Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/FBF7A1644F9A11ED8B9E4333C4F9AE02.roa
File:                     FBF7A1644F9A11ED8B9E4333C4F9AE02.roa (raw, json)
Hash identifier:          MK+x5RbQYIhLQeOGhSidcgElQUghMIjCjsN3ZttbcX8=
Subject key identifier:   E4:D5:0A:22:D0:D2:85:C5:60:64:29:0D:91:C6:29:DB:F3:84:D9:01
Certificate issuer:       /CN=A913C00F/serialNumber=AD1BB06A72BE3908D432FAF0836357AA44DF16B8
Certificate serial:       12C9
Authority key identifier: AD:1B:B0:6A:72:BE:39:08:D4:32:FA:F0:83:63:57:AA:44:DF:16:B8
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rRuwanK-OQjUMvrwg2NXqkTfFrg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/FBF7A1644F9A11ED8B9E4333C4F9AE02.roa
Signing time:             Wed 19 Oct 2022 10:44:19 +0000
ROA not before:           Wed 19 Oct 2022 10:44:19 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     9411
IP address blocks:        158.108.0.0/16 maxlen: 22
                          192.102.83.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4809 (0x12c9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913C00F/serialNumber=AD1BB06A72BE3908D432FAF0836357AA44DF16B8
        Validity
            Not Before: Oct 19 10:44:19 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=634fd503-fbe4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:26:15:47:d9:31:f9:cd:4f:db:e1:45:0e:ff:
                    af:2d:b2:6d:9a:22:41:3f:d1:9f:41:1a:46:82:b9:
                    84:e8:b9:c5:e1:7c:c0:06:40:b1:82:ea:d1:e8:80:
                    5c:b3:66:7b:0e:d7:8e:23:a7:13:0b:d0:1c:82:ae:
                    f1:cd:fe:12:2f:88:37:e8:fb:89:b1:ca:b9:b6:58:
                    5a:53:4d:cc:34:88:d4:87:85:35:ce:7c:3a:8c:db:
                    d9:d9:17:67:52:f9:d2:92:f8:af:2a:27:51:00:89:
                    93:f9:87:69:f1:0c:7d:2a:f7:21:6a:75:77:8c:ca:
                    66:0f:f6:80:3a:cc:cc:a2:a3:73:c2:bd:7c:99:1b:
                    8f:44:94:89:6c:84:4a:e0:4c:ba:84:ea:b7:b1:b2:
                    0f:1d:50:10:53:10:a3:e9:ed:99:ea:a4:cd:8c:62:
                    88:b1:d3:6d:f6:43:1a:83:cd:d1:0f:1b:51:4f:ed:
                    22:a8:00:39:81:07:e5:fc:88:4d:87:e8:cc:a7:df:
                    9a:70:c8:b0:2d:b2:da:80:ce:38:2e:fe:a1:88:4f:
                    d9:6d:cf:11:c5:07:3b:42:58:a6:b6:be:ce:9b:44:
                    74:76:47:d3:22:2e:ee:c3:65:25:41:53:cb:b2:1a:
                    d4:77:1d:a3:2d:37:2c:02:9c:d0:8f:f7:2b:d3:f2:
                    4d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:D5:0A:22:D0:D2:85:C5:60:64:29:0D:91:C6:29:DB:F3:84:D9:01
            X509v3 Authority Key Identifier:
                keyid:AD:1B:B0:6A:72:BE:39:08:D4:32:FA:F0:83:63:57:AA:44:DF:16:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/rRuwanK-OQjUMvrwg2NXqkTfFrg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rRuwanK-OQjUMvrwg2NXqkTfFrg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C00F/C47AA68E5D8511E89B87527FC4F9AE02/FBF7A1644F9A11ED8B9E4333C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.108.0.0/16
                  192.102.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:e1:de:52:6e:f1:e4:af:04:79:b1:29:17:24:af:2e:7d:1b:
         51:ba:03:13:f7:8b:5c:2a:b6:53:4b:9f:29:55:7a:3d:51:c7:
         95:8d:d4:87:87:8f:99:15:18:c1:d4:ee:0a:89:fd:7a:93:19:
         b4:5d:2a:db:43:13:26:5b:8d:8f:48:a7:c3:15:4d:55:da:1f:
         03:d2:20:be:39:1a:ef:97:26:4d:ca:ff:1a:35:cc:03:a4:46:
         32:ee:2b:c2:80:aa:d3:21:b8:0c:63:bc:4a:81:b8:45:7e:87:
         81:e4:d5:f3:c8:cd:b6:da:45:a5:36:27:10:3e:33:16:2c:93:
         be:9f:ac:20:97:38:44:2a:7a:49:69:61:73:3a:d9:dd:54:d1:
         30:22:a4:3a:a7:26:d8:b5:f8:47:f1:e8:da:f5:ab:ea:f2:19:
         6e:b6:85:f0:38:28:f8:87:53:1e:19:5a:08:b5:a6:5b:df:44:
         d5:69:36:26:41:b6:0d:b0:ea:0a:fe:28:c3:25:5f:33:95:dd:
         10:d3:ec:b4:83:18:33:60:6d:b1:4f:8a:6e:98:ba:82:c9:a5:
         12:24:85:90:5d:ec:cc:89:64:f3:35:1c:5c:d4:f4:0a:71:ad:
         2f:04:3a:4b:11:99:50:93:20:7b:07:e2:6a:ea:31:ba:21:55:
         fd:14:ed:c5
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgICEskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0MwMEYxMTAvBgNVBAUTKEFEMUJCMDZBNzJCRTM5MDhENDMyRkFGMDgzNjM1N0FB
NDRERjE2QjgwHhcNMjIxMDE5MTA0NDE5WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRmZDUwMy1mYmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuyYVR9kx+c1P2+FFDv+vLbJtmiJBP9GfQRpGgrmE6LnF4XzABkCxgurR6IBc
s2Z7DteOI6cTC9Acgq7xzf4SL4g36PuJscq5tlhaU03MNIjUh4U1znw6jNvZ2Rdn
UvnSkvivKidRAImT+Ydp8Qx9KvchanV3jMpmD/aAOszMoqNzwr18mRuPRJSJbIRK
4Ey6hOq3sbIPHVAQUxCj6e2Z6qTNjGKIsdNt9kMag83RDxtRT+0iqAA5gQfl/IhN
h+jMp9+acMiwLbLagM44Lv6hiE/Zbc8RxQc7Qlimtr7Om0R0dkfTIi7uw2UlQVPL
shrUdx2jLTcsApzQj/cr0/JNwwIDAQABo4ICmjCCApYwHQYDVR0OBBYEFOTVCiLQ
0oXFYGQpDZHGKdvzhNkBMB8GA1UdIwQYMBaAFK0bsGpyvjkI1DL68INjV6pE3xa4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzAwRi9DNDdBQTY4RTVE
ODUxMUU4OUI4NzUyN0ZDNEY5QUUwMi9yUnV3YW5LLU9RalVNdnJ3ZzJOWHFrVGZG
cmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3JSdXdhbkstT1FqVU12cndnMk5YcWtUZkZyZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0MwMEYvQzQ3QUE2OEU1RDg1MTFFODlCODc1MjdGQzRGOUFFMDIvRkJGN0ExNjQ0
RjlBMTFFRDhCOUU0MzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8E
FTATMBEEAgABMAsDAwCebAMEAMBmUzANBgkqhkiG9w0BAQsFAAOCAQEAFuHeUm7x
5K8EebEpFySvLn0bUboDE/eLXCq2U0ufKVV6PVHHlY3Uh4ePmRUYwdTuCon9epMZ
tF0q20MTJluNj0inwxVNVdofA9Igvjka75cmTcr/GjXMA6RGMu4rwoCq0yG4DGO8
SoG4RX6HgeTV88jNttpFpTYnED4zFiyTvp+sIJc4RCp6SWlhczrZ3VTRMCKkOqcm
2LX4R/Ho2vWr6vIZbraF8Dgo+IdTHhlaCLWmW99E1Wk2JkG2DbDqCv4owyVfM5Xd
ENPstIMYM2BtsU+Kbpi6gsmlEiSFkF3szIlk8zUcXNT0CnGtLwQ6SxGZUJMgewfi
auoxuiFV/RTtxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:55 2024 by rpki-client on console-ams.rpki-client.org