Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9138FCA/BACF23FE35E311ED81A3DD32C4F9AE02/A4603EE45F6111ED87896085C4F9AE02.roa
File:                     A4603EE45F6111ED87896085C4F9AE02.roa (raw, json)
Hash identifier:          mBaCHhO4AafGxkA/DO0hQKCLnz1GHcrNEmrtKE/kwrI=
Subject key identifier:   65:DC:4C:EB:5D:2A:24:65:3A:EB:CA:B5:FA:FD:46:3A:C5:DB:15:54
Certificate issuer:       /CN=A9138FCA/serialNumber=C199597C4E78CD35ADF1AFDCFD4161174606A649
Certificate serial:       34
Authority key identifier: C1:99:59:7C:4E:78:CD:35:AD:F1:AF:DC:FD:41:61:17:46:06:A6:49
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wZlZfE54zTWt8a_c_UFhF0YGpkk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9138FCA/BACF23FE35E311ED81A3DD32C4F9AE02/A4603EE45F6111ED87896085C4F9AE02.roa
Signing time:             Tue 08 Nov 2022 12:34:09 +0000
ROA not before:           Tue 08 Nov 2022 12:34:09 +0000
ROA not after:            Thu 02 Mar 2023 00:00:00 +0000
asID:                     58879
IP address blocks:        103.79.120.0/22 maxlen: 22
                          103.79.120.0/24 maxlen: 24
                          103.79.122.0/24 maxlen: 24
                          202.91.36.0/24 maxlen: 24
                          202.91.38.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52 (0x34)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9138FCA/serialNumber=C199597C4E78CD35ADF1AFDCFD4161174606A649
        Validity
            Not Before: Nov  8 12:34:09 2022 GMT
            Not After : Mar  2 00:00:00 2023 GMT
        Subject: CN=636a4cc1-8b70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:6e:30:1c:13:d6:ab:de:67:a9:73:a1:85:32:
                    2c:71:e2:b4:b1:f3:ed:de:9b:81:73:38:dc:f8:cc:
                    f9:4a:8e:d9:26:97:ac:64:08:66:f7:31:28:7e:ad:
                    ac:42:44:da:47:1d:c9:ad:a1:cc:7e:bd:ca:b2:d1:
                    d5:64:28:99:31:0c:ed:36:b8:67:61:1f:57:2f:01:
                    0a:1d:73:4e:8c:c1:cf:46:1f:28:6e:97:7d:79:2a:
                    0d:4c:95:78:73:a7:dc:7b:33:88:d9:2b:c4:41:68:
                    1b:ad:43:c3:fd:ff:8f:f4:6a:85:c8:74:ae:2a:19:
                    bf:81:ff:48:fd:8a:f0:8e:2c:3d:d7:4d:e4:31:12:
                    08:bd:fd:4a:98:70:5a:7f:80:f4:fb:7b:14:a0:4b:
                    e3:26:e5:e1:c0:eb:b2:96:48:88:d1:c1:b4:a5:f8:
                    0f:7b:f5:18:80:24:7f:e4:c7:a7:32:0d:fe:fa:4d:
                    d7:70:10:08:0b:2d:d8:7d:7e:ed:13:64:b1:07:7b:
                    f9:28:30:da:d6:92:8d:b3:4f:b1:7d:11:00:51:5b:
                    5d:23:73:a6:6a:39:e7:db:d7:77:5f:a3:7d:03:6f:
                    37:5d:18:d6:f8:84:1f:35:92:8f:91:af:20:6c:e2:
                    48:00:26:50:a1:f5:68:a3:86:4e:96:dd:cf:1c:0d:
                    42:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:DC:4C:EB:5D:2A:24:65:3A:EB:CA:B5:FA:FD:46:3A:C5:DB:15:54
            X509v3 Authority Key Identifier:
                keyid:C1:99:59:7C:4E:78:CD:35:AD:F1:AF:DC:FD:41:61:17:46:06:A6:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9138FCA/BACF23FE35E311ED81A3DD32C4F9AE02/wZlZfE54zTWt8a_c_UFhF0YGpkk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wZlZfE54zTWt8a_c_UFhF0YGpkk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138FCA/BACF23FE35E311ED81A3DD32C4F9AE02/A4603EE45F6111ED87896085C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.79.120.0/22
                  202.91.36.0/24
                  202.91.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:30:35:c8:26:b8:0d:37:3a:e9:45:04:bc:80:56:f7:ce:1a:
         f3:c2:55:5a:26:0a:13:a2:04:11:e9:7e:12:12:7d:20:e9:74:
         11:d6:30:b6:9a:cc:72:e1:0a:c3:4f:a0:66:d9:c3:54:20:90:
         b2:b6:82:41:8b:fc:5e:f5:db:8d:09:15:d8:e4:5f:cd:53:6e:
         b6:72:5e:94:f0:10:45:48:4c:a3:99:ef:c0:22:e6:95:f3:bc:
         55:e3:77:94:d7:f4:98:27:7d:72:9c:b5:c2:b2:01:a8:13:14:
         06:44:34:f0:73:54:9b:8a:e1:cd:2e:43:84:11:2c:dd:01:3a:
         f3:08:45:9c:85:8b:06:bc:67:e5:5f:b6:df:2f:74:a1:f0:2c:
         3b:ba:37:af:27:87:d7:12:cd:89:61:10:d5:8a:a6:95:7f:5d:
         c1:a5:f9:75:3b:66:b1:e0:cf:e1:e1:c5:bf:c7:58:94:e4:08:
         ca:bb:c3:9b:d9:05:43:b7:69:42:00:72:e0:38:43:44:bd:23:
         4e:79:dc:c1:e0:4d:60:ee:ee:69:b5:33:c4:d4:7e:a1:79:a6:
         f3:9c:42:b4:af:85:c1:61:94:4c:92:5c:a0:41:82:6d:f2:41:
         20:1e:61:f2:2a:fa:8f:34:a4:a4:f0:de:8e:d5:43:23:dd:4e:
         a2:2c:0a:89
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
OEZDQTExMC8GA1UEBRMoQzE5OTU5N0M0RTc4Q0QzNUFERjFBRkRDRkQ0MTYxMTc0
NjA2QTY0OTAeFw0yMjExMDgxMjM0MDlaFw0yMzAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzNmE0Y2MxLThiNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQbjAcE9ar3mepc6GFMixx4rSx8+3em4FzONz4zPlKjtkml6xkCGb3MSh+raxC
RNpHHcmtocx+vcqy0dVkKJkxDO02uGdhH1cvAQodc06Mwc9GHyhul315Kg1MlXhz
p9x7M4jZK8RBaButQ8P9/4/0aoXIdK4qGb+B/0j9ivCOLD3XTeQxEgi9/UqYcFp/
gPT7exSgS+Mm5eHA67KWSIjRwbSl+A979RiAJH/kx6cyDf76TddwEAgLLdh9fu0T
ZLEHe/koMNrWko2zT7F9EQBRW10jc6ZqOefb13dfo30DbzddGNb4hB81ko+RryBs
4kgAJlCh9Wijhk6W3c8cDUJBAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUZdxM610q
JGU668q1+v1GOsXbFVQwHwYDVR0jBBgwFoAUwZlZfE54zTWt8a/c/UFhF0YGpkkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4RkNBL0JBQ0YyM0ZFMzVF
MzExRUQ4MUEzREQzMkM0RjlBRTAyL3dabFpmRTU0elRXdDhhX2NfVUZoRjBZR3Br
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvd1psWmZFNTR6VFd0OGFfY19VRmhGMFlHcGtrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
OEZDQS9CQUNGMjNGRTM1RTMxMUVEODFBM0REMzJDNEY5QUUwMi9BNDYwM0VFNDVG
NjExMUVEODc4OTYwODVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAmdPeAMEAMpbJAMEAMpbJjANBgkqhkiG9w0BAQsFAAOCAQEA
MDA1yCa4DTc66UUEvIBW984a88JVWiYKE6IEEel+EhJ9IOl0EdYwtprMcuEKw0+g
ZtnDVCCQsraCQYv8XvXbjQkV2ORfzVNutnJelPAQRUhMo5nvwCLmlfO8VeN3lNf0
mCd9cpy1wrIBqBMUBkQ08HNUm4rhzS5DhBEs3QE68whFnIWLBrxn5V+23y90ofAs
O7o3ryeH1xLNiWEQ1YqmlX9dwaX5dTtmseDP4eHFv8dYlOQIyrvDm9kFQ7dpQgBy
4DhDRL0jTnncweBNYO7uabUzxNR+oXmm85xCtK+FwWGUTJJcoEGCbfJBIB5h8ir6
jzSkpPDejtVDI91OoiwKiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org