Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2526/OQLvjIX54lRt3_kAcLN2u5xL6M8.roa
File:                     OQLvjIX54lRt3_kAcLN2u5xL6M8.roa (raw, json)
Hash identifier:          1P8UWXkbjgJE8XmhY4zIQFTYaQJO7aR2bgse/+VGIPQ=
Subject key identifier:   39:02:EF:8C:85:F9:E2:54:6D:DF:F9:00:70:B3:76:BB:9C:4B:E8:CF
Certificate issuer:       /CN=B1D844B1986E736466F5A18FF06B298EFCBBD6ED
Certificate serial:       08DF
Authority key identifier: B1:D8:44:B1:98:6E:73:64:66:F5:A1:8F:F0:6B:29:8E:FC:BB:D6:ED
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sdhEsZhuc2Rm9aGP8Gspjvy71u0.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2526/OQLvjIX54lRt3_kAcLN2u5xL6M8.roa
Signing time:             Sat 26 Aug 2023 07:20:32 +0000
ROA not before:           Sat 26 Aug 2023 07:20:32 +0000
ROA not after:            Fri 07 Jun 2024 02:16:11 +0000
asID:                     138645
IP address blocks:        103.96.214.0/24 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2271 (0x8df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B1D844B1986E736466F5A18FF06B298EFCBBD6ED
        Validity
            Not Before: Aug 26 07:20:32 2023 GMT
            Not After : Jun  7 02:16:11 2024 GMT
        Subject: CN=3902EF8C85F9E2546DDFF90070B376BB9C4BE8CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:35:60:ef:36:f7:21:5f:08:69:70:6b:8e:68:
                    5e:c9:a8:01:af:60:8e:32:f0:35:95:a4:ba:6a:5d:
                    82:80:d9:6e:10:d3:82:5c:82:ea:2f:5a:20:a0:94:
                    0f:15:05:86:f5:9b:9e:a8:65:a9:0b:4a:f8:77:67:
                    88:49:87:11:d1:d7:8a:80:40:64:35:62:d1:a4:b6:
                    93:d9:84:7c:e8:53:cd:01:18:13:90:64:41:b7:9d:
                    01:d5:bb:c0:7a:ff:f7:51:88:71:4e:f1:c9:bb:94:
                    02:01:5f:26:15:30:1d:97:7c:52:a9:14:f1:ff:08:
                    e4:85:cf:00:c0:02:a5:df:27:4c:5e:ba:e1:d0:1a:
                    1b:9a:75:0c:9f:93:77:1e:90:51:43:ea:92:fa:b3:
                    69:b0:c6:2e:57:08:43:b2:00:7a:23:a1:5b:40:47:
                    70:03:7c:7e:8f:ed:e0:6b:0e:d8:d3:e0:9f:34:bf:
                    a0:7c:8c:4e:79:a3:f1:39:8e:28:4f:84:cb:4b:98:
                    35:fc:01:71:a4:d4:1f:aa:41:78:e3:b3:d0:b2:ee:
                    4b:d0:2a:ef:95:6d:69:fa:fa:00:9b:15:85:54:3b:
                    4e:cf:f5:d9:5d:43:11:c9:71:b6:ac:ad:2a:1f:1d:
                    ed:b3:24:b0:c7:f8:bd:a9:e4:7b:b9:eb:f8:c8:dd:
                    35:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:02:EF:8C:85:F9:E2:54:6D:DF:F9:00:70:B3:76:BB:9C:4B:E8:CF
            X509v3 Authority Key Identifier:
                keyid:B1:D8:44:B1:98:6E:73:64:66:F5:A1:8F:F0:6B:29:8E:FC:BB:D6:ED

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2526/sdhEsZhuc2Rm9aGP8Gspjvy71u0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sdhEsZhuc2Rm9aGP8Gspjvy71u0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2526/OQLvjIX54lRt3_kAcLN2u5xL6M8.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.96.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:36:04:e8:76:c2:94:0b:7d:b6:3e:c7:b3:2a:0e:7d:27:50:
         f9:ac:e4:e3:0f:1f:e1:94:e6:62:9e:08:dd:19:36:97:3c:db:
         ab:84:ea:39:63:36:ab:57:31:0d:64:2f:64:72:a8:45:73:7c:
         ed:14:55:36:6b:a5:9d:78:a1:2b:21:c1:62:b4:13:f9:0b:b9:
         f7:fe:67:9e:aa:74:fb:d8:78:cf:45:51:19:db:1b:8e:e7:d2:
         22:96:e5:fd:1c:75:a3:1f:66:23:64:be:23:bd:da:55:82:30:
         ab:ab:ae:cb:b8:5a:c0:38:71:36:bf:47:b2:d5:41:26:16:34:
         f2:b7:79:60:af:43:31:b2:43:8a:d5:45:c1:1f:f4:d8:1b:0c:
         90:a9:74:31:aa:8d:5b:1b:37:77:c4:86:0f:b1:0d:49:3e:d9:
         86:fa:23:2b:e1:37:0b:8e:1a:1a:64:15:8c:bf:b1:57:a9:56:
         fb:d2:d9:0d:b4:d1:2f:28:93:bb:35:38:47:67:bf:fc:c2:ab:
         bb:9c:87:c4:25:28:71:3c:d9:52:1e:75:c8:93:e2:56:da:fd:
         56:78:36:1a:58:c8:87:ce:ac:4f:c5:f0:9f:14:40:90:8d:9a:
         b1:49:fd:2a:d8:3d:0b:69:c5:54:f6:e0:08:8a:9f:9d:6d:54:
         69:fe:b2:88
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjFE
ODQ0QjE5ODZFNzM2NDY2RjVBMThGRjA2QjI5OEVGQ0JCRDZFRDAeFw0yMzA4MjYw
NzIwMzJaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDM5MDJFRjhDODVGOUUy
NTQ2RERGRjkwMDcwQjM3NkJCOUM0QkU4Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnNWDvNvchXwhpcGuOaF7JqAGvYI4y8DWVpLpqXYKA2W4Q04Jc
guovWiCglA8VBYb1m56oZakLSvh3Z4hJhxHR14qAQGQ1YtGktpPZhHzoU80BGBOQ
ZEG3nQHVu8B6//dRiHFO8cm7lAIBXyYVMB2XfFKpFPH/COSFzwDAAqXfJ0xeuuHQ
GhuadQyfk3cekFFD6pL6s2mwxi5XCEOyAHojoVtAR3ADfH6P7eBrDtjT4J80v6B8
jE55o/E5jihPhMtLmDX8AXGk1B+qQXjjs9Cy7kvQKu+VbWn6+gCbFYVUO07P9dld
QxHJcbasrSofHe2zJLDH+L2p5Hu56/jI3TX9AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUOQLvjIX54lRt3/kAcLN2u5xL6M8wHwYDVR0jBBgwFoAUsdhEsZhuc2Rm9aGP
8Gspjvy71u0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUy
Ni9zZGhFc1podWMyUm05YUdQOEdzcGp2eTcxdTAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NkaEVzWmh1YzJSbTlhR1A4R3NwanZ5NzF1MC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MjYvT1FMdmpJWDU0bFJ0
M19rQWNMTjJ1NXhMNk04LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGdg1jANBgkqhkiG9w0BAQsFAAOCAQEATDYE6HbClAt9tj7HsyoOfSdQ+azk
4w8f4ZTmYp4I3Rk2lzzbq4TqOWM2q1cxDWQvZHKoRXN87RRVNmulnXihKyHBYrQT
+Qu59/5nnqp0+9h4z0VRGdsbjufSIpbl/Rx1ox9mI2S+I73aVYIwq6uuy7hawDhx
Nr9HstVBJhY08rd5YK9DMbJDitVFwR/02BsMkKl0MaqNWxs3d8SGD7ENST7Zhvoj
K+E3C44aGmQVjL+xV6lW+9LZDbTRLyiTuzU4R2e//MKru5yHxCUocTzZUh51yJPi
Vtr9Vng2GljIh86sT8XwnxRAkI2asUn9Ktg9C2nFVPbgCIqfnW1Uaf6yiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:25 2024 by rpki-client on console-ams.rpki-client.org