Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/351208BEF14F11EB81CD331CC4F9AE02.roa
File:                     351208BEF14F11EB81CD331CC4F9AE02.roa (raw, json)
Hash identifier:          K4rDuCB816HgPz3Tuw90Q/w5yMXJ7QET6q8+glykZPU=
Subject key identifier:   B3:91:FD:A2:E5:B9:2C:B4:5A:0E:5C:1B:C2:0E:D2:9B:B0:C9:13:AF
Certificate issuer:       /CN=A9111590/serialNumber=50229DE035B72572F4E0027472EB6826FDFE94AE
Certificate serial:       034D
Authority key identifier: 50:22:9D:E0:35:B7:25:72:F4:E0:02:74:72:EB:68:26:FD:FE:94:AE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCKd4DW3JXL04AJ0cutoJv3-lK4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/351208BEF14F11EB81CD331CC4F9AE02.roa
Signing time:             Wed 02 Mar 2022 13:50:53 +0000
ROA not before:           Wed 02 Mar 2022 13:50:53 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     206804
IP address blocks:        27.0.233.0/24 maxlen: 24
                          103.208.84.0/24 maxlen: 24
                          103.230.142.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 845 (0x34d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9111590/serialNumber=50229DE035B72572F4E0027472EB6826FDFE94AE
        Validity
            Not Before: Mar  2 13:50:53 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=621f763d-8b5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:b4:0f:b9:76:0a:91:37:e0:22:3f:84:5e:5e:
                    ac:2c:e3:8e:f8:12:3b:de:3f:3b:8c:08:93:b2:c8:
                    5e:01:62:f0:f6:b3:41:76:7f:23:0b:bb:bf:87:40:
                    c3:b5:7e:65:76:9c:73:2d:94:9f:ac:7e:56:86:42:
                    7b:d8:15:80:16:5c:e6:95:ef:45:47:51:89:aa:ab:
                    6f:55:26:64:8b:69:9e:04:9a:53:00:4c:b3:af:55:
                    fa:e8:fd:79:8a:5d:ae:c2:30:b9:83:4a:65:fe:67:
                    2d:9d:7e:9e:40:e5:1e:51:77:92:20:04:4b:04:f2:
                    73:4d:cd:33:a9:11:4f:78:46:9b:3e:6d:46:98:25:
                    9e:d4:5a:b3:bf:d3:d1:c7:7b:16:08:52:e8:17:7a:
                    be:de:37:4f:fa:dc:63:d6:36:87:d3:72:39:67:00:
                    eb:d3:94:33:bc:71:00:fd:dd:e4:e9:76:4f:ce:f3:
                    69:3d:d3:a4:70:e7:5b:d4:3a:3c:9c:06:ea:ba:12:
                    fe:d0:6d:8c:e3:09:ad:b1:b1:35:52:c6:70:a3:38:
                    84:a8:d6:2d:ea:93:12:52:f3:86:89:2e:38:49:31:
                    61:55:61:dd:b4:8f:dd:34:ae:ca:84:62:cf:79:8f:
                    f7:89:60:59:3d:4c:b1:04:9a:7c:87:8a:44:87:11:
                    5c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:91:FD:A2:E5:B9:2C:B4:5A:0E:5C:1B:C2:0E:D2:9B:B0:C9:13:AF
            X509v3 Authority Key Identifier:
                keyid:50:22:9D:E0:35:B7:25:72:F4:E0:02:74:72:EB:68:26:FD:FE:94:AE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/UCKd4DW3JXL04AJ0cutoJv3-lK4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCKd4DW3JXL04AJ0cutoJv3-lK4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/351208BEF14F11EB81CD331CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.0.233.0/24
                  103.208.84.0/24
                  103.230.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:8e:1e:79:cb:92:00:12:d2:41:5e:57:7d:66:b0:3f:95:7d:
         13:98:90:d0:32:7c:a4:98:34:dd:86:eb:28:a3:14:15:73:c9:
         a5:7b:1f:5a:b1:07:b0:a6:18:89:58:6c:5c:68:b2:d6:32:5b:
         bc:97:1d:93:6b:b9:c6:f9:5c:8e:fd:02:3d:e8:09:73:65:2e:
         19:0f:f4:c2:b4:05:93:43:68:e5:ca:b1:70:38:ab:78:69:cb:
         2d:8e:2b:24:c9:9d:4e:33:f8:d8:b0:29:b7:94:a3:82:50:76:
         44:57:2a:35:f1:0e:63:7a:83:29:c5:99:ba:30:eb:91:7f:10:
         23:09:b8:a9:07:4b:89:6e:19:d0:aa:c4:b2:fc:be:8c:ee:06:
         05:96:d1:88:be:16:68:be:68:28:aa:6c:5d:c0:24:cd:70:e9:
         44:c3:51:9c:95:c7:96:4f:0b:b4:04:29:87:06:eb:e2:ac:4f:
         69:76:d2:a8:2f:c6:cb:53:e4:f4:e2:b2:4c:78:a3:74:bf:26:
         00:81:5e:79:eb:ac:ad:9f:ed:18:5f:35:e9:d2:4b:8b:63:42:
         db:da:bf:8d:a0:da:3c:3d:32:5b:85:15:7a:bc:9c:bc:b3:4f:
         fa:a8:f9:3a:9f:cf:38:37:1f:7d:ec:c2:5d:f9:b1:d6:1a:8a:
         79:d9:f0:a5
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICA00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTE1OTAxMTAvBgNVBAUTKDUwMjI5REUwMzVCNzI1NzJGNEUwMDI3NDcyRUI2ODI2
RkRGRTk0QUUwHhcNMjIwMzAyMTM1MDUzWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFmNzYzZC04YjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA17QPuXYKkTfgIj+EXl6sLOOO+BI73j87jAiTssheAWLw9rNBdn8jC7u/h0DD
tX5ldpxzLZSfrH5WhkJ72BWAFlzmle9FR1GJqqtvVSZki2meBJpTAEyzr1X66P15
il2uwjC5g0pl/mctnX6eQOUeUXeSIARLBPJzTc0zqRFPeEabPm1GmCWe1Fqzv9PR
x3sWCFLoF3q+3jdP+txj1jaH03I5ZwDr05QzvHEA/d3k6XZPzvNpPdOkcOdb1Do8
nAbquhL+0G2M4wmtsbE1UsZwoziEqNYt6pMSUvOGiS44STFhVWHdtI/dNK7KhGLP
eY/3iWBZPUyxBJp8h4pEhxFc6wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFLOR/aLl
uSy0Wg5cG8IO0puwyROvMB8GA1UdIwQYMBaAFFAineA1tyVy9OACdHLraCb9/pSu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTU5MC8wMjVDRDI2MjdB
NkUxMUVCODFBRjJFM0ZDNEY5QUUwMi9VQ0tkNERXM0pYTDA0QUowY3V0b0p2My1s
SzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VDS2Q0RFczSlhMMDRBSjBjdXRvSnYzLWxLNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTE1OTAvMDI1Q0QyNjI3QTZFMTFFQjgxQUYyRTNGQzRGOUFFMDIvMzUxMjA4QkVG
MTRGMTFFQjgxQ0QzMzFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAbAOkDBABn0FQDBABn5o4wDQYJKoZIhvcNAQELBQADggEB
AA+OHnnLkgAS0kFeV31msD+VfROYkNAyfKSYNN2G6yijFBVzyaV7H1qxB7CmGIlY
bFxostYyW7yXHZNrucb5XI79Aj3oCXNlLhkP9MK0BZNDaOXKsXA4q3hpyy2OKyTJ
nU4z+NiwKbeUo4JQdkRXKjXxDmN6gynFmbow65F/ECMJuKkHS4luGdCqxLL8vozu
BgWW0Yi+Fmi+aCiqbF3AJM1w6UTDUZyVx5ZPC7QEKYcG6+KsT2l20qgvxstT5PTi
skx4o3S/JgCBXnnrrK2f7RhfNenSS4tjQtvav42g2jw9MluFFXq8nLyzT/qo+Tqf
zzg3H33swl35sdYainnZ8KU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-ams.rpki-client.org