Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/tyf0epoC6mSor7vvDYvplLa0NoA.roa
File:                     tyf0epoC6mSor7vvDYvplLa0NoA.roa (raw, json)
Hash identifier:          XKkwc1q6NJhS2PQqGoIy1llP6JvFeHmgE20A9vkdJZA=
Subject key identifier:   B7:27:F4:7A:9A:02:EA:64:A8:AF:BB:EF:0D:8B:E9:94:B6:B4:36:80
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       430D
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/tyf0epoC6mSor7vvDYvplLa0NoA.roa
Signing time:             Sat 12 Feb 2022 00:30:08 +0000
ROA not before:           Sat 12 Feb 2022 00:30:08 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     47065
IP address blocks:        147.28.11.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17165 (0x430d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Feb 12 00:30:08 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=B727F47A9A02EA64A8AFBBEF0D8BE994B6B43680
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fe:63:f4:ae:1c:1d:59:3f:53:7f:de:e2:6c:
                    e0:58:95:5e:f1:14:86:cb:fe:10:50:d0:c4:15:9d:
                    84:25:1e:43:e4:1e:70:53:c6:f3:d2:fc:7f:22:fd:
                    a8:a0:a2:8f:bb:b3:c3:ee:c0:1f:81:1d:a4:32:3f:
                    b6:37:50:9c:24:38:a9:ed:da:66:92:07:5e:6d:aa:
                    14:7a:49:79:11:38:79:ab:45:99:db:08:09:82:5a:
                    8a:64:df:8a:ef:7f:ff:9e:69:e1:c4:71:3c:19:40:
                    3b:5f:0b:20:5f:81:5d:a0:d0:af:71:46:ba:61:4e:
                    8f:18:53:3d:90:2c:3a:41:47:71:29:7d:ee:1f:b4:
                    d8:df:9b:06:2a:95:0a:f4:89:d7:ad:80:6b:13:ad:
                    a4:ce:a4:e5:62:fb:7a:ab:63:5d:52:cb:70:dc:7a:
                    4c:82:19:d9:49:97:c4:46:c1:f2:99:b0:74:ba:d0:
                    9f:2b:43:5f:6a:58:3b:32:5f:9d:7a:c4:80:55:cf:
                    38:fe:ef:ae:ff:01:e8:c3:14:d8:0a:6a:17:1c:a6:
                    09:79:a8:de:b4:2a:4c:9d:ad:a9:8a:23:ae:b9:a4:
                    f0:ed:60:46:9f:1b:6e:e3:41:3d:60:47:0d:d1:5d:
                    5a:c3:8e:a6:f9:73:cc:d6:c6:ed:84:92:58:57:03:
                    e3:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:27:F4:7A:9A:02:EA:64:A8:AF:BB:EF:0D:8B:E9:94:B6:B4:36:80
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/tyf0epoC6mSor7vvDYvplLa0NoA.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:9c:49:4b:a8:6c:ab:97:7d:78:1f:f7:38:b9:1f:87:75:01:
         5e:08:3a:b5:6e:23:6c:69:20:61:88:2a:52:1e:20:34:db:c7:
         e9:a1:36:88:b1:c7:bf:67:62:97:97:5e:52:b9:6a:a1:ab:09:
         02:30:41:ee:f7:79:5a:5f:d6:c2:35:3a:22:fe:98:30:58:70:
         47:d0:5c:c5:e4:9e:df:07:71:30:ee:78:95:97:32:5b:08:f8:
         fd:52:a9:69:eb:a0:d3:29:32:56:5b:61:1c:a8:1f:4c:e0:1f:
         3a:3e:b3:c3:f8:fc:fa:1a:9c:43:12:d9:c0:5c:d4:57:32:10:
         1b:f0:59:cf:e9:f0:be:85:0c:ae:56:c5:19:71:6d:a9:d8:14:
         ab:a8:73:d2:a7:aa:93:f9:04:b1:8f:e7:87:0e:7b:24:52:d0:
         3a:e7:af:8f:35:8d:79:2b:e7:30:53:74:9a:26:21:96:b8:0b:
         1c:62:46:f1:30:60:d2:9f:23:a2:df:68:e4:56:d4:6b:ea:f9:
         92:df:f8:0d:70:95:a3:40:14:dc:f9:6e:3d:2b:77:58:6c:fc:
         49:1a:7d:b2:d4:17:79:5c:69:d7:79:03:d4:0f:d3:0a:01:38:
         57:18:2f:05:6a:30:83:92:e2:02:96:aa:f4:42:75:f2:8a:9d:
         cc:c8:ae:d4
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICQw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAyMTIw
MDMwMDhaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKEI3MjdGNDdBOUEwMkVB
NjRBOEFGQkJFRjBEOEJFOTk0QjZCNDM2ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9/mP0rhwdWT9Tf97ibOBYlV7xFIbL/hBQ0MQVnYQlHkPkHnBT
xvPS/H8i/aigoo+7s8PuwB+BHaQyP7Y3UJwkOKnt2maSB15tqhR6SXkROHmrRZnb
CAmCWopk34rvf/+eaeHEcTwZQDtfCyBfgV2g0K9xRrphTo8YUz2QLDpBR3Epfe4f
tNjfmwYqlQr0idetgGsTraTOpOVi+3qrY11Sy3DcekyCGdlJl8RGwfKZsHS60J8r
Q19qWDsyX516xIBVzzj+767/AejDFNgKahccpgl5qN60KkydramKI665pPDtYEaf
G27jQT1gRw3RXVrDjqb5c8zWxu2EklhXA+OnAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUtyf0epoC6mSor7vvDYvplLa0NoAwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS90eWYwZXBvQzZtU29yN3Z2RFl2cGxMYTBOb0Eucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAswDQYJKoZIhvcNAQELBQADggEB
AAicSUuobKuXfXgf9zi5H4d1AV4IOrVuI2xpIGGIKlIeIDTbx+mhNoixx79nYpeX
XlK5aqGrCQIwQe73eVpf1sI1OiL+mDBYcEfQXMXknt8HcTDueJWXMlsI+P1SqWnr
oNMpMlZbYRyoH0zgHzo+s8P4/PoanEMS2cBc1FcyEBvwWc/p8L6FDK5WxRlxbanY
FKuoc9KnqpP5BLGP54cOeyRS0Drnr481jXkr5zBTdJomIZa4CxxiRvEwYNKfI6Lf
aORW1Gvq+ZLf+A1wlaNAFNz5bj0rd1hs/EkafbLUF3lcadd5A9QP0woBOFcYLwVq
MIOS4gKWqvRCdfKKnczIrtQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org