Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/29f7b931-4c3f-4df8-99cd-a873d992e0a0/9a6fc76f0a59237f521da104c98a75d673ad8357.roa
File:                     9a6fc76f0a59237f521da104c98a75d673ad8357.roa (raw, json)
Hash identifier:          SbQiBlgfU5FfhcHiwc2I+BmbkF5e0VlS8BJMr6cF2bg=
Subject key identifier:   47:FF:16:C4:73:26:28:C4:89:D5:EA:EC:52:D3:8E:34:8A:83:85:14
Certificate issuer:       /CN=53fe257dcf8bca4ea5c613680400a9cf495caccb
Certificate serial:       1FF82B
Authority key identifier: C8:65:04:76:5F:5B:06:AB:B5:EC:85:2C:4C:F1:85:76:5A:88:98:66
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/53fe257dcf8bca4ea5c613680400a9cf495caccb.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/29f7b931-4c3f-4df8-99cd-a873d992e0a0/9a6fc76f0a59237f521da104c98a75d673ad8357.roa
Signing time:             Wed 26 Apr 2023 15:13:57 +0000
ROA not before:           Tue 25 Apr 2023 15:13:57 +0000
ROA not after:            Sat 26 Apr 2025 15:13:57 +0000
asID:                     262168
IP address blocks:        138.117.160.0/22 maxlen: 22
                          138.117.160.0/24 maxlen: 24
                          138.117.161.0/24 maxlen: 24
                          138.117.162.0/24 maxlen: 24
                          138.117.163.0/24 maxlen: 24
                          179.49.64.0/21 maxlen: 21
                          179.49.64.0/24 maxlen: 24
                          179.49.65.0/24 maxlen: 24
                          179.49.66.0/24 maxlen: 24
                          179.49.67.0/24 maxlen: 24
                          179.49.68.0/24 maxlen: 24
                          179.49.69.0/24 maxlen: 24
                          179.49.70.0/24 maxlen: 24
                          179.49.71.0/24 maxlen: 24
                          200.115.20.0/24 maxlen: 24
                          200.115.21.0/24 maxlen: 24
                          200.115.23.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2095147 (0x1ff82b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53fe257dcf8bca4ea5c613680400a9cf495caccb
        Validity
            Not Before: Apr 25 15:13:57 2023 GMT
            Not After : Apr 26 15:13:57 2025 GMT
        Subject: CN=9a6fc76f0a59237f521da104c98a75d673ad8357
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d5:ba:7a:80:49:da:f2:3a:0c:eb:ea:9a:17:
                    b8:86:6f:a8:59:8e:38:bc:3d:ad:73:09:28:ee:fc:
                    a7:da:26:41:c2:a2:b9:88:d1:21:5c:5b:46:c4:b3:
                    2a:61:c7:ac:85:93:0d:f0:ef:c3:7a:de:6d:e5:56:
                    ec:4b:b9:ab:7e:02:2e:f8:5a:52:71:fc:af:cc:2b:
                    f8:11:88:08:2c:6d:15:d7:4c:ab:f8:51:55:b4:f5:
                    fb:4c:5c:b0:9f:43:be:5e:c3:8d:b1:87:6c:19:b7:
                    19:b9:9b:27:ca:69:a8:9c:d4:d2:bd:c9:d7:0a:56:
                    c3:0b:26:71:80:3c:e3:ce:2f:d3:35:41:19:29:8b:
                    2d:88:87:ff:10:55:57:07:b5:31:e6:4a:aa:53:19:
                    31:03:51:5a:ee:84:9d:1f:cd:89:c0:a7:2b:af:ac:
                    55:27:67:49:52:9a:a7:31:2c:85:f0:1b:99:7c:fc:
                    0b:10:58:81:94:a8:26:f5:99:d6:1f:c1:46:33:18:
                    5b:1f:17:4e:a5:a0:0d:1f:30:7d:00:ba:81:42:c2:
                    10:11:e0:3a:ae:9d:f7:42:0e:3b:a9:8d:86:9d:15:
                    20:0a:78:0e:1e:4d:59:49:6f:c8:c7:35:99:c2:72:
                    ee:89:d4:58:d4:6b:46:3e:d1:50:f5:c3:9b:c7:ce:
                    86:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:FF:16:C4:73:26:28:C4:89:D5:EA:EC:52:D3:8E:34:8A:83:85:14
            X509v3 Authority Key Identifier:
                keyid:C8:65:04:76:5F:5B:06:AB:B5:EC:85:2C:4C:F1:85:76:5A:88:98:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/53fe257dcf8bca4ea5c613680400a9cf495caccb.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/29f7b931-4c3f-4df8-99cd-a873d992e0a0/9a6fc76f0a59237f521da104c98a75d673ad8357.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/29f7b931-4c3f-4df8-99cd-a873d992e0a0/53fe257dcf8bca4ea5c613680400a9cf495caccb.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.117.160.0/22
                  179.49.64.0/21
                  200.115.20.0/23
                  200.115.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:14:7d:b0:5b:65:5f:d0:51:7e:6e:6e:7d:0a:e4:1e:9c:bc:
         63:f1:ea:5d:6e:8e:a9:35:8b:56:41:9f:2c:39:d8:a6:37:2c:
         85:63:0c:48:08:48:4f:80:07:26:b5:f0:14:70:a4:0f:5d:9f:
         6e:22:cd:48:84:e9:0e:4f:cc:e5:1c:78:4b:ae:12:75:61:49:
         53:5a:47:70:c9:86:ca:70:78:65:50:52:15:39:a3:12:82:c0:
         92:5f:b5:b6:dd:e4:c3:5f:44:af:70:e1:40:cc:04:ca:bf:d0:
         94:c7:57:ca:b1:42:86:97:f3:88:a8:85:a3:94:3f:12:58:b1:
         03:95:24:88:0a:ea:9d:51:ba:d2:63:88:3e:b3:ef:c1:19:13:
         2d:00:ba:9f:7b:33:9a:2c:63:a2:7e:1d:e0:85:0d:b3:34:3c:
         ae:5a:7b:1f:c3:78:c6:99:ce:75:2b:48:c2:a8:33:50:d5:95:
         5a:2e:59:f1:81:b2:a8:99:a6:07:5b:25:34:ca:7f:74:8d:b5:
         9c:4e:4b:ff:6f:b7:0b:07:3b:2f:e9:df:45:37:72:75:c7:d9:
         96:6a:41:36:e7:18:5d:9f:69:92:98:ff:53:a4:04:b9:83:07:
         6b:d8:e5:08:57:fb:bc:93:58:44:37:ab:6d:1e:89:3d:28:f9:
         87:ac:b0:62
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIDH/grMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUz
ZmUyNTdkY2Y4YmNhNGVhNWM2MTM2ODA0MDBhOWNmNDk1Y2FjY2IwHhcNMjMwNDI1
MTUxMzU3WhcNMjUwNDI2MTUxMzU3WjAzMTEwLwYDVQQDEyg5YTZmYzc2ZjBhNTky
MzdmNTIxZGExMDRjOThhNzVkNjczYWQ4MzU3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAldW6eoBJ2vI6DOvqmhe4hm+oWY44vD2tcwko7vyn2iZBwqK5
iNEhXFtGxLMqYceshZMN8O/Det5t5VbsS7mrfgIu+FpScfyvzCv4EYgILG0V10yr
+FFVtPX7TFywn0O+XsONsYdsGbcZuZsnymmonNTSvcnXClbDCyZxgDzjzi/TNUEZ
KYstiIf/EFVXB7Ux5kqqUxkxA1Fa7oSdH82JwKcrr6xVJ2dJUpqnMSyF8BuZfPwL
EFiBlKgm9ZnWH8FGMxhbHxdOpaANHzB9ALqBQsIQEeA6rp33Qg47qY2GnRUgCngO
Hk1ZSW/IxzWZwnLuidRY1GtGPtFQ9cObx86GuwIDAQABo4ICbTCCAmkwHQYDVR0O
BBYEFEf/FsRzJijEidXq7FLTjjSKg4UUMB8GA1UdIwQYMBaAFMhlBHZfWwarteyF
LEzxhXZaiJhmMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTNmZTI1
N2RjZjhiY2E0ZWE1YzYxMzY4MDQwMGE5Y2Y0OTVjYWNjYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjlmN2I5MzEtNGMzZi00ZGY4LTk5Y2QtYTg3M2Q5
OTJlMGEwLzlhNmZjNzZmMGE1OTIzN2Y1MjFkYTEwNGM5OGE3NWQ2NzNhZDgzNTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yOWY3YjkzMS00YzNmLTRkZjgtOTljZC1hODcz
ZDk5MmUwYTAvNTNmZTI1N2RjZjhiY2E0ZWE1YzYxMzY4MDQwMGE5Y2Y0OTVjYWNj
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQi
MCAwHgQCAAEwGAMEAop1oAMEA7MxQAMEAchzFAMEAMhzFzANBgkqhkiG9w0BAQsF
AAOCAQEAihR9sFtlX9BRfm5ufQrkHpy8Y/HqXW6OqTWLVkGfLDnYpjcshWMMSAhI
T4AHJrXwFHCkD12fbiLNSITpDk/M5Rx4S64SdWFJU1pHcMmGynB4ZVBSFTmjEoLA
kl+1tt3kw19Er3DhQMwEyr/QlMdXyrFChpfziKiFo5Q/ElixA5UkiArqnVG60mOI
PrPvwRkTLQC6n3szmixjon4d4IUNszQ8rlp7H8N4xpnOdStIwqgzUNWVWi5Z8YGy
qJmmB1slNMp/dI21nE5L/2+3Cwc7L+nfRTdydcfZlmpBNucYXZ9pkpj/U6QEuYMH
a9jlCFf7vJNYRDerbR6JPSj5h6ywYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:25 2024 by rpki-client on console-fra.rpki-client.org