Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/qOUaPTMXq62ML71hwjax0WpaOWU.roa
File:                     qOUaPTMXq62ML71hwjax0WpaOWU.roa (raw, json)
Hash identifier:          7cV9QhFqzmQUmc3TYVinPuqBJra3RC2344+ZhduwQEc=
Subject key identifier:   A8:E5:1A:3D:33:17:AB:AD:8C:2F:BD:61:C2:36:B1:D1:6A:5A:39:65
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       497C
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/qOUaPTMXq62ML71hwjax0WpaOWU.roa
Signing time:             Tue 07 Jun 2022 00:30:08 +0000
ROA not before:           Tue 07 Jun 2022 00:30:08 +0000
ROA not after:            Sat 01 Apr 2023 22:21:14 +0000
asID:                     51224
IP address blocks:        147.28.3.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18812 (0x497c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Jun  7 00:30:08 2022 GMT
            Not After : Apr  1 22:21:14 2023 GMT
        Subject: CN=A8E51A3D3317ABAD8C2FBD61C236B1D16A5A3965
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:8e:be:89:00:53:07:61:3e:88:49:a5:a3:b6:
                    74:9b:e7:90:cc:b0:44:ae:4e:13:9f:16:4f:b5:18:
                    06:2d:27:f4:66:54:99:36:61:43:47:15:13:ac:e9:
                    d6:33:ab:ac:b1:63:e7:ca:24:8b:97:ff:c2:20:97:
                    47:a0:0d:92:f5:1d:cf:c3:a0:54:a6:c3:34:95:af:
                    d4:d6:c5:39:69:c9:fd:31:83:a0:1a:f5:03:4a:4f:
                    12:c1:3d:10:3e:c8:a8:24:63:42:7a:e1:ef:44:56:
                    6d:ce:30:fe:03:33:e1:ff:88:a9:f9:48:04:a7:b2:
                    6b:46:36:c9:5f:17:c2:fb:d4:e7:4e:4e:c3:fd:03:
                    c8:bb:5d:18:15:89:a3:0a:19:dc:cf:5f:ef:c0:47:
                    e8:62:64:f3:98:fc:4e:b6:5c:c9:8e:42:04:b4:51:
                    30:07:a2:8f:20:52:12:7a:a3:ce:3e:b7:40:4c:2a:
                    22:c3:71:85:6b:af:cd:d7:12:b1:b8:4d:e4:eb:97:
                    18:21:44:31:a7:43:40:9e:52:ab:3e:1e:94:b0:07:
                    13:3d:c9:3a:42:1a:00:d6:2a:91:3f:e1:de:bc:24:
                    3f:03:13:8a:56:fb:97:32:e9:a8:2a:c7:6e:dd:7a:
                    6e:8d:95:28:75:a6:20:57:0c:80:e9:f6:a9:b4:36:
                    16:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:E5:1A:3D:33:17:AB:AD:8C:2F:BD:61:C2:36:B1:D1:6A:5A:39:65
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/qOUaPTMXq62ML71hwjax0WpaOWU.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:72:6c:a1:f1:09:44:7e:f2:99:c2:c1:d6:dd:1f:f4:6f:1a:
         bf:1f:74:e5:55:be:80:b2:f5:b0:e8:ff:4a:31:53:ff:3b:72:
         d6:25:2b:83:50:5e:ea:2e:e3:dc:86:a2:b3:07:c1:78:14:96:
         d4:42:2b:1f:f9:db:74:ee:53:48:d6:75:a6:85:f9:0b:06:bb:
         f3:bd:4e:5f:0b:c0:70:0c:d6:c1:3d:70:e3:86:26:3e:86:18:
         76:d0:99:a9:66:88:f3:33:76:ab:60:db:4f:8a:20:df:2f:88:
         a2:32:ad:26:21:8d:29:a5:86:c3:82:1e:31:f4:9a:a7:71:64:
         d9:b0:22:53:2e:6b:ff:06:1b:2d:94:26:a8:1e:09:3f:aa:9e:
         5d:41:35:7b:a8:dd:37:3d:74:f8:82:f7:36:73:33:64:53:28:
         85:8c:24:dc:c8:57:91:68:30:c5:c2:fa:76:9c:2a:90:6e:df:
         cb:73:fd:38:ef:1a:40:de:84:16:6d:ea:7e:e4:36:77:f8:5b:
         bb:a2:ad:c1:02:3f:5d:78:0f:8b:bf:9e:bd:e9:7b:aa:fe:fa:
         f5:69:bb:0e:7d:44:a4:11:e5:c2:7f:d0:ac:13:6d:cc:7f:47:
         ae:10:41:14:13:97:f0:72:8b:a1:7b:70:74:0c:42:73:6e:dd:
         de:18:6a:24
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICSXwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjA2MDcw
MDMwMDhaFw0yMzA0MDEyMjIxMTRaMDMxMTAvBgNVBAMTKEE4RTUxQTNEMzMxN0FC
QUQ4QzJGQkQ2MUMyMzZCMUQxNkE1QTM5NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8jr6JAFMHYT6ISaWjtnSb55DMsESuThOfFk+1GAYtJ/RmVJk2
YUNHFROs6dYzq6yxY+fKJIuX/8Igl0egDZL1Hc/DoFSmwzSVr9TWxTlpyf0xg6Aa
9QNKTxLBPRA+yKgkY0J64e9EVm3OMP4DM+H/iKn5SASnsmtGNslfF8L71OdOTsP9
A8i7XRgViaMKGdzPX+/AR+hiZPOY/E62XMmOQgS0UTAHoo8gUhJ6o84+t0BMKiLD
cYVrr83XErG4TeTrlxghRDGnQ0CeUqs+HpSwBxM9yTpCGgDWKpE/4d68JD8DE4pW
+5cy6agqx27dem6NlSh1piBXDIDp9qm0NhbBAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUqOUaPTMXq62ML71hwjax0WpaOWUwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS9xT1VhUFRNWHE2Mk1MNzFod2pheDBXcGFPV1Uucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AH9ybKHxCUR+8pnCwdbdH/RvGr8fdOVVvoCy9bDo/0oxU/87ctYlK4NQXuou49yG
orMHwXgUltRCKx/523TuU0jWdaaF+QsGu/O9Tl8LwHAM1sE9cOOGJj6GGHbQmalm
iPMzdqtg20+KIN8viKIyrSYhjSmlhsOCHjH0mqdxZNmwIlMua/8GGy2UJqgeCT+q
nl1BNXuo3Tc9dPiC9zZzM2RTKIWMJNzIV5FoMMXC+nacKpBu38tz/TjvGkDehBZt
6n7kNnf4W7uircECP114D4u/nr3pe6r++vVpuw59RKQR5cJ/0KwTbcx/R64QQRQT
l/Byi6F7cHQMQnNu3d4YaiQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:52 2023 by rpki-client on console-ams.rpki-client.org