Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0299cbc8-a693-4889-aba2-8f4f9c51b5d3/d88d0c4ea593677d8c8bd158704cca3f95c3e584.roa
File:                     d88d0c4ea593677d8c8bd158704cca3f95c3e584.roa (raw, json)
Hash identifier:          OGxuVYqrMZKbGkR8gbPFKR/ylLZaGDW3gBt+yDSGqkY=
Subject key identifier:   AE:ED:E2:A1:DD:F9:F7:A3:E5:13:34:7E:6C:70:C4:E6:55:8B:65:3E
Certificate issuer:       /CN=9e7a5fab05d84621ad4b78ccf141868a98875d29
Certificate serial:       281863
Authority key identifier: 6E:4A:37:C8:01:68:41:93:FF:F7:E0:63:E3:9D:2C:C9:C5:B5:79:11
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e7a5fab05d84621ad4b78ccf141868a98875d29.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0299cbc8-a693-4889-aba2-8f4f9c51b5d3/d88d0c4ea593677d8c8bd158704cca3f95c3e584.roa
Signing time:             Wed 06 Mar 2024 07:19:15 +0000
ROA not before:           Wed 06 Mar 2024 07:19:15 +0000
ROA not after:            Fri 06 Mar 2026 07:19:15 +0000
asID:                     265524
IP address blocks:        45.231.40.0/22 maxlen: 24
                          131.196.248.0/22 maxlen: 24
                          160.20.172.0/22 maxlen: 24
                          170.80.28.0/22 maxlen: 24
                          170.254.88.0/22 maxlen: 24
                          177.152.48.0/22 maxlen: 24
                          179.0.196.0/22 maxlen: 24
                          181.191.244.0/22 maxlen: 24
                          181.191.248.0/22 maxlen: 24
                          181.191.252.0/22 maxlen: 24
                          192.141.124.0/22 maxlen: 24
                          201.182.20.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2627683 (0x281863)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e7a5fab05d84621ad4b78ccf141868a98875d29
        Validity
            Not Before: Mar  6 07:19:15 2024 GMT
            Not After : Mar  6 07:19:15 2026 GMT
        Subject: CN=d88d0c4ea593677d8c8bd158704cca3f95c3e584
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:a0:1b:79:ae:dd:da:d8:93:d0:a3:a2:d6:8a:
                    22:1d:7e:b3:7f:3a:1a:3d:3b:15:7e:d3:0d:6a:01:
                    fe:bf:05:b9:2b:17:cc:c4:52:cc:47:22:3a:cb:19:
                    ea:7a:5d:f7:9a:82:c8:d9:42:25:ca:bb:5c:a5:ec:
                    f1:1e:60:4d:f8:e0:54:3b:32:0c:93:4b:4c:e2:9b:
                    1b:f6:bb:2f:87:2b:43:ee:35:b4:61:cf:44:be:49:
                    24:89:0e:e6:e9:de:68:e9:ac:55:19:93:8c:c9:58:
                    9d:4c:bd:3b:fb:2d:49:63:63:49:cb:b6:62:83:6e:
                    f2:1f:a3:a3:68:5e:40:fd:6f:52:56:b6:3f:dc:30:
                    22:16:b7:ae:98:60:29:ce:a2:80:18:19:26:49:73:
                    f7:de:ac:3e:5e:98:61:bb:c6:0c:18:97:c7:63:ed:
                    c3:ad:f6:5e:46:3c:98:f5:82:a3:93:d5:0d:43:b7:
                    29:9a:0c:92:7d:d4:ef:b5:da:6f:e2:b5:45:8a:78:
                    7a:94:c3:46:0e:ae:59:52:9b:82:66:31:95:8f:ec:
                    32:d7:ad:25:bc:b6:88:17:20:b2:7a:40:7f:e4:5c:
                    c0:25:ac:08:7e:37:21:51:a7:20:5c:1b:b2:b6:32:
                    0f:53:33:84:15:b3:17:0a:8b:18:ee:5f:e9:3e:e2:
                    a6:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:ED:E2:A1:DD:F9:F7:A3:E5:13:34:7E:6C:70:C4:E6:55:8B:65:3E
            X509v3 Authority Key Identifier:
                keyid:6E:4A:37:C8:01:68:41:93:FF:F7:E0:63:E3:9D:2C:C9:C5:B5:79:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e7a5fab05d84621ad4b78ccf141868a98875d29.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0299cbc8-a693-4889-aba2-8f4f9c51b5d3/d88d0c4ea593677d8c8bd158704cca3f95c3e584.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0299cbc8-a693-4889-aba2-8f4f9c51b5d3/9e7a5fab05d84621ad4b78ccf141868a98875d29.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.231.40.0/22
                  131.196.248.0/22
                  160.20.172.0/22
                  170.80.28.0/22
                  170.254.88.0/22
                  177.152.48.0/22
                  179.0.196.0/22
                  181.191.244.0-181.191.255.255
                  192.141.124.0/22
                  201.182.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8e:8e:50:2d:0a:75:7c:fe:54:10:65:b3:29:c0:2b:bc:80:f2:
         84:40:2a:27:50:4f:32:62:c7:63:56:af:23:59:7d:d9:c6:fd:
         05:83:57:ec:9d:39:00:0d:f5:db:1f:2e:31:1a:00:27:d2:62:
         ce:f2:59:01:0e:d7:ac:1b:67:f9:d2:cc:e8:3a:67:dc:d6:22:
         57:f2:54:93:25:a0:5b:3f:8b:28:07:48:59:84:b2:d2:7c:28:
         af:a6:96:4a:6e:93:99:70:6b:aa:25:3a:93:f3:6e:95:4b:72:
         ee:a1:50:48:40:66:81:12:7d:48:52:63:a8:0a:af:eb:97:52:
         a6:bb:98:6c:a7:76:3e:f9:cb:f8:19:75:da:df:f5:50:34:af:
         ba:c6:72:df:27:20:c3:98:af:d5:f8:a0:38:91:6c:c5:af:af:
         64:49:95:ee:56:80:cb:5f:44:e4:49:19:f0:e6:28:fb:c9:7d:
         30:78:8c:8f:be:37:ed:1d:0f:3b:34:c8:8a:92:2b:85:62:c0:
         71:82:94:47:20:61:63:57:ea:8d:b0:1a:24:52:e5:ba:77:8c:
         d5:cc:fd:d8:b5:b3:af:1d:18:c3:97:ab:21:d6:50:55:f6:6c:
         4b:58:cb:52:e2:ef:9d:b5:ef:8c:02:35:c5:64:e3:c8:5d:11:
         74:64:d6:d2
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIDKBhjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDll
N2E1ZmFiMDVkODQ2MjFhZDRiNzhjY2YxNDE4NjhhOTg4NzVkMjkwHhcNMjQwMzA2
MDcxOTE1WhcNMjYwMzA2MDcxOTE1WjAzMTEwLwYDVQQDEyhkODhkMGM0ZWE1OTM2
NzdkOGM4YmQxNTg3MDRjY2EzZjk1YzNlNTg0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjqAbea7d2tiT0KOi1ooiHX6zfzoaPTsVftMNagH+vwW5KxfM
xFLMRyI6yxnqel33moLI2UIlyrtcpezxHmBN+OBUOzIMk0tM4psb9rsvhytD7jW0
Yc9EvkkkiQ7m6d5o6axVGZOMyVidTL07+y1JY2NJy7Zig27yH6OjaF5A/W9SVrY/
3DAiFreumGApzqKAGBkmSXP33qw+Xphhu8YMGJfHY+3DrfZeRjyY9YKjk9UNQ7cp
mgySfdTvtdpv4rVFinh6lMNGDq5ZUpuCZjGVj+wy160lvLaIFyCyekB/5FzAJawI
fjchUacgXBuytjIPUzOEFbMXCosY7l/pPuKmowIDAQABo4ICmDCCApQwHQYDVR0O
BBYEFK7t4qHd+fej5RM0fmxwxOZVi2U+MB8GA1UdIwQYMBaAFG5KN8gBaEGT//fg
Y+OdLMnFtXkRMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWU3YTVm
YWIwNWQ4NDYyMWFkNGI3OGNjZjE0MTg2OGE5ODg3NWQyOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDI5OWNiYzgtYTY5My00ODg5LWFiYTItOGY0Zjlj
NTFiNWQzL2Q4OGQwYzRlYTU5MzY3N2Q4YzhiZDE1ODcwNGNjYTNmOTVjM2U1ODQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMjk5Y2JjOC1hNjkzLTQ4ODktYWJhMi04ZjRm
OWM1MWI1ZDMvOWU3YTVmYWIwNWQ4NDYyMWFkNGI3OGNjZjE0MTg2OGE5ODg3NWQy
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBggrBgEFBQcBBwEB/wRN
MEswSQQCAAEwQwMEAi3nKAMEAoPE+AMEAqAUrAMEAqpQHAMEAqr+WAMEArGYMAME
ArMAxDALAwQCtb/0AwMGtYADBALAjXwDBALJthQwDQYJKoZIhvcNAQELBQADggEB
AI6OUC0KdXz+VBBlsynAK7yA8oRAKidQTzJix2NWryNZfdnG/QWDV+ydOQAN9dsf
LjEaACfSYs7yWQEO16wbZ/nSzOg6Z9zWIlfyVJMloFs/iygHSFmEstJ8KK+mlkpu
k5lwa6olOpPzbpVLcu6hUEhAZoESfUhSY6gKr+uXUqa7mGyndj75y/gZddrf9VA0
r7rGct8nIMOYr9X4oDiRbMWvr2RJle5WgMtfRORJGfDmKPvJfTB4jI++N+0dDzs0
yIqSK4ViwHGClEcgYWNX6o2wGiRS5bp3jNXM/di1s68dGMOXqyHWUFX2bEtYy1Li
752174wCNcVk48hdEXRk1tI=
-----END CERTIFICATE-----