Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/GIDWPNH8gIFzFviLLsFWzA_F8D0.roa
File:                     GIDWPNH8gIFzFviLLsFWzA_F8D0.roa (raw, json)
Hash identifier:          lX7mayy9rWGDf/79uHlDk+qgzhzW01SLU0a2ns0pnN0=
Subject key identifier:   18:80:D6:3C:D1:FC:80:81:73:16:F8:8B:2E:C1:56:CC:0F:C5:F0:3D
Certificate issuer:       /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial:       0CE1
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GIDWPNH8gIFzFviLLsFWzA_F8D0.roa
Signing time:             Wed 13 Mar 2024 01:21:59 +0000
ROA not before:           Wed 13 Mar 2024 01:21:59 +0000
ROA not after:            Fri 07 Jun 2024 02:16:11 +0000
asID:                     50983
IP address blocks:        2403:1b80::/32 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3297 (0xce1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
        Validity
            Not Before: Mar 13 01:21:59 2024 GMT
            Not After : Jun  7 02:16:11 2024 GMT
        Subject: CN=1880D63CD1FC80817316F88B2EC156CC0FC5F03D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e7:e3:16:13:fd:5b:0c:e6:64:2d:9e:ac:85:
                    de:08:4f:e9:da:ec:eb:7f:b2:1f:a7:dc:7f:58:be:
                    e7:c4:57:51:30:24:f3:2a:ca:e4:eb:4a:6f:34:b3:
                    bd:94:3f:71:42:3f:0f:d3:b6:3a:07:31:44:91:b4:
                    6a:91:bc:ca:19:cc:e4:3e:b9:be:56:b4:43:df:38:
                    35:a4:ad:38:80:26:8f:84:e7:1d:d4:2a:ae:56:54:
                    e6:93:b7:1d:f4:f7:a8:2e:40:18:35:82:4b:b2:b7:
                    27:e2:c5:b2:61:42:3b:b8:13:2f:cf:9a:58:d9:80:
                    89:ae:a8:69:4b:b4:07:11:b4:73:45:ac:c0:66:51:
                    00:18:01:79:e6:4a:e5:5c:c9:9c:8b:ac:0e:cc:67:
                    47:14:b9:19:1a:7c:df:45:8c:43:99:48:ef:1c:08:
                    91:43:b8:10:8b:c1:8f:57:2b:41:4e:e5:66:8c:b2:
                    d7:3f:b4:e4:56:a9:30:5b:63:b5:51:7e:8d:10:c3:
                    c8:19:02:8a:c5:c0:ed:a3:d1:9c:78:47:68:08:f6:
                    a2:b2:7f:a2:3a:1a:5e:df:42:47:a4:6d:d8:c9:93:
                    56:83:23:7e:d0:d2:bd:07:9e:01:96:3a:c9:44:3b:
                    3e:d6:fa:8d:b6:61:34:71:91:63:65:fe:1c:77:c2:
                    2e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:80:D6:3C:D1:FC:80:81:73:16:F8:8B:2E:C1:56:CC:0F:C5:F0:3D
            X509v3 Authority Key Identifier:
                keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GIDWPNH8gIFzFviLLsFWzA_F8D0.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:1b80::/32

    Signature Algorithm: sha256WithRSAEncryption
         d0:a0:e4:84:a2:37:52:82:79:35:ef:d2:6d:ab:48:8c:e0:b2:
         87:43:f3:b1:24:7e:31:f9:69:c6:07:fc:4d:92:6d:b5:82:63:
         a9:87:f5:db:8a:27:ef:30:42:b1:6a:57:a7:4a:cc:81:6c:0d:
         9b:47:45:e2:81:2c:21:ff:53:ee:8d:36:2d:d8:e6:04:ae:49:
         ff:f2:2c:2c:8a:b6:fd:5b:5d:84:58:61:43:e8:f3:29:37:8b:
         d6:e1:c3:5c:fd:05:56:31:4f:75:07:c3:75:6e:83:ca:6a:98:
         8a:1d:0c:36:51:99:42:f7:f5:d0:3f:9a:8b:cd:a8:a9:42:d4:
         d9:6c:ca:69:d4:e5:27:a5:3d:a1:49:18:e5:18:af:0b:54:57:
         6d:07:bb:7d:8a:ee:d6:a6:8a:7b:79:0f:de:3e:59:95:0f:ec:
         ab:b9:38:dd:a1:24:2d:46:f2:94:7c:ca:14:7c:ab:3c:2d:2f:
         00:ef:cf:aa:f4:39:ea:a9:4c:56:2f:f1:06:b8:49:10:46:2b:
         a4:6e:66:f7:de:6f:63:40:0e:2a:ad:94:f0:c5:93:ea:00:a2:
         68:d7:1b:28:46:c0:79:0e:87:a5:28:9a:58:64:03:c9:6e:e4:
         89:ec:2a:83:f2:a5:57:3d:47:3d:7b:1c:2b:73:e5:c3:aa:f4:
         9e:0e:f2:8c
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDOEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDAzMTMw
MTIxNTlaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDE4ODBENjNDRDFGQzgw
ODE3MzE2Rjg4QjJFQzE1NkNDMEZDNUYwM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCk5+MWE/1bDOZkLZ6shd4IT+na7Ot/sh+n3H9YvufEV1EwJPMq
yuTrSm80s72UP3FCPw/TtjoHMUSRtGqRvMoZzOQ+ub5WtEPfODWkrTiAJo+E5x3U
Kq5WVOaTtx3096guQBg1gkuytyfixbJhQju4Ey/PmljZgImuqGlLtAcRtHNFrMBm
UQAYAXnmSuVcyZyLrA7MZ0cUuRkafN9FjEOZSO8cCJFDuBCLwY9XK0FO5WaMstc/
tORWqTBbY7VRfo0Qw8gZAorFwO2j0Zx4R2gI9qKyf6I6Gl7fQkekbdjJk1aDI37Q
0r0HngGWOslEOz7W+o22YTRxkWNl/hx3wi6xAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUGIDWPNH8gIFzFviLLsFWzA/F8D0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0dJRFdQTkg4Z0lGekZ2
aUxMc0ZXekFfRjhEMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkAxuAMA0GCSqGSIb3DQEBCwUAA4IBAQDQoOSEojdSgnk179Jtq0iM4LKHQ/Ox
JH4x+WnGB/xNkm21gmOph/XbiifvMEKxalenSsyBbA2bR0XigSwh/1PujTYt2OYE
rkn/8iwsirb9W12EWGFD6PMpN4vW4cNc/QVWMU91B8N1boPKapiKHQw2UZlC9/XQ
P5qLzaipQtTZbMpp1OUnpT2hSRjlGK8LVFdtB7t9iu7Wpop7eQ/ePlmVD+yruTjd
oSQtRvKUfMoUfKs8LS8A78+q9DnqqUxWL/EGuEkQRiukbmb33m9jQA4qrZTwxZPq
AKJo1xsoRsB5DoelKJpYZAPJbuSJ7CqD8qVXPUc9exwrc+XDqvSeDvKM
-----END CERTIFICATE-----
Generated at Fri Jun 7 04:05:12 2024 by rpki-client on console-ams.rpki-client.org