Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/FB70FFE85D8611E89BFECC83C4F9AE02.roa
File:                     FB70FFE85D8611E89BFECC83C4F9AE02.roa (raw, json)
Hash identifier:          1tXcfBHaTMq6NA7MDw0VRiH4CVPGlqpZdsltn2xWmFE=
Subject key identifier:   24:94:C2:38:A3:48:63:6B:05:56:1B:BC:30:62:C7:5F:38:8D:B7:92
Certificate issuer:       /CN=A913C00F/serialNumber=AD1BB06A72BE3908D432FAF0836357AA44DF16B8
Certificate serial:       1013
Authority key identifier: AD:1B:B0:6A:72:BE:39:08:D4:32:FA:F0:83:63:57:AA:44:DF:16:B8
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rRuwanK-OQjUMvrwg2NXqkTfFrg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/FB70FFE85D8611E89BFECC83C4F9AE02.roa
Signing time:             Mon 25 Oct 2021 06:25:28 +0000
ROA not before:           Mon 25 Oct 2021 06:25:28 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     9411
IP address blocks:        158.108.0.0/16 maxlen: 16
                          192.102.83.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4115 (0x1013)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913C00F/serialNumber=AD1BB06A72BE3908D432FAF0836357AA44DF16B8
        Validity
            Not Before: Oct 25 06:25:28 2021 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=61764dd7-6835
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:5b:81:06:1d:a5:b9:1b:b9:d2:6b:b6:65:a8:
                    85:4b:65:52:be:22:cf:51:26:f2:6a:f4:57:95:eb:
                    21:78:93:44:ae:69:82:5d:f9:c0:23:07:d2:f5:52:
                    b9:c8:15:f0:bd:d1:77:6d:fc:15:3b:70:34:50:53:
                    23:0d:1e:48:77:7b:cf:bb:3b:c9:d2:95:55:f7:42:
                    50:2d:fe:6d:5e:63:67:c0:8f:e6:0d:76:23:07:52:
                    eb:cf:1c:70:ea:c7:c5:40:0e:8e:5c:90:ce:eb:47:
                    d2:82:a0:d7:4f:88:5f:08:f9:8b:43:0e:9b:24:b2:
                    c3:74:c0:74:9a:6e:50:7b:8d:58:63:d3:54:29:d5:
                    b2:d6:fa:2f:d4:1d:0b:e1:99:fd:9e:c7:a3:e7:39:
                    11:c6:24:e9:e0:9e:ca:47:e9:e4:4b:80:0e:b3:b4:
                    4f:3f:57:25:11:be:08:ac:20:13:78:c3:b7:ac:0f:
                    44:49:b1:42:6a:c4:93:ef:f6:0b:96:d8:d9:0e:f4:
                    6e:54:c0:23:41:fc:fb:43:bf:ce:6c:88:9d:4c:df:
                    6a:65:6d:aa:97:b1:59:5c:fa:b3:04:b3:8b:f7:df:
                    84:78:d6:9d:6b:8e:d4:15:5f:ba:c9:f6:07:89:98:
                    5c:03:37:fd:db:84:1c:be:2f:17:28:06:69:d9:d9:
                    49:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:94:C2:38:A3:48:63:6B:05:56:1B:BC:30:62:C7:5F:38:8D:B7:92
            X509v3 Authority Key Identifier:
                keyid:AD:1B:B0:6A:72:BE:39:08:D4:32:FA:F0:83:63:57:AA:44:DF:16:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/rRuwanK-OQjUMvrwg2NXqkTfFrg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rRuwanK-OQjUMvrwg2NXqkTfFrg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/FB70FFE85D8611E89BFECC83C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.108.0.0/16
                  192.102.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:7e:e8:3f:d9:62:2d:f1:80:32:95:41:24:71:61:04:4b:f7:
         5a:c0:5e:46:0c:0e:35:68:3b:af:c4:12:c3:2f:16:35:4e:b9:
         b9:84:84:dd:ec:05:52:d5:98:50:70:82:92:3d:65:3c:58:a9:
         7c:0d:97:4d:fe:46:76:60:5c:e5:c0:19:fb:a8:30:c0:84:06:
         7b:b3:42:2d:5e:25:83:39:b8:8c:1d:a0:d5:8d:86:50:76:bb:
         4a:54:30:34:07:ad:dc:e0:e3:de:10:b7:9a:3c:a8:c0:ab:ed:
         01:da:70:2d:e6:c4:81:6c:02:11:9b:63:52:7a:32:7b:46:38:
         47:85:6a:5f:f5:b5:d9:6d:53:72:39:59:b4:f7:16:c7:1a:10:
         13:b8:d9:76:52:2b:92:65:3f:33:e4:0b:b5:ca:0a:c6:b9:00:
         bf:7e:d6:3a:f0:4d:28:fc:cb:2e:e4:ab:a2:f6:82:b9:51:3b:
         b1:5b:9d:64:85:2f:6d:f6:db:8c:c4:07:1b:65:09:fd:24:c4:
         bb:f4:4a:4e:4a:c8:dd:a3:81:11:b7:78:0f:35:0d:b6:f7:81:
         74:c6:25:61:99:a7:68:bb:9a:55:bd:c9:d5:15:d9:7c:e4:0e:
         9b:42:0a:ea:9b:0e:60:f7:7d:a7:75:79:6c:0f:68:03:57:9e:
         c6:cf:74:b7
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgICEBMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0MwMEYxMTAvBgNVBAUTKEFEMUJCMDZBNzJCRTM5MDhENDMyRkFGMDgzNjM1N0FB
NDRERjE2QjgwHhcNMjExMDI1MDYyNTI4WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTc2NGRkNy02ODM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxluBBh2luRu50mu2ZaiFS2VSviLPUSbyavRXlesheJNErmmCXfnAIwfS9VK5
yBXwvdF3bfwVO3A0UFMjDR5Id3vPuzvJ0pVV90JQLf5tXmNnwI/mDXYjB1Lrzxxw
6sfFQA6OXJDO60fSgqDXT4hfCPmLQw6bJLLDdMB0mm5Qe41YY9NUKdWy1vov1B0L
4Zn9nsej5zkRxiTp4J7KR+nkS4AOs7RPP1clEb4IrCATeMO3rA9ESbFCasST7/YL
ltjZDvRuVMAjQfz7Q7/ObIidTN9qZW2ql7FZXPqzBLOL99+EeNada47UFV+6yfYH
iZhcAzf924Qcvi8XKAZp2dlJEwIDAQABo4ICmjCCApYwHQYDVR0OBBYEFCSUwjij
SGNrBVYbvDBix184jbeSMB8GA1UdIwQYMBaAFK0bsGpyvjkI1DL68INjV6pE3xa4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzAwRi9DNDdBQTY4RTVE
ODUxMUU4OUI4NzUyN0ZDNEY5QUUwMi9yUnV3YW5LLU9RalVNdnJ3ZzJOWHFrVGZG
cmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3JSdXdhbkstT1FqVU12cndnMk5YcWtUZkZyZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0MwMEYvQzQ3QUE2OEU1RDg1MTFFODlCODc1MjdGQzRGOUFFMDIvRkI3MEZGRTg1
RDg2MTFFODlCRkVDQzgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E
FTATMBEEAgABMAsDAwCebAMEAMBmUzANBgkqhkiG9w0BAQsFAAOCAQEAkH7oP9li
LfGAMpVBJHFhBEv3WsBeRgwONWg7r8QSwy8WNU65uYSE3ewFUtWYUHCCkj1lPFip
fA2XTf5GdmBc5cAZ+6gwwIQGe7NCLV4lgzm4jB2g1Y2GUHa7SlQwNAet3ODj3hC3
mjyowKvtAdpwLebEgWwCEZtjUnoye0Y4R4VqX/W12W1TcjlZtPcWxxoQE7jZdlIr
kmU/M+QLtcoKxrkAv37WOvBNKPzLLuSrovaCuVE7sVudZIUvbfbbjMQHG2UJ/STE
u/RKTkrI3aOBEbd4DzUNtveBdMYlYZmnaLuaVb3J1RXZfOQOm0IK6psOYPd9p3V5
bA9oA1eexs90tw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org