Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/a9e4e444b4a737b0335b9168a7aaa19b1ee83aad.roa
File:                     a9e4e444b4a737b0335b9168a7aaa19b1ee83aad.roa (raw, json)
Hash identifier:          M9GPlu5RCdaAr40qqtS2TKClt5OPsYywDdUJRczfodQ=
Subject key identifier:   76:7C:D3:2C:76:B4:13:F8:EA:4A:10:F3:49:1F:B6:8F:41:07:DA:4F
Certificate issuer:       /CN=07a3e63d1966870c34f83b79e6705d8dc3f9b809
Certificate serial:       12832A
Authority key identifier: E7:4F:4B:4C:08:78:4E:1A:4E:22:4C:95:7A:B5:B7:5F:81:D9:24:95
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/07a3e63d1966870c34f83b79e6705d8dc3f9b809.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/a9e4e444b4a737b0335b9168a7aaa19b1ee83aad.roa
Signing time:             Thu 26 Aug 2021 02:26:01 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     7049
IP address blocks:        200.59.48.0/24 maxlen: 24
                          200.59.49.0/24 maxlen: 24
                          200.59.60.0/24 maxlen: 24
                          200.59.61.0/24 maxlen: 24
                          200.59.62.0/24 maxlen: 24
                          200.59.63.0/24 maxlen: 24
                          200.59.192.0/21 maxlen: 21
                          200.59.192.0/24 maxlen: 24
                          200.59.193.0/24 maxlen: 24
                          200.59.194.0/24 maxlen: 24
                          200.59.195.0/24 maxlen: 24
                          200.59.196.0/24 maxlen: 24
                          200.59.197.0/24 maxlen: 24
                          200.59.198.0/24 maxlen: 24
                          200.59.199.0/24 maxlen: 24
                          200.59.204.0/24 maxlen: 24
                          200.59.205.0/24 maxlen: 24
                          200.59.206.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1213226 (0x12832a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07a3e63d1966870c34f83b79e6705d8dc3f9b809
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=a9e4e444b4a737b0335b9168a7aaa19b1ee83aad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:b9:be:06:ff:6c:73:1b:a0:e1:cf:df:84:ab:
                    f1:b8:53:5e:5e:eb:e4:07:11:aa:cc:7b:85:60:65:
                    60:75:4f:19:29:48:39:4a:50:d1:ca:2a:d1:3e:e5:
                    cd:b4:03:22:39:cd:1d:30:29:58:78:84:f9:29:c7:
                    27:ed:41:1d:13:bc:a3:bd:ca:44:42:59:f2:eb:fd:
                    27:6b:24:23:05:b0:a9:8d:d2:90:6b:05:3b:a1:fd:
                    99:55:d0:7b:a6:fa:b3:d8:0b:2d:52:c7:a4:ef:a6:
                    38:dc:e0:40:cc:3c:02:25:c2:8e:54:e8:3a:37:a5:
                    b6:b9:a2:91:ff:70:1c:2e:c8:e5:04:9b:1b:c7:ad:
                    c7:c9:ce:f8:57:4c:47:20:de:ac:8f:8c:7b:a7:27:
                    d2:f9:ff:ac:d2:27:91:e4:02:e2:8c:5f:95:0d:9b:
                    27:4c:a6:ca:b3:82:df:87:78:38:bf:d9:7b:2d:e8:
                    61:2f:51:2d:01:91:b3:11:88:ef:b3:6c:0e:aa:c6:
                    f7:3a:3d:b7:bf:23:3f:2f:fd:83:1f:81:f4:fc:dd:
                    8c:6d:04:bc:03:3e:a7:1a:fc:3e:8a:03:fc:71:ae:
                    d9:38:4f:4c:89:e6:97:21:76:46:a3:19:f9:d5:44:
                    a9:77:75:c0:21:a8:ce:41:7d:a0:84:58:f6:c2:2c:
                    ee:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:7C:D3:2C:76:B4:13:F8:EA:4A:10:F3:49:1F:B6:8F:41:07:DA:4F
            X509v3 Authority Key Identifier:
                keyid:E7:4F:4B:4C:08:78:4E:1A:4E:22:4C:95:7A:B5:B7:5F:81:D9:24:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/07a3e63d1966870c34f83b79e6705d8dc3f9b809.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/a9e4e444b4a737b0335b9168a7aaa19b1ee83aad.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/07a3e63d1966870c34f83b79e6705d8dc3f9b809.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.48.0/23
                  200.59.60.0/22
                  200.59.192.0/21
                  200.59.204.0-200.59.206.255

    Signature Algorithm: sha256WithRSAEncryption
         65:81:70:1b:b1:70:d8:70:d1:69:4d:1e:d6:b4:74:ad:63:3d:
         39:c6:17:fb:4a:c0:50:f2:8c:e9:ce:d6:57:33:20:ce:f0:91:
         8f:18:dd:0b:88:38:f2:80:4d:f2:8a:4f:4b:84:24:b3:ec:35:
         47:31:a9:b1:e4:87:0d:7c:0d:71:e2:f5:7f:ff:ea:52:9f:dc:
         67:26:c2:22:ff:0c:3c:ac:bb:01:ef:96:8d:3d:3f:e1:35:40:
         b6:89:40:4b:97:b7:39:a6:e6:75:a1:15:aa:53:ef:03:e7:ac:
         4d:23:7b:07:ea:4a:5d:e3:54:3f:86:60:3d:de:83:2d:4b:d6:
         b7:7e:ef:83:32:2b:29:45:f9:e0:6d:9e:06:23:57:28:8a:3b:
         e7:d2:ea:43:6e:48:ce:72:81:c9:76:78:10:eb:26:05:69:ed:
         e7:04:4e:22:53:53:65:59:b8:b3:dc:c2:93:75:91:93:73:4a:
         c8:5b:83:af:79:09:b0:db:b4:d2:5f:f0:e5:82:6f:bb:8f:4b:
         f4:64:99:15:e2:c5:99:56:7c:49:8c:62:28:ce:8b:28:33:a9:
         8d:01:37:e9:f4:ce:40:e2:cf:6d:02:3a:e1:a1:1a:9f:f5:66:
         47:fe:4c:1e:08:3b:66:43:93:aa:3f:9e:6e:72:9c:e3:46:63:
         c4:b5:54:91
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIDEoMqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA3
YTNlNjNkMTk2Njg3MGMzNGY4M2I3OWU2NzA1ZDhkYzNmOWI4MDkwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhhOWU0ZTQ0NGI0YTcz
N2IwMzM1YjkxNjhhN2FhYTE5YjFlZTgzYWFkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAh7m+Bv9scxug4c/fhKvxuFNeXuvkBxGqzHuFYGVgdU8ZKUg5
SlDRyirRPuXNtAMiOc0dMClYeIT5Kccn7UEdE7yjvcpEQlny6/0nayQjBbCpjdKQ
awU7of2ZVdB7pvqz2AstUsek76Y43OBAzDwCJcKOVOg6N6W2uaKR/3AcLsjlBJsb
x63Hyc74V0xHIN6sj4x7pyfS+f+s0ieR5ALijF+VDZsnTKbKs4Lfh3g4v9l7Lehh
L1EtAZGzEYjvs2wOqsb3Oj23vyM/L/2DH4H0/N2MbQS8Az6nGvw+igP8ca7ZOE9M
ieaXIXZGoxn51USpd3XAIajOQX2ghFj2wizu5QIDAQABo4ICdTCCAnEwHQYDVR0O
BBYEFHZ80yx2tBP46koQ80kfto9BB9pPMB8GA1UdIwQYMBaAFOdPS0wIeE4aTiJM
lXq1t1+B2SSVMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDdhM2U2
M2QxOTY2ODcwYzM0ZjgzYjc5ZTY3MDVkOGRjM2Y5YjgwOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGNhYzNiODItZjQ4OC00ZGY3LWJjNjctYWQ4NTZh
MTJhYTQzL2E5ZTRlNDQ0YjRhNzM3YjAzMzViOTE2OGE3YWFhMTliMWVlODNhYWQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wY2FjM2I4Mi1mNDg4LTRkZjctYmM2Ny1hZDg1
NmExMmFhNDMvMDdhM2U2M2QxOTY2ODcwYzM0ZjgzYjc5ZTY3MDVkOGRjM2Y5Yjgw
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIAMEAcg7MAMEAsg7PAMEA8g7wDAMAwQCyDvMAwQAyDvOMA0GCSqG
SIb3DQEBCwUAA4IBAQBlgXAbsXDYcNFpTR7WtHStYz05xhf7SsBQ8ozpztZXMyDO
8JGPGN0LiDjygE3yik9LhCSz7DVHMamx5IcNfA1x4vV//+pSn9xnJsIi/ww8rLsB
75aNPT/hNUC2iUBLl7c5puZ1oRWqU+8D56xNI3sH6kpd41Q/hmA93oMtS9a3fu+D
MispRfngbZ4GI1coijvn0upDbkjOcoHJdngQ6yYFae3nBE4iU1NlWbiz3MKTdZGT
c0rIW4OveQmw27TSX/Dlgm+7j0v0ZJkV4sWZVnxJjGIozosoM6mNATfp9M5A4s9t
AjrhoRqf9WZH/kweCDtmQ5OqP55ucpzjRmPEtVSR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-ams.rpki-client.org