Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/NoKBdl170mpTDWbZYDQu7VLIIeg.roa
File:                     NoKBdl170mpTDWbZYDQu7VLIIeg.roa (raw, json)
Hash identifier:          AWVwOhP6v4tXU35lNsDFe5rQzc7FPLVEPAoziMijr80=
Subject key identifier:   36:82:81:76:5D:7B:D2:6A:53:0D:66:D9:60:34:2E:ED:52:C8:21:E8
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       4525
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NoKBdl170mpTDWbZYDQu7VLIIeg.roa
Signing time:             Wed 23 Mar 2022 00:30:08 +0000
ROA not before:           Wed 23 Mar 2022 00:30:08 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     51224
IP address blocks:        147.28.13.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17701 (0x4525)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Mar 23 00:30:08 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=368281765D7BD26A530D66D960342EED52C821E8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d3:fd:90:0f:f4:09:d0:4a:92:32:9a:c6:77:
                    d2:48:41:5e:38:8a:e0:df:54:2d:9c:d5:47:4a:ae:
                    88:41:63:d6:e8:e3:9a:e7:81:88:ba:2f:6b:5d:22:
                    97:97:75:cc:22:b2:3f:b1:1d:57:f9:bb:5b:56:9e:
                    dd:36:c2:c4:cc:e8:8a:63:33:e5:13:03:c9:41:91:
                    73:55:27:5e:f3:b1:c4:5e:15:ed:a5:3c:d7:9a:0d:
                    cd:9c:4d:d1:b9:d7:06:19:b0:d6:3d:7d:0d:82:be:
                    bd:82:61:1b:a9:dd:ee:96:89:d5:70:c0:03:44:ec:
                    e5:fb:51:f8:66:f2:ab:b0:4b:02:21:4c:ab:63:03:
                    d1:1f:34:6d:46:2d:2f:0d:fb:4a:cd:db:91:3b:35:
                    96:6a:f3:a4:a9:78:a4:2a:c1:21:04:9c:f9:4e:3c:
                    9c:58:a8:38:41:13:02:17:a9:b1:29:43:cb:c0:94:
                    d3:e1:ca:6c:5e:26:e2:fc:81:2a:d6:15:bc:3a:5d:
                    82:52:46:9d:98:49:3c:84:a4:66:b4:dd:02:97:47:
                    ea:ce:10:aa:ec:cc:6d:31:81:f9:8e:c1:0a:ec:34:
                    f3:c5:6b:bb:3f:d9:69:63:a6:3e:ca:6f:9b:95:68:
                    0c:de:90:b0:c2:f5:87:94:11:58:8a:8d:f0:6b:fb:
                    77:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:82:81:76:5D:7B:D2:6A:53:0D:66:D9:60:34:2E:ED:52:C8:21:E8
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/NoKBdl170mpTDWbZYDQu7VLIIeg.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:95:92:d7:17:d1:aa:33:f2:71:2f:fb:31:cd:77:f7:67:b5:
         0f:2b:f9:17:cc:63:5e:ab:f3:99:e7:8b:4f:3d:60:07:cb:cc:
         ae:8f:2f:dd:77:fa:fa:cf:c8:99:e6:f6:39:e2:6a:f0:e1:fb:
         5d:bc:91:f0:26:89:94:6b:1a:75:f8:db:b8:0a:26:81:54:68:
         12:08:3d:d4:10:ad:23:0a:3c:ce:3c:fb:c3:a6:66:89:4b:0f:
         43:94:69:d5:88:20:2a:91:b4:9f:7b:a4:80:c0:ca:3b:bf:2f:
         dd:74:28:36:fb:fb:6f:54:22:4b:21:e8:93:6d:23:a9:8a:0f:
         8d:bc:e9:d7:14:bc:84:46:b5:17:1f:2e:dd:62:b0:34:a0:08:
         23:05:e1:8b:f1:2e:59:73:5b:12:fa:b4:f5:29:d8:b2:6a:9c:
         ed:a9:97:88:6e:2c:cd:ba:24:48:f0:40:60:4a:04:1b:6e:da:
         67:ce:1c:09:4f:bd:b4:70:cd:ad:ab:d8:bd:35:85:33:66:3c:
         48:8f:c8:e0:ec:00:12:c9:36:52:97:de:4b:4c:ba:32:e8:1d:
         6c:e0:7c:29:db:83:32:32:b1:2f:ef:d6:f6:ca:5b:e3:cd:74:
         ba:3e:30:00:f8:a4:e4:03:67:8a:ee:85:81:2d:26:62:51:87:
         b1:3f:7a:98
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRSUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjMw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDM2ODI4MTc2NUQ3QkQy
NkE1MzBENjZEOTYwMzQyRUVENTJDODIxRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt0/2QD/QJ0EqSMprGd9JIQV44iuDfVC2c1UdKrohBY9bo45rn
gYi6L2tdIpeXdcwisj+xHVf5u1tWnt02wsTM6IpjM+UTA8lBkXNVJ17zscReFe2l
PNeaDc2cTdG51wYZsNY9fQ2Cvr2CYRup3e6WidVwwANE7OX7Ufhm8quwSwIhTKtj
A9EfNG1GLS8N+0rN25E7NZZq86SpeKQqwSEEnPlOPJxYqDhBEwIXqbEpQ8vAlNPh
ymxeJuL8gSrWFbw6XYJSRp2YSTyEpGa03QKXR+rOEKrszG0xgfmOwQrsNPPFa7s/
2Wljpj7Kb5uVaAzekLDC9YeUEViKjfBr+3flAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUNoKBdl170mpTDWbZYDQu7VLIIegwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9Ob0tCZGwxNzBtcFREV2JaWURRdTdWTElJZWcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AIqVktcX0aoz8nEv+zHNd/dntQ8r+RfMY16r85nni089YAfLzK6PL913+vrPyJnm
9jniavDh+128kfAmiZRrGnX427gKJoFUaBIIPdQQrSMKPM48+8OmZolLD0OUadWI
ICqRtJ97pIDAyju/L910KDb7+29UIksh6JNtI6mKD4286dcUvIRGtRcfLt1isDSg
CCMF4YvxLllzWxL6tPUp2LJqnO2pl4huLM26JEjwQGBKBBtu2mfOHAlPvbRwza2r
2L01hTNmPEiPyODsABLJNlKX3ktMujLoHWzgfCnbgzIysS/v1vbKW+PNdLo+MAD4
pOQDZ4ruhYEtJmJRh7E/epg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org