Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/SeV-RA249XXkmuhwmqVAqmzdoos.roa
File:                     SeV-RA249XXkmuhwmqVAqmzdoos.roa (raw, json)
Hash identifier:          NjvdFKmraVlMJfgvzOt2dy+7dxHs7M+cmZ8bhlM7MuU=
Subject key identifier:   49:E5:7E:44:0D:B8:F5:75:E4:9A:E8:70:9A:A5:40:AA:6C:DD:A2:8B
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       4623
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/SeV-RA249XXkmuhwmqVAqmzdoos.roa
Signing time:             Sun 10 Apr 2022 00:30:11 +0000
ROA not before:           Sun 10 Apr 2022 00:30:11 +0000
ROA not after:            Sat 01 Apr 2023 22:21:14 +0000
asID:                     51224
IP address blocks:        147.28.3.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17955 (0x4623)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Apr 10 00:30:11 2022 GMT
            Not After : Apr  1 22:21:14 2023 GMT
        Subject: CN=49E57E440DB8F575E49AE8709AA540AA6CDDA28B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:fb:fd:96:9e:ee:29:f2:f3:80:ab:c5:30:c8:
                    c7:f7:06:22:ba:bf:99:72:77:ea:fa:c1:08:4e:bc:
                    fb:7f:c7:54:c4:88:6d:af:f2:0f:32:dc:19:f1:39:
                    43:9a:af:47:6b:df:09:69:58:6e:3d:6a:0e:23:32:
                    df:88:6d:b1:3d:92:7b:9a:57:c1:78:08:3e:ad:55:
                    c8:a3:a7:ab:88:e7:f2:75:0c:f3:1f:2f:d1:24:c1:
                    21:bf:3a:f5:ac:d8:79:29:88:fb:87:46:7c:c7:df:
                    6c:aa:e6:84:35:9f:4a:56:92:d2:c4:f5:be:ce:fe:
                    ec:51:09:44:1b:00:9f:81:17:83:d0:90:be:a2:2a:
                    ba:6b:f9:18:de:80:20:13:5f:5f:b8:37:ff:a6:22:
                    83:86:de:dd:5b:14:c5:5e:4a:66:fc:2b:07:77:33:
                    b8:18:6b:db:1c:2b:e5:f6:c6:bc:13:d4:f2:9f:55:
                    a5:c7:92:b8:09:11:9d:27:d5:ea:8a:a3:6d:25:bc:
                    c1:98:78:96:17:8e:53:b6:55:9b:2b:af:f5:7c:cd:
                    29:e1:81:53:21:39:02:e0:25:40:12:cc:da:1f:19:
                    4c:72:71:0a:70:be:ec:57:1c:a8:ea:a7:f1:a7:6c:
                    8c:da:67:59:fb:e8:bb:20:b2:f8:f6:53:da:8c:ca:
                    57:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:E5:7E:44:0D:B8:F5:75:E4:9A:E8:70:9A:A5:40:AA:6C:DD:A2:8B
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/SeV-RA249XXkmuhwmqVAqmzdoos.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:2e:9f:18:6d:18:0a:0e:a7:6f:f1:17:16:d7:fb:15:f2:f6:
         5c:27:c7:5f:b9:fb:01:e6:ad:aa:5c:c8:f6:5c:50:0f:63:21:
         38:14:86:50:91:4f:11:31:19:ea:41:9a:d8:4f:3a:88:06:4a:
         26:d7:cb:d1:84:e0:45:7f:32:99:d6:52:16:2d:84:41:07:23:
         d9:90:e0:11:b2:40:21:f6:66:d7:16:d0:b0:a3:11:2b:d4:c6:
         e3:bf:bd:3c:7c:c7:66:1e:8e:25:ba:47:5e:03:ed:3f:86:75:
         98:60:c4:c6:be:f0:78:1d:65:11:78:83:9d:87:34:90:da:e6:
         c0:3e:05:4c:ca:d3:a4:72:00:e9:8b:69:d1:e5:56:a8:f1:74:
         d2:d9:a0:89:47:86:a6:29:86:12:a9:0e:82:1e:a8:20:38:65:
         f4:8d:2e:7c:a0:31:eb:8b:5e:61:ec:ed:c6:43:ed:82:a8:b9:
         fa:32:7b:8a:40:31:21:61:1b:dc:e8:b5:22:a6:bb:cb:1b:98:
         06:e4:23:97:5f:a5:9a:44:5f:7c:2f:c9:99:80:e0:24:d2:1e:
         40:79:5f:fb:d4:25:38:a2:ea:57:ab:02:3b:1c:4c:f5:f1:ad:
         57:cd:d1:dc:51:31:eb:91:cd:d7:95:80:69:a0:24:70:62:ae:
         3e:88:3b:ca
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRiMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTAw
MDMwMTFaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDQ5RTU3RTQ0MERCOEY1
NzVFNDlBRTg3MDlBQTU0MEFBNkNEREEyOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH+/2Wnu4p8vOAq8UwyMf3BiK6v5lyd+r6wQhOvPt/x1TEiG2v
8g8y3BnxOUOar0dr3wlpWG49ag4jMt+IbbE9knuaV8F4CD6tVcijp6uI5/J1DPMf
L9EkwSG/OvWs2HkpiPuHRnzH32yq5oQ1n0pWktLE9b7O/uxRCUQbAJ+BF4PQkL6i
Krpr+RjegCATX1+4N/+mIoOG3t1bFMVeSmb8Kwd3M7gYa9scK+X2xrwT1PKfVaXH
krgJEZ0n1eqKo20lvMGYeJYXjlO2VZsrr/V8zSnhgVMhOQLgJUASzNofGUxycQpw
vuxXHKjqp/GnbIzaZ1n76Lsgsvj2U9qMyleBAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUSeV+RA249XXkmuhwmqVAqmzdooswHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9TZVYtUkEyNDlYWGttdWh3bXFWQXFtemRvb3Mucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
ACEunxhtGAoOp2/xFxbX+xXy9lwnx1+5+wHmrapcyPZcUA9jITgUhlCRTxExGepB
mthPOogGSibXy9GE4EV/MpnWUhYthEEHI9mQ4BGyQCH2ZtcW0LCjESvUxuO/vTx8
x2YejiW6R14D7T+GdZhgxMa+8HgdZRF4g52HNJDa5sA+BUzK06RyAOmLadHlVqjx
dNLZoIlHhqYphhKpDoIeqCA4ZfSNLnygMeuLXmHs7cZD7YKoufoye4pAMSFhG9zo
tSKmu8sbmAbkI5dfpZpEX3wvyZmA4CTSHkB5X/vUJTii6lerAjscTPXxrVfN0dxR
MeuRzdeVgGmgJHBirj6IO8o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org