Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9150E4D/49715B7A337E11EEA310AF83C4F9AE02/E82BA4F4812711EEA110346EC4F9AE02.roa
File:                     E82BA4F4812711EEA110346EC4F9AE02.roa (raw, json)
Hash identifier:          T+hlDrINQPkSf/VLeIqt3YRBt24dh3Yv9o5XZ+kv65o=
Subject key identifier:   34:CB:07:4E:23:F8:82:FE:35:DD:99:5E:B6:42:FD:44:8F:61:A0:16
Certificate issuer:       /CN=A9150E4D/serialNumber=C08C543BC8CA91962166AF12730CEE4BE5B2B6FD
Certificate serial:       43
Authority key identifier: C0:8C:54:3B:C8:CA:91:96:21:66:AF:12:73:0C:EE:4B:E5:B2:B6:FD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wIxUO8jKkZYhZq8ScwzuS-Wytv0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9150E4D/49715B7A337E11EEA310AF83C4F9AE02/E82BA4F4812711EEA110346EC4F9AE02.roa
Signing time:             Sun 12 Nov 2023 06:51:29 +0000
ROA not before:           Sun 12 Nov 2023 06:51:29 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     147020
IP address blocks:        103.248.50.0/23 maxlen: 24
                          2401:2060:2000::/36 maxlen: 36
                          2401:2060:2000::/40 maxlen: 40
                          2401:2060:2100::/40 maxlen: 40
                          2401:2060:2200::/40 maxlen: 40
                          2401:2060:2300::/40 maxlen: 40
                          2401:2060:2400::/40 maxlen: 40
                          2401:2060:2500::/40 maxlen: 40
                          2401:2060:2600::/40 maxlen: 40
                          2401:2060:2700::/40 maxlen: 40
                          2401:2060:2800::/40 maxlen: 40
                          2401:2060:2900::/40 maxlen: 40
                          2401:2060:2a00::/40 maxlen: 40
                          2401:2060:2b00::/40 maxlen: 40
                          2401:2060:2c00::/40 maxlen: 40
                          2401:2060:2d00::/40 maxlen: 40
                          2401:2060:2e00::/40 maxlen: 40
                          2401:2060:2f00::/40 maxlen: 40

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67 (0x43)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9150E4D/serialNumber=C08C543BC8CA91962166AF12730CEE4BE5B2B6FD
        Validity
            Not Before: Nov 12 06:51:29 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=655075f1-3e23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b6:9f:c6:56:4d:1f:63:1b:37:e6:42:d5:ac:
                    77:d5:40:b0:6d:d0:b0:cb:11:01:90:be:85:c8:98:
                    4e:4d:75:52:70:ba:fa:b5:79:f9:eb:00:cc:9b:b9:
                    75:26:09:b0:3c:de:3b:12:58:ff:a7:c0:92:5a:a7:
                    6f:81:6a:9b:8d:c6:98:c2:26:fc:30:92:ec:8a:d3:
                    2a:2e:a0:c3:0e:ab:25:2c:0d:e8:64:13:f1:16:bc:
                    0b:fc:5e:67:55:50:4c:e1:f6:b9:d2:da:46:8a:15:
                    8e:30:66:89:38:36:a9:a8:80:53:74:35:8d:03:5c:
                    b5:b0:a3:60:43:57:18:45:90:67:ad:49:63:84:39:
                    8e:6c:74:5e:0d:d8:2d:60:6c:72:93:6e:7b:31:1f:
                    3f:7c:38:30:b0:de:32:61:2a:d3:d0:77:96:12:59:
                    df:21:b2:e6:ee:6e:f6:27:47:2e:94:85:6a:ac:68:
                    33:c4:7b:72:41:e6:87:e0:c2:2c:45:6e:e1:09:ea:
                    e6:a6:37:31:5e:de:4d:3a:45:24:02:7e:6f:38:3e:
                    57:e1:6a:95:40:ef:94:cd:f5:e1:54:cd:0b:cc:f6:
                    dd:98:e1:5a:e9:77:34:75:63:8f:3a:9d:a9:47:e9:
                    88:88:76:e5:70:48:57:b3:c3:4b:32:f8:98:7a:2b:
                    0e:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:CB:07:4E:23:F8:82:FE:35:DD:99:5E:B6:42:FD:44:8F:61:A0:16
            X509v3 Authority Key Identifier:
                keyid:C0:8C:54:3B:C8:CA:91:96:21:66:AF:12:73:0C:EE:4B:E5:B2:B6:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9150E4D/49715B7A337E11EEA310AF83C4F9AE02/wIxUO8jKkZYhZq8ScwzuS-Wytv0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wIxUO8jKkZYhZq8ScwzuS-Wytv0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150E4D/49715B7A337E11EEA310AF83C4F9AE02/E82BA4F4812711EEA110346EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.248.50.0/23
                IPv6:
                  2401:2060:2000::/36

    Signature Algorithm: sha256WithRSAEncryption
         b4:4a:d1:2d:6c:e9:fb:f7:33:44:08:3b:e6:09:d8:03:95:8b:
         d1:5c:48:8c:95:84:cc:ae:06:c8:cf:41:11:b1:2a:b0:f6:47:
         bc:c6:e0:1e:b0:b9:ad:0e:1d:52:83:4f:de:47:31:31:16:34:
         69:5a:7a:06:30:94:d9:dd:a9:01:2c:bb:a4:b7:a7:4e:7b:07:
         7e:b4:10:c7:e0:33:89:a4:82:15:64:7f:c9:01:e7:ef:2d:6e:
         96:ad:6a:13:da:5e:3c:f6:77:81:53:33:75:f1:17:98:fe:3d:
         6d:29:d0:c3:a4:03:7f:d2:09:af:98:de:33:e7:6d:b0:20:d2:
         fb:24:3d:c8:2c:d9:35:68:36:36:c4:80:37:2a:61:60:1d:97:
         78:7d:79:af:5c:09:6c:67:0f:e6:5d:c0:b4:fd:29:10:6c:86:
         d9:01:ee:27:2c:3c:7c:4a:81:cb:bc:68:9d:9f:a8:5f:cf:df:
         ae:31:7b:be:35:e9:94:cc:a9:cb:5c:48:56:2c:15:52:5d:11:
         e6:03:8c:cb:58:43:7c:03:45:7d:f9:de:4a:5b:92:4e:71:49:
         23:47:36:0f:b2:52:8f:a9:4e:1d:ad:5b:49:f4:c5:84:04:54:
         55:b5:27:0a:3e:14:c6:b7:7f:81:2a:7d:96:eb:f7:bc:d9:45:
         ca:95:61:da
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
MEU0RDExMC8GA1UEBRMoQzA4QzU0M0JDOENBOTE5NjIxNjZBRjEyNzMwQ0VFNEJF
NUIyQjZGRDAeFw0yMzExMTIwNjUxMjlaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NTA3NWYxLTNlMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqtp/GVk0fYxs35kLVrHfVQLBt0LDLEQGQvoXImE5NdVJwuvq1efnrAMybuXUm
CbA83jsSWP+nwJJap2+BapuNxpjCJvwwkuyK0youoMMOqyUsDehkE/EWvAv8XmdV
UEzh9rnS2kaKFY4wZok4NqmogFN0NY0DXLWwo2BDVxhFkGetSWOEOY5sdF4N2C1g
bHKTbnsxHz98ODCw3jJhKtPQd5YSWd8hsububvYnRy6UhWqsaDPEe3JB5ofgwixF
buEJ6uamNzFe3k06RSQCfm84PlfhapVA75TN9eFUzQvM9t2Y4VrpdzR1Y486nalH
6YiIduVwSFezw0sy+Jh6Kw5dAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNMsHTiP4
gv413ZletkL9RI9hoBYwHwYDVR0jBBgwFoAUwIxUO8jKkZYhZq8ScwzuS+Wytv0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUwRTRELzQ5NzE1QjdBMzM3
RTExRUVBMzEwQUY4M0M0RjlBRTAyL3dJeFVPOGpLa1pZaFpxOFNjd3p1Uy1XeXR2
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvd0l4VU84aktrWlloWnE4U2N3enVTLVd5dHYwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MEU0RC80OTcxNUI3QTMzN0UxMUVFQTMxMEFGODNDNEY5QUUwMi9FODJCQTRGNDgx
MjcxMUVFQTExMDM0NkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAvBggrBgEFBQcBBwEB/wQg
MB4wDAQCAAEwBgMEAWf4MjAOBAIAAjAIAwYEJAEgYCAwDQYJKoZIhvcNAQELBQAD
ggEBALRK0S1s6fv3M0QIO+YJ2AOVi9FcSIyVhMyuBsjPQRGxKrD2R7zG4B6wua0O
HVKDT95HMTEWNGlaegYwlNndqQEsu6S3p057B360EMfgM4mkghVkf8kB5+8tbpat
ahPaXjz2d4FTM3XxF5j+PW0p0MOkA3/SCa+Y3jPnbbAg0vskPcgs2TVoNjbEgDcq
YWAdl3h9ea9cCWxnD+ZdwLT9KRBshtkB7icsPHxKgcu8aJ2fqF/P364xe7416ZTM
qctcSFYsFVJdEeYDjMtYQ3wDRX353kpbkk5xSSNHNg+yUo+pTh2tW0n0xYQEVFW1
Jwo+FMa3f4EqfZbr97zZRcqVYdo=
-----END CERTIFICATE-----