Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8DF5/EE567128D98511EDA25CC831C4F9AE02/21087BBCE5CE11EDB697BC74C4F9AE02.roa
File:                     21087BBCE5CE11EDB697BC74C4F9AE02.roa (raw, json)
Hash identifier:          Cx9KYYRrshROzIzVAwhOLuOZVHCIlx+CWzKkcH7dvOg=
Subject key identifier:   91:08:E5:E7:50:1E:33:76:FC:7F:05:0E:99:86:4C:B7:44:4D:7A:BA
Certificate issuer:       /CN=A91E8DF5/serialNumber=029649105BEF3C16B764C83E0121F63BF5032CAA
Certificate serial:       52
Authority key identifier: 02:96:49:10:5B:EF:3C:16:B7:64:C8:3E:01:21:F6:3B:F5:03:2C:AA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ApZJEFvvPBa3ZMg-ASH2O_UDLKo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E8DF5/EE567128D98511EDA25CC831C4F9AE02/21087BBCE5CE11EDB697BC74C4F9AE02.roa
Signing time:             Thu 17 Aug 2023 04:31:10 +0000
ROA not before:           Thu 17 Aug 2023 04:31:10 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     151188
IP address blocks:        103.224.92.0/24 maxlen: 24
                          103.244.163.0/24 maxlen: 24
                          2001:df2:45c1::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82 (0x52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E8DF5/serialNumber=029649105BEF3C16B764C83E0121F63BF5032CAA
        Validity
            Not Before: Aug 17 04:31:10 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=64dda28e-7b6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:6f:f2:5d:43:67:02:92:37:6a:dd:11:01:ea:
                    17:24:1c:9b:9c:28:76:a1:d1:d1:99:04:60:07:1b:
                    0c:b1:e8:b2:98:b9:87:d3:8f:df:3c:dd:c2:20:a5:
                    10:05:37:6e:a0:ff:41:47:78:32:c4:e3:ce:70:5c:
                    c3:9d:d6:e5:4a:51:ee:63:8c:0c:8f:d0:73:28:8f:
                    06:26:3e:b2:cc:d1:7e:52:53:20:ce:17:9d:62:ac:
                    c0:ab:36:d6:87:5a:82:d0:28:c9:4e:c4:a0:46:e4:
                    08:0e:1a:a7:46:34:08:26:41:21:e0:2b:b0:f4:58:
                    67:de:a6:77:af:4e:e6:cd:a6:42:31:58:9a:b6:05:
                    b7:c7:d6:33:21:5a:74:3c:05:88:d7:86:a1:68:12:
                    73:e7:69:da:56:b6:15:2e:5d:e8:91:26:cb:eb:0a:
                    7e:41:8b:70:6f:51:b0:1d:63:9c:3b:83:61:ec:90:
                    31:76:1b:bf:f1:d1:2c:5d:22:f0:cd:79:91:94:b3:
                    a6:19:96:4b:cd:d0:3c:86:06:1d:8b:f8:13:e0:d9:
                    65:76:c9:2b:ef:0c:17:39:f0:de:32:7d:50:63:f0:
                    b6:d6:43:0a:55:c9:d8:69:d1:37:81:6c:c7:40:55:
                    73:cc:e6:ab:84:d5:ed:7c:69:fe:da:bc:8d:a0:2b:
                    1d:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:08:E5:E7:50:1E:33:76:FC:7F:05:0E:99:86:4C:B7:44:4D:7A:BA
            X509v3 Authority Key Identifier:
                keyid:02:96:49:10:5B:EF:3C:16:B7:64:C8:3E:01:21:F6:3B:F5:03:2C:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/EE567128D98511EDA25CC831C4F9AE02/ApZJEFvvPBa3ZMg-ASH2O_UDLKo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ApZJEFvvPBa3ZMg-ASH2O_UDLKo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8DF5/EE567128D98511EDA25CC831C4F9AE02/21087BBCE5CE11EDB697BC74C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.224.92.0/24
                  103.244.163.0/24
                IPv6:
                  2001:df2:45c1::/48

    Signature Algorithm: sha256WithRSAEncryption
         c9:11:d9:33:dc:5a:8e:ed:db:37:64:ee:47:2a:fb:b6:22:f6:
         f8:64:04:2f:47:6e:43:21:db:de:99:b3:93:ef:9a:59:20:24:
         3e:9c:a7:36:1f:c7:f3:63:3d:26:e3:9d:6f:63:07:86:62:d2:
         c4:f2:c3:b5:f8:10:4a:34:b7:51:f4:37:64:04:85:eb:7c:a8:
         5a:25:57:97:7b:be:90:43:e4:5b:2e:a4:c3:51:97:36:49:e0:
         6a:42:54:95:a9:bd:93:50:40:44:aa:d0:5e:7d:f0:04:02:f0:
         9d:72:d7:e0:e1:e6:76:cb:7f:c2:f5:ca:cb:c8:c1:5f:fa:16:
         6a:61:76:27:31:23:50:ad:f1:cb:6f:7f:f1:38:6d:0b:17:36:
         fd:75:47:16:6a:ee:be:57:ed:6c:3e:11:a5:dd:96:d1:f8:c8:
         68:df:87:0a:d1:74:56:56:c7:fc:d1:2c:51:ef:26:69:1e:31:
         62:39:b1:a7:14:5d:7a:aa:4d:42:f1:e7:6f:93:26:0b:b5:4f:
         3c:80:fe:da:48:a2:e6:f2:6b:1b:04:48:ea:c9:0a:05:93:2f:
         a7:42:9e:33:ae:2d:83:e9:fe:20:8f:c6:80:47:cc:d8:0a:fd:
         70:c8:dd:78:cf:1f:8b:5a:82:08:9f:65:91:be:56:2d:76:bf:
         e5:58:1f:ff
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBUjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
OERGNTExMC8GA1UEBRMoMDI5NjQ5MTA1QkVGM0MxNkI3NjRDODNFMDEyMUY2M0JG
NTAzMkNBQTAeFw0yMzA4MTcwNDMxMTBaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZGRhMjhlLTdiNmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAb/JdQ2cCkjdq3REB6hckHJucKHah0dGZBGAHGwyx6LKYuYfTj9883cIgpRAF
N26g/0FHeDLE485wXMOd1uVKUe5jjAyP0HMojwYmPrLM0X5SUyDOF51irMCrNtaH
WoLQKMlOxKBG5AgOGqdGNAgmQSHgK7D0WGfepnevTubNpkIxWJq2BbfH1jMhWnQ8
BYjXhqFoEnPnadpWthUuXeiRJsvrCn5Bi3BvUbAdY5w7g2HskDF2G7/x0SxdIvDN
eZGUs6YZlkvN0DyGBh2L+BPg2WV2ySvvDBc58N4yfVBj8LbWQwpVydhp0TeBbMdA
VXPM5quE1e18af7avI2gKx3/AgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUkQjl51Ae
M3b8fwUOmYZMt0RNerowHwYDVR0jBBgwFoAUApZJEFvvPBa3ZMg+ASH2O/UDLKow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4REY1L0VFNTY3MTI4RDk4
NTExRURBMjVDQzgzMUM0RjlBRTAyL0FwWkpFRnZ2UEJhM1pNZy1BU0gyT19VRExL
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQXBaSkVGdnZQQmEzWk1nLUFTSDJPX1VETEtvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OERGNS9FRTU2NzEyOEQ5ODUxMUVEQTI1Q0M4MzFDNEY5QUUwMi8yMTA4N0JCQ0U1
Q0UxMUVEQjY5N0JDNzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn
MCUwEgQCAAEwDAMEAGfgXAMEAGf0ozAPBAIAAjAJAwcAIAEN8kXBMA0GCSqGSIb3
DQEBCwUAA4IBAQDJEdkz3FqO7ds3ZO5HKvu2Ivb4ZAQvR25DIdvembOT75pZICQ+
nKc2H8fzYz0m451vYweGYtLE8sO1+BBKNLdR9DdkBIXrfKhaJVeXe76QQ+RbLqTD
UZc2SeBqQlSVqb2TUEBEqtBeffAEAvCdctfg4eZ2y3/C9crLyMFf+hZqYXYnMSNQ
rfHLb3/xOG0LFzb9dUcWau6+V+1sPhGl3ZbR+Mho34cK0XRWVsf80SxR7yZpHjFi
ObGnFF16qk1C8edvkyYLtU88gP7aSKLm8msbBEjqyQoFky+nQp4zri2D6f4gj8aA
R8zYCv1wyN14zx+LWoIIn2WRvlYtdr/lWB//
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:36 2024 by rpki-client on console-ams.rpki-client.org