Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9140F41/77D71282894911E39AA02A615911EA32/23BA204E77E211EEB8461B56C4F9AE02.roa
File:                     23BA204E77E211EEB8461B56C4F9AE02.roa (raw, json)
Hash identifier:          DMAvs/gPC7RK1c83dWdg6oAaAhanMidOfUYcIDs3YSE=
Subject key identifier:   57:E9:04:9E:B5:F0:BD:87:45:B7:82:16:25:24:24:1A:60:70:06:80
Certificate issuer:       /CN=A9140F41/serialNumber=8F371012A473C2E800C5424030F3254F729854B7
Certificate serial:       2C43
Authority key identifier: 8F:37:10:12:A4:73:C2:E8:00:C5:42:40:30:F3:25:4F:72:98:54:B7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jzcQEqRzwugAxUJAMPMlT3KYVLc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9140F41/77D71282894911E39AA02A615911EA32/23BA204E77E211EEB8461B56C4F9AE02.roa
Signing time:             Tue 31 Oct 2023 11:39:24 +0000
ROA not before:           Tue 31 Oct 2023 11:39:24 +0000
ROA not after:            Fri 01 Mar 2024 00:00:00 +0000
asID:                     132509
IP address blocks:        2405:f900::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11331 (0x2c43)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9140F41/serialNumber=8F371012A473C2E800C5424030F3254F729854B7
        Validity
            Not Before: Oct 31 11:39:24 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=6540e76c-f3d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0e:6e:7e:11:0f:c9:20:23:3c:82:4d:2a:6f:
                    9e:72:15:25:0f:9f:a9:3c:11:44:5f:16:bc:24:22:
                    31:e6:78:b1:26:f1:bb:ff:84:aa:f7:4e:25:06:5b:
                    19:ac:05:bb:ba:be:23:97:ec:58:2b:83:6c:fc:bb:
                    82:82:3a:41:8d:e6:a5:c5:29:07:a6:a2:b3:b9:a1:
                    94:50:76:ec:a9:80:3f:f2:ac:db:de:f9:4d:40:db:
                    9e:63:69:65:40:f6:1d:18:61:60:83:73:5e:ec:f3:
                    ab:06:86:fc:8e:c4:2a:e1:2c:d3:68:d1:f2:41:58:
                    e3:5e:16:80:44:01:9a:c8:5e:f8:86:2e:2f:55:c0:
                    30:8f:0c:11:20:5b:d0:d1:ca:64:6b:ca:b1:a0:d3:
                    87:50:13:f1:ce:c9:66:f4:a6:56:b3:2c:bf:d3:ac:
                    01:43:1b:49:00:3b:f3:06:15:86:aa:05:40:0e:db:
                    11:a8:16:5b:2a:48:d2:45:50:a1:27:80:cb:b7:79:
                    d2:e0:44:0a:b2:f3:7c:c8:81:98:05:b1:a3:6b:d3:
                    77:e9:7c:eb:54:ca:e5:93:01:f8:58:11:9b:51:7e:
                    89:3d:05:c4:61:37:82:cd:11:2a:8c:b2:bb:b9:67:
                    7c:d1:2d:d9:f8:44:4e:8a:c0:86:51:43:a8:be:ea:
                    e9:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:E9:04:9E:B5:F0:BD:87:45:B7:82:16:25:24:24:1A:60:70:06:80
            X509v3 Authority Key Identifier:
                keyid:8F:37:10:12:A4:73:C2:E8:00:C5:42:40:30:F3:25:4F:72:98:54:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9140F41/77D71282894911E39AA02A615911EA32/jzcQEqRzwugAxUJAMPMlT3KYVLc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jzcQEqRzwugAxUJAMPMlT3KYVLc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140F41/77D71282894911E39AA02A615911EA32/23BA204E77E211EEB8461B56C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:f900::/32

    Signature Algorithm: sha256WithRSAEncryption
         cd:82:85:7b:55:85:09:15:2f:bf:03:ec:af:3a:19:67:56:e0:
         bd:01:b7:df:4c:88:64:3f:b1:7f:fc:64:7c:31:bf:41:c3:ef:
         68:ba:d8:19:38:ac:61:22:7d:a2:5a:d8:56:bc:ef:e8:7e:3c:
         3d:8b:e5:f4:18:25:a7:b9:4f:79:71:f3:55:76:fe:a7:53:f4:
         49:01:94:31:8a:b0:30:08:e4:dc:0c:aa:75:82:bb:12:8f:7b:
         02:af:62:fd:01:75:78:9f:54:73:be:df:39:fc:1f:b8:fd:26:
         90:6c:53:81:88:31:c6:9a:3f:a3:49:b0:5c:1a:66:65:11:e2:
         d0:76:ea:fa:1b:4a:69:06:3b:4e:12:6b:4e:fd:ac:2e:f2:17:
         6f:a6:2e:db:c2:fd:b2:61:18:e3:ee:1f:3c:fd:d9:f2:02:1a:
         d6:f9:b7:89:cb:54:6e:9a:bc:57:90:29:6b:b5:1f:fc:bf:f6:
         5c:31:9b:74:d0:9d:ed:44:2c:d9:48:a9:9c:14:4f:bb:4e:26:
         ac:ed:9d:a6:11:f2:72:0e:e0:db:33:c8:a6:44:6f:2d:66:be:
         a0:ff:57:7e:93:22:54:db:b8:b0:d9:b8:d3:ec:a2:e9:b1:09:
         a3:c6:12:08:8d:8d:e2:4e:b1:a0:91:12:1f:ac:34:26:cb:53:
         d9:6c:66:26
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICLEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDBGNDExMTAvBgNVBAUTKDhGMzcxMDEyQTQ3M0MyRTgwMEM1NDI0MDMwRjMyNTRG
NzI5ODU0QjcwHhcNMjMxMDMxMTEzOTI0WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQwZTc2Yy1mM2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmw5ufhEPySAjPIJNKm+echUlD5+pPBFEXxa8JCIx5nixJvG7/4Sq904lBlsZ
rAW7ur4jl+xYK4Ns/LuCgjpBjealxSkHpqKzuaGUUHbsqYA/8qzb3vlNQNueY2ll
QPYdGGFgg3Ne7POrBob8jsQq4SzTaNHyQVjjXhaARAGayF74hi4vVcAwjwwRIFvQ
0cpka8qxoNOHUBPxzslm9KZWsyy/06wBQxtJADvzBhWGqgVADtsRqBZbKkjSRVCh
J4DLt3nS4EQKsvN8yIGYBbGja9N36XzrVMrlkwH4WBGbUX6JPQXEYTeCzREqjLK7
uWd80S3Z+EROisCGUUOovurpKwIDAQABo4ICljCCApIwHQYDVR0OBBYEFFfpBJ61
8L2HRbeCFiUkJBpgcAaAMB8GA1UdIwQYMBaAFI83EBKkc8LoAMVCQDDzJU9ymFS3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEY0MS83N0Q3MTI4Mjg5
NDkxMUUzOUFBMDJBNjE1OTExRUEzMi9qemNRRXFSend1Z0F4VUpBTVBNbFQzS1lW
TGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2p6Y1FFcVJ6d3VnQXhVSkFNUE1sVDNLWVZMYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDBGNDEvNzdENzEyODI4OTQ5MTFFMzlBQTAyQTYxNTkxMUVBMzIvMjNCQTIwNEU3
N0UyMTFFRUI4NDYxQjU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBfkAMA0GCSqGSIb3DQEBCwUAA4IBAQDNgoV7VYUJFS+/
A+yvOhlnVuC9AbffTIhkP7F//GR8Mb9Bw+9outgZOKxhIn2iWthWvO/ofjw9i+X0
GCWnuU95cfNVdv6nU/RJAZQxirAwCOTcDKp1grsSj3sCr2L9AXV4n1Rzvt85/B+4
/SaQbFOBiDHGmj+jSbBcGmZlEeLQdur6G0ppBjtOEmtO/awu8hdvpi7bwv2yYRjj
7h88/dnyAhrW+beJy1RumrxXkClrtR/8v/ZcMZt00J3tRCzZSKmcFE+7Tias7Z2m
EfJyDuDbM8imRG8tZr6g/1d+kyJU27iw2bjT7KLpsQmjxhIIjY3iTrGgkRIfrDQm
y1PZbGYm
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:03 2024 by rpki-client on console-fra.rpki-client.org