Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/UD4Rvlz5yWhUaXcgbnx6uCxv_Bs.roa
File:                     UD4Rvlz5yWhUaXcgbnx6uCxv_Bs.roa (raw, json)
Hash identifier:          47TT+6Wqw50jwoVY46de6eEo/O++fuFWOdfjIWxXdNI=
Subject key identifier:   50:3E:11:BE:5C:F9:C9:68:54:69:77:20:6E:7C:7A:B8:2C:6F:FC:1B
Certificate issuer:       /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial:       0CD8
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/UD4Rvlz5yWhUaXcgbnx6uCxv_Bs.roa
Signing time:             Wed 13 Mar 2024 01:21:56 +0000
ROA not before:           Wed 13 Mar 2024 01:21:56 +0000
ROA not after:            Fri 07 Jun 2024 02:16:11 +0000
asID:                     59083
IP address blocks:        2403:1b80::/48 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3288 (0xcd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
        Validity
            Not Before: Mar 13 01:21:56 2024 GMT
            Not After : Jun  7 02:16:11 2024 GMT
        Subject: CN=503E11BE5CF9C968546977206E7C7AB82C6FFC1B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a0:7b:e0:e9:9c:55:e8:43:92:2f:fd:cd:b4:
                    95:8e:3e:9c:05:fa:af:ec:ea:fb:54:f8:ea:f3:07:
                    36:10:00:cf:b5:02:58:c8:33:6f:05:f3:83:19:20:
                    21:6d:db:98:4e:78:27:52:e4:6a:08:04:f8:1d:60:
                    5b:a8:49:18:2f:aa:18:ab:9c:5e:bb:b8:d3:dc:f1:
                    2d:c9:9c:24:d8:fd:4f:ba:d3:ee:88:d1:d6:0e:da:
                    a1:d8:52:f9:b7:39:b6:99:a1:a6:46:93:1b:ad:ef:
                    d3:3f:26:b2:32:40:ec:d4:93:7e:d7:48:a2:28:02:
                    79:77:b9:f2:4b:e3:9f:c3:2a:c0:6a:d1:7b:c3:06:
                    a0:98:63:19:ab:0c:d8:4b:73:60:e6:1a:7f:c4:70:
                    ca:1c:f8:f9:60:c2:cd:c2:fd:75:a2:1b:17:1b:f1:
                    c9:8e:9b:44:42:6d:41:9c:a6:98:fc:79:c6:c7:8a:
                    39:e7:dd:27:65:1e:63:cc:13:fb:5b:77:d4:24:be:
                    2f:f9:da:ce:1f:5b:93:f4:60:62:fb:af:bc:46:c4:
                    88:7a:2e:2d:0f:bd:db:fe:92:e9:44:1d:71:70:81:
                    8e:02:71:d2:3a:6f:e5:ed:35:1e:97:14:5e:24:91:
                    ae:c4:e6:80:20:b8:78:43:2a:0c:e6:b0:8f:98:c3:
                    6a:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:3E:11:BE:5C:F9:C9:68:54:69:77:20:6E:7C:7A:B8:2C:6F:FC:1B
            X509v3 Authority Key Identifier:
                keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/UD4Rvlz5yWhUaXcgbnx6uCxv_Bs.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:1b80::/48

    Signature Algorithm: sha256WithRSAEncryption
         05:f8:5b:d0:3d:23:a5:03:38:e8:d9:4d:cd:d5:2a:fd:34:4e:
         81:43:2f:d5:42:8f:b0:b9:87:21:bf:ee:86:11:48:7d:26:20:
         dc:48:44:97:38:46:ed:43:c6:17:9d:e8:03:51:6d:38:e7:e3:
         35:29:21:e3:5e:80:8a:71:81:7b:34:f1:e1:fd:73:7f:05:49:
         58:1e:00:47:31:10:9a:f0:33:b6:0b:32:d5:35:4f:97:dd:5a:
         4e:88:11:11:83:68:6b:30:1c:8e:73:36:67:3b:0f:4a:31:1e:
         11:04:20:47:e8:c6:d2:4e:73:28:ff:f5:6a:9e:80:22:3f:78:
         43:d1:78:65:4f:98:bf:49:4c:e2:4b:e8:c1:05:5c:02:f2:00:
         d8:93:9d:a8:e7:c8:80:72:23:f8:2b:4a:93:09:2a:60:81:07:
         22:54:69:c5:8c:2c:00:52:3f:7f:40:e8:f2:a9:72:7d:8b:d5:
         10:0e:c3:57:fd:06:6b:ad:ef:74:3f:11:84:a1:53:19:e9:19:
         b4:85:b6:cc:1b:ad:f6:32:df:a7:20:e8:20:fd:e8:ab:6b:1a:
         4e:db:f1:e3:2c:35:1b:ef:77:5a:b2:37:e4:a8:20:09:fc:8d:
         a6:bc:3c:34:c5:dd:15:b8:f8:10:a0:43:ce:bd:20:87:ab:db:
         46:7d:a5:ae
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICDNgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDAzMTMw
MTIxNTZaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDUwM0UxMUJFNUNGOUM5
Njg1NDY5NzcyMDZFN0M3QUI4MkM2RkZDMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCroHvg6ZxV6EOSL/3NtJWOPpwF+q/s6vtU+OrzBzYQAM+1AljI
M28F84MZICFt25hOeCdS5GoIBPgdYFuoSRgvqhirnF67uNPc8S3JnCTY/U+60+6I
0dYO2qHYUvm3ObaZoaZGkxut79M/JrIyQOzUk37XSKIoAnl3ufJL45/DKsBq0XvD
BqCYYxmrDNhLc2DmGn/EcMoc+Plgws3C/XWiGxcb8cmOm0RCbUGcppj8ecbHijnn
3SdlHmPME/tbd9Qkvi/52s4fW5P0YGL7r7xGxIh6Li0Pvdv+kulEHXFwgY4CcdI6
b+XtNR6XFF4kka7E5oAguHhDKgzmsI+Yw2rRAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUUD4Rvlz5yWhUaXcgbnx6uCxv/BswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1VENFJ2bHo1eVdoVWFY
Y2dibng2dUN4dl9Ccy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAkAxuAAAAwDQYJKoZIhvcNAQELBQADggEBAAX4W9A9I6UDOOjZTc3VKv00ToFD
L9VCj7C5hyG/7oYRSH0mINxIRJc4Ru1Dxhed6ANRbTjn4zUpIeNegIpxgXs08eH9
c38FSVgeAEcxEJrwM7YLMtU1T5fdWk6IERGDaGswHI5zNmc7D0oxHhEEIEfoxtJO
cyj/9WqegCI/eEPReGVPmL9JTOJL6MEFXALyANiTnajnyIByI/grSpMJKmCBByJU
acWMLABSP39A6PKpcn2L1RAOw1f9Bmut73Q/EYShUxnpGbSFtswbrfYy36cg6CD9
6KtrGk7b8eMsNRvvd1qyN+SoIAn8jaa8PDTF3RW4+BCgQ869IIer20Z9pa4=
-----END CERTIFICATE-----
Generated at Fri Jun 7 03:29:12 2024 by rpki-client on console-fra.rpki-client.org