Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91209D3/6540C95A724811EDB2260477C4F9AE02/D0285FC8724B11EDA156B97BC4F9AE02.roa
File:                     D0285FC8724B11EDA156B97BC4F9AE02.roa (raw, json)
Hash identifier:          P1+NU2/kPjJ1Zsb8NW3H0Y5DOfUYr/FrQCJYxO7RnM0=
Subject key identifier:   FA:A5:EC:CA:DE:6B:A3:24:ED:52:63:51:05:8B:AF:F7:C7:86:A4:56
Certificate issuer:       /CN=A91209D3/serialNumber=0B15B1FDA3B76A51C3272441404BE9C98C3D610F
Certificate serial:       41
Authority key identifier: 0B:15:B1:FD:A3:B7:6A:51:C3:27:24:41:40:4B:E9:C9:8C:3D:61:0F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CxWx_aO3alHDJyRBQEvpyYw9YQ8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91209D3/6540C95A724811EDB2260477C4F9AE02/D0285FC8724B11EDA156B97BC4F9AE02.roa
Signing time:             Mon 27 Mar 2023 07:17:14 +0000
ROA not before:           Mon 27 Mar 2023 07:17:14 +0000
ROA not after:            Wed 01 May 2024 00:00:00 +0000
asID:                     136264
IP address blocks:        103.85.135.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65 (0x41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91209D3/serialNumber=0B15B1FDA3B76A51C3272441404BE9C98C3D610F
        Validity
            Not Before: Mar 27 07:17:14 2023 GMT
            Not After : May  1 00:00:00 2024 GMT
        Subject: CN=642142fa-c8ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:22:4a:a1:3b:a2:29:5d:0d:95:8e:75:41:9c:
                    82:9b:56:4b:e2:fd:ba:2d:de:a7:97:56:53:d5:64:
                    c2:f8:93:2b:8c:17:46:0a:6b:a4:3e:52:b4:93:a9:
                    63:d8:13:00:b9:1b:45:35:c9:6c:c6:86:fa:d4:15:
                    0e:26:ef:77:c5:ab:68:45:53:eb:10:f2:72:b6:66:
                    2d:e8:a4:4b:b4:49:92:90:da:e4:ed:68:94:a3:36:
                    13:35:01:c6:22:45:34:a0:33:33:99:61:20:5e:dc:
                    a0:99:97:c0:4f:84:ed:c6:3e:52:e2:b6:9e:64:f0:
                    ac:a7:1e:2f:f3:ef:c5:49:63:41:02:cf:22:bc:4b:
                    19:cd:c2:73:06:13:52:12:8d:fe:05:83:c5:2d:38:
                    6d:20:c5:27:06:e1:d0:28:d3:e9:69:ca:3c:c4:f3:
                    c5:d7:ee:ef:ce:6d:7a:41:62:26:a6:57:97:bf:21:
                    3d:88:86:d1:18:92:75:03:42:65:7e:60:6f:58:b3:
                    8a:b3:1d:9f:3f:d5:63:a2:08:fe:03:33:b8:7b:52:
                    25:ea:e1:2b:b4:66:9b:a9:74:67:50:11:1e:3a:c9:
                    62:68:c8:fb:f6:15:a3:9b:3a:f7:99:01:f2:d5:e5:
                    40:0e:da:19:07:95:ae:36:6d:fe:38:39:f0:96:b8:
                    c5:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:A5:EC:CA:DE:6B:A3:24:ED:52:63:51:05:8B:AF:F7:C7:86:A4:56
            X509v3 Authority Key Identifier:
                keyid:0B:15:B1:FD:A3:B7:6A:51:C3:27:24:41:40:4B:E9:C9:8C:3D:61:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91209D3/6540C95A724811EDB2260477C4F9AE02/CxWx_aO3alHDJyRBQEvpyYw9YQ8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CxWx_aO3alHDJyRBQEvpyYw9YQ8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91209D3/6540C95A724811EDB2260477C4F9AE02/D0285FC8724B11EDA156B97BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.85.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:55:23:7e:07:52:f3:8a:31:0c:f0:5d:a3:3e:29:2d:35:b6:
         5b:eb:a7:4b:37:4c:9a:5e:2d:80:a7:96:4c:70:58:b8:50:2b:
         31:e4:87:57:4f:82:e5:84:93:c5:41:28:e6:5b:85:dd:dd:6e:
         ec:3a:d6:49:60:3d:cf:d9:d7:fa:11:68:eb:ba:9b:80:fc:4e:
         a2:95:dd:a1:79:97:11:a6:ea:0d:34:ca:92:cd:e5:28:be:30:
         20:b8:62:75:00:f8:eb:08:9c:32:da:c6:57:2b:b5:2a:09:ba:
         a9:d8:4a:1d:96:f6:0c:0a:df:2c:93:fd:b2:28:d9:54:a7:e4:
         30:2f:c6:f5:bc:e9:aa:44:87:75:41:57:da:d1:dc:d8:8d:c7:
         ac:8f:08:73:71:77:8c:3c:a9:0a:6e:dc:d9:d6:ec:c2:71:17:
         d9:b9:07:01:d2:57:bc:95:59:90:45:58:00:4b:f9:cb:b9:7e:
         25:05:e3:a3:41:22:da:00:d5:b1:52:f6:af:27:96:1b:4f:71:
         8c:b9:b3:e6:66:c5:4b:12:59:18:df:5e:ad:42:6d:23:5e:85:
         e4:dc:bb:42:cf:62:d0:6d:23:84:3f:18:85:07:65:ba:10:00:
         e9:26:e6:48:73:a7:2b:ed:ae:f6:04:ab:ab:7e:d2:46:bf:b8:
         2e:ea:2b:39
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBQTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
MDlEMzExMC8GA1UEBRMoMEIxNUIxRkRBM0I3NkE1MUMzMjcyNDQxNDA0QkU5Qzk4
QzNENjEwRjAeFw0yMzAzMjcwNzE3MTRaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MjE0MmZhLWM4YWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDhIkqhO6IpXQ2VjnVBnIKbVkvi/bot3qeXVlPVZML4kyuMF0YKa6Q+UrSTqWPY
EwC5G0U1yWzGhvrUFQ4m73fFq2hFU+sQ8nK2Zi3opEu0SZKQ2uTtaJSjNhM1AcYi
RTSgMzOZYSBe3KCZl8BPhO3GPlLitp5k8KynHi/z78VJY0ECzyK8SxnNwnMGE1IS
jf4Fg8UtOG0gxScG4dAo0+lpyjzE88XX7u/ObXpBYiamV5e/IT2IhtEYknUDQmV+
YG9Ys4qzHZ8/1WOiCP4DM7h7UiXq4Su0ZpupdGdQER46yWJoyPv2FaObOveZAfLV
5UAO2hkHla42bf44OfCWuMVdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU+qXsyt5r
oyTtUmNRBYuv98eGpFYwHwYDVR0jBBgwFoAUCxWx/aO3alHDJyRBQEvpyYw9YQ8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIwOUQzLzY1NDBDOTVBNzI0
ODExRURCMjI2MDQ3N0M0RjlBRTAyL0N4V3hfYU8zYWxIREp5UkJRRXZweVl3OVlR
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQ3hXeF9hTzNhbEhESnlSQlFFdnB5WXc5WVE4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MDlEMy82NTQwQzk1QTcyNDgxMUVEQjIyNjA0NzdDNEY5QUUwMi9EMDI4NUZDODcy
NEIxMUVEQTE1NkI5N0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdVhzANBgkqhkiG9w0BAQsFAAOCAQEAblUjfgdS84oxDPBd
oz4pLTW2W+unSzdMml4tgKeWTHBYuFArMeSHV0+C5YSTxUEo5luF3d1u7DrWSWA9
z9nX+hFo67qbgPxOopXdoXmXEabqDTTKks3lKL4wILhidQD46wicMtrGVyu1Kgm6
qdhKHZb2DArfLJP9sijZVKfkMC/G9bzpqkSHdUFX2tHc2I3HrI8Ic3F3jDypCm7c
2dbswnEX2bkHAdJXvJVZkEVYAEv5y7l+JQXjo0Ei2gDVsVL2ryeWG09xjLmz5mbF
SxJZGN9erUJtI16F5Ny7Qs9i0G0jhD8YhQdluhAA6SbmSHOnK+2u9gSrq37SRr+4
LuorOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:47 2024 by rpki-client on console-ams.rpki-client.org