Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/hJ9XXFjeTmzWJ0aNHXTrD85XZuk.roa
File:                     hJ9XXFjeTmzWJ0aNHXTrD85XZuk.roa (raw, json)
Hash identifier:          OclOtjM+inqPzahi2hD+neV5IotAon3HiIRMZhVFrt0=
Subject key identifier:   84:9F:57:5C:58:DE:4E:6C:D6:27:46:8D:1D:74:EB:0F:CE:57:66:E9
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       44D0
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hJ9XXFjeTmzWJ0aNHXTrD85XZuk.roa
Signing time:             Thu 17 Mar 2022 00:30:10 +0000
ROA not before:           Thu 17 Mar 2022 00:30:10 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     51224
IP address blocks:        147.28.13.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17616 (0x44d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Mar 17 00:30:10 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=849F575C58DE4E6CD627468D1D74EB0FCE5766E9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:41:46:2c:00:65:e0:15:ea:af:56:14:77:58:
                    a9:86:b1:2e:ad:95:61:32:31:53:0b:e8:ae:af:de:
                    75:04:db:a2:05:a2:dc:f8:a4:b0:5a:0e:5b:e8:f8:
                    15:ea:5e:63:3d:50:a0:2a:1a:94:5b:4e:90:87:97:
                    7b:9e:dd:68:1a:9a:d5:d0:5e:13:37:b9:25:bf:a9:
                    39:33:cd:3c:df:20:2c:9f:2b:1b:22:f3:9f:3e:71:
                    8a:ea:56:cd:82:f3:f3:c6:d0:cb:47:6b:65:0b:22:
                    99:1a:b3:c3:d3:14:6f:40:5f:d1:99:4a:a3:e5:a8:
                    b1:c8:06:3b:18:d8:01:ce:fc:b2:16:2c:3d:58:5a:
                    84:c1:d7:bb:c6:e1:d5:c5:fb:07:c5:02:1e:73:bc:
                    c2:9b:00:8c:5b:68:c1:ed:ba:96:fd:83:26:ed:9f:
                    53:dd:ee:3f:23:b8:c0:b2:b0:58:ad:8a:ef:ec:fc:
                    95:a9:88:ac:75:f6:d4:3c:c6:20:ef:38:79:5f:d1:
                    6d:ee:e2:ff:49:f3:f5:f4:0f:cd:fd:21:6b:55:f4:
                    b4:c3:49:29:dd:5f:21:81:64:13:cd:33:86:14:4e:
                    94:e6:39:fd:0c:ef:a7:d5:d8:11:a6:6b:82:87:1c:
                    57:8b:bf:fd:15:64:33:94:01:79:4d:be:af:ce:7c:
                    1c:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:9F:57:5C:58:DE:4E:6C:D6:27:46:8D:1D:74:EB:0F:CE:57:66:E9
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/hJ9XXFjeTmzWJ0aNHXTrD85XZuk.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:b9:d8:8b:55:cf:ab:83:a6:f6:7d:e3:6a:c5:ff:85:4c:72:
         5a:52:e0:5d:5f:bd:20:c4:fa:3d:6b:b8:d3:e5:16:25:dc:60:
         87:4a:a0:08:80:2e:d5:28:56:1d:f6:a7:5b:80:5b:31:2b:1a:
         98:21:76:10:ef:b4:21:a3:05:55:b9:c2:09:77:0b:ca:96:82:
         4e:a8:25:83:4a:04:9a:46:38:a1:22:e8:3f:b9:2d:da:3b:f0:
         12:61:ee:c9:a3:b7:c1:17:af:b4:95:ee:a6:0b:6f:ef:91:7f:
         f6:71:ad:76:8e:a6:f9:53:1b:dc:62:a3:0e:65:d6:28:d9:8f:
         b4:c1:7c:b5:c7:30:4b:17:4b:de:e2:8b:f1:47:51:a1:e3:c5:
         7f:98:9d:35:af:b4:50:6d:d3:6b:b2:2d:24:1b:e8:5f:81:b7:
         4a:7d:64:9a:8c:78:90:9f:bd:bc:6c:d1:74:00:62:6b:af:30:
         99:e2:bf:19:ef:76:e7:20:fb:f0:5f:54:e9:4a:5c:2c:1e:31:
         ba:0d:ef:35:34:06:3b:57:fd:5d:fe:94:36:b7:66:2f:07:1c:
         bb:ef:80:dd:4a:66:e5:10:fe:9a:ce:c4:7e:94:3f:09:99:c6:
         52:36:7e:40:99:a9:ef:40:ea:3f:2b:b6:a0:46:bb:8e:7b:03:
         76:ec:67:76
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRNAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMTcw
MDMwMTBaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDg0OUY1NzVDNThERTRF
NkNENjI3NDY4RDFENzRFQjBGQ0U1NzY2RTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKQUYsAGXgFeqvVhR3WKmGsS6tlWEyMVML6K6v3nUE26IFotz4
pLBaDlvo+BXqXmM9UKAqGpRbTpCHl3ue3WgamtXQXhM3uSW/qTkzzTzfICyfKxsi
858+cYrqVs2C8/PG0MtHa2ULIpkas8PTFG9AX9GZSqPlqLHIBjsY2AHO/LIWLD1Y
WoTB17vG4dXF+wfFAh5zvMKbAIxbaMHtupb9gybtn1Pd7j8juMCysFitiu/s/JWp
iKx19tQ8xiDvOHlf0W3u4v9J8/X0D839IWtV9LTDSSndXyGBZBPNM4YUTpTmOf0M
76fV2BGma4KHHFeLv/0VZDOUAXlNvq/OfBytAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUhJ9XXFjeTmzWJ0aNHXTrD85XZukwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9oSjlYWEZqZVRteldKMGFOSFhUckQ4NVhadWsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHA0wDQYJKoZIhvcNAQELBQADggEB
ALi52ItVz6uDpvZ942rF/4VMclpS4F1fvSDE+j1ruNPlFiXcYIdKoAiALtUoVh32
p1uAWzErGpghdhDvtCGjBVW5wgl3C8qWgk6oJYNKBJpGOKEi6D+5Ldo78BJh7smj
t8EXr7SV7qYLb++Rf/ZxrXaOpvlTG9xiow5l1ijZj7TBfLXHMEsXS97ii/FHUaHj
xX+YnTWvtFBt02uyLSQb6F+Bt0p9ZJqMeJCfvbxs0XQAYmuvMJnivxnvducg+/Bf
VOlKXCweMboN7zU0BjtX/V3+lDa3Zi8HHLvvgN1KZuUQ/prOxH6UPwmZxlI2fkCZ
qe9A6j8rtqBGu457A3bsZ3Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org