Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/02efd32a-664b-4770-a500-8fc74a5992ad/724c5a3ca3b50e1381af323b5bf1b3a2fb3a72c8.roa
File:                     724c5a3ca3b50e1381af323b5bf1b3a2fb3a72c8.roa (raw, json)
Hash identifier:          rPO9gAD49DghecLxq3qb8voZxbfhoEGe3iFKE8vtv0c=
Subject key identifier:   D2:45:69:12:12:A0:B7:58:39:93:F7:0A:E3:98:9E:73:57:AF:4B:85
Certificate issuer:       /CN=40dd355863a64b49aaea56a333a078f4104009ff
Certificate serial:       11E862
Authority key identifier: 30:03:EB:ED:04:79:DB:CE:DD:0A:60:F8:33:AC:52:69:51:5B:A7:78
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/40dd355863a64b49aaea56a333a078f4104009ff.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/02efd32a-664b-4770-a500-8fc74a5992ad/724c5a3ca3b50e1381af323b5bf1b3a2fb3a72c8.roa
Signing time:             Tue 16 May 2023 08:30:00 +0000
ROA not before:           Mon 15 May 2023 08:30:00 +0000
ROA not after:            Wed 14 May 2025 08:30:00 +0000
asID:                     266754
IP address blocks:        45.232.0.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1173602 (0x11e862)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40dd355863a64b49aaea56a333a078f4104009ff
        Validity
            Not Before: May 15 08:30:00 2023 GMT
            Not After : May 14 08:30:00 2025 GMT
        Subject: CN=724c5a3ca3b50e1381af323b5bf1b3a2fb3a72c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f8:88:48:dc:d8:9b:93:a9:e4:06:68:be:87:
                    eb:b1:c4:d0:ee:7c:79:ae:13:fc:51:88:8c:20:6b:
                    84:99:45:65:f3:65:2f:06:0f:f5:b8:45:55:86:01:
                    f3:c9:b8:75:c4:95:21:a3:68:08:f9:84:3c:b7:d4:
                    2a:dc:4c:eb:ea:1b:bf:ec:9d:66:9a:08:72:9b:d9:
                    61:9b:eb:51:98:d3:34:c1:76:76:a8:b0:bb:b5:3d:
                    55:81:58:5d:f3:48:94:00:86:41:be:8d:d5:6e:4f:
                    b4:30:b6:bd:f7:cc:b3:93:c3:14:9f:3f:50:15:1f:
                    fe:02:c7:57:c8:d7:ac:42:68:90:1a:c2:bf:b9:17:
                    9e:30:3c:a6:6b:92:bf:ac:51:1f:10:e9:b7:a7:91:
                    ff:94:df:3f:54:75:8c:96:b9:6b:cf:b9:1c:88:25:
                    b6:9d:23:e0:27:2a:d0:10:d1:5c:44:ce:0a:4d:ab:
                    09:4d:6e:c0:11:4a:37:02:8c:e6:7f:3f:47:92:07:
                    42:d0:1d:14:82:e8:c7:ff:91:11:91:9e:98:06:53:
                    5f:f4:44:78:3e:b2:ff:b3:73:be:98:17:9c:c7:2d:
                    f8:25:c7:dd:d0:2c:54:4d:e4:d8:35:5c:f3:ea:d7:
                    ce:ce:a0:fb:0f:19:46:95:76:93:ac:f7:5b:fe:0f:
                    64:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:45:69:12:12:A0:B7:58:39:93:F7:0A:E3:98:9E:73:57:AF:4B:85
            X509v3 Authority Key Identifier:
                keyid:30:03:EB:ED:04:79:DB:CE:DD:0A:60:F8:33:AC:52:69:51:5B:A7:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/40dd355863a64b49aaea56a333a078f4104009ff.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/02efd32a-664b-4770-a500-8fc74a5992ad/724c5a3ca3b50e1381af323b5bf1b3a2fb3a72c8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/02efd32a-664b-4770-a500-8fc74a5992ad/40dd355863a64b49aaea56a333a078f4104009ff.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.232.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8f:75:91:b5:2d:80:b6:ed:85:80:7d:51:0c:a2:86:63:16:2a:
         b3:0d:d4:84:0e:95:51:c7:41:c2:95:30:1a:5d:44:31:4d:47:
         18:6d:c3:64:4a:80:96:8a:01:94:1e:8a:85:e0:95:ec:12:04:
         c0:1d:4f:c5:0a:f7:f7:0b:fc:e4:0e:bc:09:e6:f8:7f:9e:2e:
         8d:68:22:fb:f6:cd:f2:c7:18:1b:bd:fa:79:45:f5:24:bf:2f:
         26:e6:3c:ab:e6:ee:e5:89:72:0a:a1:57:fd:49:4f:f9:bf:4a:
         0b:33:51:be:f5:56:0c:ee:d4:f2:8e:86:f6:3a:ea:7b:ed:2a:
         e5:0d:a6:f3:6c:cc:80:b9:18:bf:1a:fc:f7:f1:04:ed:a8:32:
         d5:5b:13:98:c3:8f:bf:2b:d6:6a:d6:24:f0:b4:f2:50:7a:1a:
         0f:38:f8:63:d1:83:af:f7:07:05:2a:0e:50:2b:01:ee:51:8a:
         a0:83:94:c8:1e:37:e1:2d:40:61:af:d1:5a:fa:0d:0e:ea:e9:
         c3:67:37:3f:81:da:4d:f2:6f:97:50:2e:a5:31:25:82:bd:48:
         cc:32:a5:0f:25:2b:4f:c2:d1:a9:a3:0f:81:89:fa:c9:48:81:
         b7:d9:46:ef:16:20:0b:bb:17:c3:ce:5a:73:c7:c4:94:22:07:
         34:4a:1d:18
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEehiMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQw
ZGQzNTU4NjNhNjRiNDlhYWVhNTZhMzMzYTA3OGY0MTA0MDA5ZmYwHhcNMjMwNTE1
MDgzMDAwWhcNMjUwNTE0MDgzMDAwWjAzMTEwLwYDVQQDEyg3MjRjNWEzY2EzYjUw
ZTEzODFhZjMyM2I1YmYxYjNhMmZiM2E3MmM4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuviISNzYm5Op5AZovofrscTQ7nx5rhP8UYiMIGuEmUVl82Uv
Bg/1uEVVhgHzybh1xJUho2gI+YQ8t9Qq3Ezr6hu/7J1mmghym9lhm+tRmNM0wXZ2
qLC7tT1VgVhd80iUAIZBvo3Vbk+0MLa998yzk8MUnz9QFR/+AsdXyNesQmiQGsK/
uReeMDyma5K/rFEfEOm3p5H/lN8/VHWMlrlrz7kciCW2nSPgJyrQENFcRM4KTasJ
TW7AEUo3Aozmfz9HkgdC0B0UgujH/5ERkZ6YBlNf9ER4PrL/s3O+mBecxy34Jcfd
0CxUTeTYNVzz6tfOzqD7DxlGlXaTrPdb/g9kDwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFNJFaRISoLdYOZP3CuOYnnNXr0uFMB8GA1UdIwQYMBaAFDAD6+0EedvO3Qpg
+DOsUmlRW6d4MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDBkZDM1
NTg2M2E2NGI0OWFhZWE1NmEzMzNhMDc4ZjQxMDQwMDlmZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDJlZmQzMmEtNjY0Yi00NzcwLWE1MDAtOGZjNzRh
NTk5MmFkLzcyNGM1YTNjYTNiNTBlMTM4MWFmMzIzYjViZjFiM2EyZmIzYTcyYzgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMmVmZDMyYS02NjRiLTQ3NzAtYTUwMC04ZmM3
NGE1OTkyYWQvNDBkZDM1NTg2M2E2NGI0OWFhZWE1NmEzMzNhMDc4ZjQxMDQwMDlm
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi3oADANBgkqhkiG9w0BAQsFAAOCAQEAj3WRtS2Atu2FgH1R
DKKGYxYqsw3UhA6VUcdBwpUwGl1EMU1HGG3DZEqAlooBlB6KheCV7BIEwB1PxQr3
9wv85A68Ceb4f54ujWgi+/bN8scYG736eUX1JL8vJuY8q+bu5YlyCqFX/UlP+b9K
CzNRvvVWDO7U8o6G9jrqe+0q5Q2m82zMgLkYvxr89/EE7agy1VsTmMOPvyvWatYk
8LTyUHoaDzj4Y9GDr/cHBSoOUCsB7lGKoIOUyB434S1AYa/RWvoNDurpw2c3P4Ha
TfJvl1AupTElgr1IzDKlDyUrT8LRqaMPgYn6yUiBt9lG7xYgC7sXw85ac8fElCIH
NEodGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:17 2024 by rpki-client on console-fra.rpki-client.org