Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9EF3/2519CDF0492311EAA069A566C4F9AE02/82C388B8492511EAB59F4F6EC4F9AE02.roa
File:                     82C388B8492511EAB59F4F6EC4F9AE02.roa (raw, json)
Hash identifier:          DJ5UPh4W8eU78pV9FNPBPxM5RGyD7+r3WrHHI7kvMUo=
Subject key identifier:   56:DF:52:85:FC:E0:C9:6F:86:5B:03:41:7D:0F:C5:B3:F2:46:1E:FD
Certificate issuer:       /CN=A91B9EF3/serialNumber=F6CB2E8EBC7A892BFA15C447B39824A058C755AE
Certificate serial:       0A90
Authority key identifier: F6:CB:2E:8E:BC:7A:89:2B:FA:15:C4:47:B3:98:24:A0:58:C7:55:AE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9ssujrx6iSv6FcRHs5gkoFjHVa4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B9EF3/2519CDF0492311EAA069A566C4F9AE02/82C388B8492511EAB59F4F6EC4F9AE02.roa
Signing time:             Tue 26 Nov 2024 19:28:28 +0000
ROA not before:           Tue 26 Nov 2024 19:28:28 +0000
ROA not after:            Sat 31 Jan 2026 00:00:00 +0000
asID:                     45164
IP address blocks:        202.36.163.0/24 maxlen: 24
                          202.49.72.0/22 maxlen: 22
                          202.49.72.0/24 maxlen: 24
                          202.49.73.0/24 maxlen: 24
                          202.49.74.0/24 maxlen: 24
                          202.49.75.0/24 maxlen: 24
                          2001:df5:b000::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2704 (0xa90)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B9EF3/serialNumber=F6CB2E8EBC7A892BFA15C447B39824A058C755AE
        Validity
            Not Before: Nov 26 19:28:28 2024 GMT
            Not After : Jan 31 00:00:00 2026 GMT
        Subject: CN=6746215c-16fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:5e:e7:f0:f7:5d:ce:3e:98:43:e1:65:ff:92:
                    29:6b:69:dd:30:ed:46:75:4c:72:fa:0f:a8:07:e2:
                    05:ba:03:84:43:c9:ef:2f:e4:c6:ff:7a:22:1f:5c:
                    fe:cf:14:e3:fb:10:96:1e:47:8c:ef:00:22:4a:c8:
                    bd:9c:1e:b5:96:8e:ec:71:ee:95:6e:1c:72:16:21:
                    ca:47:ec:1e:f2:6b:8b:2f:38:ac:03:de:d0:80:cb:
                    bd:34:91:e5:3f:2c:da:5b:29:22:7e:8a:45:fd:23:
                    f3:1b:14:ba:a7:54:e7:b3:e0:92:50:38:4a:82:02:
                    ca:c6:48:8a:fa:8a:a7:97:32:43:e0:7a:6a:02:74:
                    44:ff:19:ad:81:51:e2:f9:fd:e1:02:4a:76:6b:37:
                    b5:55:07:13:ab:7c:2b:5f:ba:d2:5b:9c:58:5a:96:
                    76:55:d5:2d:cb:92:e0:84:0a:cb:73:48:34:9c:7c:
                    48:f7:6e:a8:8c:a9:58:e1:12:f9:18:0a:7b:44:6c:
                    75:06:f1:52:93:2d:f1:31:b3:b9:d8:3b:67:ed:59:
                    ef:70:5a:a9:dc:8d:44:78:12:3d:f1:cf:92:4d:b8:
                    1b:03:e4:0b:1b:bb:30:b1:f5:d1:2e:57:0c:0c:65:
                    f8:bd:34:58:26:56:f1:31:f4:d7:7b:14:87:f6:d6:
                    15:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:DF:52:85:FC:E0:C9:6F:86:5B:03:41:7D:0F:C5:B3:F2:46:1E:FD
            X509v3 Authority Key Identifier:
                keyid:F6:CB:2E:8E:BC:7A:89:2B:FA:15:C4:47:B3:98:24:A0:58:C7:55:AE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B9EF3/2519CDF0492311EAA069A566C4F9AE02/9ssujrx6iSv6FcRHs5gkoFjHVa4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9ssujrx6iSv6FcRHs5gkoFjHVa4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9EF3/2519CDF0492311EAA069A566C4F9AE02/82C388B8492511EAB59F4F6EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.36.163.0/24
                  202.49.72.0/22
                IPv6:
                  2001:df5:b000::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:05:79:94:b3:b6:8a:d2:7b:e6:f6:0c:f5:36:9b:3f:56:64:
         d4:17:e9:37:6a:f7:36:9b:c6:9d:cc:84:46:e9:4d:92:49:9a:
         ab:41:50:82:6a:80:11:a7:ad:ad:dd:9a:b1:00:f8:f2:4e:36:
         78:25:6a:fe:82:b3:01:1f:c6:9c:df:a4:62:d0:5c:ea:50:f8:
         bf:86:0b:31:0d:ad:a1:c0:6a:cb:0e:ef:38:25:c9:fe:4d:99:
         b8:5e:1f:c8:88:e7:e8:59:73:da:e0:e3:e6:11:72:1c:36:de:
         86:6a:3f:dd:c6:57:92:15:a2:a7:08:1c:a0:dc:cd:91:a8:ff:
         6a:51:fd:73:28:90:0a:54:f8:48:21:90:b4:4a:10:71:4e:ce:
         4c:4f:fc:9d:4e:17:d1:92:0a:94:9f:a5:93:d5:7e:5b:6a:fd:
         6f:c7:1a:3f:ce:14:e2:5b:6e:1d:44:49:f6:6d:e2:e3:d2:cc:
         a8:fc:02:c0:eb:97:35:2c:dd:56:17:c5:43:6f:70:a3:e4:f1:
         09:6b:9b:3c:4b:85:9a:68:cb:4c:5f:91:dc:dd:29:df:df:cf:
         a9:65:81:37:f4:ae:05:2e:3a:f3:c0:5e:b3:b7:52:90:ce:cf:
         85:55:a7:31:a0:f1:04:65:29:ef:69:8b:e8:8e:a4:31:06:3a:
         7a:9e:97:01
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICCpAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlFRjMxMTAvBgNVBAUTKEY2Q0IyRThFQkM3QTg5MkJGQTE1QzQ0N0IzOTgyNEEw
NThDNzU1QUUwHhcNMjQxMTI2MTkyODI4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ2MjE1Yy0xNmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoF7n8Pddzj6YQ+Fl/5Ipa2ndMO1GdUxy+g+oB+IFugOEQ8nvL+TG/3oiH1z+
zxTj+xCWHkeM7wAiSsi9nB61lo7sce6VbhxyFiHKR+we8muLLzisA97QgMu9NJHl
PyzaWykifopF/SPzGxS6p1Tns+CSUDhKggLKxkiK+oqnlzJD4HpqAnRE/xmtgVHi
+f3hAkp2aze1VQcTq3wrX7rSW5xYWpZ2VdUty5LghArLc0g0nHxI926ojKlY4RL5
GAp7RGx1BvFSky3xMbO52Dtn7VnvcFqp3I1EeBI98c+STbgbA+QLG7swsfXRLlcM
DGX4vTRYJlbxMfTXexSH9tYV2QIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFFbfUoX8
4MlvhlsDQX0PxbPyRh79MB8GA1UdIwQYMBaAFPbLLo68eokr+hXER7OYJKBYx1Wu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUVGMy8yNTE5Q0RGMDQ5
MjMxMUVBQTA2OUE1NjZDNEY5QUUwMi85c3N1anJ4NmlTdjZGY1JIczVna29GakhW
YTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlzc3Vqcng2aVN2NkZjUkhzNWdrb0ZqSFZhNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlFRjMvMjUxOUNERjA0OTIzMTFFQUEwNjlBNTY2QzRGOUFFMDIvODJDMzg4Qjg0
OTI1MTFFQUI1OUY0RjZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBADKJKMDBALKMUgwDwQCAAIwCQMHACABDfWwADANBgkqhkiG
9w0BAQsFAAOCAQEAeQV5lLO2itJ75vYM9TabP1Zk1BfpN2r3NpvGncyERulNkkma
q0FQgmqAEaetrd2asQD48k42eCVq/oKzAR/GnN+kYtBc6lD4v4YLMQ2tocBqyw7v
OCXJ/k2ZuF4fyIjn6Flz2uDj5hFyHDbehmo/3cZXkhWipwgcoNzNkaj/alH9cyiQ
ClT4SCGQtEoQcU7OTE/8nU4X0ZIKlJ+lk9V+W2r9b8caP84U4ltuHURJ9m3i49LM
qPwCwOuXNSzdVhfFQ29wo+TxCWubPEuFmmjLTF+R3N0p39/PqWWBN/SuBS4688Be
s7dSkM7PhVWnMaDxBGUp72mL6I6kMQY6ep6XAQ==
-----END CERTIFICATE-----