Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/78EE5774A73611ED85D58D3CC4F9AE02.roa
File:                     78EE5774A73611ED85D58D3CC4F9AE02.roa (raw, json)
Hash identifier:          DngsNGlZ28Gei8Uw73icXdr+3T0SH9lx06nfZA1UtWA=
Subject key identifier:   D6:A6:0A:F9:9D:03:D6:A3:DF:75:5C:6D:6A:DC:B2:B5:44:3B:07:68
Certificate issuer:       /CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Certificate serial:       0BC8
Authority key identifier: E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/78EE5774A73611ED85D58D3CC4F9AE02.roa
Signing time:             Tue 07 Feb 2023 22:26:32 +0000
ROA not before:           Tue 07 Feb 2023 22:26:32 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     9790
IP address blocks:        60.234.0.0/16 maxlen: 20
                          101.98.0.0/16 maxlen: 16
                          110.44.16.0/22 maxlen: 24
                          119.224.0.0/17 maxlen: 20
                          119.224.128.0/20 maxlen: 20
                          121.98.0.0/15 maxlen: 20
                          124.197.0.0/18 maxlen: 20
                          202.49.244.0/22 maxlen: 24
                          202.53.176.0/20 maxlen: 20
                          202.89.128.0/19 maxlen: 20
                          202.150.96.0/20 maxlen: 20
                          202.150.112.0/20 maxlen: 20
                          202.180.64.0/18 maxlen: 20
                          202.189.160.0/20 maxlen: 20
                          202.191.32.0/20 maxlen: 20
                          203.100.208.0/20 maxlen: 20
                          203.160.112.0/20 maxlen: 20
                          203.184.0.0/18 maxlen: 20
                          2400:4800::/32 maxlen: 32
                          2402:6000::/32 maxlen: 32
                          2402:8200::/32 maxlen: 32
                          2404:4400::/28 maxlen: 36

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3016 (0xbc8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
        Validity
            Not Before: Feb  7 22:26:32 2023 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=63e2d018-e168
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:5d:7d:aa:c9:69:a3:0f:5d:d4:db:a4:03:60:
                    58:0a:2d:6b:55:05:90:4c:f6:f7:6a:36:11:1d:21:
                    17:ea:41:aa:82:01:e7:8a:fc:b1:7c:42:c4:e9:eb:
                    e9:6a:6e:08:89:7d:9c:c8:64:09:90:88:22:ff:ff:
                    aa:b7:43:11:6c:3c:7b:c5:d5:1f:20:fe:ad:48:aa:
                    ed:cf:5e:3c:23:eb:33:1c:88:07:9f:5e:b3:9d:f5:
                    46:42:91:e6:d4:36:82:55:bf:76:08:c5:f1:1e:68:
                    e9:f4:83:92:0d:85:eb:56:5b:39:30:1b:66:34:21:
                    82:7d:40:55:a3:87:04:84:b3:04:54:75:b3:86:9f:
                    fa:1a:db:3c:4d:66:3a:f9:06:e9:45:7b:41:7d:01:
                    a2:d5:88:a5:ba:70:6b:2b:bd:c5:fa:f5:6f:33:aa:
                    5d:d1:2a:fd:f6:41:92:a4:90:f2:3d:8b:c2:ac:e9:
                    09:94:72:d6:2e:91:e4:62:27:6b:77:36:3a:7e:c8:
                    7d:66:5a:de:cb:e1:13:0e:f6:a6:95:d7:d6:e1:e1:
                    e6:b3:aa:86:48:6d:de:b9:48:74:a4:3a:3f:d6:9d:
                    14:ce:61:31:57:50:76:bd:76:07:f8:45:b6:63:50:
                    1b:33:eb:d8:ff:94:c1:1c:12:72:0b:35:30:a0:58:
                    e0:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:A6:0A:F9:9D:03:D6:A3:DF:75:5C:6D:6A:DC:B2:B5:44:3B:07:68
            X509v3 Authority Key Identifier:
                keyid:E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/4R_pNwBqJdfGBaXkO0krKGxkmYw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/78EE5774A73611ED85D58D3CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  60.234.0.0/16
                  101.98.0.0/16
                  110.44.16.0/22
                  119.224.0.0-119.224.143.255
                  121.98.0.0/15
                  124.197.0.0/18
                  202.49.244.0/22
                  202.53.176.0/20
                  202.89.128.0/19
                  202.150.96.0/19
                  202.180.64.0/18
                  202.189.160.0/20
                  202.191.32.0/20
                  203.100.208.0/20
                  203.160.112.0/20
                  203.184.0.0/18
                IPv6:
                  2400:4800::/32
                  2402:6000::/32
                  2402:8200::/32
                  2404:4400::/28

    Signature Algorithm: sha256WithRSAEncryption
         01:b0:9a:8f:e1:aa:09:88:34:cb:df:97:fa:01:b3:88:4d:71:
         1f:86:2c:b7:1c:f9:72:fa:17:f7:ac:ce:92:1f:e6:a8:65:2c:
         b5:fa:49:52:80:e8:1d:87:f8:5e:a9:3e:a7:07:8f:6d:09:e4:
         90:db:a6:c1:0b:90:f9:41:55:a2:99:6a:66:43:13:00:99:a3:
         66:c8:33:f4:bc:c5:0d:d0:4e:a8:b4:e2:3a:b9:d7:75:99:94:
         e4:52:48:f4:a3:5f:39:e1:0c:f8:4d:25:01:87:b8:73:4c:98:
         eb:2a:e2:89:c4:1c:4f:fc:4b:3a:96:86:05:0c:7a:b1:8d:1c:
         fd:dc:d5:3a:95:af:6e:85:d9:1c:98:96:2d:63:07:c3:20:cb:
         a7:e3:e9:4a:09:16:c5:4b:47:1f:b6:72:73:1d:6d:da:8c:cb:
         1c:18:c0:fa:ad:96:d4:fa:fa:5a:ae:33:e6:e0:05:88:52:9c:
         87:f5:2b:e3:fb:5b:28:4d:2c:ba:ba:dc:57:10:e4:b4:f4:9c:
         84:1a:65:09:7a:e1:e1:91:3f:69:70:74:46:c1:bc:3d:9a:20:
         aa:58:b3:16:b4:3f:7a:96:6f:90:f5:88:e4:82:3e:02:af:ca:
         7d:1e:43:ff:49:2d:a2:a9:d7:7b:ce:4c:76:b7:33:47:49:5c:
         1e:4f:7a:46
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgICC8gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUUwQzQxMTAvBgNVBAUTKEUxMUZFOTM3MDA2QTI1RDdDNjA1QTVFNDNCNDkyQjI4
NkM2NDk5OEMwHhcNMjMwMjA3MjIyNjMyWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2UyZDAxOC1lMTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8F19qslpow9d1NukA2BYCi1rVQWQTPb3ajYRHSEX6kGqggHnivyxfELE6evp
am4IiX2cyGQJkIgi//+qt0MRbDx7xdUfIP6tSKrtz148I+szHIgHn16znfVGQpHm
1DaCVb92CMXxHmjp9IOSDYXrVls5MBtmNCGCfUBVo4cEhLMEVHWzhp/6Gts8TWY6
+QbpRXtBfQGi1YilunBrK73F+vVvM6pd0Sr99kGSpJDyPYvCrOkJlHLWLpHkYidr
dzY6fsh9Zlrey+ETDvamldfW4eHms6qGSG3euUh0pDo/1p0UzmExV1B2vXYH+EW2
Y1AbM+vY/5TBHBJyCzUwoFjgtQIDAQABo4IDGjCCAxYwHQYDVR0OBBYEFNamCvmd
A9aj33VcbWrcsrVEOwdoMB8GA1UdIwQYMBaAFOEf6TcAaiXXxgWl5DtJKyhsZJmM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTBDNC82QTlFM0JEOEYx
NDcxMUU5OUE5QUI3MTJDNEY5QUUwMi80Ul9wTndCcUpkZkdCYVhrTzBrcktHeGtt
WXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRSX3BOd0JxSmRmR0JhWGtPMGtyS0d4a21Zdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUUwQzQvNkE5RTNCRDhGMTQ3MTFFOTlBOUFCNzEyQzRGOUFFMDIvNzhFRTU3NzRB
NzM2MTFFRDg1RDU4RDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaMGCCsGAQUFBwEHAQH/
BIGTMIGQMGoEAgABMGQDAwA86gMDAGViAwQCbiwQMAsDAwV34AMEBHfggAMDAXli
AwQGfMUAAwQCyjH0AwQEyjWwAwQFylmAAwQFypZgAwQGyrRAAwQEyr2gAwQEyr8g
AwQEy2TQAwQEy6BwAwQGy7gAMCIEAgACMBwDBQAkAEgAAwUAJAJgAAMFACQCggAD
BQQkBEQAMA0GCSqGSIb3DQEBCwUAA4IBAQABsJqP4aoJiDTL35f6AbOITXEfhiy3
HPly+hf3rM6SH+aoZSy1+klSgOgdh/heqT6nB49tCeSQ26bBC5D5QVWimWpmQxMA
maNmyDP0vMUN0E6otOI6udd1mZTkUkj0o1854Qz4TSUBh7hzTJjrKuKJxBxP/Es6
loYFDHqxjRz93NU6la9uhdkcmJYtYwfDIMun4+lKCRbFS0cftnJzHW3ajMscGMD6
rZbU+vparjPm4AWIUpyH9Svj+1soTSy6utxXEOS09JyEGmUJeuHhkT9pcHRGwbw9
miCqWLMWtD96lm+Q9Yjkgj4Cr8p9HkP/SS2iqdd7zkx2tzNHSVweT3pG
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org