Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB98A/DCD5BDD0DA3D11EB82E11D29C4F9AE02/90B47840DA3F11EB8928E129C4F9AE02.roa
File:                     90B47840DA3F11EB8928E129C4F9AE02.roa (raw, json)
Hash identifier:          KmPsNLQOGPu1TQByQTcXmDhwbfTAbm8e3Cxzdf3L0Oo=
Subject key identifier:   3F:A0:99:9F:D0:44:EB:A9:93:57:E3:22:4B:FB:28:2C:27:28:20:DE
Certificate issuer:       /CN=A91AB98A/serialNumber=9D5A28165B53A6CF75B460200F14985E0BAEBF4B
Certificate serial:       03BB
Authority key identifier: 9D:5A:28:16:5B:53:A6:CF:75:B4:60:20:0F:14:98:5E:0B:AE:BF:4B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nVooFltTps91tGAgDxSYXguuv0s.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AB98A/DCD5BDD0DA3D11EB82E11D29C4F9AE02/90B47840DA3F11EB8928E129C4F9AE02.roa
Signing time:             Wed 21 Dec 2022 02:42:36 +0000
ROA not before:           Wed 21 Dec 2022 02:42:36 +0000
ROA not after:            Wed 31 Jan 2024 00:00:00 +0000
asID:                     131111
IP address blocks:        103.78.9.0/24 maxlen: 24
                          103.78.11.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 955 (0x3bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AB98A/serialNumber=9D5A28165B53A6CF75B460200F14985E0BAEBF4B
        Validity
            Not Before: Dec 21 02:42:36 2022 GMT
            Not After : Jan 31 00:00:00 2024 GMT
        Subject: CN=63a2729c-c1cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:8a:cc:a7:1d:4d:52:ff:bb:d5:02:f1:f7:f7:
                    b0:5e:bd:92:47:ab:8a:0e:63:1c:b2:b7:c8:09:0d:
                    28:28:c4:38:7a:19:ae:ab:d6:01:02:ca:56:a3:87:
                    49:ec:71:bc:79:ea:de:4f:5c:69:a3:6d:75:2c:0b:
                    f2:c1:1d:5d:95:4c:9c:3c:33:c8:02:a7:54:e2:fc:
                    a9:11:fa:b8:12:19:60:59:85:ce:c2:3d:82:4a:6e:
                    71:8f:0a:6c:c5:45:9c:4c:4b:ed:e3:c3:dc:70:7a:
                    00:af:b1:60:34:25:35:c5:e4:e5:66:9f:c8:98:4e:
                    11:03:a6:53:35:80:fa:53:c2:ec:1b:1d:71:c1:8a:
                    ea:78:cc:4a:2f:45:af:e4:d9:ae:4e:9c:48:7a:70:
                    44:12:fe:4b:9b:6f:fa:c7:1b:fe:ca:62:b2:4e:d2:
                    bb:30:75:73:07:99:3b:83:56:cc:95:3b:f0:61:c2:
                    41:19:cd:c4:02:bf:08:10:24:65:83:76:6a:4a:1f:
                    66:14:1d:f9:9b:9c:1b:84:80:54:33:5f:8d:a6:df:
                    01:c3:36:5c:d1:7e:f1:dd:6e:f4:b4:75:18:91:dd:
                    15:36:77:45:d4:07:d3:8e:b9:22:0f:71:20:00:48:
                    29:a5:36:89:33:84:ad:c1:38:99:66:bc:cf:e5:02:
                    19:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:A0:99:9F:D0:44:EB:A9:93:57:E3:22:4B:FB:28:2C:27:28:20:DE
            X509v3 Authority Key Identifier:
                keyid:9D:5A:28:16:5B:53:A6:CF:75:B4:60:20:0F:14:98:5E:0B:AE:BF:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AB98A/DCD5BDD0DA3D11EB82E11D29C4F9AE02/nVooFltTps91tGAgDxSYXguuv0s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nVooFltTps91tGAgDxSYXguuv0s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB98A/DCD5BDD0DA3D11EB82E11D29C4F9AE02/90B47840DA3F11EB8928E129C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.78.9.0/24
                  103.78.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:25:49:d3:2f:78:56:d9:52:25:3e:7c:8b:a2:9c:51:25:76:
         bd:53:fa:29:67:8a:34:a8:af:4b:3e:87:dc:7f:77:eb:81:f2:
         bc:2b:4c:b6:4c:41:64:65:da:90:bb:9d:aa:ca:3e:ed:8b:ff:
         74:4c:3d:5f:8e:53:64:5f:f3:32:4b:20:73:0e:31:1f:a2:81:
         a4:b9:7a:50:96:d6:08:9c:84:e2:31:dd:f9:3b:0d:e0:a5:47:
         be:d3:2a:3f:2b:bb:a4:5e:bc:5f:6f:97:a3:75:5c:41:84:3d:
         dd:f8:1b:10:54:a4:28:7a:c8:4d:e0:af:70:fd:85:c6:54:29:
         9b:31:9c:4a:67:16:c6:c1:dc:a1:da:ee:6a:6d:20:e4:f4:fe:
         38:9b:f4:28:6b:82:a7:ba:c4:57:48:ff:a7:7c:9c:00:c8:74:
         49:7f:54:72:05:b0:3c:0f:96:c0:3a:72:f8:e9:f1:ef:e9:2d:
         9c:c5:84:11:28:19:da:dd:47:06:e0:a6:3f:b7:a4:f5:b3:17:
         13:64:0b:c6:a3:96:ff:e5:81:af:c4:90:6a:25:6e:c1:13:fb:
         c0:e3:18:61:f5:f4:d4:64:0c:03:ff:a9:0c:10:c3:27:c3:db:
         db:8e:bb:7d:f2:b1:7d:4e:70:69:8a:de:84:cf:da:b4:0a:b2:
         53:71:b3:dc
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUI5OEExMTAvBgNVBAUTKDlENUEyODE2NUI1M0E2Q0Y3NUI0NjAyMDBGMTQ5ODVF
MEJBRUJGNEIwHhcNMjIxMjIxMDI0MjM2WhcNMjQwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2EyNzI5Yy1jMWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA24rMpx1NUv+71QLx9/ewXr2SR6uKDmMcsrfICQ0oKMQ4ehmuq9YBAspWo4dJ
7HG8eereT1xpo211LAvywR1dlUycPDPIAqdU4vypEfq4EhlgWYXOwj2CSm5xjwps
xUWcTEvt48PccHoAr7FgNCU1xeTlZp/ImE4RA6ZTNYD6U8LsGx1xwYrqeMxKL0Wv
5NmuTpxIenBEEv5Lm2/6xxv+ymKyTtK7MHVzB5k7g1bMlTvwYcJBGc3EAr8IECRl
g3ZqSh9mFB35m5wbhIBUM1+Npt8BwzZc0X7x3W70tHUYkd0VNndF1AfTjrkiD3Eg
AEgppTaJM4StwTiZZrzP5QIZGwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFD+gmZ/Q
ROupk1fjIkv7KCwnKCDeMB8GA1UdIwQYMBaAFJ1aKBZbU6bPdbRgIA8UmF4Lrr9L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjk4QS9EQ0Q1QkREMERB
M0QxMUVCODJFMTFEMjlDNEY5QUUwMi9uVm9vRmx0VHBzOTF0R0FnRHhTWVhndXV2
MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25Wb29GbHRUcHM5MXRHQWdEeFNZWGd1dXYwcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI5OEEvRENENUJERDBEQTNEMTFFQjgyRTExRDI5QzRGOUFFMDIvOTBCNDc4NDBE
QTNGMTFFQjg5MjhFMTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnTgkDBABnTgswDQYJKoZIhvcNAQELBQADggEBAHElSdMv
eFbZUiU+fIuinFEldr1T+ilnijSor0s+h9x/d+uB8rwrTLZMQWRl2pC7narKPu2L
/3RMPV+OU2Rf8zJLIHMOMR+igaS5elCW1gichOIx3fk7DeClR77TKj8ru6RevF9v
l6N1XEGEPd34GxBUpCh6yE3gr3D9hcZUKZsxnEpnFsbB3KHa7mptIOT0/jib9Chr
gqe6xFdI/6d8nADIdEl/VHIFsDwPlsA6cvjp8e/pLZzFhBEoGdrdRwbgpj+3pPWz
FxNkC8ajlv/lga/EkGolbsET+8DjGGH19NRkDAP/qQwQwyfD29uOu33ysX1OcGmK
3oTP2rQKslNxs9w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org