Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/20BE55D04FD011EDA435FC64C4F9AE02.roa
File:                     20BE55D04FD011EDA435FC64C4F9AE02.roa (raw, json)
Hash identifier:          i5L6mjG9FN0LpbMWckY3NVAYy9AB1PVrolhmSNVsGr0=
Subject key identifier:   BD:44:65:AB:7C:D9:DC:2A:B2:9A:F4:A7:D7:54:16:CF:9F:8E:F7:31
Certificate issuer:       /CN=A913C00F/serialNumber=AD1BB06A72BE3908D432FAF0836357AA44DF16B8
Certificate serial:       12D6
Authority key identifier: AD:1B:B0:6A:72:BE:39:08:D4:32:FA:F0:83:63:57:AA:44:DF:16:B8
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rRuwanK-OQjUMvrwg2NXqkTfFrg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/20BE55D04FD011EDA435FC64C4F9AE02.roa
Signing time:             Wed 19 Oct 2022 17:24:32 +0000
ROA not before:           Wed 19 Oct 2022 17:24:32 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     9411
IP address blocks:        158.108.0.0/16 maxlen: 22
                          192.102.83.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4822 (0x12d6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913C00F/serialNumber=AD1BB06A72BE3908D432FAF0836357AA44DF16B8
        Validity
            Not Before: Oct 19 17:24:32 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=635032cf-26be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:4b:e7:27:2b:85:9c:ba:df:87:fb:3b:19:6e:
                    5d:7e:80:4a:94:cb:c3:50:5b:e5:c0:ac:94:ba:70:
                    38:1d:fb:b6:fe:92:ec:75:c5:ff:c7:5e:02:9b:eb:
                    68:82:cb:cc:af:e2:bf:d6:c5:db:3d:8a:91:f4:8e:
                    8a:ba:10:3b:2f:ec:7c:4b:7d:18:82:76:27:1b:25:
                    53:2d:09:60:46:69:5f:18:22:06:76:96:88:fb:4b:
                    13:36:30:8d:c5:81:3f:61:83:b9:9a:0a:9a:aa:39:
                    50:c1:83:71:26:da:3f:30:cd:3a:ac:1d:b6:09:05:
                    8d:39:b6:41:c7:ca:68:58:02:9c:ac:ff:08:9e:a0:
                    26:c0:ba:73:8e:cf:c1:77:35:6f:e1:de:a0:4f:1a:
                    f2:da:8f:66:db:eb:cf:80:eb:f0:f9:b3:ad:0d:d2:
                    16:d2:07:bd:9e:f9:40:ab:c5:45:83:d7:7b:aa:e3:
                    c3:39:eb:73:d5:16:25:e4:8e:b7:dd:02:68:1e:eb:
                    42:55:c1:23:61:2c:77:09:ac:19:a8:c3:b5:67:fc:
                    a6:c7:17:56:72:ec:67:e5:a5:a4:62:ed:e1:0b:57:
                    9b:02:71:0b:34:30:db:87:fe:4b:ea:75:6b:f5:02:
                    a2:4a:4a:99:04:8c:8f:86:7f:5d:62:55:57:66:e0:
                    f4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:44:65:AB:7C:D9:DC:2A:B2:9A:F4:A7:D7:54:16:CF:9F:8E:F7:31
            X509v3 Authority Key Identifier:
                keyid:AD:1B:B0:6A:72:BE:39:08:D4:32:FA:F0:83:63:57:AA:44:DF:16:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/rRuwanK-OQjUMvrwg2NXqkTfFrg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rRuwanK-OQjUMvrwg2NXqkTfFrg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/20BE55D04FD011EDA435FC64C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.108.0.0/16
                  192.102.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:92:8f:c9:11:29:d7:fc:8d:d6:5d:7b:73:c2:e9:fc:9f:fa:
         07:b4:7c:82:29:d5:d5:09:a7:0a:73:f0:eb:1d:0d:11:43:a6:
         19:33:3b:2c:34:5e:7e:e9:be:d9:17:57:a9:26:7f:53:d1:e2:
         7d:a2:75:1a:9d:a3:58:a8:89:32:e9:b6:94:8a:87:53:20:e6:
         63:16:3c:d3:e3:f5:67:83:74:1e:12:20:6e:a3:ed:9b:ac:c9:
         31:96:82:e3:17:0d:74:38:60:cb:e1:c6:fd:81:ad:17:83:82:
         ed:be:01:5c:62:63:43:61:b0:23:af:dd:44:c8:32:54:19:98:
         bd:76:71:56:e2:80:c6:1a:84:26:e3:b5:60:98:77:e7:2b:a4:
         9f:da:82:e5:7b:d7:1f:6b:dc:bb:90:5a:02:61:d5:62:7b:5f:
         55:d6:04:84:33:b4:c0:65:59:d5:b6:4e:37:25:61:63:35:61:
         77:0c:f5:0a:3f:66:72:87:5c:36:8f:d2:89:3f:46:08:aa:c1:
         99:85:dc:6c:ee:1d:be:10:3d:7a:16:5e:1e:12:6e:ca:73:e8:
         ac:71:2b:e8:a4:c2:87:07:a1:98:47:c1:ec:82:37:62:6f:a6:
         ab:8b:44:11:a2:80:3c:51:9a:ac:f4:67:aa:cf:8e:d4:64:4a:
         91:37:90:23
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgICEtYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0MwMEYxMTAvBgNVBAUTKEFEMUJCMDZBNzJCRTM5MDhENDMyRkFGMDgzNjM1N0FB
NDRERjE2QjgwHhcNMjIxMDE5MTcyNDMyWhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzUwMzJjZi0yNmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzUvnJyuFnLrfh/s7GW5dfoBKlMvDUFvlwKyUunA4Hfu2/pLsdcX/x14Cm+to
gsvMr+K/1sXbPYqR9I6KuhA7L+x8S30YgnYnGyVTLQlgRmlfGCIGdpaI+0sTNjCN
xYE/YYO5mgqaqjlQwYNxJto/MM06rB22CQWNObZBx8poWAKcrP8InqAmwLpzjs/B
dzVv4d6gTxry2o9m2+vPgOvw+bOtDdIW0ge9nvlAq8VFg9d7quPDOetz1RYl5I63
3QJoHutCVcEjYSx3CawZqMO1Z/ymxxdWcuxn5aWkYu3hC1ebAnELNDDbh/5L6nVr
9QKiSkqZBIyPhn9dYlVXZuD0GwIDAQABo4ICmjCCApYwHQYDVR0OBBYEFL1EZat8
2dwqspr0p9dUFs+fjvcxMB8GA1UdIwQYMBaAFK0bsGpyvjkI1DL68INjV6pE3xa4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzAwRi9DNDdBQTY4RTVE
ODUxMUU4OUI4NzUyN0ZDNEY5QUUwMi9yUnV3YW5LLU9RalVNdnJ3ZzJOWHFrVGZG
cmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3JSdXdhbkstT1FqVU12cndnMk5YcWtUZkZyZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0MwMEYvQzQ3QUE2OEU1RDg1MTFFODlCODc1MjdGQzRGOUFFMDIvMjBCRTU1RDA0
RkQwMTFFREE0MzVGQzY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E
FTATMBEEAgABMAsDAwCebAMEAMBmUzANBgkqhkiG9w0BAQsFAAOCAQEAcJKPyREp
1/yN1l17c8Lp/J/6B7R8ginV1QmnCnPw6x0NEUOmGTM7LDRefum+2RdXqSZ/U9Hi
faJ1Gp2jWKiJMum2lIqHUyDmYxY80+P1Z4N0HhIgbqPtm6zJMZaC4xcNdDhgy+HG
/YGtF4OC7b4BXGJjQ2GwI6/dRMgyVBmYvXZxVuKAxhqEJuO1YJh35yukn9qC5XvX
H2vcu5BaAmHVYntfVdYEhDO0wGVZ1bZONyVhYzVhdwz1Cj9mcodcNo/SiT9GCKrB
mYXcbO4dvhA9ehZeHhJuynPorHEr6KTChwehmEfB7II3Ym+mq4tEEaKAPFGarPRn
qs+O1GRKkTeQIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org