Route Origin Authorization

$ rpki-client -vvf rsync.rpki.tianhai.link/repo/TianhaiRpki/3/3130332e3135302e3137322e302f32332d3234203d3e203338303038.roa
File:                     3130332e3135302e3137322e302f32332d3234203d3e203338303038.roa (raw, json)
Hash identifier:          PVDMOTIHc0Ci+Izu7LqmiHEXNyVdYhr5+8jlMIJ0/ZQ=
Subject key identifier:   82:60:E4:A5:0E:23:92:4C:93:5E:5F:AD:B9:1B:52:D8:0A:B8:60:76
Certificate issuer:       /CN=A91F56750000/serialNumber=459D2B834A3BA08C0AA67C6E578146A8B1FE2C2F
Certificate serial:       3E1BF26A62699967487070C0B511E169AE129D1D
Authority key identifier: 45:9D:2B:83:4A:3B:A0:8C:0A:A6:7C:6E:57:81:46:A8:B1:FE:2C:2F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RZ0rg0o7oIwKpnxuV4FGqLH-LC8.cer
Subject info access:      rsync://rsync.rpki.tianhai.link/repo/TianhaiRpki/3/3130332e3135302e3137322e302f32332d3234203d3e203338303038.roa
Signing time:             Sat 04 May 2024 12:40:00 +0000
ROA not before:           Sat 04 May 2024 12:35:00 +0000
ROA not after:            Sat 03 May 2025 12:40:00 +0000
asID:                     38008
IP address blocks:        103.150.172.0/23 maxlen: 24

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:1b:f2:6a:62:69:99:67:48:70:70:c0:b5:11:e1:69:ae:12:9d:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F56750000/serialNumber=459D2B834A3BA08C0AA67C6E578146A8B1FE2C2F
        Validity
            Not Before: May  4 12:35:00 2024 GMT
            Not After : May  3 12:40:00 2025 GMT
        Subject: CN=8260E4A50E23924C935E5FADB91B52D80AB86076
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e5:26:10:6f:53:8b:66:a6:b8:b1:74:29:8a:
                    a3:4c:9c:37:2d:c6:b1:e0:6e:8b:73:07:20:c9:bd:
                    c9:53:33:f1:c8:6a:c7:98:93:2a:c5:f0:4f:49:36:
                    60:70:8e:a6:fc:3a:d0:fd:56:03:e9:68:50:74:5e:
                    02:b4:2b:e7:8c:ec:9c:7e:2b:23:95:1a:03:39:28:
                    c0:11:34:68:d4:53:bd:19:aa:06:8d:18:1a:88:6f:
                    cc:2e:d6:e8:04:f0:21:35:9d:ae:a8:2f:e1:49:92:
                    4d:f1:f9:dd:9c:72:22:0f:ee:11:e1:59:e9:62:45:
                    ea:5a:72:04:91:bc:c1:1a:b6:9d:10:e3:1f:6d:36:
                    2f:4f:36:17:dd:54:27:c5:8f:bd:31:bf:a0:40:6f:
                    c0:d4:cb:99:24:a9:83:ae:c6:52:81:67:ac:5d:c5:
                    d3:70:93:2c:13:23:64:38:3b:2a:7b:e0:3e:fd:f2:
                    c0:80:e9:63:7b:9b:06:5c:91:ed:81:f6:d1:2d:f5:
                    4e:49:0e:fc:b4:76:14:54:c9:60:98:c8:88:ab:e7:
                    33:8e:b9:0b:b3:66:3b:3a:77:e7:5a:b0:38:96:d0:
                    2f:37:54:01:f0:c9:68:d3:e6:a3:e0:15:4e:02:45:
                    7d:5f:db:1b:f4:db:7f:63:29:a2:6f:25:c9:6f:f9:
                    fa:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:60:E4:A5:0E:23:92:4C:93:5E:5F:AD:B9:1B:52:D8:0A:B8:60:76
            X509v3 Authority Key Identifier:
                keyid:45:9D:2B:83:4A:3B:A0:8C:0A:A6:7C:6E:57:81:46:A8:B1:FE:2C:2F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rpki.tianhai.link/repo/TianhaiRpki/3/459D2B834A3BA08C0AA67C6E578146A8B1FE2C2F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RZ0rg0o7oIwKpnxuV4FGqLH-LC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rpki.tianhai.link/repo/TianhaiRpki/3/3130332e3135302e3137322e302f32332d3234203d3e203338303038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.150.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         97:24:fc:53:a9:95:79:f4:e2:ae:96:33:f7:9e:d6:50:52:6a:
         07:a3:82:27:48:66:f2:62:2d:8e:08:6c:2c:8a:1e:0d:eb:25:
         e1:bd:31:16:17:bd:20:74:8f:e1:67:8b:9a:85:0a:ce:2d:a6:
         c1:47:22:3b:7b:78:ce:d5:34:32:ac:2a:06:5d:39:95:c2:fb:
         a2:fb:85:22:56:90:28:66:b1:17:e2:58:82:e4:10:b7:e0:66:
         08:05:2b:be:0a:4e:fb:00:4a:53:3c:0a:58:5f:ee:39:db:a6:
         b1:73:7f:4a:84:cd:b9:24:f9:c1:fd:d4:8d:91:67:29:6e:b7:
         48:e9:91:14:cb:a4:0f:c7:72:ec:69:a2:4b:f3:aa:bc:24:62:
         ac:71:0a:0c:7d:a8:20:52:ce:6c:28:17:de:34:09:2a:ff:e0:
         ef:c6:91:6b:09:0d:6d:f8:c2:21:4f:da:57:23:b6:14:56:88:
         8a:0b:57:f2:99:0d:7b:df:30:f3:33:b5:fc:de:82:7d:77:5e:
         71:6a:a2:ff:ad:c2:43:ad:32:43:0f:df:a4:2d:a3:36:f4:1b:
         b9:92:b4:a2:27:c0:51:7e:3b:73:fd:3f:7e:df:06:ec:b4:23:
         3b:75:dc:94:08:d8:98:f8:dd:59:42:ef:66:12:9f:85:6a:7c:
         4d:29:08:a5
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUPhvyamJpmWdIcHDAtRHhaa4SnR0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjU2NzUwMDAwMTEwLwYDVQQFEyg0NTlEMkI4MzRB
M0JBMDhDMEFBNjdDNkU1NzgxNDZBOEIxRkUyQzJGMB4XDTI0MDUwNDEyMzUwMFoX
DTI1MDUwMzEyNDAwMFowMzExMC8GA1UEAxMoODI2MEU0QTUwRTIzOTI0QzkzNUU1
RkFEQjkxQjUyRDgwQUI4NjA3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLlJhBvU4tmprixdCmKo0ycNy3GseBui3MHIMm9yVMz8chqx5iTKsXwT0k2
YHCOpvw60P1WA+loUHReArQr54zsnH4rI5UaAzkowBE0aNRTvRmqBo0YGohvzC7W
6ATwITWdrqgv4UmSTfH53ZxyIg/uEeFZ6WJF6lpyBJG8wRq2nRDjH202L082F91U
J8WPvTG/oEBvwNTLmSSpg67GUoFnrF3F03CTLBMjZDg7KnvgPv3ywIDpY3ubBlyR
7YH20S31TkkO/LR2FFTJYJjIiKvnM465C7NmOzp351qwOJbQLzdUAfDJaNPmo+AV
TgJFfV/bG/Tbf2Mpom8lyW/5+hMCAwEAAaOCAg8wggILMB0GA1UdDgQWBBSCYOSl
DiOSTJNeX625G1LYCrhgdjAfBgNVHSMEGDAWgBRFnSuDSjugjAqmfG5XgUaosf4s
LzAOBgNVHQ8BAf8EBAMCB4AwcAYDVR0fBGkwZzBloGOgYYZfcnN5bmM6Ly9yc3lu
Yy5ycGtpLnRpYW5oYWkubGluay9yZXBvL1RpYW5oYWlScGtpLzMvNDU5RDJCODM0
QTNCQTA4QzBBQTY3QzZFNTc4MTQ2QThCMUZFMkMyRi5jcmwwfgYIKwYBBQUHAQEE
cjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRv
cnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUlowcmcwbzdvSXdL
cG54dVY0RkdxTEgtTEM4LmNlcjCBiwYIKwYBBQUHAQsEfzB9MHsGCCsGAQUFBzAL
hm9yc3luYzovL3JzeW5jLnJwa2kudGlhbmhhaS5saW5rL3JlcG8vVGlhbmhhaVJw
a2kvMy8zMTMwMzMyZTMxMzUzMDJlMzEzNzMyMmUzMDJmMzIzMzJkMzIzNDIwM2Qz
ZTIwMzMzODMwMzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeWrDANBgkqhkiG9w0BAQsFAAOCAQEA
lyT8U6mVefTirpYz957WUFJqB6OCJ0hm8mItjghsLIoeDesl4b0xFhe9IHSP4WeL
moUKzi2mwUciO3t4ztU0MqwqBl05lcL7ovuFIlaQKGaxF+JYguQQt+BmCAUrvgpO
+wBKUzwKWF/uOdumsXN/SoTNuST5wf3UjZFnKW63SOmRFMukD8dy7GmiS/OqvCRi
rHEKDH2oIFLObCgX3jQJKv/g78aRawkNbfjCIU/aVyO2FFaIigtX8pkNe98w8zO1
/N6CfXdecWqi/63CQ60yQw/fpC2jNvQbuZK0oifAUX47c/0/ft8G7LQjO3XclAjY
mPjdWULvZhKfhWp8TSkIpQ==
-----END CERTIFICATE-----
Generated at Sun Oct 20 08:59:03 2024 by rpki-client on console-ams.rpki-client.org