Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/SAvJ-gFhu3UyJ5MtDIM5qACwydI.roa
File:                     SAvJ-gFhu3UyJ5MtDIM5qACwydI.roa (raw, json)
Hash identifier:          q7spMoXpAU6SyWSGf9C0rCMoSxtda275nV4np9NUs8s=
Subject key identifier:   48:0B:C9:FA:01:61:BB:75:32:27:93:2D:0C:83:39:A8:00:B0:C9:D2
Certificate issuer:       /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
Certificate serial:       0D84
Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/SAvJ-gFhu3UyJ5MtDIM5qACwydI.roa
Signing time:             Wed 05 Jul 2023 01:25:06 +0000
ROA not before:           Wed 05 Jul 2023 01:25:06 +0000
ROA not after:            Fri 07 Jun 2024 02:16:11 +0000
asID:                     398704
IP address blocks:        219.72.160.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3460 (0xd84)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
        Validity
            Not Before: Jul  5 01:25:06 2023 GMT
            Not After : Jun  7 02:16:11 2024 GMT
        Subject: CN=480BC9FA0161BB753227932D0C8339A800B0C9D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:fe:ba:97:ba:38:aa:04:73:d9:5c:1d:61:4f:
                    26:87:81:c9:f5:da:ad:98:eb:cc:ed:9e:fb:84:62:
                    12:c6:c7:30:76:3b:96:91:43:c5:0b:3d:98:5a:6a:
                    a4:53:c3:6d:d4:31:c8:84:35:9c:8d:7c:72:a0:65:
                    5d:8c:04:c6:7b:af:3a:3d:ab:cc:28:ad:20:bc:e2:
                    72:0b:28:64:a6:c4:32:78:3d:f6:99:f3:0f:57:a8:
                    fa:02:9d:57:db:15:6f:5b:7f:3d:2a:51:7c:86:83:
                    ae:b1:a5:8b:41:0e:9c:b4:a8:71:62:7f:0c:1b:30:
                    29:dd:5a:89:30:1e:83:1c:5e:ee:4e:d1:91:33:f2:
                    33:59:26:b3:f2:57:33:01:a9:f1:57:6b:e2:14:6f:
                    9b:d2:5a:0e:1e:f4:19:57:e2:64:14:d1:3f:18:22:
                    7f:9d:ee:64:44:d3:be:3c:e3:1d:33:26:3a:68:ef:
                    50:84:61:e9:cb:7f:e1:11:b3:7c:68:c5:6b:d6:54:
                    d1:19:04:ac:81:b7:3d:22:c7:a8:1b:46:b3:b7:c3:
                    24:c6:55:86:58:21:51:ef:79:93:e2:db:76:36:75:
                    f5:a4:17:a2:b5:4d:56:1a:d8:5a:33:f7:79:3d:e8:
                    4d:3e:fb:ee:58:7b:69:fd:33:0f:46:7c:3a:ca:45:
                    c7:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:0B:C9:FA:01:61:BB:75:32:27:93:2D:0C:83:39:A8:00:B0:C9:D2
            X509v3 Authority Key Identifier:
                keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/SAvJ-gFhu3UyJ5MtDIM5qACwydI.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.72.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:b4:51:77:e1:76:7b:cf:09:8e:e4:0c:a5:bd:13:6c:7d:97:
         aa:c2:78:72:f9:09:ed:b0:d5:63:4a:8a:01:bf:ee:bf:0d:09:
         39:81:cb:4f:fc:fa:bd:2b:13:0c:ee:70:42:6a:7a:87:c7:2f:
         75:16:1e:72:f4:f9:39:a1:8a:fa:e6:e8:4c:9e:9a:3b:04:82:
         b0:f7:f9:8f:53:0a:ab:16:7b:f7:f6:43:97:16:ad:a3:dc:42:
         99:49:63:40:4e:d4:eb:23:a1:5e:86:5a:3a:e6:33:82:1f:98:
         ce:22:18:8e:15:cf:2c:db:f1:84:b7:bf:ab:37:56:6d:19:3d:
         97:14:76:d7:1d:0f:40:11:71:16:01:e8:05:43:dd:04:c1:30:
         d9:49:b9:26:7d:26:d9:b6:c6:f2:eb:d0:36:27:9a:39:0f:e4:
         04:45:2b:c0:a0:6a:5c:32:f7:c4:af:43:6c:31:57:cb:ae:07:
         f7:6d:78:2b:94:c1:36:0c:9c:c5:89:7b:10:09:8a:60:8e:78:
         f6:56:04:e4:cc:78:de:66:b6:49:00:58:83:81:5d:c8:2b:c1:
         bc:22:29:55:f1:67:c1:74:af:f1:4a:f5:e8:5a:63:26:1a:82:
         dd:06:2d:34:ab:15:35:cd:fb:f9:92:69:93:a0:7e:5b:48:2e:
         cb:5f:3a:39
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDYQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yMzA3MDUw
MTI1MDZaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDQ4MEJDOUZBMDE2MUJC
NzUzMjI3OTMyRDBDODMzOUE4MDBCMEM5RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc/rqXujiqBHPZXB1hTyaHgcn12q2Y68ztnvuEYhLGxzB2O5aR
Q8ULPZhaaqRTw23UMciENZyNfHKgZV2MBMZ7rzo9q8worSC84nILKGSmxDJ4PfaZ
8w9XqPoCnVfbFW9bfz0qUXyGg66xpYtBDpy0qHFifwwbMCndWokwHoMcXu5O0ZEz
8jNZJrPyVzMBqfFXa+IUb5vSWg4e9BlX4mQU0T8YIn+d7mRE07484x0zJjpo71CE
YenLf+ERs3xoxWvWVNEZBKyBtz0ix6gbRrO3wyTGVYZYIVHveZPi23Y2dfWkF6K1
TVYa2Foz93k96E0+++5Ye2n9Mw9GfDrKRcexAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUSAvJ+gFhu3UyJ5MtDIM5qACwydIwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF
S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3
L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L1NBdkotZ0ZodTNVeUo1
TXRESU01cUFDd3lkSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADbSKAwDQYJKoZIhvcNAQELBQADggEBAJq0UXfhdnvPCY7kDKW9E2x9l6rCeHL5
Ce2w1WNKigG/7r8NCTmBy0/8+r0rEwzucEJqeofHL3UWHnL0+Tmhivrm6EyemjsE
grD3+Y9TCqsWe/f2Q5cWraPcQplJY0BO1OsjoV6GWjrmM4IfmM4iGI4Vzyzb8YS3
v6s3Vm0ZPZcUdtcdD0ARcRYB6AVD3QTBMNlJuSZ9Jtm2xvLr0DYnmjkP5ARFK8Cg
alwy98SvQ2wxV8uuB/dteCuUwTYMnMWJexAJimCOePZWBOTMeN5mtkkAWIOBXcgr
wbwiKVXxZ8F0r/FK9ehaYyYagt0GLTSrFTXN+/mSaZOgfltILstfOjk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org