Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8DF5/EE567128D98511EDA25CC831C4F9AE02/00F0A452E0ED11EDB8C1E674C4F9AE02.roa
File:                     00F0A452E0ED11EDB8C1E674C4F9AE02.roa (raw, json)
Hash identifier:          wwVKyjvVrQbryytXatZu3gMsnGRKEIJoMYo0EpngxMg=
Subject key identifier:   77:47:24:2E:8A:33:2C:B6:88:BC:1E:84:02:A3:A8:6D:FB:49:60:87
Certificate issuer:       /CN=A91E8DF5/serialNumber=029649105BEF3C16B764C83E0121F63BF5032CAA
Certificate serial:       0B
Authority key identifier: 02:96:49:10:5B:EF:3C:16:B7:64:C8:3E:01:21:F6:3B:F5:03:2C:AA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ApZJEFvvPBa3ZMg-ASH2O_UDLKo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E8DF5/EE567128D98511EDA25CC831C4F9AE02/00F0A452E0ED11EDB8C1E674C4F9AE02.roa
Signing time:             Sat 22 Apr 2023 09:06:45 +0000
ROA not before:           Sat 22 Apr 2023 09:06:45 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     151188
IP address blocks:        2001:df2:45c0::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11 (0xb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E8DF5/serialNumber=029649105BEF3C16B764C83E0121F63BF5032CAA
        Validity
            Not Before: Apr 22 09:06:45 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=6443a3a4-a5ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:7c:f3:5e:3c:04:e8:8d:fd:04:99:16:d6:7b:
                    f5:70:4e:ea:c8:9f:1a:58:18:1a:66:61:3e:56:a0:
                    a2:d1:ad:85:0d:9a:27:80:8e:83:de:c0:5b:1c:7e:
                    5d:5a:6c:df:e4:16:d8:b5:4c:9e:f4:73:ed:54:e0:
                    4c:30:60:7b:49:a6:0e:8b:0e:94:71:b5:c5:90:6d:
                    56:70:bb:92:f8:9e:c9:d5:8d:6b:93:37:ad:5d:60:
                    5e:43:8a:62:f3:ff:39:65:50:52:47:d9:00:87:ea:
                    eb:6b:72:ea:8c:2a:22:a3:6b:e8:a4:03:87:26:fd:
                    79:c8:6c:f6:85:00:09:f5:9d:52:6b:e7:5a:0d:8a:
                    c1:98:50:87:57:d3:83:f1:65:62:f0:a6:08:6b:28:
                    94:a6:ee:71:21:72:ce:0f:48:e0:99:0e:3c:e9:37:
                    38:d1:58:ba:72:2a:9f:85:10:78:5c:8a:a7:f9:6a:
                    40:50:e1:b5:c4:2f:4b:15:8d:7e:92:92:4f:a1:72:
                    1b:7f:33:20:6a:4b:04:49:a1:c5:b4:20:f5:58:f8:
                    70:e2:c2:65:0e:e4:36:36:7d:3d:c2:23:ca:09:d2:
                    d3:3a:41:e6:fa:19:d2:20:7e:43:4f:d1:9e:b7:f5:
                    e9:92:f9:4a:3a:3c:75:99:2d:e7:29:6a:66:86:95:
                    51:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:47:24:2E:8A:33:2C:B6:88:BC:1E:84:02:A3:A8:6D:FB:49:60:87
            X509v3 Authority Key Identifier:
                keyid:02:96:49:10:5B:EF:3C:16:B7:64:C8:3E:01:21:F6:3B:F5:03:2C:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/EE567128D98511EDA25CC831C4F9AE02/ApZJEFvvPBa3ZMg-ASH2O_UDLKo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ApZJEFvvPBa3ZMg-ASH2O_UDLKo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/EE567128D98511EDA25CC831C4F9AE02/00F0A452E0ED11EDB8C1E674C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df2:45c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         ce:6d:63:1a:59:7c:71:88:df:5d:3a:c0:e4:0a:15:84:88:22:
         c7:b4:d4:a5:b9:57:14:7a:d5:4d:57:81:e0:b2:c6:9a:69:83:
         15:da:d3:8d:4a:6b:4c:37:56:b3:02:ee:fd:ec:42:42:e3:4f:
         b7:77:2a:b7:3b:20:da:9b:c4:fa:c9:c1:75:be:de:14:c3:2b:
         27:68:39:c9:5d:b7:d8:cd:76:5a:e8:3b:e4:3c:61:c8:7d:ad:
         05:97:5a:f5:51:61:ed:97:0f:bd:99:5a:f3:42:b7:1a:cd:42:
         e9:88:bd:79:89:27:1a:a9:a2:bf:11:8d:0c:83:8d:a7:24:4f:
         2f:04:a4:55:e6:a5:bd:ef:0b:cb:c7:af:c7:f3:39:a1:ac:be:
         7b:29:8e:ed:66:0b:33:1c:5c:6e:b1:ec:be:a2:38:64:67:0a:
         52:aa:0a:3c:ea:71:cc:d9:02:ac:ca:2d:17:5b:56:cb:cc:36:
         53:42:6d:ff:d1:d1:9c:21:fd:b5:dd:b4:8e:a0:c9:71:bb:c0:
         e6:f5:25:6d:1d:dc:31:bf:b1:4d:72:60:f8:06:00:d1:eb:5c:
         c5:6a:e8:70:b4:b8:c4:7e:71:cc:16:3f:8c:0b:e2:22:42:c4:
         29:57:6e:d1:f1:2a:e1:bc:f4:28:47:73:29:de:ec:30:af:ff:
         13:d0:60:ef
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
OERGNTExMC8GA1UEBRMoMDI5NjQ5MTA1QkVGM0MxNkI3NjRDODNFMDEyMUY2M0JG
NTAzMkNBQTAeFw0yMzA0MjIwOTA2NDVaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NDNhM2E0LWE1YmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCifPNePATojf0EmRbWe/VwTurInxpYGBpmYT5WoKLRrYUNmieAjoPewFscfl1a
bN/kFti1TJ70c+1U4EwwYHtJpg6LDpRxtcWQbVZwu5L4nsnVjWuTN61dYF5DimLz
/zllUFJH2QCH6utrcuqMKiKja+ikA4cm/XnIbPaFAAn1nVJr51oNisGYUIdX04Px
ZWLwpghrKJSm7nEhcs4PSOCZDjzpNzjRWLpyKp+FEHhciqf5akBQ4bXEL0sVjX6S
kk+hcht/MyBqSwRJocW0IPVY+HDiwmUO5DY2fT3CI8oJ0tM6Qeb6GdIgfkNP0Z63
9emS+Uo6PHWZLecpamaGlVEHAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUd0ckLooz
LLaIvB6EAqOobftJYIcwHwYDVR0jBBgwFoAUApZJEFvvPBa3ZMg+ASH2O/UDLKow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4REY1L0VFNTY3MTI4RDk4
NTExRURBMjVDQzgzMUM0RjlBRTAyL0FwWkpFRnZ2UEJhM1pNZy1BU0gyT19VRExL
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQXBaSkVGdnZQQmEzWk1nLUFTSDJPX1VETEtvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OERGNS9FRTU2NzEyOEQ5ODUxMUVEQTI1Q0M4MzFDNEY5QUUwMi8wMEYwQTQ1MkUw
RUQxMUVEQjhDMUU2NzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfJFwDANBgkqhkiG9w0BAQsFAAOCAQEAzm1jGll8cYjf
XTrA5AoVhIgix7TUpblXFHrVTVeB4LLGmmmDFdrTjUprTDdWswLu/exCQuNPt3cq
tzsg2pvE+snBdb7eFMMrJ2g5yV232M12Wug75DxhyH2tBZda9VFh7ZcPvZla80K3
Gs1C6Yi9eYknGqmivxGNDIONpyRPLwSkVealve8Ly8evx/M5oay+eymO7WYLMxxc
brHsvqI4ZGcKUqoKPOpxzNkCrMotF1tWy8w2U0Jt/9HRnCH9td20jqDJcbvA5vUl
bR3cMb+xTXJg+AYA0etcxWrocLS4xH5xzBY/jAviIkLEKVdu0fEq4bz0KEdzKd7s
MK//E9Bg7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org