Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9155A78/531EA1301D8411E289BB24DA08B02CD2/3A86FF323BB911EEAB2AE50FC4F9AE02.roa
File:                     3A86FF323BB911EEAB2AE50FC4F9AE02.roa (raw, json)
Hash identifier:          eoTMCJg82khC1In60GQ8ePZD7RmU6swJLccPSS6O9QA=
Subject key identifier:   83:CB:DE:C5:35:97:14:57:27:DD:E4:60:17:24:7D:73:5F:94:B7:E9
Certificate issuer:       /CN=A9155A78/serialNumber=20F036CD57187CA29A6FAA9A6A228E20960FDE4F
Certificate serial:       3347
Authority key identifier: 20:F0:36:CD:57:18:7C:A2:9A:6F:AA:9A:6A:22:8E:20:96:0F:DE:4F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPA2zVcYfKKab6qaaiKOIJYP3k8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9155A78/531EA1301D8411E289BB24DA08B02CD2/3A86FF323BB911EEAB2AE50FC4F9AE02.roa
Signing time:             Tue 15 Aug 2023 22:15:23 +0000
ROA not before:           Tue 15 Aug 2023 22:15:23 +0000
ROA not after:            Fri 01 Dec 2023 00:00:00 +0000
asID:                     18206
IP address blocks:        124.197.224.0/19 maxlen: 24
                          202.162.0.0/19 maxlen: 24
                          202.165.0.0/19 maxlen: 24
                          203.153.80.0/20 maxlen: 24
                          2404:b8::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13127 (0x3347)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9155A78/serialNumber=20F036CD57187CA29A6FAA9A6A228E20960FDE4F
        Validity
            Not Before: Aug 15 22:15:23 2023 GMT
            Not After : Dec  1 00:00:00 2023 GMT
        Subject: CN=64dbf8fb-5218
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7d:1b:9a:be:b1:a0:2f:c2:0b:87:77:97:db:
                    da:7e:1e:e2:13:eb:c7:58:0b:e6:dc:a6:49:c7:64:
                    bf:91:fe:f6:ec:3b:d9:d6:56:25:0f:ad:b8:b2:17:
                    8f:28:ef:9b:31:ac:75:7a:ae:2f:d3:0e:9e:ec:bd:
                    80:4c:f7:3c:4c:ab:72:5b:7f:59:92:73:df:9c:87:
                    6f:a4:e6:43:90:e8:71:cc:25:80:69:bf:c6:5d:69:
                    ed:8f:46:bb:92:dd:27:cc:64:8c:0f:38:7f:f4:c4:
                    3f:2a:2c:e6:b9:d6:7a:ba:58:57:e2:44:78:9a:91:
                    e4:20:ed:73:be:19:20:d3:bb:4e:9b:2d:bb:65:2b:
                    3b:3f:51:9a:0b:66:91:94:6e:aa:3e:85:d3:e0:b5:
                    dd:aa:74:55:28:d9:6d:64:71:98:dd:00:68:47:6d:
                    4a:40:5c:4f:01:1a:c3:aa:ac:ed:79:86:1f:f8:57:
                    13:bb:a5:b5:44:3e:21:01:35:99:9e:40:78:9f:52:
                    64:c0:3c:ac:20:e5:37:e9:13:74:7e:26:e9:00:05:
                    cb:56:b9:68:7e:6f:26:ad:8f:bd:7c:13:96:11:e8:
                    d1:65:90:fa:7d:5b:18:cb:3c:99:3e:e4:83:58:38:
                    a8:30:81:6c:0d:a7:d0:ff:cc:e8:5a:ce:ef:89:c4:
                    25:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:CB:DE:C5:35:97:14:57:27:DD:E4:60:17:24:7D:73:5F:94:B7:E9
            X509v3 Authority Key Identifier:
                keyid:20:F0:36:CD:57:18:7C:A2:9A:6F:AA:9A:6A:22:8E:20:96:0F:DE:4F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9155A78/531EA1301D8411E289BB24DA08B02CD2/IPA2zVcYfKKab6qaaiKOIJYP3k8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPA2zVcYfKKab6qaaiKOIJYP3k8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155A78/531EA1301D8411E289BB24DA08B02CD2/3A86FF323BB911EEAB2AE50FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  124.197.224.0/19
                  202.162.0.0/19
                  202.165.0.0/19
                  203.153.80.0/20
                IPv6:
                  2404:b8::/32

    Signature Algorithm: sha256WithRSAEncryption
         59:a0:4c:d5:1c:94:f4:08:75:5b:73:c2:80:4f:57:85:2c:7c:
         41:75:af:b9:79:a1:64:85:30:34:71:0c:8a:c7:01:7d:47:27:
         4d:2b:3d:fc:a9:de:af:68:36:3e:3c:44:16:5c:a9:2e:c7:dc:
         8f:32:9f:5c:92:41:88:c4:d4:60:8c:19:88:ac:22:21:f2:33:
         9a:36:07:1e:ca:c6:97:4a:36:50:0d:63:ba:35:16:c6:31:65:
         97:16:a0:9a:5e:8f:81:79:c2:7c:41:e7:2a:41:63:c6:fa:c6:
         af:b3:3b:97:31:84:2a:54:bd:77:75:e8:69:a6:b8:04:d8:e8:
         48:ca:55:03:1e:f7:ef:19:e4:92:ac:a2:06:c2:8b:26:b7:b3:
         32:45:7d:3d:89:b8:80:9b:9b:ab:86:69:9d:c5:4f:1e:2d:1b:
         e1:e3:6f:93:16:68:ea:8d:bb:be:9a:82:7b:57:dd:3e:73:21:
         31:1a:6d:80:98:77:76:d5:7c:30:a5:2f:1c:6d:bb:8a:ea:d3:
         e6:23:0d:9a:9c:75:99:26:54:48:26:9c:bf:cd:1a:2a:a2:aa:
         62:25:61:65:72:0d:76:d4:3d:db:34:a2:48:a3:5c:4d:e9:9e:
         5e:69:82:fc:4a:27:92:e8:26:02:39:d7:df:98:b7:ac:46:96:
         b1:1e:62:d5
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICM0cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTVBNzgxMTAvBgNVBAUTKDIwRjAzNkNENTcxODdDQTI5QTZGQUE5QTZBMjI4RTIw
OTYwRkRFNEYwHhcNMjMwODE1MjIxNTIzWhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRiZjhmYi01MjE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsn0bmr6xoC/CC4d3l9vafh7iE+vHWAvm3KZJx2S/kf727DvZ1lYlD624sheP
KO+bMax1eq4v0w6e7L2ATPc8TKtyW39ZknPfnIdvpOZDkOhxzCWAab/GXWntj0a7
kt0nzGSMDzh/9MQ/KizmudZ6ulhX4kR4mpHkIO1zvhkg07tOmy27ZSs7P1GaC2aR
lG6qPoXT4LXdqnRVKNltZHGY3QBoR21KQFxPARrDqqzteYYf+FcTu6W1RD4hATWZ
nkB4n1JkwDysIOU36RN0fibpAAXLVrlofm8mrY+9fBOWEejRZZD6fVsYyzyZPuSD
WDioMIFsDafQ/8zoWs7vicQldwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFIPL3sU1
lxRXJ93kYBckfXNflLfpMB8GA1UdIwQYMBaAFCDwNs1XGHyimm+qmmoijiCWD95P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NUE3OC81MzFFQTEzMDFE
ODQxMUUyODlCQjI0REEwOEIwMkNEMi9JUEEyelZjWWZLS2FiNnFhYWlLT0lKWVAz
azguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lQQTJ6VmNZZktLYWI2cWFhaUtPSUpZUDNrOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTVBNzgvNTMxRUExMzAxRDg0MTFFMjg5QkIyNERBMDhCMDJDRDIvM0E4NkZGMzIz
QkI5MTFFRUFCMkFFNTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAV8xeADBAXKogADBAXKpQADBATLmVAwDQQCAAIwBwMFACQE
ALgwDQYJKoZIhvcNAQELBQADggEBAFmgTNUclPQIdVtzwoBPV4UsfEF1r7l5oWSF
MDRxDIrHAX1HJ00rPfyp3q9oNj48RBZcqS7H3I8yn1ySQYjE1GCMGYisIiHyM5o2
Bx7KxpdKNlANY7o1FsYxZZcWoJpej4F5wnxB5ypBY8b6xq+zO5cxhCpUvXd16Gmm
uATY6EjKVQMe9+8Z5JKsogbCiya3szJFfT2JuICbm6uGaZ3FTx4tG+Hjb5MWaOqN
u76agntX3T5zITEabYCYd3bVfDClLxxtu4rq0+YjDZqcdZkmVEgmnL/NGiqiqmIl
YWVyDXbUPds0okijXE3pnl5pgvxKJ5LoJgI519+Yt6xGlrEeYtU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:07 2024 by rpki-client on console-fra.rpki-client.org