Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/5cefb5630927c02114ac96042e1949a7650698eb.roa
File:                     5cefb5630927c02114ac96042e1949a7650698eb.roa (raw, json)
Hash identifier:          fFWuS0eX3iMueGuKZRmA1NSdGH7M0D1cpiLzUhVP+Ns=
Subject key identifier:   07:B6:45:80:20:FA:FD:BE:E6:92:85:B3:D1:2F:48:6B:A9:3C:0F:77
Certificate issuer:       /CN=07a3e63d1966870c34f83b79e6705d8dc3f9b809
Certificate serial:       24EF86
Authority key identifier: E7:4F:4B:4C:08:78:4E:1A:4E:22:4C:95:7A:B5:B7:5F:81:D9:24:95
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/07a3e63d1966870c34f83b79e6705d8dc3f9b809.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/5cefb5630927c02114ac96042e1949a7650698eb.roa
Signing time:             Fri 25 Aug 2023 08:30:04 +0000
ROA not before:           Thu 24 Aug 2023 08:30:04 +0000
ROA not after:            Sat 23 Aug 2025 08:30:04 +0000
asID:                     7049
IP address blocks:        200.59.42.0/24 maxlen: 24
                          200.59.48.0/23 maxlen: 23
                          200.59.51.0/24 maxlen: 24
                          200.59.52.0/23 maxlen: 23
                          200.59.53.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2420614 (0x24ef86)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07a3e63d1966870c34f83b79e6705d8dc3f9b809
        Validity
            Not Before: Aug 24 08:30:04 2023 GMT
            Not After : Aug 23 08:30:04 2025 GMT
        Subject: CN=5cefb5630927c02114ac96042e1949a7650698eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:10:95:12:e1:f1:46:a5:b7:e1:d5:07:d5:1d:
                    f5:2e:68:7d:bf:95:9c:c9:93:d3:e2:ea:82:87:c4:
                    72:be:94:63:cf:f1:cc:96:bd:61:8b:fc:0a:a8:29:
                    32:ca:48:e2:5c:15:b4:b5:ed:9f:85:0f:14:68:84:
                    c1:6d:d1:d9:0c:49:ea:e5:72:5b:c5:fb:23:41:65:
                    33:13:66:b8:bc:96:5a:cf:05:c0:84:40:6d:e7:d9:
                    a9:f3:55:46:bb:f6:7a:03:d6:3e:7d:03:a2:00:fe:
                    89:86:4a:07:6a:01:63:4a:17:61:67:c3:7b:ed:ac:
                    13:30:ae:9e:d7:21:22:74:37:bc:2b:d5:bf:6e:9b:
                    96:98:02:69:cc:68:8c:58:b4:36:90:a3:9e:22:12:
                    da:76:7c:c6:78:5b:58:28:cd:db:7b:80:46:bc:45:
                    27:5c:43:61:40:ce:20:75:bb:7e:dc:71:23:76:67:
                    8c:22:eb:c2:a1:cd:37:17:a3:4a:65:ed:1f:0a:f4:
                    70:76:b6:bf:c9:16:c0:a2:c6:13:be:50:c2:fc:16:
                    0d:f8:8a:e0:29:e9:7e:68:0d:eb:69:f6:32:60:59:
                    e0:e0:8b:fe:4c:18:8c:da:3e:ab:ef:25:de:ca:e7:
                    33:c1:b0:81:ab:15:f7:fb:02:45:61:4c:fa:80:5c:
                    22:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:B6:45:80:20:FA:FD:BE:E6:92:85:B3:D1:2F:48:6B:A9:3C:0F:77
            X509v3 Authority Key Identifier:
                keyid:E7:4F:4B:4C:08:78:4E:1A:4E:22:4C:95:7A:B5:B7:5F:81:D9:24:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/07a3e63d1966870c34f83b79e6705d8dc3f9b809.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/5cefb5630927c02114ac96042e1949a7650698eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/07a3e63d1966870c34f83b79e6705d8dc3f9b809.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.42.0/24
                  200.59.48.0/23
                  200.59.51.0-200.59.53.255

    Signature Algorithm: sha256WithRSAEncryption
         28:6b:8b:f1:4d:16:16:74:11:82:e7:a6:cd:e3:3c:09:e6:c8:
         22:a4:84:40:5e:c4:a3:ac:51:f1:c2:34:43:89:71:ec:70:72:
         75:8d:3c:15:32:7d:a4:e9:11:2d:c7:07:bb:51:d1:c2:41:9d:
         61:09:24:18:69:a1:ea:2c:5e:12:2f:dc:a3:7e:cc:9b:1e:83:
         44:da:42:13:33:8b:aa:7b:f3:de:b1:15:c4:c5:99:df:0a:f4:
         e5:6f:77:7a:3b:8c:29:e8:79:6f:d1:17:3e:cf:90:a0:e0:9f:
         7a:55:80:f1:81:b5:29:0b:d3:9b:45:35:5f:c2:af:70:7e:51:
         55:2d:12:6e:76:5d:ec:1e:24:45:3b:3f:2f:db:86:e1:cd:45:
         30:a0:53:99:7b:fa:01:20:3d:6c:d1:c7:86:1a:21:68:24:d8:
         98:c7:39:97:55:8a:27:1f:49:a2:89:f4:e6:3a:dc:09:ba:ce:
         03:fb:74:60:5a:bc:56:ff:65:17:27:20:46:d6:ea:60:79:21:
         8c:0a:35:ce:93:37:a4:fb:13:49:b9:a3:4e:1c:3c:77:95:48:
         a0:36:47:33:0c:9d:81:7e:ef:8f:f4:6b:ee:ab:77:ad:70:97:
         85:f2:4b:d5:23:bd:ff:3f:d9:52:e1:74:f9:ed:6d:08:8c:cb:
         b5:d5:7f:f2
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIDJO+GMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA3
YTNlNjNkMTk2Njg3MGMzNGY4M2I3OWU2NzA1ZDhkYzNmOWI4MDkwHhcNMjMwODI0
MDgzMDA0WhcNMjUwODIzMDgzMDA0WjAzMTEwLwYDVQQDEyg1Y2VmYjU2MzA5Mjdj
MDIxMTRhYzk2MDQyZTE5NDlhNzY1MDY5OGViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAihCVEuHxRqW34dUH1R31Lmh9v5WcyZPT4uqCh8RyvpRjz/HM
lr1hi/wKqCkyykjiXBW0te2fhQ8UaITBbdHZDEnq5XJbxfsjQWUzE2a4vJZazwXA
hEBt59mp81VGu/Z6A9Y+fQOiAP6JhkoHagFjShdhZ8N77awTMK6e1yEidDe8K9W/
bpuWmAJpzGiMWLQ2kKOeIhLadnzGeFtYKM3be4BGvEUnXENhQM4gdbt+3HEjdmeM
IuvCoc03F6NKZe0fCvRwdra/yRbAosYTvlDC/BYN+IrgKel+aA3rafYyYFng4Iv+
TBiM2j6r7yXeyuczwbCBqxX3+wJFYUz6gFwiHQIDAQABo4ICbzCCAmswHQYDVR0O
BBYEFAe2RYAg+v2+5pKFs9EvSGupPA93MB8GA1UdIwQYMBaAFOdPS0wIeE4aTiJM
lXq1t1+B2SSVMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDdhM2U2
M2QxOTY2ODcwYzM0ZjgzYjc5ZTY3MDVkOGRjM2Y5YjgwOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGNhYzNiODItZjQ4OC00ZGY3LWJjNjctYWQ4NTZh
MTJhYTQzLzVjZWZiNTYzMDkyN2MwMjExNGFjOTYwNDJlMTk0OWE3NjUwNjk4ZWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wY2FjM2I4Mi1mNDg4LTRkZjctYmM2Ny1hZDg1
NmExMmFhNDMvMDdhM2U2M2QxOTY2ODcwYzM0ZjgzYjc5ZTY3MDVkOGRjM2Y5Yjgw
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQk
MCIwIAQCAAEwGgMEAMg7KgMEAcg7MDAMAwQAyDszAwQByDs0MA0GCSqGSIb3DQEB
CwUAA4IBAQAoa4vxTRYWdBGC56bN4zwJ5sgipIRAXsSjrFHxwjRDiXHscHJ1jTwV
Mn2k6REtxwe7UdHCQZ1hCSQYaaHqLF4SL9yjfsybHoNE2kITM4uqe/PesRXExZnf
CvTlb3d6O4wp6Hlv0Rc+z5Cg4J96VYDxgbUpC9ObRTVfwq9wflFVLRJudl3sHiRF
Oz8v24bhzUUwoFOZe/oBID1s0ceGGiFoJNiYxzmXVYonH0miifTmOtwJus4D+3Rg
WrxW/2UXJyBG1upgeSGMCjXOkzek+xNJuaNOHDx3lUigNkczDJ2Bfu+P9Gvuq3et
cJeF8kvVI73/P9lS4XT57W0IjMu11X/y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-ams.rpki-client.org