Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/icRZmGtLu8absXS5qSs40eqP1-I.roa
File:                     icRZmGtLu8absXS5qSs40eqP1-I.roa (raw, json)
Hash identifier:          YmK9i4kaSxymifP0AnE0IGPMkl3uLhsDbpwI7ZzQCgI=
Subject key identifier:   89:C4:59:98:6B:4B:BB:C6:9B:B1:74:B9:A9:2B:38:D1:EA:8F:D7:E2
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       450B
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/icRZmGtLu8absXS5qSs40eqP1-I.roa
Signing time:             Mon 21 Mar 2022 00:30:07 +0000
ROA not before:           Mon 21 Mar 2022 00:30:07 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     51224
IP address blocks:        45.132.189.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17675 (0x450b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Mar 21 00:30:07 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=89C459986B4BBBC69BB174B9A92B38D1EA8FD7E2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:9b:3b:9b:c3:72:e7:98:cc:cf:03:f6:05:c2:
                    d1:96:56:7c:3a:83:03:27:e4:0b:24:c4:c3:06:f9:
                    15:74:9f:8a:cc:52:ec:5a:48:17:2d:d0:c4:d4:ba:
                    05:eb:76:28:5b:04:67:51:c1:bf:1b:f1:ac:d7:2a:
                    ff:04:da:a6:3d:ba:6d:3e:ed:ef:5e:7e:70:89:88:
                    6b:aa:f0:56:d7:82:16:60:80:29:0d:7d:2f:e7:7a:
                    a6:1c:fd:6a:49:35:05:76:b0:b2:9d:dd:d2:37:84:
                    01:7d:ae:f2:ef:97:50:dd:7d:7f:b6:07:ec:2e:ec:
                    bd:2d:a1:28:f4:ca:a3:64:84:66:65:59:d1:24:3b:
                    69:4c:80:18:3a:73:cb:06:77:12:b3:87:6e:ca:31:
                    25:66:7d:d6:4b:64:5d:0e:9f:c8:6c:d8:4e:c6:3a:
                    22:ab:d6:c9:bd:01:13:0c:40:0f:52:f7:ac:1b:05:
                    c1:ed:b9:23:e6:c4:b0:c6:72:fd:ea:c7:3b:09:45:
                    49:0e:b6:2b:dc:3b:b9:2d:b2:c8:9f:da:e7:57:74:
                    a9:e2:5f:24:72:38:ff:16:4d:be:44:83:fe:1c:8d:
                    00:1d:a0:0c:6b:44:ae:d1:cb:d4:60:92:e1:d4:c1:
                    fa:c0:8e:76:3e:09:56:51:c8:ad:4b:14:3f:03:34:
                    9b:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:C4:59:98:6B:4B:BB:C6:9B:B1:74:B9:A9:2B:38:D1:EA:8F:D7:E2
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/icRZmGtLu8absXS5qSs40eqP1-I.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:82:18:ad:26:ef:00:cf:49:77:26:c5:a5:24:cd:88:71:52:
         6c:08:09:72:8b:6a:f4:2d:ed:a0:b6:cc:8a:0f:de:bb:64:52:
         78:88:b1:41:78:84:6e:12:03:74:8f:6e:c3:24:0d:27:e4:ff:
         1e:73:ab:1a:5f:0b:58:5d:1f:ea:6e:13:7a:71:50:00:c0:ff:
         40:7c:b6:9a:1b:0f:3d:f0:2a:d7:54:38:e1:8b:66:89:50:b7:
         05:39:ff:44:0d:dc:ad:a1:a5:53:b4:f0:d7:e0:88:1f:d8:49:
         db:d5:3a:8c:1a:38:6a:64:25:b0:5d:83:0e:c3:58:05:77:9d:
         f9:d3:8d:23:cf:e4:43:b0:47:88:7a:06:2c:aa:74:f2:48:b8:
         0a:a5:81:d8:e5:50:39:ec:96:85:63:5c:1b:f3:bc:94:cc:74:
         3b:fb:1f:2c:89:67:fa:10:51:98:f7:ea:0e:14:39:d2:a1:b9:
         db:f5:c4:2f:26:50:7a:13:7f:f4:ae:86:88:f9:8b:9f:ee:40:
         f5:5d:af:ec:a4:d6:5c:b9:57:12:f3:3f:7d:8a:bf:bb:41:3b:
         7c:39:79:25:29:d6:53:17:60:47:8f:83:ad:4f:c2:ad:cf:ad:
         59:64:08:e1:71:39:71:c5:ac:f5:37:ac:42:b2:f5:7d:34:18:
         a2:81:ef:45
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRQswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjEw
MDMwMDdaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDg5QzQ1OTk4NkI0QkJC
QzY5QkIxNzRCOUE5MkIzOEQxRUE4RkQ3RTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpmzubw3LnmMzPA/YFwtGWVnw6gwMn5AskxMMG+RV0n4rMUuxa
SBct0MTUugXrdihbBGdRwb8b8azXKv8E2qY9um0+7e9efnCJiGuq8FbXghZggCkN
fS/neqYc/WpJNQV2sLKd3dI3hAF9rvLvl1DdfX+2B+wu7L0toSj0yqNkhGZlWdEk
O2lMgBg6c8sGdxKzh27KMSVmfdZLZF0On8hs2E7GOiKr1sm9ARMMQA9S96wbBcHt
uSPmxLDGcv3qxzsJRUkOtivcO7ktssif2udXdKniXyRyOP8WTb5Eg/4cjQAdoAxr
RK7Ry9RgkuHUwfrAjnY+CVZRyK1LFD8DNJtLAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUicRZmGtLu8absXS5qSs40eqP1+IwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9pY1JabUd0THU4YWJzWFM1cVNzNDBlcVAxLUkucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthL0wDQYJKoZIhvcNAQELBQADggEB
AF+CGK0m7wDPSXcmxaUkzYhxUmwICXKLavQt7aC2zIoP3rtkUniIsUF4hG4SA3SP
bsMkDSfk/x5zqxpfC1hdH+puE3pxUADA/0B8tpobDz3wKtdUOOGLZolQtwU5/0QN
3K2hpVO08NfgiB/YSdvVOowaOGpkJbBdgw7DWAV3nfnTjSPP5EOwR4h6BiyqdPJI
uAqlgdjlUDnsloVjXBvzvJTMdDv7HyyJZ/oQUZj36g4UOdKhudv1xC8mUHoTf/Su
hoj5i5/uQPVdr+yk1ly5VxLzP32Kv7tBO3w5eSUp1lMXYEePg61Pwq3PrVlkCOFx
OXHFrPU3rEKy9X00GKKB70U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:53 2024 by rpki-client on console-fra.rpki-client.org