Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/tAZpwAV45_-19dfyBdSPj3Ndqjg.roa
File:                     tAZpwAV45_-19dfyBdSPj3Ndqjg.roa (raw, json)
Hash identifier:          +N1G1VQKLovMSwgf1IE3bhUMOUSAjsuhN//2O9gMKtk=
Subject key identifier:   B4:06:69:C0:05:78:E7:FF:B5:F5:D7:F2:05:D4:8F:8F:73:5D:AA:38
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       4455
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/tAZpwAV45_-19dfyBdSPj3Ndqjg.roa
Signing time:             Tue 08 Mar 2022 00:36:42 +0000
ROA not before:           Tue 08 Mar 2022 00:36:42 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     47065
IP address blocks:        147.28.3.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17493 (0x4455)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Mar  8 00:36:42 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=B40669C00578E7FFB5F5D7F205D48F8F735DAA38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:4b:d6:92:01:1d:5e:81:e4:84:b2:a3:e6:fe:
                    99:2d:d0:c5:e8:1f:8e:76:ce:1c:bd:5c:c2:be:f2:
                    43:db:ad:57:20:38:a7:bc:b0:40:f8:ac:ca:77:f8:
                    46:99:e6:c6:c9:d0:d1:38:21:66:5d:00:b7:09:05:
                    fd:c5:14:a1:ff:89:26:16:a7:cc:43:ec:91:fd:54:
                    c1:ad:2b:6b:75:c7:05:2b:29:3d:9a:22:c8:bf:18:
                    a5:88:0e:30:02:e0:7d:d3:24:a4:a1:9b:c0:d2:e2:
                    44:af:ad:54:7c:bb:1f:e7:26:2e:7d:59:76:d3:29:
                    c0:36:1f:1b:03:9f:ea:e3:3b:7e:91:77:42:82:85:
                    42:65:1a:e1:19:d6:c0:95:e4:a1:ba:1f:98:a6:50:
                    31:ec:37:17:9e:ff:d1:59:eb:3a:35:d8:e7:28:75:
                    66:5f:69:00:33:13:e3:d3:0a:c6:61:c9:b5:23:33:
                    46:12:05:ce:a9:0b:4a:11:ae:4b:2a:aa:8d:43:35:
                    4f:c8:6c:58:ff:3b:d7:52:9a:57:93:1f:9e:fc:06:
                    ad:fb:e1:ec:43:60:e2:0a:fa:67:0d:90:fc:43:b3:
                    c1:a6:3e:00:cb:ef:78:bd:19:ec:a9:b5:2b:31:0f:
                    cd:29:e7:21:de:46:f4:53:d5:73:fa:ad:14:0d:d3:
                    f3:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:06:69:C0:05:78:E7:FF:B5:F5:D7:F2:05:D4:8F:8F:73:5D:AA:38
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/tAZpwAV45_-19dfyBdSPj3Ndqjg.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:aa:23:a7:e9:c1:7e:ea:d1:47:09:a7:df:17:66:96:49:31:
         67:6c:25:21:6c:70:04:07:52:29:43:90:f5:f3:d6:83:73:19:
         1f:f8:f4:24:19:72:fc:7c:1d:9c:57:61:bc:d9:61:49:f5:14:
         de:b2:25:75:0f:92:b8:99:57:af:14:e6:28:66:34:0f:d5:98:
         b4:eb:a1:58:0a:de:e2:e5:ce:b6:b5:eb:21:52:a0:b4:f0:ed:
         40:fa:1f:45:20:fc:1d:74:b2:0b:79:58:f5:b8:97:1b:6d:ae:
         f4:b9:6a:57:ef:ab:ed:56:1f:02:43:21:c8:02:38:ff:97:f7:
         b6:65:af:c4:d9:0e:c2:03:a2:63:ae:9d:28:62:dc:f4:bb:e7:
         db:a5:8b:78:a4:97:50:c7:e2:b3:fa:42:01:28:ae:cf:b7:b6:
         20:8b:c8:56:86:ec:ef:7a:17:56:50:87:cf:b5:ac:49:30:11:
         b5:56:8e:b1:21:e2:8f:1c:51:85:cf:34:26:ad:26:24:68:58:
         2e:ee:b9:6e:d6:72:a7:10:dd:e1:a1:35:1f:b5:6b:9e:55:c8:
         a2:2e:80:68:6a:32:c4:87:ed:e5:4e:15:13:70:af:df:e9:c2:
         82:37:f4:52:a3:cc:79:db:9b:3b:31:15:b2:4a:56:80:fb:9d:
         13:ef:f0:4e
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRFUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMDgw
MDM2NDJaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEI0MDY2OUMwMDU3OEU3
RkZCNUY1RDdGMjA1RDQ4RjhGNzM1REFBMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1S9aSAR1egeSEsqPm/pkt0MXoH452zhy9XMK+8kPbrVcgOKe8
sED4rMp3+EaZ5sbJ0NE4IWZdALcJBf3FFKH/iSYWp8xD7JH9VMGtK2t1xwUrKT2a
Isi/GKWIDjAC4H3TJKShm8DS4kSvrVR8ux/nJi59WXbTKcA2HxsDn+rjO36Rd0KC
hUJlGuEZ1sCV5KG6H5imUDHsNxee/9FZ6zo12OcodWZfaQAzE+PTCsZhybUjM0YS
Bc6pC0oRrksqqo1DNU/IbFj/O9dSmleTH578Bq374exDYOIK+mcNkPxDs8GmPgDL
73i9GeyptSsxD80p5yHeRvRT1XP6rRQN0/OJAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUtAZpwAV45/+19dfyBdSPj3NdqjgwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS90QVpwd0FWNDVfLTE5ZGZ5QmRTUGozTmRxamcucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AB2qI6fpwX7q0UcJp98XZpZJMWdsJSFscAQHUilDkPXz1oNzGR/49CQZcvx8HZxX
YbzZYUn1FN6yJXUPkriZV68U5ihmNA/VmLTroVgK3uLlzra16yFSoLTw7UD6H0Ug
/B10sgt5WPW4lxttrvS5alfvq+1WHwJDIcgCOP+X97Zlr8TZDsIDomOunShi3PS7
59uli3ikl1DH4rP6QgEors+3tiCLyFaG7O96F1ZQh8+1rEkwEbVWjrEh4o8cUYXP
NCatJiRoWC7uuW7WcqcQ3eGhNR+1a55VyKIugGhqMsSH7eVOFRNwr9/pwoI39FKj
zHnbmzsxFbJKVoD7nRPv8E4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org