Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/R6qtFharCcAu1dpmkqpSmEybXQo.roa
File:                     R6qtFharCcAu1dpmkqpSmEybXQo.roa (raw, json)
Hash identifier:          HQ2ZOCyn8Wt1FTvI/rgFIvene7SXhRLVwqnMohqvtUY=
Subject key identifier:   47:AA:AD:16:16:AB:09:C0:2E:D5:DA:66:92:AA:52:98:4C:9B:5D:0A
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       456B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/R6qtFharCcAu1dpmkqpSmEybXQo.roa
Signing time:             Mon 28 Mar 2022 00:30:11 +0000
ROA not before:           Mon 28 Mar 2022 00:30:11 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     47065
IP address blocks:        147.28.13.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17771 (0x456b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Mar 28 00:30:11 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=47AAAD1616AB09C02ED5DA6692AA52984C9B5D0A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:7d:e9:80:0d:e6:9d:bf:08:1b:b7:33:37:bf:
                    99:33:6c:a0:f2:df:e2:72:25:71:f0:8f:b3:4e:d6:
                    4c:26:93:ad:03:4c:30:71:4f:34:46:ae:53:f6:16:
                    63:1b:98:11:d2:24:28:c8:3d:40:36:31:b5:5c:29:
                    5a:8b:b7:64:e8:d5:86:9e:4c:01:55:e1:fa:9a:ac:
                    a2:dc:11:55:87:cc:1c:88:6e:d8:0e:e7:e6:6e:4b:
                    19:01:c6:41:61:f4:0b:28:8c:06:e6:16:b7:90:e1:
                    3a:78:61:0b:0e:3e:fa:cb:63:48:b4:90:0e:f0:98:
                    a4:03:e2:90:6e:48:23:bd:6b:3b:f8:a2:92:10:bd:
                    92:20:1e:d4:de:90:a5:2c:50:63:92:9a:35:6e:87:
                    e2:7c:ef:92:e6:23:c2:11:f6:be:b5:6a:bc:e3:21:
                    84:c3:ef:8a:37:9b:d6:b8:2d:bb:15:ba:ce:05:db:
                    b7:1a:98:1c:5b:32:5b:d5:5a:03:b2:55:11:2c:62:
                    18:4c:6f:ad:a5:11:90:83:5a:0e:b5:04:06:f4:a5:
                    09:c0:19:66:f8:8f:8b:0e:12:61:df:bd:2a:2f:26:
                    f3:32:f3:ed:64:ce:98:1e:48:b6:06:65:0d:c2:43:
                    25:79:da:67:ed:bf:2f:e8:6f:e7:00:52:fc:7e:4e:
                    df:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:AA:AD:16:16:AB:09:C0:2E:D5:DA:66:92:AA:52:98:4C:9B:5D:0A
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/R6qtFharCcAu1dpmkqpSmEybXQo.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:7f:fb:4f:35:96:99:95:de:90:82:58:09:e6:5b:61:f9:2a:
         f7:53:33:a3:3d:14:40:b2:c8:30:f7:49:8b:d2:4c:21:55:0d:
         bd:8a:25:96:57:2b:77:f6:a7:3f:f7:bd:4d:29:4a:f9:1c:c3:
         64:fa:78:f3:28:28:7e:2c:9e:fc:cc:2e:25:1c:2b:bd:66:ca:
         d0:38:7b:7a:ae:91:27:13:c1:65:7c:02:a0:c4:a1:70:b6:bf:
         56:9d:5c:67:ec:63:c2:c7:dc:b8:e3:65:28:c9:3a:63:84:1b:
         e2:3b:ce:83:5e:19:be:46:af:ec:d0:5e:5b:3d:13:71:51:11:
         34:8e:5e:4f:c9:83:95:cd:81:bd:bb:e4:57:11:07:7e:b6:63:
         8e:5e:12:a9:c2:37:a4:e7:24:91:24:ff:30:cf:7e:8c:bc:69:
         99:4f:a9:e6:aa:8a:1b:6a:10:e3:2c:c0:e0:18:ab:2b:7b:c5:
         02:6f:11:47:a5:cd:25:98:63:ba:b1:03:0f:9e:22:cd:70:5f:
         de:c9:98:e2:77:df:79:ca:e5:21:cf:6e:09:51:b5:7a:cb:6b:
         a3:fc:05:a4:b6:5e:47:c0:ac:ed:1c:57:c8:55:98:32:a2:e7:
         93:07:67:7c:fc:67:e7:39:2f:9d:df:60:ed:17:e1:47:07:6e:
         13:55:e3:4c
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRWswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjgw
MDMwMTFaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDQ3QUFBRDE2MTZBQjA5
QzAyRUQ1REE2NjkyQUE1Mjk4NEM5QjVEMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSfemADeadvwgbtzM3v5kzbKDy3+JyJXHwj7NO1kwmk60DTDBx
TzRGrlP2FmMbmBHSJCjIPUA2MbVcKVqLt2To1YaeTAFV4fqarKLcEVWHzByIbtgO
5+ZuSxkBxkFh9AsojAbmFreQ4Tp4YQsOPvrLY0i0kA7wmKQD4pBuSCO9azv4opIQ
vZIgHtTekKUsUGOSmjVuh+J875LmI8IR9r61arzjIYTD74o3m9a4LbsVus4F27ca
mBxbMlvVWgOyVREsYhhMb62lEZCDWg61BAb0pQnAGWb4j4sOEmHfvSovJvMy8+1k
zpgeSLYGZQ3CQyV52mftvy/ob+cAUvx+Tt8pAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUR6qtFharCcAu1dpmkqpSmEybXQowHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9SNnF0RmhhckNjQXUxZHBta3FwU21FeWJYUW8ucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
AEZ/+081lpmV3pCCWAnmW2H5KvdTM6M9FECyyDD3SYvSTCFVDb2KJZZXK3f2pz/3
vU0pSvkcw2T6ePMoKH4snvzMLiUcK71mytA4e3qukScTwWV8AqDEoXC2v1adXGfs
Y8LH3LjjZSjJOmOEG+I7zoNeGb5Gr+zQXls9E3FRETSOXk/Jg5XNgb275FcRB362
Y45eEqnCN6TnJJEk/zDPfoy8aZlPqeaqihtqEOMswOAYqyt7xQJvEUelzSWYY7qx
Aw+eIs1wX97JmOJ333nK5SHPbglRtXrLa6P8BaS2XkfArO0cV8hVmDKi55MHZ3z8
Z+c5L53fYO0X4UcHbhNV40w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org