Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE730/0DEC44E47D0811E78E22875EC4F9AE02/AA4898BC50C811ED99224F55C4F9AE02.roa
File:                     AA4898BC50C811ED99224F55C4F9AE02.roa (raw, json)
Hash identifier:          zqBsFczWbBN3a7Ui0RStqcreHOoiLVfelGJ1IbiQ8dI=
Subject key identifier:   FD:F8:D4:34:06:D1:D4:04:69:41:7C:92:F9:4C:F8:24:03:FF:3C:88
Certificate issuer:       /CN=A91CE730/serialNumber=972D52AD33D21109CD35743961F206D76028E37D
Certificate serial:       1733
Authority key identifier: 97:2D:52:AD:33:D2:11:09:CD:35:74:39:61:F2:06:D7:60:28:E3:7D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ly1SrTPSEQnNNXQ5YfIG12Ao430.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CE730/0DEC44E47D0811E78E22875EC4F9AE02/AA4898BC50C811ED99224F55C4F9AE02.roa
Signing time:             Thu 20 Oct 2022 22:43:50 +0000
ROA not before:           Thu 20 Oct 2022 22:43:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58511
IP address blocks:        43.225.32.0/22 maxlen: 22
                          103.227.66.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5939 (0x1733)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CE730/serialNumber=972D52AD33D21109CD35743961F206D76028E37D
        Validity
            Not Before: Oct 20 22:43:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6351cf26-08f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:96:1e:16:91:c5:c4:b4:86:61:03:a3:f9:f9:
                    bf:be:52:fe:7f:af:b2:d8:34:40:ae:01:af:9b:ae:
                    93:db:35:3f:ed:ca:84:a8:7b:b2:1f:02:60:b6:e6:
                    1b:a2:f8:76:b1:f2:f0:d0:0b:b1:34:88:6c:1b:b0:
                    2d:95:6f:78:7b:ec:d4:31:1a:14:93:ee:43:cb:4c:
                    95:2e:d9:7a:ba:93:d0:a3:d8:5d:a2:f9:54:08:83:
                    5b:4b:47:00:31:1f:f2:f9:bf:09:91:2b:98:20:e2:
                    71:fb:bd:f9:25:9d:5d:e9:79:95:39:60:e0:72:06:
                    c1:45:95:45:bb:01:39:bf:e1:66:a7:b4:79:81:5d:
                    9a:5b:41:31:17:62:36:4a:4a:39:4c:d8:a3:4a:b5:
                    03:fe:9e:5b:5e:0b:53:96:5f:f5:a0:39:f4:55:66:
                    a8:40:d8:ae:ca:5f:fc:8b:3c:79:1f:65:7e:e3:35:
                    d2:3d:ec:b6:c1:2f:c2:fe:fa:f1:41:f9:ae:0a:4d:
                    f0:83:0b:36:eb:f5:a8:7c:da:f7:34:57:f0:d4:d8:
                    7b:68:85:7c:8b:68:9a:31:3b:cf:db:d5:5d:5c:34:
                    63:89:4c:d5:9b:28:b6:f8:43:4b:c1:bf:88:99:2c:
                    ff:23:63:ff:27:17:70:28:3f:d6:8e:10:ac:13:ad:
                    8d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:F8:D4:34:06:D1:D4:04:69:41:7C:92:F9:4C:F8:24:03:FF:3C:88
            X509v3 Authority Key Identifier:
                keyid:97:2D:52:AD:33:D2:11:09:CD:35:74:39:61:F2:06:D7:60:28:E3:7D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CE730/0DEC44E47D0811E78E22875EC4F9AE02/ly1SrTPSEQnNNXQ5YfIG12Ao430.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ly1SrTPSEQnNNXQ5YfIG12Ao430.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE730/0DEC44E47D0811E78E22875EC4F9AE02/AA4898BC50C811ED99224F55C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.225.32.0/22
                  103.227.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:d4:eb:b1:5c:ad:bc:eb:3d:19:c0:9e:7e:08:67:3a:ac:04:
         df:f3:75:98:44:da:9d:bc:f6:fc:eb:46:54:7c:10:1c:33:a6:
         f7:ff:28:94:c9:4f:f9:a8:17:a7:66:64:91:d4:8a:fc:59:a1:
         79:a4:67:73:b4:d8:e6:f2:2a:9b:d5:8c:d2:13:16:de:47:6f:
         30:a0:a5:73:d7:0a:12:27:c7:d2:08:2f:63:a3:71:e6:41:c5:
         d2:c1:f5:70:c9:dd:00:75:11:ae:4d:05:20:2e:63:0b:8d:e9:
         2a:77:91:9a:35:5e:0e:36:24:f9:0c:0d:eb:bf:dd:27:55:c4:
         2c:72:d7:fc:30:57:fb:57:90:57:a9:29:3d:28:6e:48:99:3b:
         08:7b:9a:6c:80:14:b3:8e:36:df:4b:19:a6:e9:7c:76:d0:b4:
         ff:96:fe:1e:30:42:84:ed:78:24:43:dc:3d:9c:bc:f8:45:c3:
         aa:9e:ac:0c:05:82:25:6c:b6:8c:7f:27:7d:c9:38:56:5f:67:
         fc:4e:76:92:2f:67:ee:7a:4d:96:d2:9e:c8:b6:aa:2d:9d:db:
         f2:00:82:8b:fc:2b:57:3c:f9:27:19:04:73:cd:e5:3f:f5:91:
         9e:8b:fd:96:59:66:18:68:e3:1f:5b:69:90:1a:cc:e8:1c:73:
         ce:f8:3c:65
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICFzMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U3MzAxMTAvBgNVBAUTKDk3MkQ1MkFEMzNEMjExMDlDRDM1NzQzOTYxRjIwNkQ3
NjAyOEUzN0QwHhcNMjIxMDIwMjI0MzUwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzUxY2YyNi0wOGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5pYeFpHFxLSGYQOj+fm/vlL+f6+y2DRArgGvm66T2zU/7cqEqHuyHwJgtuYb
ovh2sfLw0AuxNIhsG7AtlW94e+zUMRoUk+5Dy0yVLtl6upPQo9hdovlUCINbS0cA
MR/y+b8JkSuYIOJx+735JZ1d6XmVOWDgcgbBRZVFuwE5v+Fmp7R5gV2aW0ExF2I2
Sko5TNijSrUD/p5bXgtTll/1oDn0VWaoQNiuyl/8izx5H2V+4zXSPey2wS/C/vrx
QfmuCk3wgws26/WofNr3NFfw1Nh7aIV8i2iaMTvP29VdXDRjiUzVmyi2+ENLwb+I
mSz/I2P/JxdwKD/WjhCsE62NewIDAQABo4ICmzCCApcwHQYDVR0OBBYEFP341DQG
0dQEaUF8kvlM+CQD/zyIMB8GA1UdIwQYMBaAFJctUq0z0hEJzTV0OWHyBtdgKON9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTczMC8wREVDNDRFNDdE
MDgxMUU3OEUyMjg3NUVDNEY5QUUwMi9seTFTclRQU0VRbk5OWFE1WWZJRzEyQW80
MzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2x5MVNyVFBTRVFuTk5YUTVZZklHMTJBbzQzMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U3MzAvMERFQzQ0RTQ3RDA4MTFFNzhFMjI4NzVFQzRGOUFFMDIvQUE0ODk4QkM1
MEM4MTFFRDk5MjI0RjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr4SADBABn40IwDQYJKoZIhvcNAQELBQADggEBADPU67Fc
rbzrPRnAnn4IZzqsBN/zdZhE2p289vzrRlR8EBwzpvf/KJTJT/moF6dmZJHUivxZ
oXmkZ3O02ObyKpvVjNITFt5HbzCgpXPXChInx9IIL2OjceZBxdLB9XDJ3QB1Ea5N
BSAuYwuN6Sp3kZo1Xg42JPkMDeu/3SdVxCxy1/wwV/tXkFepKT0obkiZOwh7mmyA
FLOONt9LGabpfHbQtP+W/h4wQoTteCRD3D2cvPhFw6qerAwFgiVstox/J33JOFZf
Z/xOdpIvZ+56TZbSnsi2qi2d2/IAgov8K1c8+ScZBHPN5T/1kZ6L/ZZZZhho4x9b
aZAazOgcc874PGU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org