Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/nLrUT1Xl5CTF0Xw0qr0XtnXuUGw.roa
File:                     nLrUT1Xl5CTF0Xw0qr0XtnXuUGw.roa (raw, json)
Hash identifier:          K2athqxjzf8d+gOQH9SPg8U8qlRalq1cbpYv2+SFndo=
Subject key identifier:   9C:BA:D4:4F:55:E5:E4:24:C5:D1:7C:34:AA:BD:17:B6:75:EE:50:6C
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       42CE
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/nLrUT1Xl5CTF0Xw0qr0XtnXuUGw.roa
Signing time:             Tue 08 Feb 2022 00:30:04 +0000
ROA not before:           Tue 08 Feb 2022 00:30:04 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     47065
IP address blocks:        147.28.5.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17102 (0x42ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Feb  8 00:30:04 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=9CBAD44F55E5E424C5D17C34AABD17B675EE506C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:53:ef:d3:03:1b:91:9f:60:83:72:be:0b:b3:
                    07:20:ee:6d:1e:b5:fd:75:a6:e5:8a:b4:a1:91:ac:
                    cf:90:8f:04:0c:3d:f1:70:b5:27:53:a5:fa:eb:be:
                    26:65:8d:80:02:f6:01:1a:f9:fc:f1:be:f7:2d:6c:
                    23:28:3c:8f:ab:1a:16:df:8f:b1:b9:87:a2:48:4b:
                    bc:64:30:58:4f:dc:dd:a3:9f:7d:54:e3:f0:b6:29:
                    8f:af:d0:fb:2d:d2:85:2b:a3:b6:c7:d5:84:a0:18:
                    fd:50:45:96:76:af:26:db:d6:72:26:d6:28:fc:20:
                    05:0d:48:39:ab:c4:53:44:fc:f8:92:f5:db:8b:a3:
                    2a:a3:0a:0e:3f:74:35:ca:5f:51:e0:a3:9a:15:eb:
                    0a:a1:10:28:83:43:34:11:fe:05:68:22:a7:86:16:
                    3e:33:92:86:69:5f:f8:ef:99:c7:20:91:a5:f6:fa:
                    c3:cc:b6:e6:00:60:ea:9e:eb:a4:02:e7:f6:c0:7b:
                    43:08:9a:d6:08:bc:cf:db:15:6a:31:95:c8:5b:06:
                    af:9d:55:10:c9:ce:63:0a:aa:1e:07:33:c1:01:c5:
                    9f:c1:ca:58:08:e1:bc:62:bc:f6:a3:43:cb:4f:06:
                    3e:4c:f5:88:05:93:83:40:a0:4f:e8:89:ac:10:8e:
                    21:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:BA:D4:4F:55:E5:E4:24:C5:D1:7C:34:AA:BD:17:B6:75:EE:50:6C
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/nLrUT1Xl5CTF0Xw0qr0XtnXuUGw.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:8e:d1:de:3a:80:12:09:6c:74:9b:7b:c9:d6:16:ff:33:30:
         d1:bf:bc:29:d0:06:05:8b:69:5d:87:aa:cb:fd:4e:7d:d5:c6:
         66:19:a1:21:9c:4c:ed:9a:1a:ec:1a:cd:93:14:5e:5c:5a:26:
         20:6e:0a:d4:59:80:63:d4:42:e3:67:ef:48:7b:f9:55:c6:b5:
         ab:b3:60:65:bf:a7:24:c3:2e:92:18:9a:03:e2:0e:6f:27:ce:
         a7:36:4f:35:eb:6f:d6:13:ac:dd:4d:c5:9e:7c:62:66:70:f4:
         f4:70:e0:68:b2:53:4a:75:6c:ce:0d:48:d0:c6:fa:6b:a5:cc:
         c7:b8:88:fe:ba:6d:39:0c:7c:8a:82:6d:22:0b:2e:2c:69:c2:
         15:9a:e4:93:c1:a4:0f:ab:ef:39:e8:8b:bd:51:d1:93:f0:c5:
         3e:01:e2:b3:f6:e6:96:7f:03:4e:6b:e4:a2:fd:b5:de:d3:b6:
         70:7e:e5:65:36:4b:cc:74:b8:e5:8b:9e:90:31:54:f4:77:a6:
         40:ff:c8:b4:90:12:90:07:b7:2e:2e:e6:21:4f:26:d2:2a:0c:
         d1:6a:5a:49:bf:49:a1:a5:c4:1d:14:4d:9c:d2:4f:8c:d8:4f:
         31:b3:8c:46:f0:d8:4a:7e:57:8b:2a:3e:ff:24:78:dc:e8:9b:
         ca:07:bf:0d
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQs4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMDgw
MDMwMDRaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKDlDQkFENDRGNTVFNUU0
MjRDNUQxN0MzNEFBQkQxN0I2NzVFRTUwNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmU+/TAxuRn2CDcr4Lswcg7m0etf11puWKtKGRrM+QjwQMPfFw
tSdTpfrrviZljYAC9gEa+fzxvvctbCMoPI+rGhbfj7G5h6JIS7xkMFhP3N2jn31U
4/C2KY+v0Pst0oUro7bH1YSgGP1QRZZ2rybb1nIm1ij8IAUNSDmrxFNE/PiS9duL
oyqjCg4/dDXKX1Hgo5oV6wqhECiDQzQR/gVoIqeGFj4zkoZpX/jvmccgkaX2+sPM
tuYAYOqe66QC5/bAe0MImtYIvM/bFWoxlchbBq+dVRDJzmMKqh4HM8EBxZ/BylgI
4bxivPajQ8tPBj5M9YgFk4NAoE/oiawQjiH5AgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUnLrUT1Xl5CTF0Xw0qr0XtnXuUGwwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9uTHJVVDFYbDVDVEYwWHcwcXIwWHRuWHVVR3cucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAUwDQYJKoZIhvcNAQELBQADggEB
AIqO0d46gBIJbHSbe8nWFv8zMNG/vCnQBgWLaV2Hqsv9Tn3VxmYZoSGcTO2aGuwa
zZMUXlxaJiBuCtRZgGPUQuNn70h7+VXGtauzYGW/pyTDLpIYmgPiDm8nzqc2TzXr
b9YTrN1NxZ58YmZw9PRw4GiyU0p1bM4NSNDG+mulzMe4iP66bTkMfIqCbSILLixp
whWa5JPBpA+r7znoi71R0ZPwxT4B4rP25pZ/A05r5KL9td7TtnB+5WU2S8x0uOWL
npAxVPR3pkD/yLSQEpAHty4u5iFPJtIqDNFqWkm/SaGlxB0UTZzST4zYTzGzjEbw
2Ep+V4sqPv8keNzom8oHvw0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org