4:63:4b:b4:a6:aa:23:60:4b:12:ff:db:
         68:5c:5f:ff:9b:33:c6:7b:e9:e5:0e:65:a6:da:69:4c:cd:7a:
         32:64:36:24
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQ4gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMjEw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDM1ODI2RUJGNTk4Q0Ux
OTZBREVENUQ0QzFGQzMwQjhDOTc0Qjk0RjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJe8gWSnio0BR+vu1iTwy5fQSaLLWarLR1ITkoLUiZLyfUWjD3
Rd/XuZkww0sXoPKU+tj+guUcnRioCcHR8f/6CpXyqkfiQLr+VL6DylcTXY8s8BUT
LM42CCZ+2XykcaLaPLXIxyt/gcS2ETKBK/UluWlT9o0WrKqSHvqaRBBBSiuPOCzl
IJZTNxa21/4nYPzmc6dLvuyMgNC9QiCGs7FvEIPKwun80TMEvS/Mt17wkTr5hAcz
uqXnBT5PqiEJlS145S8geqpWKH9mW9zRFU30sP2twlZRs96rxi5B0rISyLNiY0Gj
rbVZajQ19J1FE8zGdSFn9xRDSeB6iMXmRVtzAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUNYJuv1mM4Zat7V1MH8MLjJdLlPgwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9OWUp1djFtTTRaYXQ3VjFNSDhNTGpKZExsUGcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AGsuoM8iwyyebxxTdkF+0NAVwh/g/J5rz/l2UiTXtLrKzdEDQQob4z/8kUywxaIu
RY5qVn56qJMjFiFRuVXknoM91gSUUljpSyXbP21t2SkcvXwHrzr2t9ffQTxAML8t
o65qEkUKT4umlJRLcx+JP6ignhjQzv/9eJiKpbkT2QBDPLRvczFcqu9tpdWg1M4m
yUWSjbSkR1apShzet9hW1WYFY1v6z37qu/hvuEa7zZ7a400AYZK8U2yvmGROXdL9
fBxIHciVsdvx/6vyC70fU6RddOfIHmdg9Gdtj5Uk8/RjS7SmqiNgSxL/22hcX/+b
M8Z76eUOZabaaUzNejJkNiQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org