Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/1158F4B451F611E9A5EDBE25C4F9AE02.roa
File:                     1158F4B451F611E9A5EDBE25C4F9AE02.roa (raw, json)
Hash identifier:          1jXpiD6gmBSnu1fi9XCpYPe6/Jj4DMV+/92Sfn0w4q0=
Subject key identifier:   9B:41:B4:A9:48:3F:B9:95:02:83:54:60:7A:C3:D0:92:0F:57:A3:1B
Certificate issuer:       /CN=A9184D71/serialNumber=DDF9FDA94BBA359A37E0DBB007571AFF3E5117A2
Certificate serial:       1732
Authority key identifier: DD:F9:FD:A9:4B:BA:35:9A:37:E0:DB:B0:07:57:1A:FF:3E:51:17:A2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fn9qUu6NZo34NuwB1ca_z5RF6I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/1158F4B451F611E9A5EDBE25C4F9AE02.roa
Signing time:             Fri 14 Jul 2023 16:53:40 +0000
ROA not before:           Fri 14 Jul 2023 16:53:40 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     134451
IP address blocks:        103.60.9.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5938 (0x1732)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9184D71/serialNumber=DDF9FDA94BBA359A37E0DBB007571AFF3E5117A2
        Validity
            Not Before: Jul 14 16:53:40 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64b17d94-34cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:24:e3:68:2d:f8:90:26:c1:c3:20:c5:5b:71:
                    d5:7d:69:bd:d5:e4:3a:cc:b2:66:a8:56:6f:c7:90:
                    d0:15:62:e3:e3:29:e7:ba:b1:39:2f:70:51:19:e9:
                    92:e3:67:a7:5c:14:1a:18:7e:c9:b2:47:83:b1:be:
                    86:2b:2a:41:d7:7f:59:e8:0b:7a:30:54:e3:bf:0d:
                    3c:36:d6:23:7a:fe:07:fe:07:54:2c:16:71:d8:f4:
                    c8:ba:cd:21:67:c7:41:37:e5:29:80:f5:c2:4a:56:
                    87:14:f5:cc:2b:08:1b:89:47:13:1e:93:96:14:6f:
                    c3:31:8b:db:ee:79:43:cb:3f:13:b0:af:c3:0a:30:
                    f6:9a:a0:c9:91:67:d2:af:0b:61:f1:f1:73:30:47:
                    78:5a:b7:b7:08:63:4c:62:f2:2d:b1:d1:54:67:30:
                    01:1e:66:29:20:87:ba:46:f8:f9:ce:49:41:f2:c4:
                    db:e5:9d:6f:ea:6f:b5:cf:99:10:16:ce:01:91:44:
                    8d:69:6b:e7:ab:1f:9f:36:d7:6e:87:ee:93:35:91:
                    70:c0:c0:14:13:a6:7e:91:e1:75:e9:1a:c4:4c:ec:
                    b0:93:1a:70:f5:4d:99:56:cf:5b:d1:9a:d3:0d:d3:
                    35:ba:28:81:10:d5:f1:44:7c:78:3a:fb:d5:64:0c:
                    f4:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:41:B4:A9:48:3F:B9:95:02:83:54:60:7A:C3:D0:92:0F:57:A3:1B
            X509v3 Authority Key Identifier:
                keyid:DD:F9:FD:A9:4B:BA:35:9A:37:E0:DB:B0:07:57:1A:FF:3E:51:17:A2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/3fn9qUu6NZo34NuwB1ca_z5RF6I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fn9qUu6NZo34NuwB1ca_z5RF6I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/1158F4B451F611E9A5EDBE25C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.60.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:59:7f:bb:e2:52:c5:e6:a3:5f:43:fb:1b:a4:92:eb:ed:d0:
         75:af:97:3c:e8:b1:df:fe:75:5e:dd:a0:81:e2:fb:ed:29:20:
         c2:d6:23:19:b1:62:86:d3:a8:08:3d:59:69:3d:0d:18:9e:74:
         56:00:c6:2d:c6:f2:fd:9c:a2:32:2f:b1:6d:d4:e5:1e:f5:96:
         2a:49:75:42:d0:b7:b0:ed:5b:df:2a:93:94:d5:e2:96:39:f1:
         46:14:a4:23:85:cc:c3:e8:b7:55:59:28:7e:b2:b9:f7:1f:c1:
         db:a7:b6:13:f4:c1:7c:ea:7c:08:70:0f:85:c6:ad:99:05:95:
         56:d5:ac:be:c7:e3:a6:53:a5:72:9c:fe:b1:52:db:36:70:af:
         79:ef:98:66:6d:71:8d:d0:3c:3e:bb:7d:b6:4d:61:e6:f9:88:
         05:e6:1e:66:b6:5c:f2:3e:ac:88:89:8c:79:81:c3:7d:37:31:
         6e:ce:cb:43:0b:8c:49:28:13:26:d0:47:fc:5e:4e:08:c7:20:
         cf:de:17:62:5a:ac:15:6d:62:ac:e0:33:33:a5:dd:4e:28:c5:
         ca:86:70:2e:d4:26:8c:0e:b8:2f:17:56:07:ec:b0:49:1c:82:
         d5:b1:91:c0:10:a7:8c:5f:e0:22:00:c4:f8:ca:30:67:49:10:
         8a:62:df:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODRENzExMTAvBgNVBAUTKERERjlGREE5NEJCQTM1OUEzN0UwREJCMDA3NTcxQUZG
M0U1MTE3QTIwHhcNMjMwNzE0MTY1MzQwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGIxN2Q5NC0zNGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1CTjaC34kCbBwyDFW3HVfWm91eQ6zLJmqFZvx5DQFWLj4ynnurE5L3BRGemS
42enXBQaGH7JskeDsb6GKypB139Z6At6MFTjvw08NtYjev4H/gdULBZx2PTIus0h
Z8dBN+UpgPXCSlaHFPXMKwgbiUcTHpOWFG/DMYvb7nlDyz8TsK/DCjD2mqDJkWfS
rwth8fFzMEd4Wre3CGNMYvItsdFUZzABHmYpIIe6Rvj5zklB8sTb5Z1v6m+1z5kQ
Fs4BkUSNaWvnqx+fNtduh+6TNZFwwMAUE6Z+keF16RrETOywkxpw9U2ZVs9b0ZrT
DdM1uiiBENXxRHx4OvvVZAz0wQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJtBtKlI
P7mVAoNUYHrD0JIPV6MbMB8GA1UdIwQYMBaAFN35/alLujWaN+DbsAdXGv8+URei
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NEQ3MS85ODNBMEM5RTlE
MUYxMUU3ODc2RTY2MTFDNEY5QUUwMi8zZm45cVV1Nk5abzM0TnV3QjFjYV96NVJG
NkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNmbjlxVXU2TlpvMzROdXdCMWNhX3o1UkY2SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODRENzEvOTgzQTBDOUU5RDFGMTFFNzg3NkU2NjExQzRGOUFFMDIvMTE1OEY0QjQ1
MUY2MTFFOUE1RURCRTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnPAkwDQYJKoZIhvcNAQELBQADggEBAJlZf7viUsXmo19D
+xukkuvt0HWvlzzosd/+dV7doIHi++0pIMLWIxmxYobTqAg9WWk9DRiedFYAxi3G
8v2cojIvsW3U5R71lipJdULQt7DtW98qk5TV4pY58UYUpCOFzMPot1VZKH6yufcf
wdunthP0wXzqfAhwD4XGrZkFlVbVrL7H46ZTpXKc/rFS2zZwr3nvmGZtcY3QPD67
fbZNYeb5iAXmHma2XPI+rIiJjHmBw303MW7Oy0MLjEkoEybQR/xeTgjHIM/eF2Ja
rBVtYqzgMzOl3U4oxcqGcC7UJowOuC8XVgfssEkcgtWxkcAQp4xf4CIAxPjKMGdJ
EIpi3/w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org