Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918A5CA/5D634986E96211EAA4658420C4F9AE02/41B4B8C40F6D11EBA8CD9B80C4F9AE02.roa
File:                     41B4B8C40F6D11EBA8CD9B80C4F9AE02.roa (raw, json)
Hash identifier:          dPGD4CODsGLUMvz4okNZycYtExq7JzskqfmsDqOQiSo=
Subject key identifier:   85:D6:1F:79:3A:17:E8:29:3D:7A:68:39:FF:9E:03:5B:E5:6F:1F:6D
Certificate issuer:       /CN=A918A5CA/serialNumber=392570554339A9B5B04C45C4E4B8614DC6F43CE2
Certificate serial:       051B
Authority key identifier: 39:25:70:55:43:39:A9:B5:B0:4C:45:C4:E4:B8:61:4D:C6:F4:3C:E2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OSVwVUM5qbWwTEXE5LhhTcb0POI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918A5CA/5D634986E96211EAA4658420C4F9AE02/41B4B8C40F6D11EBA8CD9B80C4F9AE02.roa
Signing time:             Thu 02 Jun 2022 11:27:28 +0000
ROA not before:           Thu 02 Jun 2022 11:27:28 +0000
ROA not after:            Thu 31 Aug 2023 00:00:00 +0000
asID:                     137443
IP address blocks:        123.253.111.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1307 (0x51b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918A5CA/serialNumber=392570554339A9B5B04C45C4E4B8614DC6F43CE2
        Validity
            Not Before: Jun  2 11:27:28 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=62989ea0-c933
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:da:14:29:d4:b2:47:8f:92:58:d0:c6:06:b1:
                    d4:d3:d1:c3:3a:6d:79:f8:cc:52:88:b7:70:ec:10:
                    89:16:c5:c3:7b:4c:d1:6f:ce:56:79:3f:50:a4:6e:
                    27:46:4d:51:45:b5:63:a1:46:0c:f1:d4:1c:b5:86:
                    3e:66:89:10:1a:44:6c:7a:27:c2:fe:76:17:9b:35:
                    31:db:a4:49:42:da:1b:60:01:76:4e:7d:8a:12:b1:
                    48:2b:95:54:f1:8e:7a:07:ba:ba:cf:26:d7:66:de:
                    8b:2b:e2:19:ea:a6:4b:0f:ab:5b:bd:2f:39:74:51:
                    74:71:72:d4:dc:ea:f2:77:c5:08:4e:d3:e3:54:0d:
                    26:8a:3c:8c:99:54:ba:0d:9c:83:c5:e7:12:07:e3:
                    fb:f8:78:65:89:5e:aa:3b:a0:ff:65:d9:cb:0c:a5:
                    1b:55:72:e8:6a:ab:c2:c7:b5:5f:83:65:23:59:4e:
                    37:1a:c5:a3:5b:ec:f8:a5:cb:54:2c:69:b1:54:4a:
                    1a:b8:01:9d:73:05:31:4e:7c:b2:29:e1:e9:da:b9:
                    e5:1c:11:b9:48:61:d4:3a:09:a0:e8:bf:cd:e5:b9:
                    99:05:36:1e:2a:27:17:eb:6c:dd:47:89:98:3b:08:
                    b9:c8:6f:af:8a:4e:50:c2:f6:9e:b4:09:44:20:95:
                    18:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:D6:1F:79:3A:17:E8:29:3D:7A:68:39:FF:9E:03:5B:E5:6F:1F:6D
            X509v3 Authority Key Identifier:
                keyid:39:25:70:55:43:39:A9:B5:B0:4C:45:C4:E4:B8:61:4D:C6:F4:3C:E2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918A5CA/5D634986E96211EAA4658420C4F9AE02/OSVwVUM5qbWwTEXE5LhhTcb0POI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OSVwVUM5qbWwTEXE5LhhTcb0POI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A5CA/5D634986E96211EAA4658420C4F9AE02/41B4B8C40F6D11EBA8CD9B80C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.253.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:e3:61:40:a6:93:29:ea:1f:f4:3c:49:c4:c7:21:83:65:1f:
         66:fc:8c:8d:a7:23:2b:a2:89:13:96:7c:8f:6e:b0:8c:5a:ca:
         06:11:ee:ab:cd:75:d6:24:8b:5a:7b:0b:ca:51:72:14:e4:b7:
         48:e7:3a:8e:c4:48:12:85:28:5b:e2:f4:16:91:a6:35:9a:b2:
         24:86:93:4e:9b:ef:2a:b4:00:ce:b6:31:62:3a:44:39:a0:a9:
         f4:24:b3:a5:38:e5:89:65:eb:a4:a8:5f:79:44:12:9c:be:55:
         de:64:50:bd:e5:3d:ce:0f:5c:f7:6f:15:3c:ed:9b:22:7e:f6:
         20:46:47:79:42:63:54:4a:0d:af:2b:14:74:8c:f5:35:d9:ab:
         2e:64:a6:3b:28:ba:5a:38:63:11:04:d3:57:99:21:49:47:bc:
         26:2a:ec:4c:97:a0:9c:24:27:99:76:2f:21:bd:da:90:cc:10:
         1d:5a:08:66:16:ac:4c:f3:2c:a6:b5:e8:1d:a2:57:40:5c:57:
         cc:ce:2d:47:a3:3b:74:52:33:c3:75:a5:73:58:cc:b6:7a:b8:
         79:c7:65:0b:a7:da:e9:d7:80:5d:33:23:c5:4f:ab:55:49:49:
         05:98:a4:99:cc:62:a4:df:91:40:30:de:68:58:89:4f:37:79:
         f2:ce:f0:88
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBRswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEE1Q0ExMTAvBgNVBAUTKDM5MjU3MDU1NDMzOUE5QjVCMDRDNDVDNEU0Qjg2MTRE
QzZGNDNDRTIwHhcNMjIwNjAyMTEyNzI4WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk4OWVhMC1jOTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq9oUKdSyR4+SWNDGBrHU09HDOm15+MxSiLdw7BCJFsXDe0zRb85WeT9QpG4n
Rk1RRbVjoUYM8dQctYY+ZokQGkRseifC/nYXmzUx26RJQtobYAF2Tn2KErFIK5VU
8Y56B7q6zybXZt6LK+IZ6qZLD6tbvS85dFF0cXLU3Oryd8UITtPjVA0mijyMmVS6
DZyDxecSB+P7+HhliV6qO6D/ZdnLDKUbVXLoaqvCx7Vfg2UjWU43GsWjW+z4pctU
LGmxVEoauAGdcwUxTnyyKeHp2rnlHBG5SGHUOgmg6L/N5bmZBTYeKicX62zdR4mY
Owi5yG+vik5QwvaetAlEIJUYgwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIXWH3k6
F+gpPXpoOf+eA1vlbx9tMB8GA1UdIwQYMBaAFDklcFVDOam1sExFxOS4YU3G9Dzi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTVDQS81RDYzNDk4NkU5
NjIxMUVBQTQ2NTg0MjBDNEY5QUUwMi9PU1Z3VlVNNXFiV3dURVhFNUxoaFRjYjBQ
T0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09TVndWVU01cWJXd1RFWEU1TGhoVGNiMFBPSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEE1Q0EvNUQ2MzQ5ODZFOTYyMTFFQUE0NjU4NDIwQzRGOUFFMDIvNDFCNEI4QzQw
RjZEMTFFQkE4Q0Q5QjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB7/W8wDQYJKoZIhvcNAQELBQADggEBABjjYUCmkynqH/Q8
ScTHIYNlH2b8jI2nIyuiiROWfI9usIxaygYR7qvNddYki1p7C8pRchTkt0jnOo7E
SBKFKFvi9BaRpjWasiSGk06b7yq0AM62MWI6RDmgqfQks6U45Yll66SoX3lEEpy+
Vd5kUL3lPc4PXPdvFTztmyJ+9iBGR3lCY1RKDa8rFHSM9TXZqy5kpjsoulo4YxEE
01eZIUlHvCYq7EyXoJwkJ5l2LyG92pDMEB1aCGYWrEzzLKa16B2iV0BcV8zOLUej
O3RSM8N1pXNYzLZ6uHnHZQun2unXgF0zI8VPq1VJSQWYpJnMYqTfkUAw3mhYiU83
efLO8Ig=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org