Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/bfce678a40a0f532b33e3774fba72f7c7807c275.roa
File:                     bfce678a40a0f532b33e3774fba72f7c7807c275.roa (raw, json)
Hash identifier:          AyGtBw7txOExMpm5Vd7QvGhlz8R2QXQ2LvLjro0d/rI=
Subject key identifier:   EE:60:59:B4:EE:E1:32:39:1A:41:C5:60:05:42:00:7F:84:22:5E:C2
Certificate issuer:       /CN=07a3e63d1966870c34f83b79e6705d8dc3f9b809
Certificate serial:       1327AF
Authority key identifier: E7:4F:4B:4C:08:78:4E:1A:4E:22:4C:95:7A:B5:B7:5F:81:D9:24:95
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/07a3e63d1966870c34f83b79e6705d8dc3f9b809.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/bfce678a40a0f532b33e3774fba72f7c7807c275.roa
Signing time:             Sat 04 Sep 2021 00:38:12 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     16732
IP address blocks:        200.59.32.0/24 maxlen: 24
                          200.59.33.0/24 maxlen: 24
                          200.59.34.0/24 maxlen: 24
                          200.59.35.0/24 maxlen: 24
                          200.59.36.0/24 maxlen: 24
                          200.59.36.0/22 maxlen: 22
                          200.59.37.0/24 maxlen: 24
                          200.59.38.0/24 maxlen: 24
                          200.59.39.0/24 maxlen: 24
                          200.59.40.0/24 maxlen: 24
                          200.59.41.0/24 maxlen: 24
                          200.59.42.0/24 maxlen: 24
                          200.59.43.0/24 maxlen: 24
                          200.59.44.0/24 maxlen: 24
                          200.59.44.0/23 maxlen: 23
                          200.59.45.0/24 maxlen: 24
                          200.59.46.0/24 maxlen: 24
                          200.59.47.0/24 maxlen: 24
                          200.59.50.0/24 maxlen: 24
                          200.59.51.0/24 maxlen: 24
                          200.59.54.0/24 maxlen: 24
                          200.59.55.0/24 maxlen: 24
                          200.59.56.0/24 maxlen: 24
                          200.59.57.0/24 maxlen: 24
                          200.59.58.0/24 maxlen: 24
                          200.59.59.0/24 maxlen: 24
                          200.59.52.0/23 maxlen: 23
                          200.59.53.0/24 maxlen: 24
                          200.59.56.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1255343 (0x1327af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07a3e63d1966870c34f83b79e6705d8dc3f9b809
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=bfce678a40a0f532b33e3774fba72f7c7807c275
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:35:a3:7e:3f:23:89:e9:0d:cb:43:0b:96:5b:
                    4a:2f:22:31:4a:07:4c:0e:1f:49:4c:cd:c5:1c:00:
                    3c:f7:cc:aa:4b:e8:76:7e:3d:55:dd:06:82:88:23:
                    7d:40:d4:d3:cc:28:fa:e7:1b:09:7f:1c:43:6a:b6:
                    85:49:2d:6a:d6:7f:25:cf:34:52:5a:1f:68:a2:d2:
                    94:5d:5d:23:e4:8f:a6:87:1a:10:af:15:d4:05:b2:
                    03:0b:9d:6f:b2:1e:7c:d5:de:c5:a1:6c:f4:60:42:
                    3e:3a:11:4c:4e:a7:b5:32:0e:0a:59:f0:81:4d:04:
                    27:f0:8d:f3:c8:e8:98:19:61:f5:6c:74:4c:0e:4a:
                    8f:68:0d:16:bc:e4:1a:8a:37:4a:80:a9:9e:d9:32:
                    d0:18:68:bf:e6:6c:b4:53:7e:6a:a7:09:32:23:d4:
                    2e:af:be:51:f0:f7:fa:76:69:22:dc:d5:27:85:a6:
                    db:42:97:3f:dd:c3:84:60:07:63:92:8d:6f:bd:fd:
                    a8:d4:49:6c:a4:41:c5:75:b4:0f:6f:d5:36:e8:5d:
                    f7:ea:a9:69:06:13:03:79:6f:e3:d4:fc:18:64:92:
                    17:36:31:e9:7a:3b:8a:b1:f0:be:83:e9:3a:c1:10:
                    e3:41:e8:89:be:6a:10:72:66:52:cc:48:b7:b2:9f:
                    cf:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:60:59:B4:EE:E1:32:39:1A:41:C5:60:05:42:00:7F:84:22:5E:C2
            X509v3 Authority Key Identifier:
                keyid:E7:4F:4B:4C:08:78:4E:1A:4E:22:4C:95:7A:B5:B7:5F:81:D9:24:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/07a3e63d1966870c34f83b79e6705d8dc3f9b809.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/bfce678a40a0f532b33e3774fba72f7c7807c275.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0cac3b82-f488-4df7-bc67-ad856a12aa43/07a3e63d1966870c34f83b79e6705d8dc3f9b809.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.32.0/20
                  200.59.50.0-200.59.59.255

    Signature Algorithm: sha256WithRSAEncryption
         15:14:26:ed:ff:53:2a:51:16:57:b1:f3:45:10:58:20:f8:ba:
         88:73:50:0d:45:c0:52:45:fe:e2:d3:40:41:35:3e:e4:73:41:
         77:e0:4b:1f:25:73:20:79:60:8a:68:98:8e:b6:3c:ff:2c:92:
         a9:d7:18:f6:0b:85:58:e9:5b:34:57:f3:f2:f1:2d:37:1b:85:
         49:41:53:74:58:44:eb:f5:5b:8a:33:63:4b:23:51:bf:2f:54:
         3f:c5:12:62:57:17:6f:f2:34:1e:0f:69:4b:25:7e:3c:f5:2e:
         c9:47:bb:65:5d:1d:bf:99:2f:c3:bc:05:49:e7:f3:fe:b3:24:
         fe:e7:60:45:f0:d9:1f:f1:cd:29:c9:7c:59:53:27:50:55:62:
         71:c6:1c:68:d1:8d:4c:a8:7a:c6:01:4f:8b:e9:10:aa:df:f0:
         76:1f:93:56:2c:85:ee:be:08:64:e8:da:53:12:7c:e1:6e:7e:
         94:00:b0:13:5c:e9:ac:1c:5c:41:92:41:e9:7a:48:ff:c2:a1:
         5e:39:0b:48:eb:68:71:1d:8c:f9:64:5c:a4:4b:3a:6d:03:a5:
         80:ae:a2:1e:e3:6d:a4:11:f5:10:4c:0f:01:f9:fc:d3:de:23:
         72:f3:74:b8:fc:fa:ef:99:2b:c4:36:73:e6:01:69:90:01:e9:
         8f:13:78:7b
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIDEyevMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA3
YTNlNjNkMTk2Njg3MGMzNGY4M2I3OWU2NzA1ZDhkYzNmOWI4MDkwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhiZmNlNjc4YTQwYTBm
NTMyYjMzZTM3NzRmYmE3MmY3Yzc4MDdjMjc1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqjWjfj8jiekNy0MLlltKLyIxSgdMDh9JTM3FHAA898yqS+h2
fj1V3QaCiCN9QNTTzCj65xsJfxxDaraFSS1q1n8lzzRSWh9ootKUXV0j5I+mhxoQ
rxXUBbIDC51vsh581d7FoWz0YEI+OhFMTqe1Mg4KWfCBTQQn8I3zyOiYGWH1bHRM
DkqPaA0WvOQaijdKgKme2TLQGGi/5my0U35qpwkyI9Qur75R8Pf6dmki3NUnhabb
Qpc/3cOEYAdjko1vvf2o1ElspEHFdbQPb9U26F336qlpBhMDeW/j1PwYZJIXNjHp
ejuKsfC+g+k6wRDjQeiJvmoQcmZSzEi3sp/PKwIDAQABo4ICaTCCAmUwHQYDVR0O
BBYEFO5gWbTu4TI5GkHFYAVCAH+EIl7CMB8GA1UdIwQYMBaAFOdPS0wIeE4aTiJM
lXq1t1+B2SSVMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDdhM2U2
M2QxOTY2ODcwYzM0ZjgzYjc5ZTY3MDVkOGRjM2Y5YjgwOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGNhYzNiODItZjQ4OC00ZGY3LWJjNjctYWQ4NTZh
MTJhYTQzL2JmY2U2NzhhNDBhMGY1MzJiMzNlMzc3NGZiYTcyZjdjNzgwN2MyNzUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wY2FjM2I4Mi1mNDg4LTRkZjctYmM2Ny1hZDg1
NmExMmFhNDMvMDdhM2U2M2QxOTY2ODcwYzM0ZjgzYjc5ZTY3MDVkOGRjM2Y5Yjgw
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQe
MBwwGgQCAAEwFAMEBMg7IDAMAwQByDsyAwQCyDs4MA0GCSqGSIb3DQEBCwUAA4IB
AQAVFCbt/1MqURZXsfNFEFgg+LqIc1ANRcBSRf7i00BBNT7kc0F34EsfJXMgeWCK
aJiOtjz/LJKp1xj2C4VY6Vs0V/Py8S03G4VJQVN0WETr9VuKM2NLI1G/L1Q/xRJi
Vxdv8jQeD2lLJX489S7JR7tlXR2/mS/DvAVJ5/P+syT+52BF8Nkf8c0pyXxZUydQ
VWJxxhxo0Y1MqHrGAU+L6RCq3/B2H5NWLIXuvghk6NpTEnzhbn6UALATXOmsHFxB
kkHpekj/wqFeOQtI62hxHYz5ZFykSzptA6WArqIe422kEfUQTA8B+fzT3iNy83S4
/PrvmSvENnPmAWmQAemPE3h7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-ams.rpki-client.org