Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912C533/9CC43306A74911EBB0302F82C4F9AE02/098D7156C29711EB9ECECD65C4F9AE02.roa
File:                     098D7156C29711EB9ECECD65C4F9AE02.roa (raw, json)
Hash identifier:          hutwRGI+rKmYwfIVE8bzdHNH1Ek9NoYuS+fry2ixrto=
Subject key identifier:   40:3E:41:7C:53:67:FA:30:BB:09:3F:FE:02:2E:73:30:7C:75:8E:66
Certificate issuer:       /CN=A912C533/serialNumber=AF96D111008404FF1B14516F7FCF67E928CEF666
Certificate serial:       01F0
Authority key identifier: AF:96:D1:11:00:84:04:FF:1B:14:51:6F:7F:CF:67:E9:28:CE:F6:66
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r5bREQCEBP8bFFFvf89n6SjO9mY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912C533/9CC43306A74911EBB0302F82C4F9AE02/098D7156C29711EB9ECECD65C4F9AE02.roa
Signing time:             Mon 20 Dec 2021 02:20:51 +0000
ROA not before:           Mon 20 Dec 2021 02:20:51 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     4713
IP address blocks:        133.90.0.0/16 maxlen: 24
                          133.124.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 496 (0x1f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912C533/serialNumber=AF96D111008404FF1B14516F7FCF67E928CEF666
        Validity
            Not Before: Dec 20 02:20:51 2021 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=61bfe883-92b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:78:61:96:fd:20:f1:00:32:23:6c:1d:7b:d2:
                    26:dc:d6:3d:a6:0a:e4:48:ff:35:fe:f3:e5:d3:12:
                    7e:19:d5:ce:41:cc:f2:af:f7:57:eb:b1:85:22:2f:
                    55:0d:92:ae:8e:1b:68:34:7c:b2:0f:0d:b4:92:ea:
                    b7:f3:01:4b:b5:2d:3c:87:57:ba:84:98:90:10:2f:
                    b8:49:31:fb:ba:78:00:23:37:ac:3d:c1:01:a5:d8:
                    1a:c5:57:57:b7:2e:6f:2d:dd:b3:56:f0:b6:a8:e2:
                    cf:51:55:2b:43:97:9b:57:2e:e1:84:41:bb:ae:5e:
                    ff:5e:13:d4:2d:7b:b7:3c:d4:b6:5d:0e:22:e9:d6:
                    03:20:c3:05:30:38:90:78:99:4d:0f:96:e9:47:82:
                    b8:58:a8:24:3c:ea:46:f8:e4:40:f2:b6:95:9f:f7:
                    ee:14:62:b1:0f:df:ef:ae:74:9e:e7:48:6c:6d:7f:
                    85:af:1a:b7:2c:c7:65:f7:7b:a5:1b:5f:d0:32:d5:
                    42:5c:56:c5:83:7f:4b:fc:29:90:16:d2:73:1c:81:
                    bb:33:90:af:5f:f7:88:f9:b8:f7:76:67:c5:2a:53:
                    bd:30:94:cb:47:23:20:94:8c:25:23:1a:e7:93:81:
                    d7:9a:2d:fb:2f:4b:60:fe:6c:c1:a7:f9:14:21:23:
                    71:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:3E:41:7C:53:67:FA:30:BB:09:3F:FE:02:2E:73:30:7C:75:8E:66
            X509v3 Authority Key Identifier:
                keyid:AF:96:D1:11:00:84:04:FF:1B:14:51:6F:7F:CF:67:E9:28:CE:F6:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912C533/9CC43306A74911EBB0302F82C4F9AE02/r5bREQCEBP8bFFFvf89n6SjO9mY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r5bREQCEBP8bFFFvf89n6SjO9mY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C533/9CC43306A74911EBB0302F82C4F9AE02/098D7156C29711EB9ECECD65C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  133.90.0.0/16
                  133.124.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         03:fb:db:84:e2:dd:ba:c5:51:91:e3:99:6d:db:81:56:4e:53:
         2e:26:f8:2b:bc:78:6a:24:e4:b6:a0:36:83:d8:7a:f5:b9:70:
         7e:0b:1a:34:48:b6:b0:d3:b9:4c:eb:d2:a6:78:bb:c5:c3:62:
         ee:b5:bd:f3:a4:65:e8:8a:2e:1e:a6:bb:7b:b7:72:69:ba:5b:
         68:51:e5:44:2b:63:f5:67:b8:ca:7a:92:51:20:d0:d6:9e:2e:
         b4:9f:84:28:b2:11:c9:94:c7:33:21:8a:73:c8:10:8c:07:e1:
         b8:e2:9b:0c:27:80:d9:50:03:13:b3:b7:6c:db:92:dc:26:4f:
         ec:7d:ef:a4:4b:5a:c3:e8:36:e7:a9:2a:45:58:89:0d:d3:9f:
         89:15:5c:0c:60:0c:d9:a7:b2:38:00:2f:de:83:71:b0:1d:46:
         17:51:93:e8:fd:f2:de:75:7b:2a:4d:39:49:5f:a7:4c:a1:f0:
         6c:8b:b7:ed:d0:18:df:99:99:95:c8:00:46:e5:7a:a2:87:7d:
         18:f8:5b:e9:52:3e:95:a5:fd:90:e4:f6:22:d6:ab:64:20:db:
         e7:8d:e7:0d:b3:9b:e5:1e:27:7f:2a:02:90:fb:33:6a:4c:de:
         2e:f8:fc:3a:bc:a9:9c:29:d6:4d:6f:ae:b9:48:e2:79:bd:8a:
         95:47:46:3a
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgICAfAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkM1MzMxMTAvBgNVBAUTKEFGOTZEMTExMDA4NDA0RkYxQjE0NTE2RjdGQ0Y2N0U5
MjhDRUY2NjYwHhcNMjExMjIwMDIyMDUxWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWJmZTg4My05MmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAunhhlv0g8QAyI2wde9Im3NY9pgrkSP81/vPl0xJ+GdXOQczyr/dX67GFIi9V
DZKujhtoNHyyDw20kuq38wFLtS08h1e6hJiQEC+4STH7ungAIzesPcEBpdgaxVdX
ty5vLd2zVvC2qOLPUVUrQ5ebVy7hhEG7rl7/XhPULXu3PNS2XQ4i6dYDIMMFMDiQ
eJlND5bpR4K4WKgkPOpG+ORA8raVn/fuFGKxD9/vrnSe50hsbX+Frxq3LMdl93ul
G1/QMtVCXFbFg39L/CmQFtJzHIG7M5CvX/eI+bj3dmfFKlO9MJTLRyMglIwlIxrn
k4HXmi37L0tg/mzBp/kUISNxKQIDAQABo4ICmTCCApUwHQYDVR0OBBYEFEA+QXxT
Z/owuwk//gIuczB8dY5mMB8GA1UdIwQYMBaAFK+W0REAhAT/GxRRb3/PZ+kozvZm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzUzMy85Q0M0MzMwNkE3
NDkxMUVCQjAzMDJGODJDNEY5QUUwMi9yNWJSRVFDRUJQOGJGRkZ2Zjg5bjZTak85
bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3I1YlJFUUNFQlA4YkZGRnZmODluNlNqTzltWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkM1MzMvOUNDNDMzMDZBNzQ5MTFFQkIwMzAyRjgyQzRGOUFFMDIvMDk4RDcxNTZD
Mjk3MTFFQjlFQ0VDRDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQcBAf8E
FDASMBAEAgABMAoDAwCFWgMDAIV8MA0GCSqGSIb3DQEBCwUAA4IBAQAD+9uE4t26
xVGR45lt24FWTlMuJvgrvHhqJOS2oDaD2Hr1uXB+Cxo0SLaw07lM69KmeLvFw2Lu
tb3zpGXoii4eprt7t3JpultoUeVEK2P1Z7jKepJRINDWni60n4QoshHJlMczIYpz
yBCMB+G44psMJ4DZUAMTs7ds25LcJk/sfe+kS1rD6DbnqSpFWIkN05+JFVwMYAzZ
p7I4AC/eg3GwHUYXUZPo/fLedXsqTTlJX6dMofBsi7ft0BjfmZmVyABG5Xqih30Y
+FvpUj6Vpf2Q5PYi1qtkINvnjecNs5vlHid/KgKQ+zNqTN4u+Pw6vKmcKdZNb665
SOJ5vYqVR0Y6
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org