Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91685DF/AB7357AECD6D11E9A6C26E46C4F9AE02/C11A5EA6048F11EEB7391C0AC4F9AE02.roa
File:                     C11A5EA6048F11EEB7391C0AC4F9AE02.roa (raw, json)
Hash identifier:          XzeergnLrFDFLka2COUlyW4vGfCM0N7FMlpKS7foN3g=
Subject key identifier:   FA:67:9C:A1:C3:44:56:9F:B5:00:09:9A:14:2E:B2:0D:C1:1A:21:27
Certificate issuer:       /CN=A91685DF/serialNumber=BF237EE623BD2853AC04554EB812280434A85A8F
Certificate serial:       0BFD
Authority key identifier: BF:23:7E:E6:23:BD:28:53:AC:04:55:4E:B8:12:28:04:34:A8:5A:8F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vyN-5iO9KFOsBFVOuBIoBDSoWo8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91685DF/AB7357AECD6D11E9A6C26E46C4F9AE02/C11A5EA6048F11EEB7391C0AC4F9AE02.roa
Signing time:             Thu 08 Jun 2023 02:39:48 +0000
ROA not before:           Thu 08 Jun 2023 02:39:48 +0000
ROA not after:            Wed 29 May 2024 00:00:00 +0000
asID:                     151396
IP address blocks:        103.134.217.0/24 maxlen: 24
                          103.134.219.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3069 (0xbfd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91685DF/serialNumber=BF237EE623BD2853AC04554EB812280434A85A8F
        Validity
            Not Before: Jun  8 02:39:48 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=64813f74-4194
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:fe:fc:12:21:56:ed:52:87:5d:11:48:0d:c0:
                    25:ed:1a:65:15:1e:e9:87:80:69:09:84:4b:1a:bc:
                    0d:ab:83:4f:56:dd:6e:c4:7f:67:f1:c3:c7:6e:ae:
                    d3:0e:de:e3:8e:33:1d:06:5e:b7:1d:12:36:e3:21:
                    ee:77:a0:d8:3e:1d:2c:33:1e:1e:ff:88:00:43:df:
                    a1:57:d4:ba:49:fd:78:8a:ee:f9:4e:42:a3:a6:16:
                    f0:38:12:d8:55:56:ad:a5:aa:e7:58:de:0a:c8:38:
                    26:7c:57:dc:91:7c:38:c2:02:9c:6d:34:f2:85:93:
                    a6:ed:c0:10:be:e3:29:50:8a:ed:50:e7:7a:95:1d:
                    59:49:31:0d:d8:13:89:11:d3:0e:fa:6a:43:1f:1b:
                    ad:da:64:55:ab:1a:4f:70:9e:87:94:f3:09:f1:2a:
                    a4:61:ad:1a:34:68:0c:fc:3e:e8:85:cf:07:f6:82:
                    37:87:68:fe:52:a8:ff:5a:70:56:6a:96:2f:b2:ad:
                    01:50:3f:ea:83:3a:26:fa:a4:d1:a9:85:d0:67:0f:
                    fb:69:7e:b8:b5:5b:46:a1:6a:f4:40:67:56:7e:0c:
                    ae:58:b4:90:d8:eb:c8:b9:80:90:9d:f3:46:a6:42:
                    e3:bc:88:a5:3a:b1:e6:7b:de:77:2f:0e:d3:df:d7:
                    41:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:67:9C:A1:C3:44:56:9F:B5:00:09:9A:14:2E:B2:0D:C1:1A:21:27
            X509v3 Authority Key Identifier:
                keyid:BF:23:7E:E6:23:BD:28:53:AC:04:55:4E:B8:12:28:04:34:A8:5A:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91685DF/AB7357AECD6D11E9A6C26E46C4F9AE02/vyN-5iO9KFOsBFVOuBIoBDSoWo8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vyN-5iO9KFOsBFVOuBIoBDSoWo8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91685DF/AB7357AECD6D11E9A6C26E46C4F9AE02/C11A5EA6048F11EEB7391C0AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.134.217.0/24
                  103.134.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:7d:52:62:23:2d:3c:4d:ee:24:0d:44:78:36:b7:5c:66:01:
         64:be:2e:d9:46:2b:17:8a:c8:95:ff:a3:eb:98:37:a2:29:6c:
         b8:7f:d5:28:df:f0:3c:51:3d:33:20:25:a8:00:ac:70:d2:50:
         3f:0e:c9:97:a8:aa:86:b1:3c:ee:42:bf:36:50:92:8e:4c:ef:
         f6:53:fd:49:24:f6:35:36:52:dc:9b:f8:ae:19:17:55:ba:1f:
         9d:5e:71:f0:13:f5:a4:c6:97:a7:ef:30:d1:32:85:57:a7:47:
         99:b4:d2:ab:f7:49:a6:fd:9d:5f:41:6a:24:68:80:a0:af:0c:
         8f:b7:e5:21:86:b4:e3:97:bd:cb:4a:22:ba:73:b9:a4:41:f7:
         ef:45:c3:64:a7:65:2c:99:b5:29:9f:13:e5:99:e1:da:4b:52:
         52:c8:47:48:20:b0:c2:4b:f4:77:ee:6d:d1:42:11:d5:15:ab:
         5b:87:8f:b0:7d:31:5d:ed:5e:16:4c:fd:42:3a:ad:fc:ec:ad:
         98:b6:fa:31:02:08:a6:e2:e4:05:60:32:0d:3b:9c:cc:95:56:
         c6:24:59:cf:27:80:8c:f2:8a:55:64:ee:b6:f3:61:40:a4:78:
         88:57:ac:4f:83:ea:78:ca:ce:f1:4f:cf:07:01:dc:4f:9b:8e:
         3f:f3:57:c7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njg1REYxMTAvBgNVBAUTKEJGMjM3RUU2MjNCRDI4NTNBQzA0NTU0RUI4MTIyODA0
MzRBODVBOEYwHhcNMjMwNjA4MDIzOTQ4WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgxM2Y3NC00MTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0P78EiFW7VKHXRFIDcAl7RplFR7ph4BpCYRLGrwNq4NPVt1uxH9n8cPHbq7T
Dt7jjjMdBl63HRI24yHud6DYPh0sMx4e/4gAQ9+hV9S6Sf14iu75TkKjphbwOBLY
VVatparnWN4KyDgmfFfckXw4wgKcbTTyhZOm7cAQvuMpUIrtUOd6lR1ZSTEN2BOJ
EdMO+mpDHxut2mRVqxpPcJ6HlPMJ8SqkYa0aNGgM/D7ohc8H9oI3h2j+Uqj/WnBW
apYvsq0BUD/qgzom+qTRqYXQZw/7aX64tVtGoWr0QGdWfgyuWLSQ2OvIuYCQnfNG
pkLjvIilOrHme953Lw7T39dB+wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPpnnKHD
RFaftQAJmhQusg3BGiEnMB8GA1UdIwQYMBaAFL8jfuYjvShTrARVTrgSKAQ0qFqP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODVERi9BQjczNTdBRUNE
NkQxMUU5QTZDMjZFNDZDNEY5QUUwMi92eU4tNWlPOUtGT3NCRlZPdUJJb0JEU29X
bzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Z5Ti01aU85S0ZPc0JGVk91QklvQkRTb1dvOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njg1REYvQUI3MzU3QUVDRDZEMTFFOUE2QzI2RTQ2QzRGOUFFMDIvQzExQTVFQTYw
NDhGMTFFRUI3MzkxQzBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnhtkDBABnhtswDQYJKoZIhvcNAQELBQADggEBAJp9UmIj
LTxN7iQNRHg2t1xmAWS+LtlGKxeKyJX/o+uYN6IpbLh/1Sjf8DxRPTMgJagArHDS
UD8OyZeoqoaxPO5CvzZQko5M7/ZT/Ukk9jU2Utyb+K4ZF1W6H51ecfAT9aTGl6fv
MNEyhVenR5m00qv3Sab9nV9BaiRogKCvDI+35SGGtOOXvctKIrpzuaRB9+9Fw2Sn
ZSyZtSmfE+WZ4dpLUlLIR0ggsMJL9HfubdFCEdUVq1uHj7B9MV3tXhZM/UI6rfzs
rZi2+jECCKbi5AVgMg07nMyVVsYkWc8ngIzyilVk7rbzYUCkeIhXrE+D6njKzvFP
zwcB3E+bjj/zV8c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org