Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9191B70/96119F9C8EFE11EC87A6EA17C4F9AE02/0362D9E08F0311ECACDD537EC4F9AE02.roa
File:                     0362D9E08F0311ECACDD537EC4F9AE02.roa (raw, json)
Hash identifier:          OcUVgY9Z+8YO6luIrG6HqVNA5uPnrnjAHAggDXJMcTA=
Subject key identifier:   BF:70:BD:DF:B8:EA:0E:4F:01:68:11:28:19:2E:63:00:F5:EE:07:51
Certificate issuer:       /CN=A9191B70/serialNumber=DE1CEB8F829943D9F33A470A886E3839C3EA715D
Certificate serial:       02
Authority key identifier: DE:1C:EB:8F:82:99:43:D9:F3:3A:47:0A:88:6E:38:39:C3:EA:71:5D
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3hzrj4KZQ9nzOkcKiG44OcPqcV0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9191B70/96119F9C8EFE11EC87A6EA17C4F9AE02/0362D9E08F0311ECACDD537EC4F9AE02.roa
Signing time:             Wed 16 Feb 2022 08:32:45 +0000
ROA not before:           Wed 16 Feb 2022 08:32:45 +0000
ROA not after:            Fri 31 Mar 2023 00:00:00 +0000
asID:                     38327
IP address blocks:        158.89.0.0/16 maxlen: 16
                          158.89.0.0/17 maxlen: 17
                          158.89.128.0/17 maxlen: 17

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9191B70/serialNumber=DE1CEB8F829943D9F33A470A886E3839C3EA715D
        Validity
            Not Before: Feb 16 08:32:45 2022 GMT
            Not After : Mar 31 00:00:00 2023 GMT
        Subject: CN=620cb6ac-91f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ae:14:97:e0:1d:23:c4:4d:ea:ee:9d:93:26:
                    25:58:73:f4:09:4e:88:16:8c:fa:40:a0:2d:4d:db:
                    75:30:3c:2f:ea:5d:06:c6:1f:13:3b:44:58:cb:85:
                    79:5b:d0:a7:bd:af:6a:3e:ff:17:f2:63:69:d3:4e:
                    e7:5b:59:84:7a:01:18:7d:78:6e:52:dc:81:25:df:
                    ef:61:1c:6f:f8:92:f3:e5:80:22:bc:1f:3a:09:ca:
                    a4:60:e0:25:0c:a3:c0:f7:16:7a:fc:31:f7:bc:7e:
                    bb:27:5d:19:86:9b:b1:f9:72:96:a3:a7:13:aa:17:
                    5d:6e:2d:c5:bc:3f:97:57:62:2b:72:e9:a6:86:35:
                    0a:41:07:e7:36:ae:0e:8a:ad:2c:ef:7b:a8:25:74:
                    b6:6c:03:36:3a:1e:88:fa:a1:27:5d:25:b8:1b:34:
                    f5:5d:21:0d:ac:39:99:72:5e:6a:84:a2:f6:63:1a:
                    d3:15:7e:e0:74:5e:b9:15:1f:27:14:9e:b0:c1:d0:
                    0d:15:25:d3:5e:a2:1b:8d:45:62:3d:3d:78:a5:3c:
                    01:f8:11:77:60:58:6b:04:89:02:08:d2:04:58:d6:
                    62:ec:9a:d8:de:95:86:b5:d4:24:d1:73:10:60:4a:
                    9e:4a:2a:6e:49:3d:fc:d7:3a:a3:ff:8c:aa:09:1b:
                    54:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:70:BD:DF:B8:EA:0E:4F:01:68:11:28:19:2E:63:00:F5:EE:07:51
            X509v3 Authority Key Identifier:
                keyid:DE:1C:EB:8F:82:99:43:D9:F3:3A:47:0A:88:6E:38:39:C3:EA:71:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9191B70/96119F9C8EFE11EC87A6EA17C4F9AE02/3hzrj4KZQ9nzOkcKiG44OcPqcV0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3hzrj4KZQ9nzOkcKiG44OcPqcV0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191B70/96119F9C8EFE11EC87A6EA17C4F9AE02/0362D9E08F0311ECACDD537EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.89.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         97:f0:87:5d:50:0c:8b:81:c1:45:5b:8c:2b:11:da:84:48:13:
         cb:83:2b:fe:ca:9c:53:a2:18:19:28:ab:59:6b:39:a4:c8:80:
         f4:7f:9e:cb:e8:03:71:42:88:2d:74:9d:57:5a:c0:4b:31:8d:
         ec:64:79:e7:01:a5:6a:e5:5a:a1:34:89:08:39:8a:23:bf:89:
         83:91:25:e3:19:44:b2:75:3b:7d:b6:df:48:48:dc:ab:54:41:
         73:60:75:cb:44:6e:5f:03:3c:74:6a:7b:97:c5:92:4e:ed:6f:
         95:9e:d8:b6:f9:06:3a:f3:1c:21:b1:20:cc:77:dc:8f:58:09:
         29:e9:a9:f4:30:61:7c:ac:4b:ad:5c:7d:0e:59:c4:35:59:96:
         40:59:ad:3b:6c:09:12:a0:89:d6:21:a7:07:f9:72:8e:68:79:
         76:c3:ef:de:df:40:a2:c9:13:fb:b2:f8:2f:61:ca:0f:33:7b:
         88:88:dd:e6:ba:7f:fc:c2:50:15:20:d6:69:1d:c0:43:a4:5b:
         ef:c8:ec:16:ec:54:5b:5b:2c:ff:b9:f6:7a:e9:7c:42:a3:e1:
         a1:23:09:60:1c:4b:96:18:02:93:f8:33:18:51:ff:7a:81:9a:
         6f:80:9c:4e:46:17:4c:3a:fd:c4:ed:49:9e:b2:9e:06:2c:65:
         a0:82:f3:d1
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MUI3MDExMC8GA1UEBRMoREUxQ0VCOEY4Mjk5NDNEOUYzM0E0NzBBODg2RTM4MzlD
M0VBNzE1RDAeFw0yMjAyMTYwODMyNDVaFw0yMzAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyMGNiNmFjLTkxZjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5rhSX4B0jxE3q7p2TJiVYc/QJTogWjPpAoC1N23UwPC/qXQbGHxM7RFjLhXlb
0Ke9r2o+/xfyY2nTTudbWYR6ARh9eG5S3IEl3+9hHG/4kvPlgCK8HzoJyqRg4CUM
o8D3Fnr8Mfe8frsnXRmGm7H5cpajpxOqF11uLcW8P5dXYity6aaGNQpBB+c2rg6K
rSzve6gldLZsAzY6Hoj6oSddJbgbNPVdIQ2sOZlyXmqEovZjGtMVfuB0XrkVHycU
nrDB0A0VJdNeohuNRWI9PXilPAH4EXdgWGsEiQII0gRY1mLsmtjelYa11CTRcxBg
Sp5KKm5JPfzXOqP/jKoJG1TLAgMBAAGjggKUMIICkDAdBgNVHQ4EFgQUv3C937jq
Dk8BaBEoGS5jAPXuB1EwHwYDVR0jBBgwFoAU3hzrj4KZQ9nzOkcKiG44OcPqcV0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkxQjcwLzk2MTE5RjlDOEVG
RTExRUM4N0E2RUExN0M0RjlBRTAyLzNoenJqNEtaUTluek9rY0tpRzQ0T2NQcWNW
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvM2h6cmo0S1pROW56T2tjS2lHNDRPY1BxY1YwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MUI3MC85NjExOUY5QzhFRkUxMUVDODdBNkVBMTdDNEY5QUUwMi8wMzYyRDlFMDhG
MDMxMUVDQUNERDUzN0VDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQP
MA0wCwQCAAEwBQMDAJ5ZMA0GCSqGSIb3DQEBCwUAA4IBAQCX8IddUAyLgcFFW4wr
EdqESBPLgyv+ypxTohgZKKtZazmkyID0f57L6ANxQogtdJ1XWsBLMY3sZHnnAaVq
5VqhNIkIOYojv4mDkSXjGUSydTt9tt9ISNyrVEFzYHXLRG5fAzx0anuXxZJO7W+V
nti2+QY68xwhsSDMd9yPWAkp6an0MGF8rEutXH0OWcQ1WZZAWa07bAkSoInWIacH
+XKOaHl2w+/e30CiyRP7svgvYcoPM3uIiN3mun/8wlAVINZpHcBDpFvvyOwW7FRb
Wyz/ufZ66XxCo+GhIwlgHEuWGAKT+DMYUf96gZpvgJxORhdMOv3E7Umesp4GLGWg
gvPR
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org