Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1c494acd-67c1-46c0-b6c5-caabcbce1d94/505f8b0dbbed1fbae392a8545b8fad465390c5ee.roa
File:                     505f8b0dbbed1fbae392a8545b8fad465390c5ee.roa (raw, json)
Hash identifier:          4DMi2jlGtCymJfcU1UcqrPw9cxP51iYyPgi3XiCfZ04=
Subject key identifier:   01:78:21:C5:4D:4B:23:0F:78:6D:27:7F:ED:3C:B0:9B:8B:7A:31:74
Certificate issuer:       /CN=610a073086b39384e909786d0a194418acd0bd49
Certificate serial:       273701
Authority key identifier: D6:DA:C6:62:CF:C3:1A:BF:C6:77:86:7C:A6:81:8B:3F:4D:86:F0:9D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/610a073086b39384e909786d0a194418acd0bd49.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1c494acd-67c1-46c0-b6c5-caabcbce1d94/505f8b0dbbed1fbae392a8545b8fad465390c5ee.roa
Signing time:             Wed 03 Jan 2024 20:33:03 +0000
ROA not before:           Wed 03 Jan 2024 20:33:01 +0000
ROA not after:            Sat 03 Jan 2026 20:33:01 +0000
asID:                     264668
IP address blocks:        45.70.56.0/22 maxlen: 24
                          2803:a820::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2569985 (0x273701)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=610a073086b39384e909786d0a194418acd0bd49
        Validity
            Not Before: Jan  3 20:33:01 2024 GMT
            Not After : Jan  3 20:33:01 2026 GMT
        Subject: CN=505f8b0dbbed1fbae392a8545b8fad465390c5ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d7:aa:11:ea:40:9e:a1:bc:2f:64:00:74:cf:
                    ca:8f:f4:30:3e:8e:0d:06:43:51:10:44:85:91:e8:
                    6f:6a:ed:fb:0e:39:cd:27:ef:fc:92:ff:c8:c9:b9:
                    cf:d1:f1:16:15:c9:ab:ef:48:8c:85:73:aa:28:62:
                    2e:52:48:55:8e:1a:c8:87:a4:ff:a7:75:50:ab:48:
                    cd:60:c7:11:88:d7:d5:9b:b4:6f:aa:06:4e:33:27:
                    11:db:da:3b:54:a9:08:26:dc:cc:3c:f5:5d:05:e3:
                    82:9e:e9:17:ae:29:cc:28:3e:81:08:85:e5:47:f4:
                    ca:86:ac:ad:53:76:b9:18:d3:55:4c:31:75:b3:bc:
                    42:f9:b1:1d:49:0a:2e:54:ec:b4:f5:b2:6e:c8:8c:
                    41:5b:3e:ab:c8:23:a4:7f:dc:6d:80:73:ce:63:61:
                    92:7e:ae:c2:de:d6:f8:05:ec:95:54:3d:cd:26:a6:
                    60:68:92:54:c9:c7:d2:a2:44:c1:92:b7:27:00:16:
                    f5:f5:14:ec:5f:a8:6a:2d:2a:76:c5:d7:14:b0:31:
                    a4:67:d6:d6:27:75:4b:8f:0b:f2:4f:99:e4:a5:01:
                    11:4e:cf:5e:88:c4:78:5c:b8:63:a8:38:c9:96:af:
                    cd:a1:e7:4d:10:db:00:a8:7a:b1:24:63:2a:47:c0:
                    21:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:78:21:C5:4D:4B:23:0F:78:6D:27:7F:ED:3C:B0:9B:8B:7A:31:74
            X509v3 Authority Key Identifier:
                keyid:D6:DA:C6:62:CF:C3:1A:BF:C6:77:86:7C:A6:81:8B:3F:4D:86:F0:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/610a073086b39384e909786d0a194418acd0bd49.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1c494acd-67c1-46c0-b6c5-caabcbce1d94/505f8b0dbbed1fbae392a8545b8fad465390c5ee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1c494acd-67c1-46c0-b6c5-caabcbce1d94/610a073086b39384e909786d0a194418acd0bd49.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.70.56.0/22
                IPv6:
                  2803:a820::/32

    Signature Algorithm: sha256WithRSAEncryption
         28:1e:67:19:a4:7f:8f:cb:39:7b:32:67:30:53:99:42:37:55:
         c0:0b:dc:7c:dd:64:e8:bd:87:44:d9:f5:15:9a:3b:2e:34:c9:
         ec:c5:99:f0:0d:27:39:c4:4c:61:b7:ac:3b:7d:35:45:d0:4f:
         0b:17:d5:75:cf:a5:e8:e2:dc:3e:9e:23:a8:d9:9a:ed:25:ff:
         78:fd:c2:98:5c:2c:ef:0c:86:08:50:d1:d4:88:44:5d:d4:a6:
         f9:ee:d8:fd:de:93:29:32:fa:be:ea:b3:ed:3d:0c:20:7a:93:
         5d:45:d8:4c:55:6a:52:ad:1f:af:bd:b0:2d:db:73:bc:b1:48:
         e4:0c:1e:e8:e5:8c:85:51:b7:06:2c:02:30:8f:ce:d5:51:e1:
         51:9b:5f:07:aa:b4:79:eb:5d:13:63:e1:3c:4e:ad:15:1c:c9:
         15:a9:7d:2a:eb:39:5c:c9:ba:e9:c4:0b:66:05:31:b5:c5:dc:
         52:e2:b8:40:47:7e:aa:d6:80:64:15:8d:b1:0d:02:8e:8e:6d:
         e4:3f:8e:3d:2b:63:38:a4:32:50:dc:98:20:db:67:46:6a:ae:
         66:c0:94:a5:5f:3b:dc:10:4e:4f:79:68:51:7c:29:94:c9:23:
         37:59:0b:2f:50:05:ba:68:13:5c:b1:3a:cd:4d:a6:47:2b:f2:
         6e:f1:2f:f6
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDJzcBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYx
MGEwNzMwODZiMzkzODRlOTA5Nzg2ZDBhMTk0NDE4YWNkMGJkNDkwHhcNMjQwMTAz
MjAzMzAxWhcNMjYwMTAzMjAzMzAxWjAzMTEwLwYDVQQDEyg1MDVmOGIwZGJiZWQx
ZmJhZTM5MmE4NTQ1YjhmYWQ0NjUzOTBjNWVlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAndeqEepAnqG8L2QAdM/Kj/QwPo4NBkNREESFkehvau37DjnN
J+/8kv/IybnP0fEWFcmr70iMhXOqKGIuUkhVjhrIh6T/p3VQq0jNYMcRiNfVm7Rv
qgZOMycR29o7VKkIJtzMPPVdBeOCnukXrinMKD6BCIXlR/TKhqytU3a5GNNVTDF1
s7xC+bEdSQouVOy09bJuyIxBWz6ryCOkf9xtgHPOY2GSfq7C3tb4BeyVVD3NJqZg
aJJUycfSokTBkrcnABb19RTsX6hqLSp2xdcUsDGkZ9bWJ3VLjwvyT5nkpQERTs9e
iMR4XLhjqDjJlq/NoedNENsAqHqxJGMqR8AhNwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFAF4IcVNSyMPeG0nf+08sJuLejF0MB8GA1UdIwQYMBaAFNbaxmLPwxq/xneG
fKaBiz9NhvCdMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjEwYTA3
MzA4NmIzOTM4NGU5MDk3ODZkMGExOTQ0MThhY2QwYmQ0OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWM0OTRhY2QtNjdjMS00NmMwLWI2YzUtY2FhYmNi
Y2UxZDk0LzUwNWY4YjBkYmJlZDFmYmFlMzkyYTg1NDViOGZhZDQ2NTM5MGM1ZWUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xYzQ5NGFjZC02N2MxLTQ2YzAtYjZjNS1jYWFi
Y2JjZTFkOTQvNjEwYTA3MzA4NmIzOTM4NGU5MDk3ODZkMGExOTQ0MThhY2QwYmQ0
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi1GODANBAIAAjAHAwUAKAOoIDANBgkqhkiG9w0BAQsFAAOC
AQEAKB5nGaR/j8s5ezJnMFOZQjdVwAvcfN1k6L2HRNn1FZo7LjTJ7MWZ8A0nOcRM
YbesO301RdBPCxfVdc+l6OLcPp4jqNma7SX/eP3CmFws7wyGCFDR1IhEXdSm+e7Y
/d6TKTL6vuqz7T0MIHqTXUXYTFVqUq0fr72wLdtzvLFI5Awe6OWMhVG3BiwCMI/O
1VHhUZtfB6q0eetdE2PhPE6tFRzJFal9Kus5XMm66cQLZgUxtcXcUuK4QEd+qtaA
ZBWNsQ0Cjo5t5D+OPStjOKQyUNyYINtnRmquZsCUpV873BBOT3loUXwplMkjN1kL
L1AFumgTXLE6zU2mRyvybvEv9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:02 2024 by rpki-client on console-ams.rpki-client.org