Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B59/E0B4C3C6C07711EC95DB4268C4F9AE02/32A890AAC07C11EC8DC38579C4F9AE02.roa
File:                     32A890AAC07C11EC8DC38579C4F9AE02.roa (raw, json)
Hash identifier:          +enoR5j8YeeigbagVyb1oMAnC2ah8IhsgDoe+F3S2QA=
Subject key identifier:   03:A4:B2:6F:C4:8E:1C:04:AA:D6:2F:A7:4D:82:28:7D:F1:08:45:97
Certificate issuer:       /CN=A91F3B59/serialNumber=27507DC7AADF8D091EF577BAF1F00D834788F750
Certificate serial:       07
Authority key identifier: 27:50:7D:C7:AA:DF:8D:09:1E:F5:77:BA:F1:F0:0D:83:47:88:F7:50
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J1B9x6rfjQke9Xe68fANg0eI91A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F3B59/E0B4C3C6C07711EC95DB4268C4F9AE02/32A890AAC07C11EC8DC38579C4F9AE02.roa
Signing time:             Fri 22 Apr 2022 01:14:55 +0000
ROA not before:           Fri 22 Apr 2022 01:14:55 +0000
ROA not after:            Fri 30 Dec 2022 00:00:00 +0000
asID:                     134548
IP address blocks:        103.101.28.0/24 maxlen: 24
                          103.101.29.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7 (0x7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F3B59/serialNumber=27507DC7AADF8D091EF577BAF1F00D834788F750
        Validity
            Not Before: Apr 22 01:14:55 2022 GMT
            Not After : Dec 30 00:00:00 2022 GMT
        Subject: CN=6262018f-3daf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c7:e6:4e:75:fd:8f:6f:b6:cb:69:ad:ed:0d:
                    ce:44:12:61:47:26:8c:85:52:5d:e5:76:d4:5b:77:
                    67:14:77:92:c9:94:09:77:67:32:94:20:4d:2c:51:
                    a4:3a:6a:97:ef:fe:55:1a:89:b1:2b:9d:e5:cb:39:
                    e3:5f:40:d9:a4:03:d0:89:e2:44:f2:84:29:4f:88:
                    4d:8a:be:66:1b:be:8f:fe:7b:ab:85:64:4f:5e:03:
                    ef:fd:56:87:2e:c9:4f:da:25:65:d5:be:6b:5a:4f:
                    25:3c:12:59:84:b5:f0:fb:3d:17:ad:f5:f1:60:ac:
                    ac:dc:51:90:41:f6:84:b9:3d:34:e8:5c:9e:4d:89:
                    0e:d3:af:b6:f2:4a:51:a8:fb:1c:93:31:78:1e:12:
                    b0:ae:fe:61:d4:ce:0a:68:3e:36:7c:de:6c:b2:83:
                    96:8d:bd:d8:c4:17:20:4c:8b:aa:1b:7d:52:87:28:
                    26:0b:f4:44:7e:4b:f5:1d:92:5d:51:38:21:7c:c7:
                    f9:73:6b:bc:9c:6a:0b:24:19:75:e7:25:1a:19:e7:
                    2a:71:3c:71:c3:56:69:c8:2f:16:f0:a6:d4:f8:ca:
                    b8:92:93:e8:78:14:af:34:ff:1a:05:7c:97:f5:a8:
                    fe:55:c3:62:c0:5e:e4:27:8e:46:7c:7a:e2:d2:85:
                    ce:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:A4:B2:6F:C4:8E:1C:04:AA:D6:2F:A7:4D:82:28:7D:F1:08:45:97
            X509v3 Authority Key Identifier:
                keyid:27:50:7D:C7:AA:DF:8D:09:1E:F5:77:BA:F1:F0:0D:83:47:88:F7:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F3B59/E0B4C3C6C07711EC95DB4268C4F9AE02/J1B9x6rfjQke9Xe68fANg0eI91A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J1B9x6rfjQke9Xe68fANg0eI91A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B59/E0B4C3C6C07711EC95DB4268C4F9AE02/32A890AAC07C11EC8DC38579C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.101.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:69:53:da:69:05:26:6d:1e:65:3f:52:fb:20:2f:09:2e:78:
         c4:77:0c:f9:82:d7:64:d6:a2:4c:b2:45:85:b8:27:9c:1b:8f:
         d3:f2:ac:a4:71:69:de:8c:69:cd:f9:f9:6a:b0:c6:65:a2:99:
         cf:c0:e4:76:95:d1:be:fd:2f:be:0e:f4:37:5c:b8:5e:75:28:
         cd:28:09:80:de:11:fd:62:aa:d8:51:05:0e:e0:a8:3f:91:fc:
         85:86:08:ff:ee:42:94:7e:3a:f7:6c:6c:06:16:88:c6:89:c0:
         cb:07:9c:4e:75:4b:da:09:35:08:66:43:13:44:5d:73:43:d8:
         7b:3d:cb:45:1e:ca:91:8f:f5:ec:d4:68:de:48:ff:40:71:58:
         97:f4:89:70:77:64:45:3b:51:73:2d:1d:d7:f3:b7:40:ae:c7:
         29:86:67:37:13:9d:49:96:00:eb:a2:b9:9d:57:01:fe:f0:9d:
         f6:71:ad:b0:99:aa:0f:22:b5:70:34:fd:a8:af:13:ba:8f:b9:
         d2:8e:ca:36:c7:52:e4:bb:6b:07:67:8d:dd:13:81:51:4a:49:
         3d:e6:8a:20:b5:b3:69:cb:e4:bd:00:08:8d:f3:70:8f:60:15:
         d8:02:41:ef:de:fb:f4:32:8d:54:40:69:21:06:31:26:dc:f9:
         78:06:4a:c8
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
M0I1OTExMC8GA1UEBRMoMjc1MDdEQzdBQURGOEQwOTFFRjU3N0JBRjFGMDBEODM0
Nzg4Rjc1MDAeFw0yMjA0MjIwMTE0NTVaFw0yMjEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNjIwMThmLTNkYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDKx+ZOdf2Pb7bLaa3tDc5EEmFHJoyFUl3ldtRbd2cUd5LJlAl3ZzKUIE0sUaQ6
apfv/lUaibErneXLOeNfQNmkA9CJ4kTyhClPiE2KvmYbvo/+e6uFZE9eA+/9Vocu
yU/aJWXVvmtaTyU8ElmEtfD7PRet9fFgrKzcUZBB9oS5PTToXJ5NiQ7Tr7bySlGo
+xyTMXgeErCu/mHUzgpoPjZ83myyg5aNvdjEFyBMi6obfVKHKCYL9ER+S/Udkl1R
OCF8x/lza7ycagskGXXnJRoZ5ypxPHHDVmnILxbwptT4yriSk+h4FK80/xoFfJf1
qP5Vw2LAXuQnjkZ8euLShc4xAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUA6Syb8SO
HASq1i+nTYIoffEIRZcwHwYDVR0jBBgwFoAUJ1B9x6rfjQke9Xe68fANg0eI91Aw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYzQjU5L0UwQjRDM0M2QzA3
NzExRUM5NURCNDI2OEM0RjlBRTAyL0oxQjl4NnJmalFrZTlYZTY4ZkFOZzBlSTkx
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSjFCOXg2cmZqUWtlOVhlNjhmQU5nMGVJOTFBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
M0I1OS9FMEI0QzNDNkMwNzcxMUVDOTVEQjQyNjhDNEY5QUUwMi8zMkE4OTBBQUMw
N0MxMUVDOERDMzg1NzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdlHDANBgkqhkiG9w0BAQsFAAOCAQEATWlT2mkFJm0eZT9S
+yAvCS54xHcM+YLXZNaiTLJFhbgnnBuP0/KspHFp3oxpzfn5arDGZaKZz8DkdpXR
vv0vvg70N1y4XnUozSgJgN4R/WKq2FEFDuCoP5H8hYYI/+5ClH4692xsBhaIxonA
ywecTnVL2gk1CGZDE0Rdc0PYez3LRR7KkY/17NRo3kj/QHFYl/SJcHdkRTtRcy0d
1/O3QK7HKYZnNxOdSZYA66K5nVcB/vCd9nGtsJmqDyK1cDT9qK8Tuo+50o7KNsdS
5LtrB2eN3ROBUUpJPeaKILWzacvkvQAIjfNwj2AV2AJB79779DKNVEBpIQYxJtz5
eAZKyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:38 2024 by rpki-client on console-ams.rpki-client.org