Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/F7422058327711EDA26C6B10C4F9AE02.roa
File:                     F7422058327711EDA26C6B10C4F9AE02.roa (raw, json)
Hash identifier:          155EB36iFtvSAJHfXzfPdcnSpZPpJsqiMNteUMndb5Y=
Subject key identifier:   4B:89:0B:0A:AE:D6:4A:2F:F1:B4:AD:6E:26:1D:66:88:B5:44:9E:89
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       46EE
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/F7422058327711EDA26C6B10C4F9AE02.roa
Signing time:             Mon 23 Sep 2024 09:25:34 +0000
ROA not before:           Mon 23 Sep 2024 09:25:34 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     63760
IP address blocks:        103.110.84.0/22 maxlen: 22
                          103.221.220.0/22 maxlen: 22
                          116.118.48.0/22 maxlen: 24
                          116.118.84.0/22 maxlen: 24
                          2401:75e0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18158 (0x46ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A
        Validity
            Not Before: Sep 23 09:25:34 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=66f1340e-6261
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:ea:e2:58:50:a7:74:eb:69:e1:44:6e:f4:79:
                    51:a2:0b:d4:8a:4d:71:b6:84:e2:40:74:95:75:13:
                    de:ad:20:62:8f:e0:56:36:97:2f:3d:15:0e:9c:50:
                    4f:45:1d:2e:c2:c4:a2:13:4c:ba:e4:fb:ae:be:86:
                    f3:ee:a4:d5:9a:37:90:f0:e4:cf:f3:13:22:9d:51:
                    6f:74:59:3c:3e:5b:8f:60:6b:0f:66:f2:74:04:bc:
                    d4:42:ab:07:97:ca:af:c3:05:6a:91:70:91:f8:d1:
                    e2:49:62:59:23:18:62:88:c4:73:66:a5:f7:da:11:
                    fb:ba:cd:1d:a9:cb:d9:38:a8:af:9a:9d:ad:f5:39:
                    4d:ba:01:17:42:c3:d5:9b:50:8c:3f:ee:74:b5:67:
                    2c:9a:18:37:03:17:95:f5:dd:2b:cf:06:cc:5d:2d:
                    ea:68:d7:c7:ef:e6:2d:e9:59:20:5a:d1:db:48:fc:
                    06:5f:4d:be:28:9f:bc:b2:65:33:51:c9:0b:17:a3:
                    f0:55:b4:60:61:09:3b:33:7f:8a:e2:8b:a1:75:99:
                    65:18:e3:26:3a:c3:66:14:8e:e4:e2:af:73:d0:7f:
                    cb:d6:04:aa:3e:db:be:43:17:f7:9a:3d:d8:21:2c:
                    d4:b1:80:bf:cb:2b:51:cc:b6:f7:fe:bc:87:d4:a2:
                    fb:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:89:0B:0A:AE:D6:4A:2F:F1:B4:AD:6E:26:1D:66:88:B5:44:9E:89
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/F7422058327711EDA26C6B10C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.110.84.0/22
                  103.221.220.0/22
                  116.118.48.0/22
                  116.118.84.0/22
                IPv6:
                  2401:75e0::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:39:1d:05:a0:83:46:a3:47:90:92:49:48:0d:80:27:20:9e:
         db:ea:51:ee:2b:23:5a:a1:e9:e8:17:6f:9b:97:fb:78:0e:2d:
         8f:04:a4:77:bc:dd:77:13:b7:8f:18:62:cc:7a:cf:b8:08:ce:
         29:47:dd:6a:77:52:c6:cf:85:f6:63:8c:c9:60:5c:c7:c9:23:
         8e:d4:8b:c2:94:78:24:98:10:40:2d:37:f6:c9:84:5a:69:bc:
         b2:d2:08:73:ac:53:c2:38:65:d1:2f:79:96:ca:bb:19:18:40:
         04:17:e5:31:42:2c:db:8b:09:79:22:3d:d5:6e:e9:84:4d:b9:
         b4:23:62:2b:ba:38:46:20:24:4a:17:da:a6:15:06:9a:03:66:
         74:4f:44:af:b7:bc:a6:0d:3d:d6:62:b0:d9:35:2c:4d:aa:10:
         5f:99:57:3e:1a:2d:b1:62:49:f6:01:80:34:89:32:bb:1c:13:
         c4:ce:d8:1c:3b:34:e3:19:c7:1c:b2:af:ff:e2:fd:9a:ec:3b:
         82:b4:38:13:3e:34:39:2e:ae:97:f6:86:19:47:20:a3:d7:64:
         01:af:78:93:2d:a9:09:e6:74:a1:42:7e:2d:94:14:ee:f8:35:
         eb:be:b9:60:1c:e1:7b:9a:38:ac:80:56:6d:f2:81:67:8e:6e:
         12:a9:e2:ba
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICRu4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTIzMDkyNTM0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYxMzQwZS02MjYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4+riWFCndOtp4URu9HlRogvUik1xtoTiQHSVdRPerSBij+BWNpcvPRUOnFBP
RR0uwsSiE0y65Puuvobz7qTVmjeQ8OTP8xMinVFvdFk8PluPYGsPZvJ0BLzUQqsH
l8qvwwVqkXCR+NHiSWJZIxhiiMRzZqX32hH7us0dqcvZOKivmp2t9TlNugEXQsPV
m1CMP+50tWcsmhg3AxeV9d0rzwbMXS3qaNfH7+Yt6VkgWtHbSPwGX02+KJ+8smUz
UckLF6PwVbRgYQk7M3+K4ouhdZllGOMmOsNmFI7k4q9z0H/L1gSqPtu+Qxf3mj3Y
ISzUsYC/yytRzLb3/ryH1KL70QIDAQABo4ICuDCCArQwHQYDVR0OBBYEFEuJCwqu
1kov8bStbiYdZoi1RJ6JMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRjc0MjIwNTgz
Mjc3MTFFREEyNkM2QjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMB4EAgABMBgDBAJnblQDBAJn3dwDBAJ0djADBAJ0dlQwDwQCAAIwCQMHACQB
deAAADANBgkqhkiG9w0BAQsFAAOCAQEAQDkdBaCDRqNHkJJJSA2AJyCe2+pR7isj
WqHp6Bdvm5f7eA4tjwSkd7zddxO3jxhizHrPuAjOKUfdandSxs+F9mOMyWBcx8kj
jtSLwpR4JJgQQC039smEWmm8stIIc6xTwjhl0S95lsq7GRhABBflMUIs24sJeSI9
1W7phE25tCNiK7o4RiAkShfaphUGmgNmdE9Er7e8pg091mKw2TUsTaoQX5lXPhot
sWJJ9gGANIkyuxwTxM7YHDs04xnHHLKv/+L9muw7grQ4Ez40OS6ul/aGGUcgo9dk
Aa94ky2pCeZ0oUJ+LZQU7vg16765YBzhe5o4rIBWbfKBZ45uEqniug==
-----END CERTIFICATE-----