Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/fQ8qVpS5lcJJYGXCZqIIYKQPMwY.roa
File:                     fQ8qVpS5lcJJYGXCZqIIYKQPMwY.roa (raw, json)
Hash identifier:          iWnzrt4tY1qNMns+iRrg6agNoAnzMUmqnZnv9XBrY0c=
Subject key identifier:   7D:0F:2A:56:94:B9:95:C2:49:60:65:C2:66:A2:08:60:A4:0F:33:06
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       4685
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/fQ8qVpS5lcJJYGXCZqIIYKQPMwY.roa
Signing time:             Sun 17 Apr 2022 00:30:09 +0000
ROA not before:           Sun 17 Apr 2022 00:30:09 +0000
ROA not after:            Sat 01 Apr 2023 22:21:14 +0000
asID:                     47065
IP address blocks:        147.28.3.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18053 (0x4685)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Apr 17 00:30:09 2022 GMT
            Not After : Apr  1 22:21:14 2023 GMT
        Subject: CN=7D0F2A5694B995C2496065C266A20860A40F3306
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:5d:ad:16:e8:86:12:b9:34:2c:af:d4:24:f4:
                    06:2b:02:db:ee:38:89:b1:a8:e6:36:d0:e9:42:f1:
                    bb:1f:c6:4d:60:57:9f:95:31:e0:02:1c:b3:05:3a:
                    27:22:a7:b4:ae:6e:ff:be:bf:f8:49:22:03:df:ae:
                    0c:20:cf:d2:ce:1b:ae:2e:49:2e:4f:f5:fd:62:00:
                    5b:70:34:a8:e0:31:31:ce:27:fc:84:59:8a:db:c0:
                    d9:e3:42:72:35:17:5e:d4:f2:ab:1c:20:9a:55:98:
                    82:69:60:d3:6c:a9:59:b5:72:c6:88:6d:b2:48:aa:
                    cd:ef:41:19:97:6b:74:33:39:45:b4:da:f0:82:20:
                    f5:2f:7c:97:5b:46:1a:33:a8:b6:11:67:e6:5a:ba:
                    2e:15:11:7c:4b:2b:e8:3a:69:ff:70:fb:f6:eb:90:
                    60:62:51:28:ec:84:12:23:82:2f:bb:37:e3:b3:24:
                    1c:69:82:24:65:c8:56:06:05:3b:ce:45:84:18:67:
                    b3:e3:80:b5:57:ae:47:7a:40:81:6f:ea:06:d2:ac:
                    a3:c2:0c:e6:36:a9:39:15:20:48:4f:5b:da:0f:03:
                    2c:49:31:13:17:e9:3f:cd:67:c8:74:65:32:da:7c:
                    c8:40:3a:39:44:31:53:de:e6:14:0c:ab:ba:95:ce:
                    6e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:0F:2A:56:94:B9:95:C2:49:60:65:C2:66:A2:08:60:A4:0F:33:06
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/fQ8qVpS5lcJJYGXCZqIIYKQPMwY.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:70:d8:dd:a4:99:a1:20:54:af:dd:c2:dc:1b:86:dd:a3:8b:
         4a:20:e3:5a:ab:63:95:55:bc:f7:14:1c:57:62:10:39:02:45:
         e5:9f:84:1c:f2:a6:7f:a1:95:fb:a0:e2:22:7b:f1:1b:b7:18:
         3b:84:0e:87:df:2c:8e:36:3a:d7:a1:02:6e:d1:7f:f9:30:0d:
         77:e8:2c:64:94:47:23:5e:d8:51:eb:8d:78:cb:45:7f:6a:26:
         28:d0:fe:dc:da:7d:00:4f:4f:ce:98:f7:46:7e:fd:c2:0c:ff:
         47:4f:7f:8c:b8:b2:da:c3:6d:eb:be:46:56:6e:84:4e:93:5c:
         8d:3c:2c:91:18:6a:40:97:84:f9:87:d0:0e:24:2f:fd:01:a8:
         cf:b1:f1:85:0b:27:40:ee:d2:08:5b:8b:aa:cc:63:26:9f:8b:
         d6:98:3c:44:8d:17:06:53:f1:22:b9:29:fa:a7:08:c2:ea:fe:
         c9:08:a6:a6:1d:80:b0:5d:9a:0e:51:43:ef:81:ca:8d:a5:84:
         80:ae:9d:02:e2:70:d2:e5:86:9c:61:24:d0:38:ff:bf:53:a6:
         5e:f5:6f:8a:88:b2:ad:ce:16:69:af:f6:2e:c8:c3:a8:5b:9b:
         09:1a:23:83:b8:94:ca:63:55:bb:89:69:d3:46:10:33:ed:57:
         87:6c:a2:77
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRoUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA0MTcw
MDMwMDlaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKDdEMEYyQTU2OTRCOTk1
QzI0OTYwNjVDMjY2QTIwODYwQTQwRjMzMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSXa0W6IYSuTQsr9Qk9AYrAtvuOImxqOY20OlC8bsfxk1gV5+V
MeACHLMFOicip7Subv++v/hJIgPfrgwgz9LOG64uSS5P9f1iAFtwNKjgMTHOJ/yE
WYrbwNnjQnI1F17U8qscIJpVmIJpYNNsqVm1csaIbbJIqs3vQRmXa3QzOUW02vCC
IPUvfJdbRhozqLYRZ+Zaui4VEXxLK+g6af9w+/brkGBiUSjshBIjgi+7N+OzJBxp
giRlyFYGBTvORYQYZ7PjgLVXrkd6QIFv6gbSrKPCDOY2qTkVIEhPW9oPAyxJMRMX
6T/NZ8h0ZTLafMhAOjlEMVPe5hQMq7qVzm5BAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUfQ8qVpS5lcJJYGXCZqIIYKQPMwYwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9mUThxVnBTNWxjSkpZR1hDWnFJSVlLUVBNd1kucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AEpw2N2kmaEgVK/dwtwbht2ji0og41qrY5VVvPcUHFdiEDkCReWfhBzypn+hlfug
4iJ78Ru3GDuEDoffLI42OtehAm7Rf/kwDXfoLGSURyNe2FHrjXjLRX9qJijQ/tza
fQBPT86Y90Z+/cIM/0dPf4y4strDbeu+RlZuhE6TXI08LJEYakCXhPmH0A4kL/0B
qM+x8YULJ0Du0ghbi6rMYyafi9aYPESNFwZT8SK5KfqnCMLq/skIpqYdgLBdmg5R
Q++Byo2lhICunQLicNLlhpxhJNA4/79Tpl71b4qIsq3OFmmv9i7Iw6hbmwkaI4O4
lMpjVbuJadNGEDPtV4dsonc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org