Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/01BFA3CAD34011ED86A08735C4F9AE02.roa
File:                     01BFA3CAD34011ED86A08735C4F9AE02.roa (raw, json)
Hash identifier:          wiwn4pdHHiqCGqaZvdnmi6T0pAplAz7NYHqRqD1Wv+c=
Subject key identifier:   82:43:51:7F:4F:35:C6:E8:6A:F3:15:3F:BB:8F:A4:09:A9:8B:BA:67
Certificate issuer:       /CN=A918C287/serialNumber=847014B15AFA781D228192BE054153DB6667D576
Certificate serial:       013B
Authority key identifier: 84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hHAUsVr6eB0igZK-BUFT22Zn1XY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/01BFA3CAD34011ED86A08735C4F9AE02.roa
Signing time:             Tue 04 Apr 2023 23:25:38 +0000
ROA not before:           Tue 04 Apr 2023 23:25:38 +0000
ROA not after:            Sat 01 May 2038 00:00:00 +0000
asID:                     12345678
IP address blocks:        2401:4600::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 315 (0x13b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918C287/serialNumber=847014B15AFA781D228192BE054153DB6667D576
        Validity
            Not Before: Apr  4 23:25:38 2023 GMT
            Not After : May  1 00:00:00 2038 GMT
        Subject: CN=642cb1f2-02fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:d2:8a:8e:eb:46:d9:cc:06:2e:14:9d:41:ba:
                    1b:53:56:33:59:b8:45:72:cb:33:ed:64:f5:ba:74:
                    d2:49:8c:74:3d:97:bb:0b:c0:fb:32:c9:ab:0f:86:
                    9c:1b:39:0b:5e:3e:44:55:a1:b2:4f:da:28:f5:d2:
                    6e:60:30:d5:0a:be:e7:04:b9:74:d6:7b:2e:36:2b:
                    34:f7:cb:97:5b:29:0a:be:1a:89:69:ae:e8:40:3d:
                    4d:af:1f:9c:27:fe:f8:4d:c5:77:a8:04:33:42:90:
                    e7:13:14:ba:94:7f:aa:a3:20:d9:f1:33:e8:f6:31:
                    1f:24:96:df:14:ea:d0:20:40:86:14:cf:26:44:18:
                    3f:96:83:20:dc:8b:da:e3:87:7c:04:63:48:e7:ab:
                    c1:fa:3e:1c:63:e5:20:dc:2a:f9:95:5d:06:23:c4:
                    f7:a5:3d:fd:4f:a6:21:86:df:ca:97:6e:5b:67:e4:
                    76:48:46:ab:5c:fd:d7:fa:9a:8c:d7:9b:c0:c1:21:
                    6a:ca:ef:a1:20:29:18:f6:4a:9d:50:75:08:6a:66:
                    b1:cc:f1:5f:66:8a:f9:7f:53:65:b5:e3:a2:75:4f:
                    90:1b:61:61:fe:ab:40:95:2a:6e:ee:1b:c8:0a:c7:
                    be:d7:56:2a:68:9b:37:67:d2:ff:c8:71:c2:d0:64:
                    da:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:43:51:7F:4F:35:C6:E8:6A:F3:15:3F:BB:8F:A4:09:A9:8B:BA:67
            X509v3 Authority Key Identifier:
                keyid:84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/hHAUsVr6eB0igZK-BUFT22Zn1XY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hHAUsVr6eB0igZK-BUFT22Zn1XY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/01BFA3CAD34011ED86A08735C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:4600::/32

    Signature Algorithm: sha256WithRSAEncryption
         70:7b:b6:f5:8a:df:87:af:c7:8d:e5:d1:16:f7:16:c4:54:81:
         8b:9d:f3:e4:53:9e:5e:d1:36:3d:26:62:ab:4b:81:37:fb:1a:
         5a:dc:08:7b:6b:0a:af:f4:e7:49:bd:e0:c6:51:5b:9f:ef:a0:
         b8:11:c5:99:52:49:2c:db:0c:1d:a6:42:61:5e:0e:6c:d4:de:
         69:a0:be:36:3b:b1:47:5b:10:2f:8e:b7:3b:dd:78:40:80:97:
         3e:91:85:1b:8b:92:f1:19:12:96:e7:b5:61:4f:df:5b:45:46:
         b0:ed:c7:21:d6:55:9a:a1:9f:51:e4:1b:e5:5c:9a:9f:55:5a:
         be:41:70:1f:d9:06:a0:96:d7:7a:6e:9e:f7:42:15:24:1e:14:
         3d:50:ec:36:3c:91:10:b0:35:6d:5b:f0:71:bb:ec:05:15:43:
         a9:39:ee:43:33:bf:1d:f6:6b:8f:fc:28:7e:83:10:47:62:1a:
         dd:bb:ab:93:9d:3c:cb:83:70:4f:d3:47:af:ab:4e:65:34:3d:
         ad:5d:b1:00:23:11:6d:54:6b:a9:17:a9:65:3a:1e:ee:63:88:
         b6:e9:88:95:3a:42:97:cd:a7:60:97:29:dd:b6:a9:b4:a1:c7:
         76:f2:a0:d3:e9:a1:69:c0:5a:8d:73:a4:b1:ae:c9:be:b5:06:
         e7:76:07:b1
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICATswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEMyODcxMTAvBgNVBAUTKDg0NzAxNEIxNUFGQTc4MUQyMjgxOTJCRTA1NDE1M0RC
NjY2N0Q1NzYwHhcNMjMwNDA0MjMyNTM4WhcNMzgwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDJjYjFmMi0wMmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxdKKjutG2cwGLhSdQbobU1YzWbhFcssz7WT1unTSSYx0PZe7C8D7MsmrD4ac
GzkLXj5EVaGyT9oo9dJuYDDVCr7nBLl01nsuNis098uXWykKvhqJaa7oQD1Nrx+c
J/74TcV3qAQzQpDnExS6lH+qoyDZ8TPo9jEfJJbfFOrQIECGFM8mRBg/loMg3Iva
44d8BGNI56vB+j4cY+Ug3Cr5lV0GI8T3pT39T6Yhht/Kl25bZ+R2SEarXP3X+pqM
15vAwSFqyu+hICkY9kqdUHUIamaxzPFfZor5f1NlteOidU+QG2Fh/qtAlSpu7hvI
Cse+11YqaJs3Z9L/yHHC0GTavwIDAQABo4ICljCCApIwHQYDVR0OBBYEFIJDUX9P
NcboavMVP7uPpAmpi7pnMB8GA1UdIwQYMBaAFIRwFLFa+ngdIoGSvgVBU9tmZ9V2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzI4Ny84NjFGRDg3QUY1
QUExMUVDQkYxNUU3NzRDNEY5QUUwMi9oSEFVc1ZyNmVCMGlnWkstQlVGVDIyWm4x
WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hIQVVzVnI2ZUIwaWdaSy1CVUZUMjJabjFYWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEMyODcvODYxRkQ4N0FGNUFBMTFFQ0JGMTVFNzc0QzRGOUFFMDIvMDFCRkEzQ0FE
MzQwMTFFRDg2QTA4NzM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAUYAMA0GCSqGSIb3DQEBCwUAA4IBAQBwe7b1it+Hr8eN
5dEW9xbEVIGLnfPkU55e0TY9JmKrS4E3+xpa3Ah7awqv9OdJveDGUVuf76C4EcWZ
Ukks2wwdpkJhXg5s1N5poL42O7FHWxAvjrc73XhAgJc+kYUbi5LxGRKW57VhT99b
RUaw7cch1lWaoZ9R5BvlXJqfVVq+QXAf2Qagltd6bp73QhUkHhQ9UOw2PJEQsDVt
W/Bxu+wFFUOpOe5DM78d9muP/Ch+gxBHYhrdu6uTnTzLg3BP00evq05lND2tXbEA
IxFtVGupF6llOh7uY4i26YiVOkKXzadglyndtqm0ocd28qDT6aFpwFqNc6Sxrsm+
tQbndgex
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:25 2024 by rpki-client on console-ams.rpki-client.org