Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3b358a31-34fb-4033-ab79-bca7803844b0/23c68870756abece1493dcab2aa81e8eb964ec3c.roa
File:                     23c68870756abece1493dcab2aa81e8eb964ec3c.roa (raw, json)
Hash identifier:          AI3peajMqRMXIHw5QsbGjnA+VkwA9UeqOoNj3C78bto=
Subject key identifier:   E4:00:97:86:8E:2E:46:3E:42:4F:3E:87:EB:A4:01:59:80:EC:7B:E1
Certificate issuer:       /CN=ba1dbe9d5589464b94c771e420a4b5a5d8eaaff5
Certificate serial:       0116E1
Authority key identifier: 23:11:D2:26:9B:C6:31:48:DC:31:90:2B:14:1A:21:92:0A:05:6D:E7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ba1dbe9d5589464b94c771e420a4b5a5d8eaaff5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3b358a31-34fb-4033-ab79-bca7803844b0/23c68870756abece1493dcab2aa81e8eb964ec3c.roa
Signing time:             Fri 26 Jan 2024 19:56:07 +0000
ROA not before:           Fri 26 Jan 2024 19:56:06 +0000
ROA not after:            Mon 26 Jan 2026 19:56:06 +0000
asID:                     266771
IP address blocks:        45.166.72.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 71393 (0x116e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba1dbe9d5589464b94c771e420a4b5a5d8eaaff5
        Validity
            Not Before: Jan 26 19:56:06 2024 GMT
            Not After : Jan 26 19:56:06 2026 GMT
        Subject: CN=23c68870756abece1493dcab2aa81e8eb964ec3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:5f:76:de:c2:55:2e:a7:cd:3c:0a:86:8c:58:
                    ef:72:c0:72:cf:e3:bf:90:b0:58:21:6f:9a:ac:64:
                    92:21:a5:78:02:e5:db:65:28:a0:8f:e7:1e:bf:7f:
                    c9:ed:64:a1:b4:24:a0:43:f4:d5:b2:48:60:b7:53:
                    3c:28:50:52:78:ac:e3:57:0c:b1:ca:7f:94:a3:30:
                    d5:ee:78:06:fc:d8:97:eb:ca:6c:e7:2a:5b:2c:21:
                    b3:ec:3a:68:95:0a:2a:49:26:4a:e4:1c:27:02:d8:
                    01:d3:94:f2:d7:e8:b9:2e:41:05:e3:9c:b9:a4:40:
                    5b:3f:c8:19:58:fa:cf:e1:c0:ff:11:84:1f:fe:4d:
                    fb:e0:68:f5:9d:a0:ea:ee:62:2c:78:58:a7:14:40:
                    50:e2:12:8d:0c:d4:0e:ab:d7:e1:b4:14:f3:8b:70:
                    23:93:bc:80:62:0a:76:b5:47:5d:ae:8e:dc:8e:d4:
                    af:21:1e:87:91:dc:f2:9c:5f:a2:fb:fe:82:7d:68:
                    40:8b:74:b5:cb:14:80:cf:5b:9c:22:8b:0a:ae:31:
                    04:52:51:57:f3:a9:de:79:fc:91:f9:aa:83:3b:bd:
                    6b:c2:30:1e:18:7e:4a:b6:1b:66:bb:c7:05:3a:94:
                    a4:d4:0d:93:9f:11:96:17:00:52:bd:f4:8c:e3:3b:
                    0e:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:00:97:86:8E:2E:46:3E:42:4F:3E:87:EB:A4:01:59:80:EC:7B:E1
            X509v3 Authority Key Identifier:
                keyid:23:11:D2:26:9B:C6:31:48:DC:31:90:2B:14:1A:21:92:0A:05:6D:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ba1dbe9d5589464b94c771e420a4b5a5d8eaaff5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3b358a31-34fb-4033-ab79-bca7803844b0/23c68870756abece1493dcab2aa81e8eb964ec3c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3b358a31-34fb-4033-ab79-bca7803844b0/ba1dbe9d5589464b94c771e420a4b5a5d8eaaff5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.166.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:5b:a4:64:51:ff:0e:b9:bb:aa:fa:04:2d:5b:93:90:e9:b3:
         c0:f1:55:d1:84:4f:b9:86:38:ea:41:50:4f:aa:cf:94:9f:90:
         b7:97:c3:e4:d0:b5:cf:8b:7e:23:6c:b1:63:9f:1d:5c:32:8c:
         31:d2:78:a8:15:ce:c4:38:a3:59:70:5b:f6:86:50:78:1e:6b:
         d0:24:39:c9:d2:db:6a:1e:15:75:8d:8b:86:6b:57:ba:c9:f4:
         ba:3d:38:ca:7a:78:9b:a0:6f:6f:ba:d2:86:38:c2:a6:ab:a7:
         65:ed:f4:72:98:27:1b:bc:5f:a0:00:7d:5f:3f:ed:7d:75:c2:
         3b:e9:9c:48:27:34:c2:26:10:7f:62:62:10:95:37:23:fc:ae:
         3d:c9:d5:d5:a2:13:04:10:b6:ba:62:12:25:8d:4c:f0:e0:89:
         5c:18:8c:ae:40:ae:13:dc:cc:d3:b1:c6:b8:e8:9b:f2:4c:38:
         21:36:15:05:d9:2e:d7:97:81:24:08:05:37:7b:5b:2c:9e:63:
         83:12:bc:4d:b1:11:34:48:09:44:fa:ab:ae:03:9b:d0:e9:23:
         76:2c:35:c1:ba:98:df:5f:cc:d5:b4:f4:c8:09:fb:c6:67:96:
         19:1d:f0:63:8f:59:c3:a5:a1:a0:41:28:75:1f:bf:57:34:2a:
         cc:92:62:2a
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDARbhMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJh
MWRiZTlkNTU4OTQ2NGI5NGM3NzFlNDIwYTRiNWE1ZDhlYWFmZjUwHhcNMjQwMTI2
MTk1NjA2WhcNMjYwMTI2MTk1NjA2WjAzMTEwLwYDVQQDEygyM2M2ODg3MDc1NmFi
ZWNlMTQ5M2RjYWIyYWE4MWU4ZWI5NjRlYzNjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhV923sJVLqfNPAqGjFjvcsByz+O/kLBYIW+arGSSIaV4AuXb
ZSigj+cev3/J7WShtCSgQ/TVskhgt1M8KFBSeKzjVwyxyn+UozDV7ngG/NiX68ps
5ypbLCGz7DpolQoqSSZK5BwnAtgB05Ty1+i5LkEF45y5pEBbP8gZWPrP4cD/EYQf
/k374Gj1naDq7mIseFinFEBQ4hKNDNQOq9fhtBTzi3Ajk7yAYgp2tUddro7cjtSv
IR6HkdzynF+i+/6CfWhAi3S1yxSAz1ucIosKrjEEUlFX86neefyR+aqDO71rwjAe
GH5Kthtmu8cFOpSk1A2TnxGWFwBSvfSM4zsOTQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOQAl4aOLkY+Qk8+h+ukAVmA7HvhMB8GA1UdIwQYMBaAFCMR0iabxjFI3DGQ
KxQaIZIKBW3nMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmExZGJl
OWQ1NTg5NDY0Yjk0Yzc3MWU0MjBhNGI1YTVkOGVhYWZmNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvM2IzNThhMzEtMzRmYi00MDMzLWFiNzktYmNhNzgw
Mzg0NGIwLzIzYzY4ODcwNzU2YWJlY2UxNDkzZGNhYjJhYTgxZThlYjk2NGVjM2Mu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zYjM1OGEzMS0zNGZiLTQwMzMtYWI3OS1iY2E3
ODAzODQ0YjAvYmExZGJlOWQ1NTg5NDY0Yjk0Yzc3MWU0MjBhNGI1YTVkOGVhYWZm
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC2mSDANBgkqhkiG9w0BAQsFAAOCAQEAQFukZFH/Drm7qvoE
LVuTkOmzwPFV0YRPuYY46kFQT6rPlJ+Qt5fD5NC1z4t+I2yxY58dXDKMMdJ4qBXO
xDijWXBb9oZQeB5r0CQ5ydLbah4VdY2LhmtXusn0uj04ynp4m6Bvb7rShjjCpqun
Ze30cpgnG7xfoAB9Xz/tfXXCO+mcSCc0wiYQf2JiEJU3I/yuPcnV1aITBBC2umIS
JY1M8OCJXBiMrkCuE9zM07HGuOib8kw4ITYVBdku15eBJAgFN3tbLJ5jgxK8TbER
NEgJRPqrrgOb0Okjdiw1wbqY31/M1bT0yAn7xmeWGR3wY49Zw6WhoEEodR+/VzQq
zJJiKg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:27 2024 by rpki-client on console-fra.rpki-client.org