Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/B8069A544FB911EDBF5EDC5CC4F9AE02.roa
File:                     B8069A544FB911EDBF5EDC5CC4F9AE02.roa (raw, json)
Hash identifier:          1BfORyYAW2fjfKlBL0ywFAJBDkz2weLOnAfsBPfRMXU=
Subject key identifier:   28:06:E4:FA:5C:0A:F3:F6:78:78:C2:2C:4D:E5:A0:36:84:4D:24:69
Certificate issuer:       /CN=A913C00F/serialNumber=AD1BB06A72BE3908D432FAF0836357AA44DF16B8
Certificate serial:       12D2
Authority key identifier: AD:1B:B0:6A:72:BE:39:08:D4:32:FA:F0:83:63:57:AA:44:DF:16:B8
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rRuwanK-OQjUMvrwg2NXqkTfFrg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/B8069A544FB911EDBF5EDC5CC4F9AE02.roa
Signing time:             Wed 19 Oct 2022 14:24:19 +0000
ROA not before:           Wed 19 Oct 2022 14:24:19 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     9411
IP address blocks:        158.108.0.0/16 maxlen: 22
                          192.102.83.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4818 (0x12d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913C00F/serialNumber=AD1BB06A72BE3908D432FAF0836357AA44DF16B8
        Validity
            Not Before: Oct 19 14:24:19 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=63500893-90f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:16:f9:62:40:d3:e1:7f:7d:6e:5a:c2:55:af:
                    01:58:47:b4:f7:b8:1b:fb:9c:86:b3:d4:b2:f5:4b:
                    68:58:42:b8:86:eb:75:fc:2d:64:21:2b:14:48:4b:
                    d0:49:2d:4b:aa:26:08:22:35:d0:b8:60:ae:ae:ca:
                    03:ad:e2:3c:01:90:9a:ff:1a:b5:ce:58:d3:c6:69:
                    39:f7:2a:3b:55:6a:96:31:8a:ea:4d:93:cc:8a:29:
                    6f:09:9c:8e:91:0a:e1:20:b2:94:10:95:da:87:09:
                    24:e8:23:77:31:bc:64:fc:6b:73:ea:43:bd:ba:81:
                    bf:4b:45:72:7b:c7:37:18:73:4f:f5:36:95:01:1b:
                    db:27:7c:b6:4f:92:4a:f1:c8:c6:23:9a:28:38:04:
                    68:0e:70:cc:90:d8:63:f2:6d:f6:56:66:09:61:49:
                    21:e3:f4:7f:9a:ad:e1:36:b5:ad:9f:37:4c:28:c1:
                    11:03:c2:d0:af:ec:39:8b:3e:21:a9:76:c1:c5:ed:
                    bc:fb:e8:3b:2b:21:b7:f9:f5:7f:03:64:d5:4b:0c:
                    a2:dc:54:96:55:1a:2d:41:63:22:96:29:20:39:ce:
                    88:ac:ad:94:dd:77:68:76:98:4b:b4:7e:8c:86:c1:
                    8a:68:9c:c7:21:06:ca:6e:40:be:af:a8:ae:8a:e0:
                    e6:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:06:E4:FA:5C:0A:F3:F6:78:78:C2:2C:4D:E5:A0:36:84:4D:24:69
            X509v3 Authority Key Identifier:
                keyid:AD:1B:B0:6A:72:BE:39:08:D4:32:FA:F0:83:63:57:AA:44:DF:16:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/rRuwanK-OQjUMvrwg2NXqkTfFrg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rRuwanK-OQjUMvrwg2NXqkTfFrg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/B8069A544FB911EDBF5EDC5CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.108.0.0/16
                  192.102.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:45:0b:fa:6f:db:c7:25:15:ad:02:ca:75:a6:97:4f:d2:1b:
         a5:41:f8:cb:84:23:c9:43:85:ce:5e:3a:1a:c0:b1:25:8b:19:
         18:83:7d:f3:c2:00:9d:06:61:a0:df:90:2c:88:1e:34:b6:56:
         b8:ac:0f:8e:28:82:75:0f:88:9f:7f:1f:d9:0f:c0:0d:db:d4:
         21:b2:a9:48:84:18:46:1b:ad:2c:9d:b0:80:8c:4c:0f:5b:49:
         40:72:45:87:8d:b2:4c:88:ca:b0:11:16:46:1f:de:2f:49:26:
         32:21:a6:1e:d9:07:4e:da:98:5f:de:d8:7b:71:d0:f9:7d:d5:
         96:f2:2d:86:2b:a4:15:17:7d:87:6a:b9:dd:e5:88:53:0e:34:
         ca:a0:b3:22:a9:6d:79:d4:93:49:eb:79:25:57:63:1a:5e:c7:
         cc:aa:93:6d:64:0c:0e:0b:f8:4a:81:1a:98:66:96:15:a4:de:
         d6:c2:16:0c:71:b4:69:7b:65:cd:e6:0f:97:1f:97:9a:bf:e4:
         b6:81:7f:9d:3c:a7:e7:4e:e7:c8:d8:53:d6:66:6d:28:49:32:
         2a:e1:ee:4c:51:16:6b:e4:9c:ac:60:d3:08:91:f5:00:b6:8c:
         a4:a1:39:69:23:77:b5:5b:b3:a9:62:ab:f5:84:29:08:63:f4:
         b0:6c:8b:83
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgICEtIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0MwMEYxMTAvBgNVBAUTKEFEMUJCMDZBNzJCRTM5MDhENDMyRkFGMDgzNjM1N0FB
NDRERjE2QjgwHhcNMjIxMDE5MTQyNDE5WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzUwMDg5My05MGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2hb5YkDT4X99blrCVa8BWEe097gb+5yGs9Sy9UtoWEK4hut1/C1kISsUSEvQ
SS1LqiYIIjXQuGCursoDreI8AZCa/xq1zljTxmk59yo7VWqWMYrqTZPMiilvCZyO
kQrhILKUEJXahwkk6CN3Mbxk/Gtz6kO9uoG/S0Vye8c3GHNP9TaVARvbJ3y2T5JK
8cjGI5ooOARoDnDMkNhj8m32VmYJYUkh4/R/mq3hNrWtnzdMKMERA8LQr+w5iz4h
qXbBxe28++g7KyG3+fV/A2TVSwyi3FSWVRotQWMilikgOc6IrK2U3XdodphLtH6M
hsGKaJzHIQbKbkC+r6iuiuDm3QIDAQABo4ICmjCCApYwHQYDVR0OBBYEFCgG5Ppc
CvP2eHjCLE3loDaETSRpMB8GA1UdIwQYMBaAFK0bsGpyvjkI1DL68INjV6pE3xa4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzAwRi9DNDdBQTY4RTVE
ODUxMUU4OUI4NzUyN0ZDNEY5QUUwMi9yUnV3YW5LLU9RalVNdnJ3ZzJOWHFrVGZG
cmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3JSdXdhbkstT1FqVU12cndnMk5YcWtUZkZyZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0MwMEYvQzQ3QUE2OEU1RDg1MTFFODlCODc1MjdGQzRGOUFFMDIvQjgwNjlBNTQ0
RkI5MTFFREJGNUVEQzVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E
FTATMBEEAgABMAsDAwCebAMEAMBmUzANBgkqhkiG9w0BAQsFAAOCAQEAtEUL+m/b
xyUVrQLKdaaXT9IbpUH4y4QjyUOFzl46GsCxJYsZGIN988IAnQZhoN+QLIgeNLZW
uKwPjiiCdQ+In38f2Q/ADdvUIbKpSIQYRhutLJ2wgIxMD1tJQHJFh42yTIjKsBEW
Rh/eL0kmMiGmHtkHTtqYX97Ye3HQ+X3VlvIthiukFRd9h2q53eWIUw40yqCzIqlt
edSTSet5JVdjGl7HzKqTbWQMDgv4SoEamGaWFaTe1sIWDHG0aXtlzeYPlx+Xmr/k
toF/nTyn507nyNhT1mZtKEkyKuHuTFEWa+ScrGDTCJH1ALaMpKE5aSN3tVuzqWKr
9YQpCGP0sGyLgw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org