Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/ovsCA/zKMqnoy8YH0htkVuZbpU3lFjJNk.roa
File:                     zKMqnoy8YH0htkVuZbpU3lFjJNk.roa (raw, json)
Hash identifier:          KH8GL+DsM6ExA+MP1G6Ip0FP5M4Y3wca7hWzLS+n5yU=
Subject key identifier:   CC:A3:2A:9E:8C:BC:60:7D:21:B6:45:6E:65:BA:54:DE:51:63:24:D9
Certificate issuer:       /CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
Certificate serial:       4550
Authority key identifier: 58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1
Authority info access:    rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zKMqnoy8YH0htkVuZbpU3lFjJNk.roa
Signing time:             Sat 26 Mar 2022 00:30:09 +0000
ROA not before:           Sat 26 Mar 2022 00:30:09 +0000
ROA not after:            Sun 01 Jan 2023 01:01:02 +0000
asID:                     47065
IP address blocks:        147.28.3.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17744 (0x4550)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C7F79267AF74BA7D2FCC2562652C35B5E13EB1
        Validity
            Not Before: Mar 26 00:30:09 2022 GMT
            Not After : Jan  1 01:01:02 2023 GMT
        Subject: CN=CCA32A9E8CBC607D21B6456E65BA54DE516324D9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:5e:64:09:02:44:a6:ea:7d:09:d9:93:16:e7:
                    16:de:a9:98:19:ee:44:b9:d9:a2:40:48:9e:60:79:
                    2a:7b:29:d3:f1:05:3d:f9:0c:00:b3:a4:28:07:d4:
                    0d:5d:f6:a1:5a:c5:71:06:f9:b6:b5:2e:7c:85:dc:
                    bc:34:94:64:9f:72:f5:65:11:50:7a:0a:77:ad:5b:
                    44:cc:e4:6f:ef:f4:48:34:73:58:c6:f6:8f:9c:2c:
                    54:bc:0c:4b:de:b3:8e:52:32:18:a1:50:c9:65:97:
                    fb:76:d1:7f:34:ff:e7:f1:9f:75:84:be:5a:bb:cc:
                    ca:c4:0d:16:b7:14:c9:b0:2e:7c:a6:63:b8:19:8b:
                    d3:c5:8d:20:23:ea:27:64:34:7c:15:7d:92:76:14:
                    c5:da:60:d5:b1:ec:03:dd:15:7b:e5:3b:7e:d1:5b:
                    3a:b9:f3:98:86:bf:99:de:9a:19:90:35:3f:59:29:
                    37:c5:6e:de:3b:e4:fe:2b:0e:13:c3:17:5a:37:2d:
                    ef:93:56:1d:be:09:6a:6e:93:e1:55:2e:a6:9e:4e:
                    99:48:7f:8b:28:ba:cc:e8:78:50:08:1a:c6:29:11:
                    c1:72:31:9b:d8:3b:8e:d3:c2:12:63:0f:96:dd:f9:
                    95:2c:c0:9b:e1:48:94:e3:d9:b3:12:79:31:71:11:
                    3d:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:A3:2A:9E:8C:BC:60:7D:21:B6:45:6E:65:BA:54:DE:51:63:24:D9
            X509v3 Authority Key Identifier:
                keyid:58:C7:F7:92:67:AF:74:BA:7D:2F:CC:25:62:65:2C:35:B5:E1:3E:B1

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/WMf3kmevdLp9L8wlYmUsNbXhPrE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://ca.rg.net/rpki/RGnet-OU/WMf3kmevdLp9L8wlYmUsNbXhPrE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/ovsCA/zKMqnoy8YH0htkVuZbpU3lFjJNk.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:eb:28:cf:a0:dd:d5:5d:40:ae:2a:56:e4:fc:8e:47:8b:61:
         e5:42:a5:fd:76:9c:33:a5:0a:aa:bd:40:ad:cf:f8:f4:12:f1:
         07:a9:26:b4:54:6b:d8:f1:ad:7b:a8:59:9b:bf:18:3a:99:d3:
         45:e3:f6:37:2f:94:28:85:aa:33:a3:c0:02:a8:e0:ef:67:81:
         5c:cc:fd:e1:71:30:3d:78:ce:c5:46:f0:90:4d:e3:6a:a3:34:
         de:bf:fc:38:8f:f9:58:5a:82:93:0b:b3:c9:45:85:bb:39:dc:
         c8:9d:d1:db:62:e1:dd:94:e6:48:c7:01:dd:fb:51:df:73:e9:
         79:01:90:e6:f8:df:3d:50:94:c1:9b:11:89:49:63:80:0a:4d:
         00:61:a6:d2:6b:0f:cd:bf:bf:5f:6c:f1:78:5e:0b:24:08:94:
         3e:87:0c:a6:25:4a:85:83:ea:41:f8:03:cc:c4:e6:bb:2e:5d:
         da:45:af:84:57:82:45:32:e6:e1:73:48:4e:62:8c:f7:3f:c0:
         7a:2e:a5:49:ec:ce:21:6b:8a:4c:72:e7:6a:af:81:8d:11:d2:
         8a:27:14:fb:b3:d9:67:18:4e:8f:c3:5c:ee:c4:72:67:29:6a:
         ce:b5:7f:44:0a:43:7d:8f:9b:f3:d0:6a:52:aa:4a:30:43:5d:
         78:df:db:7f
-----BEGIN CERTIFICATE-----
MIIEvTCCA6WgAwIBAgICRVAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNThD
N0Y3OTI2N0FGNzRCQTdEMkZDQzI1NjI2NTJDMzVCNUUxM0VCMTAeFw0yMjAzMjYw
MDMwMDlaFw0yMzAxMDEwMTAxMDJaMDMxMTAvBgNVBAMTKENDQTMyQTlFOENCQzYw
N0QyMUI2NDU2RTY1QkE1NERFNTE2MzI0RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMXmQJAkSm6n0J2ZMW5xbeqZgZ7kS52aJASJ5geSp7KdPxBT35
DACzpCgH1A1d9qFaxXEG+ba1LnyF3Lw0lGSfcvVlEVB6CnetW0TM5G/v9Eg0c1jG
9o+cLFS8DEves45SMhihUMlll/t20X80/+fxn3WEvlq7zMrEDRa3FMmwLnymY7gZ
i9PFjSAj6idkNHwVfZJ2FMXaYNWx7APdFXvlO37RWzq585iGv5nemhmQNT9ZKTfF
bt475P4rDhPDF1o3Le+TVh2+CWpuk+FVLqaeTplIf4souszoeFAIGsYpEcFyMZvY
O47TwhJjD5bd+ZUswJvhSJTj2bMSeTFxET0dAgMBAAGjggHZMIIB1TAdBgNVHQ4E
FgQUzKMqnoy8YH0htkVuZbpU3lFjJNkwHwYDVR0jBBgwFoAUWMf3kmevdLp9L8wl
YmUsNbXhPrEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBWBgNVHR8ETzBNMEug
SaBHhkVyc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL292c0NBL1dNZjNr
bWV2ZExwOUw4d2xZbVVzTmJYaFByRS5jcmwwWwYIKwYBBQUHAQEETzBNMEsGCCsG
AQUFBzAChj9yc3luYzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VL1dNZjNrbWV2
ZExwOUw4d2xZbVVzTmJYaFByRS5jZXIwDgYDVR0PAQH/BAQDAgeAMIGSBggrBgEF
BQcBCwSBhTCBgjBRBggrBgEFBQcwC4ZFcnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9S
R25ldC1PVS9vdnNDQS96S01xbm95OFlIMGh0a1Z1WmJwVTNsRmpKTmsucm9hMC0G
CCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTHAMwDQYJKoZIhvcNAQELBQADggEB
AD3rKM+g3dVdQK4qVuT8jkeLYeVCpf12nDOlCqq9QK3P+PQS8QepJrRUa9jxrXuo
WZu/GDqZ00Xj9jcvlCiFqjOjwAKo4O9ngVzM/eFxMD14zsVG8JBN42qjNN6//DiP
+VhagpMLs8lFhbs53Mid0dti4d2U5kjHAd37Ud9z6XkBkOb43z1QlMGbEYlJY4AK
TQBhptJrD82/v19s8XheCyQIlD6HDKYlSoWD6kH4A8zE5rsuXdpFr4RXgkUy5uFz
SE5ijPc/wHoupUnsziFrikxy52qvgY0R0oonFPuz2WcYTo/DXO7Ecmcpas61f0QK
Q32Pm/PQalKqSjBDXXjf238=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:54 2024 by rpki-client on console-fra.rpki-client.org