Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/3DBA580CFEA011E9A9780E7FC4F9AE02.roa
File:                     3DBA580CFEA011E9A9780E7FC4F9AE02.roa (raw, json)
Hash identifier:          aIPLyPJZGPMZIcHrcDkRjOKnGt+REFHnfIqOeAod8Wc=
Subject key identifier:   FF:CE:02:1B:2E:3A:73:AF:45:F1:73:58:4F:BA:AA:B9:A2:DC:67:0B
Certificate issuer:       /CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
Certificate serial:       0B2C
Authority key identifier: E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/3DBA580CFEA011E9A9780E7FC4F9AE02.roa
Signing time:             Sun 28 Aug 2022 19:56:14 +0000
ROA not before:           Sun 28 Aug 2022 19:56:14 +0000
ROA not after:            Tue 31 Oct 2023 00:00:00 +0000
asID:                     55561
IP address blocks:        43.243.60.0/22 maxlen: 24
                          103.38.164.0/22 maxlen: 24
                          202.180.99.0/24 maxlen: 24
                          202.180.101.0/24 maxlen: 24
                          202.180.102.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2860 (0xb2c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AE0C4/serialNumber=E11FE937006A25D7C605A5E43B492B286C64998C
        Validity
            Not Before: Aug 28 19:56:14 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=630bc85e-8c3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:86:b9:83:db:08:59:6c:10:6d:64:2f:44:ac:
                    d7:d5:b6:f2:45:09:00:e2:9c:43:64:d1:31:72:4a:
                    fe:f9:23:a4:3f:5c:88:89:62:7e:54:8a:fc:a6:0f:
                    4c:dd:b3:46:eb:23:f1:d4:98:3b:df:f0:00:30:ad:
                    44:eb:c5:fb:3f:60:68:8a:3c:47:ec:23:99:2d:8d:
                    d2:09:af:4e:66:de:f0:0b:c9:0d:33:f7:98:f5:ca:
                    26:56:ae:83:96:b6:15:c5:1e:c4:36:08:81:eb:96:
                    66:dd:29:63:4d:3d:0a:01:a9:90:f6:5d:56:a1:74:
                    84:02:e9:d5:6d:bc:ac:0a:6d:f0:39:e6:ae:c4:71:
                    22:cf:5d:ad:fa:f9:41:0d:3c:c3:5c:f4:66:5c:b3:
                    95:cb:ce:6d:cf:d2:11:62:57:67:9d:71:12:f0:76:
                    b3:6c:d7:38:4f:7b:3a:13:b8:ed:6b:cb:88:a6:fc:
                    c8:dd:30:9a:ef:ad:e0:9a:ce:f7:ab:6b:44:9c:cd:
                    40:4e:52:68:b6:60:f8:e4:c2:8e:00:33:2b:54:ae:
                    0e:b0:15:0c:3f:46:84:f0:c7:9c:10:13:7b:76:a9:
                    ab:af:81:25:78:03:25:cc:92:2e:28:3f:a8:dd:84:
                    69:b3:47:a9:ca:01:4e:b2:5b:41:95:fb:c1:fb:0b:
                    3c:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:CE:02:1B:2E:3A:73:AF:45:F1:73:58:4F:BA:AA:B9:A2:DC:67:0B
            X509v3 Authority Key Identifier:
                keyid:E1:1F:E9:37:00:6A:25:D7:C6:05:A5:E4:3B:49:2B:28:6C:64:99:8C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/4R_pNwBqJdfGBaXkO0krKGxkmYw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4R_pNwBqJdfGBaXkO0krKGxkmYw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE0C4/6A9E3BD8F14711E99A9AB712C4F9AE02/3DBA580CFEA011E9A9780E7FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.243.60.0/22
                  103.38.164.0/22
                  202.180.99.0/24
                  202.180.101.0-202.180.102.255

    Signature Algorithm: sha256WithRSAEncryption
         34:8a:72:c2:07:a1:e4:be:a5:f0:34:f5:68:7e:35:02:2a:c6:
         dd:1d:2c:9c:4d:12:ca:13:be:e7:63:43:51:df:8b:b1:98:f8:
         5a:2d:ff:29:b9:44:4d:85:35:95:7b:69:07:92:b7:10:f9:d3:
         f0:d4:64:44:ab:e1:56:2e:c6:a8:34:08:cb:24:97:05:eb:7d:
         9b:c1:d5:51:57:79:66:68:2c:53:e9:34:b7:6e:8f:15:3c:02:
         4a:c9:19:ca:ab:0f:05:dd:0e:bb:92:89:0c:1b:8c:4a:4a:d1:
         c6:76:34:39:6b:80:1f:3d:66:cd:28:26:c2:03:20:3e:ce:b4:
         59:06:10:ae:0d:b6:8e:b2:0e:bb:b2:70:78:d7:c0:92:db:f3:
         b3:36:ff:be:65:a8:cc:54:37:08:d5:f3:14:e3:e7:92:c0:65:
         cc:11:1c:08:3c:c9:68:ab:7c:04:46:90:4d:a0:c7:11:4a:d3:
         2c:08:5d:bf:ad:d4:82:25:51:e8:dd:8a:b2:d0:2c:07:f2:da:
         6e:ad:73:8b:60:7d:6c:d2:1e:ee:34:08:ea:11:62:1a:bd:6b:
         05:b9:04:8e:ce:a6:59:5b:b9:8d:9e:5b:4c:58:74:9a:46:ea:
         1e:b1:8a:77:d5:c0:ed:16:1e:91:3c:6d:c7:ef:0e:6d:f2:b8:
         02:da:dd:9f
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICCywwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUUwQzQxMTAvBgNVBAUTKEUxMUZFOTM3MDA2QTI1RDdDNjA1QTVFNDNCNDkyQjI4
NkM2NDk5OEMwHhcNMjIwODI4MTk1NjE0WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBiYzg1ZS04YzNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsYa5g9sIWWwQbWQvRKzX1bbyRQkA4pxDZNExckr++SOkP1yIiWJ+VIr8pg9M
3bNG6yPx1Jg73/AAMK1E68X7P2BoijxH7COZLY3SCa9OZt7wC8kNM/eY9comVq6D
lrYVxR7ENgiB65Zm3SljTT0KAamQ9l1WoXSEAunVbbysCm3wOeauxHEiz12t+vlB
DTzDXPRmXLOVy85tz9IRYldnnXES8HazbNc4T3s6E7jta8uIpvzI3TCa763gms73
q2tEnM1ATlJotmD45MKOADMrVK4OsBUMP0aE8MecEBN7dqmrr4EleAMlzJIuKD+o
3YRps0epygFOsltBlfvB+ws8JQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFP/OAhsu
OnOvRfFzWE+6qrmi3GcLMB8GA1UdIwQYMBaAFOEf6TcAaiXXxgWl5DtJKyhsZJmM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTBDNC82QTlFM0JEOEYx
NDcxMUU5OUE5QUI3MTJDNEY5QUUwMi80Ul9wTndCcUpkZkdCYVhrTzBrcktHeGtt
WXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRSX3BOd0JxSmRmR0JhWGtPMGtyS0d4a21Zdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUUwQzQvNkE5RTNCRDhGMTQ3MTFFOTlBOUFCNzEyQzRGOUFFMDIvM0RCQTU4MENG
RUEwMTFFOUE5NzgwRTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAIr8zwDBAJnJqQDBADKtGMwDAMEAMq0ZQMEAMq0ZjANBgkq
hkiG9w0BAQsFAAOCAQEANIpywgeh5L6l8DT1aH41AirG3R0snE0SyhO+52NDUd+L
sZj4Wi3/KblETYU1lXtpB5K3EPnT8NRkRKvhVi7GqDQIyySXBet9m8HVUVd5Zmgs
U+k0t26PFTwCSskZyqsPBd0Ou5KJDBuMSkrRxnY0OWuAHz1mzSgmwgMgPs60WQYQ
rg22jrIOu7JweNfAktvzszb/vmWozFQ3CNXzFOPnksBlzBEcCDzJaKt8BEaQTaDH
EUrTLAhdv63UgiVR6N2KstAsB/Labq1zi2B9bNIe7jQI6hFiGr1rBbkEjs6mWVu5
jZ5bTFh0mkbqHrGKd9XA7RYekTxtx+8ObfK4Atrdnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org