Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9138B7F/6CDE8998FF4111EB82B31F5DC4F9AE02/BC12DF128CF011ED94DBDA18C4F9AE02.roa
File:                     BC12DF128CF011ED94DBDA18C4F9AE02.roa (raw, json)
Hash identifier:          DDRTYMdWvevuHwirMDI16nKPiqXS90PGyRl2LdAGhRs=
Subject key identifier:   6B:34:DC:27:0E:69:99:09:41:9C:BB:BF:10:E3:87:90:33:4E:50:3F
Certificate issuer:       /CN=A9138B7F/serialNumber=9BE1FB19438390E5170818EAFAF00BB323A00C48
Certificate serial:       0394
Authority key identifier: 9B:E1:FB:19:43:83:90:E5:17:08:18:EA:FA:F0:0B:B3:23:A0:0C:48
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m-H7GUODkOUXCBjq-vALsyOgDEg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9138B7F/6CDE8998FF4111EB82B31F5DC4F9AE02/BC12DF128CF011ED94DBDA18C4F9AE02.roa
Signing time:             Thu 05 Jan 2023 12:01:50 +0000
ROA not before:           Thu 05 Jan 2023 12:01:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7586
IP address blocks:        2401:1740::/32 maxlen: 32
                          2401:1740::/40 maxlen: 40
                          2401:1740:100::/40 maxlen: 40
                          2401:1740:1000::/48 maxlen: 48
                          2401:1740:2000::/48 maxlen: 48
                          2401:1740:3000::/48 maxlen: 48
                          2401:1740:4000::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 916 (0x394)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9138B7F/serialNumber=9BE1FB19438390E5170818EAFAF00BB323A00C48
        Validity
            Not Before: Jan  5 12:01:49 2023 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=63b6bc2d-0d2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:19:67:50:4a:13:fe:21:9b:50:88:c0:4b:78:
                    b0:eb:22:3d:18:2c:88:9c:11:91:2d:b8:a3:4d:ba:
                    c7:08:eb:23:63:d7:00:29:50:9c:41:51:95:7b:5c:
                    d2:34:ea:73:20:f3:3d:49:bc:b7:dc:a8:a2:3a:3c:
                    8f:f6:26:08:ce:0f:f9:aa:98:5f:ff:0c:db:66:67:
                    96:e0:1b:62:e2:fe:b0:ac:d1:63:fd:ff:ce:6f:f0:
                    6c:f9:f9:ee:f8:44:18:49:30:37:4b:18:c1:48:dd:
                    43:33:87:03:a8:bc:6e:72:1e:d2:31:8f:3f:8f:ea:
                    5d:3c:dc:f3:a2:e6:2d:37:24:a1:ce:ba:6b:aa:78:
                    d7:0b:c3:af:8f:f5:b2:36:f7:cd:94:95:05:ef:72:
                    33:c5:7a:b3:c1:95:7a:76:f7:d9:1a:8e:55:ee:8f:
                    c0:32:f3:fd:47:4b:fc:a9:6d:a7:ad:02:9a:85:27:
                    f7:4b:c1:38:d7:78:60:61:32:65:84:46:b6:6f:9a:
                    98:6e:83:92:05:2e:b1:82:70:ea:12:a0:fa:56:16:
                    5b:68:84:95:1b:20:ea:32:49:b1:99:40:2f:2a:ed:
                    67:e9:fd:b3:a0:22:24:1a:53:ab:5f:66:eb:32:f6:
                    db:dc:6c:b0:92:b2:f8:ea:d9:e4:c2:10:a5:bd:67:
                    c4:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:34:DC:27:0E:69:99:09:41:9C:BB:BF:10:E3:87:90:33:4E:50:3F
            X509v3 Authority Key Identifier:
                keyid:9B:E1:FB:19:43:83:90:E5:17:08:18:EA:FA:F0:0B:B3:23:A0:0C:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9138B7F/6CDE8998FF4111EB82B31F5DC4F9AE02/m-H7GUODkOUXCBjq-vALsyOgDEg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m-H7GUODkOUXCBjq-vALsyOgDEg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138B7F/6CDE8998FF4111EB82B31F5DC4F9AE02/BC12DF128CF011ED94DBDA18C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:1740::/32

    Signature Algorithm: sha256WithRSAEncryption
         4e:ee:29:8b:eb:49:20:09:ba:a5:ee:02:88:cf:68:9a:7d:d8:
         31:4c:75:fa:d4:47:dc:c8:84:61:c1:8e:0d:5b:26:5b:48:35:
         b7:ad:4f:cc:55:f0:d2:c8:ab:c0:fd:92:46:7c:a7:86:4c:64:
         76:8f:61:ab:89:6b:1f:d2:85:36:7c:07:ce:1d:b4:b3:f3:5b:
         57:5e:73:fb:c0:bf:26:ec:e1:fe:aa:f2:5e:cb:c3:f5:e2:83:
         35:b5:27:56:c2:6a:d5:5e:66:47:30:38:26:ee:46:0f:e1:91:
         09:0a:29:b6:a3:d7:bf:a7:a1:c3:ec:65:b1:f7:49:45:22:3b:
         22:1f:cc:9e:2a:42:7a:aa:72:99:69:b7:28:c0:93:78:5c:ad:
         48:9f:f6:ec:88:24:21:b0:64:3c:ce:cb:3a:95:19:88:97:06:
         0a:81:f1:15:c1:f0:dc:99:4d:17:4a:99:e7:af:2e:eb:48:95:
         83:cc:3e:a4:3a:51:05:9a:ae:b6:71:7d:56:27:55:fe:50:cb:
         82:e9:0d:8e:43:bc:e3:ac:bc:25:ea:d3:cd:bb:7d:45:7b:1e:
         03:2c:33:fa:e7:7c:70:c0:33:d2:f6:50:f1:ac:2f:11:67:ea:
         6a:d6:95:5e:10:7f:b9:34:87:18:ff:06:71:42:2f:85:0c:e9:
         04:30:e7:16
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICA5QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzhCN0YxMTAvBgNVBAUTKDlCRTFGQjE5NDM4MzkwRTUxNzA4MThFQUZBRjAwQkIz
MjNBMDBDNDgwHhcNMjMwMTA1MTIwMTQ5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2I2YmMyZC0wZDJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxhlnUEoT/iGbUIjAS3iw6yI9GCyInBGRLbijTbrHCOsjY9cAKVCcQVGVe1zS
NOpzIPM9Sby33KiiOjyP9iYIzg/5qphf/wzbZmeW4Bti4v6wrNFj/f/Ob/Bs+fnu
+EQYSTA3SxjBSN1DM4cDqLxuch7SMY8/j+pdPNzzouYtNyShzrprqnjXC8Ovj/Wy
NvfNlJUF73IzxXqzwZV6dvfZGo5V7o/AMvP9R0v8qW2nrQKahSf3S8E413hgYTJl
hEa2b5qYboOSBS6xgnDqEqD6VhZbaISVGyDqMkmxmUAvKu1n6f2zoCIkGlOrX2br
Mvbb3GywkrL46tnkwhClvWfE9QIDAQABo4ICljCCApIwHQYDVR0OBBYEFGs03CcO
aZkJQZy7vxDjh5AzTlA/MB8GA1UdIwQYMBaAFJvh+xlDg5DlFwgY6vrwC7MjoAxI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOEI3Ri82Q0RFODk5OEZG
NDExMUVCODJCMzFGNURDNEY5QUUwMi9tLUg3R1VPRGtPVVhDQmpxLXZBTHN5T2dE
RWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL20tSDdHVU9Ea09VWENCanEtdkFMc3lPZ0RFZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzhCN0YvNkNERTg5OThGRjQxMTFFQjgyQjMxRjVEQzRGOUFFMDIvQkMxMkRGMTI4
Q0YwMTFFRDk0REJEQTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkARdAMA0GCSqGSIb3DQEBCwUAA4IBAQBO7imL60kgCbql
7gKIz2iafdgxTHX61EfcyIRhwY4NWyZbSDW3rU/MVfDSyKvA/ZJGfKeGTGR2j2Gr
iWsf0oU2fAfOHbSz81tXXnP7wL8m7OH+qvJey8P14oM1tSdWwmrVXmZHMDgm7kYP
4ZEJCim2o9e/p6HD7GWx90lFIjsiH8yeKkJ6qnKZabcowJN4XK1In/bsiCQhsGQ8
zss6lRmIlwYKgfEVwfDcmU0XSpnnry7rSJWDzD6kOlEFmq62cX1WJ1X+UMuC6Q2O
Q7zjrLwl6tPNu31Fex4DLDP653xwwDPS9lDxrC8RZ+pq1pVeEH+5NIcY/wZxQi+F
DOkEMOcW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org