Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/C963CF266CB711EEA88AC06CC4F9AE02/7F6FC468D68B11EE942BBA32C4F9AE02.roa
File:                     7F6FC468D68B11EE942BBA32C4F9AE02.roa (raw, json)
Hash identifier:          C4znznjLx5V26cIK6NL8W+Trf4uv8qhQPaXR6tZHh28=
Subject key identifier:   BB:28:71:4B:3C:2E:C6:80:D7:12:0F:6E:EE:66:F3:76:E3:98:A4:85
Certificate issuer:       /CN=A918C287/serialNumber=355AC83FAA75D7DA7AC861DB2007F62600BA4292
Certificate serial:       60
Authority key identifier: 35:5A:C8:3F:AA:75:D7:DA:7A:C8:61:DB:20:07:F6:26:00:BA:42:92
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NVrIP6p119p6yGHbIAf2JgC6QpI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918C287/C963CF266CB711EEA88AC06CC4F9AE02/7F6FC468D68B11EE942BBA32C4F9AE02.roa
Signing time:             Wed 28 Feb 2024 22:48:32 +0000
ROA not before:           Wed 28 Feb 2024 22:48:32 +0000
ROA not after:            Sat 01 May 2038 00:00:00 +0000
asID:                     45163
IP address blocks:        203.176.189.0/24 maxlen: 25

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96 (0x60)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918C287/serialNumber=355AC83FAA75D7DA7AC861DB2007F62600BA4292
        Validity
            Not Before: Feb 28 22:48:32 2024 GMT
            Not After : May  1 00:00:00 2038 GMT
        Subject: CN=65dfb840-5bb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:4d:32:1c:3a:51:67:81:db:e1:7b:ff:5f:da:
                    d1:88:8e:e4:d0:0c:0d:90:29:b9:65:43:79:a8:2e:
                    dd:7a:13:f1:bd:5c:9d:89:32:81:84:80:26:75:5e:
                    7c:13:a8:91:31:e4:4d:82:1b:c8:56:a6:de:b3:cd:
                    73:52:45:76:9f:b2:5d:ce:12:fa:e3:07:c6:6e:58:
                    52:46:f9:eb:64:1f:c4:43:11:2b:26:90:7f:95:98:
                    4a:e8:f2:dc:6b:97:98:0f:33:c3:b4:f6:b1:be:f0:
                    0c:0a:53:dd:bd:ed:71:7d:ec:8f:32:e8:43:e3:3f:
                    ff:18:d7:d9:bb:e3:df:69:8a:73:09:98:38:eb:e3:
                    4c:ff:0d:cd:ef:6f:5c:68:8a:73:0c:13:d8:28:0a:
                    62:dd:50:42:36:cd:a0:92:84:9f:13:aa:74:b6:cd:
                    ed:e5:74:a4:74:d5:f1:e9:f8:f3:7b:cb:a6:38:15:
                    ea:6f:45:8c:50:44:0f:21:cb:af:cc:6e:d1:a1:cd:
                    8c:e0:75:c8:e2:74:d8:66:12:95:e4:c3:dc:6f:4d:
                    be:91:54:b3:ae:92:3d:45:b2:be:5a:dc:31:cf:7a:
                    26:20:40:26:9c:8c:80:44:7a:75:3c:c4:fe:bf:5b:
                    d1:e4:63:ac:51:b7:87:8f:81:a9:a2:43:cf:fb:c7:
                    1a:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:28:71:4B:3C:2E:C6:80:D7:12:0F:6E:EE:66:F3:76:E3:98:A4:85
            X509v3 Authority Key Identifier:
                keyid:35:5A:C8:3F:AA:75:D7:DA:7A:C8:61:DB:20:07:F6:26:00:BA:42:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918C287/C963CF266CB711EEA88AC06CC4F9AE02/NVrIP6p119p6yGHbIAf2JgC6QpI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NVrIP6p119p6yGHbIAf2JgC6QpI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/C963CF266CB711EEA88AC06CC4F9AE02/7F6FC468D68B11EE942BBA32C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.176.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:39:d5:e8:10:b1:f8:be:d3:58:ed:03:c0:aa:19:f4:c4:fc:
         cc:4a:7e:cd:1d:a6:5d:47:86:08:cb:20:f2:0e:46:5c:4b:5f:
         8c:51:4a:a9:9d:d5:ff:41:af:67:6e:8e:f9:99:d1:d6:62:68:
         ea:18:47:0d:ed:e5:ed:cf:75:36:3a:dc:18:a7:c2:f3:6e:ea:
         5f:4b:e1:b9:72:4b:08:5c:4d:95:7e:9a:01:0e:94:17:b5:26:
         0d:cb:a3:2f:59:51:e1:03:f3:9b:c8:98:c4:64:9d:e8:22:fd:
         88:73:d8:c1:73:41:26:88:2b:78:d7:4a:f2:74:59:48:dd:c6:
         7c:db:44:5d:7f:37:71:3a:08:07:a3:66:f8:06:7f:7a:42:08:
         77:3e:10:bc:94:ea:3c:10:fe:0c:0b:04:39:9b:ce:77:6b:1b:
         58:22:98:4c:74:b6:f8:9b:e2:81:4c:13:b1:55:42:11:95:cb:
         8d:2c:84:d3:1b:ba:10:9f:4c:e5:2f:0b:75:34:0f:b1:88:1e:
         1b:3b:1b:4d:fa:76:32:ca:54:dd:33:ba:f5:4c:08:15:e5:7c:
         77:44:3f:98:82:6c:ae:b1:7f:57:bc:05:e2:e6:79:3f:8e:7e:
         30:82:bf:bf:c0:4f:6c:a8:a6:93:cf:78:4f:87:f2:f4:ae:6e:
         a7:ef:b2:9d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBYDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QzI4NzExMC8GA1UEBRMoMzU1QUM4M0ZBQTc1RDdEQTdBQzg2MURCMjAwN0Y2MjYw
MEJBNDI5MjAeFw0yNDAyMjgyMjQ4MzJaFw0zODA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZGZiODQwLTViYjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDnTTIcOlFngdvhe/9f2tGIjuTQDA2QKbllQ3moLt16E/G9XJ2JMoGEgCZ1XnwT
qJEx5E2CG8hWpt6zzXNSRXafsl3OEvrjB8ZuWFJG+etkH8RDESsmkH+VmEro8txr
l5gPM8O09rG+8AwKU9297XF97I8y6EPjP/8Y19m7499pinMJmDjr40z/Dc3vb1xo
inMME9goCmLdUEI2zaCShJ8TqnS2ze3ldKR01fHp+PN7y6Y4FepvRYxQRA8hy6/M
btGhzYzgdcjidNhmEpXkw9xvTb6RVLOukj1Fsr5a3DHPeiYgQCacjIBEenU8xP6/
W9HkY6xRt4ePgamiQ8/7xxo5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUuyhxSzwu
xoDXEg9u7mbzduOYpIUwHwYDVR0jBBgwFoAUNVrIP6p119p6yGHbIAf2JgC6QpIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThDMjg3L0M5NjNDRjI2NkNC
NzExRUVBODhBQzA2Q0M0RjlBRTAyL05WcklQNnAxMTlwNnlHSGJJQWYySmdDNlFw
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTlZySVA2cDExOXA2eUdIYklBZjJKZ0M2UXBJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QzI4Ny9DOTYzQ0YyNjZDQjcxMUVFQTg4QUMwNkNDNEY5QUUwMi83RjZGQzQ2OEQ2
OEIxMUVFOTQyQkJBMzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMuwvTANBgkqhkiG9w0BAQsFAAOCAQEAQDnV6BCx+L7TWO0D
wKoZ9MT8zEp+zR2mXUeGCMsg8g5GXEtfjFFKqZ3V/0GvZ26O+ZnR1mJo6hhHDe3l
7c91NjrcGKfC827qX0vhuXJLCFxNlX6aAQ6UF7UmDcujL1lR4QPzm8iYxGSd6CL9
iHPYwXNBJogreNdK8nRZSN3GfNtEXX83cToIB6Nm+AZ/ekIIdz4QvJTqPBD+DAsE
OZvOd2sbWCKYTHS2+JvigUwTsVVCEZXLjSyE0xu6EJ9M5S8LdTQPsYgeGzsbTfp2
MspU3TO69UwIFeV8d0Q/mIJsrrF/V7wF4uZ5P45+MIK/v8BPbKimk894T4fy9K5u
p++ynQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org