Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1fffbf97-8a9a-4261-8e1d-53b5264f45de/713708aa3a435854d1a1641d02dd9254d7549e20.roa
File:                     713708aa3a435854d1a1641d02dd9254d7549e20.roa (raw, json)
Hash identifier:          y7J7eSUMcVgJs0g1HhhJ11ji5FIGTq7TnkzQQwh+NRI=
Subject key identifier:   1B:67:32:10:FC:BB:79:91:98:42:A9:6B:BE:56:F0:AA:F6:AD:BA:0B
Certificate issuer:       /CN=e1129399c2c45f18c2b3360cd94263772f9d4bca
Certificate serial:       0D9FC0
Authority key identifier: 68:72:6E:76:C4:05:6B:64:82:2B:65:F9:D8:76:91:0B:87:40:52:03
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e1129399c2c45f18c2b3360cd94263772f9d4bca.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1fffbf97-8a9a-4261-8e1d-53b5264f45de/713708aa3a435854d1a1641d02dd9254d7549e20.roa
Signing time:             Wed 24 Mar 2021 14:32:08 +0000
ROA not before:           Wed 24 Mar 2021 14:32:07 +0000
ROA not after:            Tue 24 Mar 2026 14:32:07 +0000
asID:                     28038
IP address blocks:        131.72.72.0/22 maxlen: 24
                          170.231.160.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 892864 (0xd9fc0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1129399c2c45f18c2b3360cd94263772f9d4bca
        Validity
            Not Before: Mar 24 14:32:07 2021 GMT
            Not After : Mar 24 14:32:07 2026 GMT
        Subject: CN=713708aa3a435854d1a1641d02dd9254d7549e20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:74:c8:5e:3d:5d:fc:18:e3:53:34:6d:4f:12:
                    0e:30:5f:4a:3a:c4:ba:a6:05:a4:b5:4f:f5:e2:dc:
                    8a:a2:ee:ad:fc:aa:9a:69:ce:f9:cc:d4:39:a8:02:
                    5c:e5:d2:5d:2a:81:99:9e:fd:d5:7e:c0:2a:5c:74:
                    20:84:e0:56:a1:8b:ec:95:40:23:17:0d:28:44:0c:
                    2c:8c:ed:87:33:57:f7:ea:e0:36:6d:d7:5c:fd:47:
                    5d:74:2a:d7:ad:da:e1:a9:da:55:69:a0:99:fe:fa:
                    77:c1:29:55:73:f7:0d:c4:59:5f:37:2d:0f:fa:b6:
                    53:f5:93:75:af:a1:11:c9:59:e2:45:5c:72:0a:d0:
                    49:1d:16:ea:11:2a:35:91:2e:78:d2:34:d4:fb:17:
                    b4:43:11:5b:e8:6b:4d:b1:cf:27:9d:92:e2:a5:1e:
                    2f:d4:16:b6:6a:10:02:8a:7b:21:3d:a9:bc:1d:97:
                    43:ff:94:07:fd:4b:fb:5e:f1:f6:91:eb:7d:96:91:
                    56:e4:6f:c7:b0:e1:9e:c7:a7:41:52:27:66:ad:31:
                    d1:a6:48:b4:cb:6f:12:27:9c:78:05:dd:df:45:4b:
                    03:bd:9f:c4:ba:50:bf:d4:fb:ad:49:bb:bb:33:e8:
                    5a:89:4e:6b:78:b9:10:47:95:ce:2a:5b:43:74:da:
                    b2:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:67:32:10:FC:BB:79:91:98:42:A9:6B:BE:56:F0:AA:F6:AD:BA:0B
            X509v3 Authority Key Identifier:
                keyid:68:72:6E:76:C4:05:6B:64:82:2B:65:F9:D8:76:91:0B:87:40:52:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e1129399c2c45f18c2b3360cd94263772f9d4bca.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1fffbf97-8a9a-4261-8e1d-53b5264f45de/713708aa3a435854d1a1641d02dd9254d7549e20.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1fffbf97-8a9a-4261-8e1d-53b5264f45de/e1129399c2c45f18c2b3360cd94263772f9d4bca.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.72.0/22
                  170.231.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0e:6b:59:81:ce:b3:b6:0d:9c:9d:36:34:2f:53:46:12:f3:61:
         0f:56:bb:a1:05:5d:47:65:ab:61:60:38:dd:d1:b1:02:8d:3f:
         42:e9:f6:57:4b:13:a3:16:cf:44:9e:f0:f0:a5:46:b4:e3:ad:
         b5:81:3c:4f:bc:c4:44:a0:bc:02:b3:f6:ab:26:a8:b8:5a:23:
         f7:c2:57:98:d6:71:73:7f:01:84:ae:9d:48:0b:a4:4a:c1:fd:
         a5:0c:c1:e0:8f:2e:b5:5b:5a:db:15:2b:93:9e:15:c1:02:ea:
         56:61:e8:16:b1:2d:a4:0a:b3:22:06:a8:5d:55:00:fb:1c:db:
         c3:03:41:59:23:0b:2c:87:4c:9d:d5:f6:38:dd:02:20:26:ce:
         f6:c3:f4:33:31:38:c2:ac:04:bf:d4:ed:e4:68:97:5f:92:df:
         68:7a:20:05:b1:3d:fc:37:e1:9b:41:c7:0c:eb:09:f2:91:d9:
         f3:b7:2a:ca:4a:d6:ee:55:46:28:7b:b1:51:6e:e5:c7:32:60:
         8a:16:97:f3:29:9c:1e:57:8f:1e:6e:80:33:0d:c2:a1:5c:33:
         b6:55:9e:35:1a:51:fb:6b:3f:9c:1f:ac:c5:27:13:63:4e:44:
         c2:17:5a:b6:4b:11:b6:16:7a:74:39:99:82:98:7c:b6:4f:82:
         90:31:61:ca
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDDZ/AMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGUx
MTI5Mzk5YzJjNDVmMThjMmIzMzYwY2Q5NDI2Mzc3MmY5ZDRiY2EwHhcNMjEwMzI0
MTQzMjA3WhcNMjYwMzI0MTQzMjA3WjAzMTEwLwYDVQQDEyg3MTM3MDhhYTNhNDM1
ODU0ZDFhMTY0MWQwMmRkOTI1NGQ3NTQ5ZTIwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxHTIXj1d/BjjUzRtTxIOMF9KOsS6pgWktU/14tyKou6t/Kqa
ac75zNQ5qAJc5dJdKoGZnv3VfsAqXHQghOBWoYvslUAjFw0oRAwsjO2HM1f36uA2
bddc/UdddCrXrdrhqdpVaaCZ/vp3wSlVc/cNxFlfNy0P+rZT9ZN1r6ERyVniRVxy
CtBJHRbqESo1kS540jTU+xe0QxFb6GtNsc8nnZLipR4v1Ba2ahACinshPam8HZdD
/5QH/Uv7XvH2ket9lpFW5G/HsOGex6dBUidmrTHRpki0y28SJ5x4Bd3fRUsDvZ/E
ulC/1PutSbu7M+haiU5reLkQR5XOKltDdNqyFwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFBtnMhD8u3mRmEKpa75W8Kr2rboLMB8GA1UdIwQYMBaAFGhybnbEBWtkgitl
+dh2kQuHQFIDMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZTExMjkz
OTljMmM0NWYxOGMyYjMzNjBjZDk0MjYzNzcyZjlkNGJjYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWZmZmJmOTctOGE5YS00MjYxLThlMWQtNTNiNTI2
NGY0NWRlLzcxMzcwOGFhM2E0MzU4NTRkMWExNjQxZDAyZGQ5MjU0ZDc1NDllMjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZmZmYmY5Ny04YTlhLTQyNjEtOGUxZC01M2I1
MjY0ZjQ1ZGUvZTExMjkzOTljMmM0NWYxOGMyYjMzNjBjZDk0MjYzNzcyZjlkNGJj
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAoNISAMEAqrnoDANBgkqhkiG9w0BAQsFAAOCAQEADmtZgc6z
tg2cnTY0L1NGEvNhD1a7oQVdR2WrYWA43dGxAo0/Qun2V0sToxbPRJ7w8KVGtOOt
tYE8T7zERKC8ArP2qyaouFoj98JXmNZxc38BhK6dSAukSsH9pQzB4I8utVta2xUr
k54VwQLqVmHoFrEtpAqzIgaoXVUA+xzbwwNBWSMLLIdMndX2ON0CICbO9sP0MzE4
wqwEv9Tt5GiXX5LfaHogBbE9/Dfhm0HHDOsJ8pHZ87cqykrW7lVGKHuxUW7lxzJg
ihaX8ymcHlePHm6AMw3CoVwztlWeNRpR+2s/nB+sxScTY05EwhdatksRthZ6dDmZ
gph8tk+CkDFhyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:04 2024 by rpki-client on console-ams.rpki-client.org