Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/253c3298d866fa0dc2421b357ff8676378148682.roa
File:                     253c3298d866fa0dc2421b357ff8676378148682.roa (raw, json)
Hash identifier:          bkLnX4t/EJZZEcxe7zY+9lKtZqH4fVDm8UGOM6GV9+4=
Subject key identifier:   16:6F:1D:09:89:45:B4:5C:8F:F9:9C:F3:65:D6:7D:1B:04:3E:48:7B
Certificate issuer:       /CN=9db9b9135b4d3333a2e412cf69bbebbc30229f4a
Certificate serial:       28A194
Authority key identifier: 75:82:21:D0:B5:2D:06:A9:75:E0:A5:3A:16:0E:B3:15:AC:1C:43:79
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9db9b9135b4d3333a2e412cf69bbebbc30229f4a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/253c3298d866fa0dc2421b357ff8676378148682.roa
Signing time:             Mon 25 Mar 2024 18:09:15 +0000
ROA not before:           Mon 25 Mar 2024 18:09:15 +0000
ROA not after:            Wed 25 Mar 2026 18:09:15 +0000
asID:                     52327
IP address blocks:        131.161.232.0/22 maxlen: 24
                          190.52.56.0/21 maxlen: 24
                          170.80.116.0/22 maxlen: 24
                          181.177.208.0/21 maxlen: 24
                          2803:7d00::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2662804 (0x28a194)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9db9b9135b4d3333a2e412cf69bbebbc30229f4a
        Validity
            Not Before: Mar 25 18:09:15 2024 GMT
            Not After : Mar 25 18:09:15 2026 GMT
        Subject: CN=253c3298d866fa0dc2421b357ff8676378148682
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:fb:17:40:ee:b4:38:05:1f:4b:d5:87:58:ab:
                    1b:ae:2c:d3:da:db:dd:a6:38:df:5a:06:5a:cb:4b:
                    6c:09:44:fa:37:70:2f:35:f8:ad:e1:3e:f2:5f:e4:
                    dd:2f:32:4d:4f:6c:cb:b6:7e:87:9a:9b:aa:2f:c0:
                    db:20:60:fa:cb:44:8d:b1:6d:fc:0b:e7:d5:51:c6:
                    e1:b2:4a:d9:2a:c7:55:ba:88:a6:0a:0f:61:5c:dd:
                    05:4a:a2:48:b9:16:82:51:fa:8a:3f:ae:fa:44:c3:
                    30:ca:2f:82:79:0e:38:a0:0f:9d:ed:15:ef:f1:7a:
                    ae:a3:6d:6f:15:ad:e9:94:24:9e:f5:40:2f:8e:35:
                    d3:ef:12:0a:1e:ff:5d:9d:01:5d:51:f3:5b:04:4a:
                    6d:c3:53:92:1c:0d:cd:52:8f:53:80:ef:3b:b0:da:
                    28:4a:9f:31:26:a5:ac:42:ff:80:a3:70:f8:37:8c:
                    88:ea:d7:bf:8c:91:99:f6:d4:d8:90:e1:af:1c:5f:
                    88:b8:80:1f:5a:52:3b:17:61:f5:0b:cb:ef:72:94:
                    1a:8b:da:d3:ad:89:18:45:fc:fe:a0:b2:44:ab:f3:
                    61:07:b9:2d:44:55:59:b0:9c:67:74:0c:56:60:4d:
                    39:4e:b6:e7:68:9c:ef:1b:fc:8a:5e:dc:e2:6c:1e:
                    a3:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:6F:1D:09:89:45:B4:5C:8F:F9:9C:F3:65:D6:7D:1B:04:3E:48:7B
            X509v3 Authority Key Identifier:
                keyid:75:82:21:D0:B5:2D:06:A9:75:E0:A5:3A:16:0E:B3:15:AC:1C:43:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9db9b9135b4d3333a2e412cf69bbebbc30229f4a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/253c3298d866fa0dc2421b357ff8676378148682.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/9db9b9135b4d3333a2e412cf69bbebbc30229f4a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.161.232.0/22
                  170.80.116.0/22
                  181.177.208.0/21
                  190.52.56.0/21
                IPv6:
                  2803:7d00::/32

    Signature Algorithm: sha256WithRSAEncryption
         31:29:e1:aa:7e:65:e5:49:ba:80:56:54:95:2d:f0:15:c8:77:
         5d:9a:2d:9d:6a:46:5b:a2:9c:ff:f3:82:74:88:c3:57:d6:84:
         db:8b:fd:83:fd:2b:12:9e:2b:6c:a1:0a:55:83:fa:c5:d8:8b:
         6e:98:28:4b:70:aa:de:a2:57:1a:1d:33:0b:16:8d:53:b1:41:
         4b:4e:51:c3:8f:62:cd:f8:f1:e4:bb:c8:4e:c3:32:b8:38:69:
         be:b1:2c:d6:70:08:3f:f2:7d:d9:8c:38:6b:bc:c0:5a:f8:e7:
         a7:58:ff:41:d5:16:0a:fa:31:99:64:68:3c:c4:44:b6:b9:fe:
         cb:21:00:52:73:86:a0:6c:c2:28:a1:15:c3:15:7a:7c:bf:1a:
         83:f8:66:9b:6a:a4:56:68:6a:1f:0a:c1:b6:1d:37:5e:58:f9:
         c9:77:e8:66:51:29:21:a1:1f:1b:f0:d3:79:47:57:a3:75:66:
         b9:db:f0:9e:ec:a7:2c:41:d8:87:70:5c:fc:b1:de:8b:e2:7b:
         2f:33:16:98:89:4d:5f:77:5f:5e:f8:31:59:00:af:08:99:de:
         9c:89:08:6e:91:de:7d:01:2e:4a:67:1f:62:d2:d3:d6:5a:50:
         24:04:ec:8f:d4:ff:09:6a:e5:c2:5a:dc:01:a8:7e:54:b3:4f:
         f7:58:d0:ed
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIDKKGUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlk
YjliOTEzNWI0ZDMzMzNhMmU0MTJjZjY5YmJlYmJjMzAyMjlmNGEwHhcNMjQwMzI1
MTgwOTE1WhcNMjYwMzI1MTgwOTE1WjAzMTEwLwYDVQQDEygyNTNjMzI5OGQ4NjZm
YTBkYzI0MjFiMzU3ZmY4Njc2Mzc4MTQ4NjgyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsvsXQO60OAUfS9WHWKsbrizT2tvdpjjfWgZay0tsCUT6N3Av
Nfit4T7yX+TdLzJNT2zLtn6HmpuqL8DbIGD6y0SNsW38C+fVUcbhskrZKsdVuoim
Cg9hXN0FSqJIuRaCUfqKP676RMMwyi+CeQ44oA+d7RXv8Xquo21vFa3plCSe9UAv
jjXT7xIKHv9dnQFdUfNbBEptw1OSHA3NUo9TgO87sNooSp8xJqWsQv+Ao3D4N4yI
6te/jJGZ9tTYkOGvHF+IuIAfWlI7F2H1C8vvcpQai9rTrYkYRfz+oLJEq/NhB7kt
RFVZsJxndAxWYE05TrbnaJzvG/yKXtzibB6jNQIDAQABo4ICfDCCAngwHQYDVR0O
BBYEFBZvHQmJRbRcj/mc82XWfRsEPkh7MB8GA1UdIwQYMBaAFHWCIdC1LQapdeCl
OhYOsxWsHEN5MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWRiOWI5
MTM1YjRkMzMzM2EyZTQxMmNmNjliYmViYmMzMDIyOWY0YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjRkOTRlNjYtMzQ5Yi00MWFhLTk2MjEtMjZlMTg4
YThlYmJhLzI1M2MzMjk4ZDg2NmZhMGRjMjQyMWIzNTdmZjg2NzYzNzgxNDg2ODIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNGQ5NGU2Ni0zNDliLTQxYWEtOTYyMS0yNmUx
ODhhOGViYmEvOWRiOWI5MTM1YjRkMzMzM2EyZTQxMmNmNjliYmViYmMzMDIyOWY0
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAoOh6AMEAqpQdAMEA7Wx0AMEA740ODANBAIAAjAHAwUAKAN9
ADANBgkqhkiG9w0BAQsFAAOCAQEAMSnhqn5l5Um6gFZUlS3wFch3XZotnWpGW6Kc
//OCdIjDV9aE24v9g/0rEp4rbKEKVYP6xdiLbpgoS3Cq3qJXGh0zCxaNU7FBS05R
w49izfjx5LvITsMyuDhpvrEs1nAIP/J92Yw4a7zAWvjnp1j/QdUWCvoxmWRoPMRE
trn+yyEAUnOGoGzCKKEVwxV6fL8ag/hmm2qkVmhqHwrBth03Xlj5yXfoZlEpIaEf
G/DTeUdXo3VmudvwnuynLEHYh3Bc/LHei+J7LzMWmIlNX3dfXvgxWQCvCJnenIkI
bpHefQEuSmcfYtLT1lpQJATsj9T/CWrlwlrcAah+VLNP91jQ7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:24 2024 by rpki-client on console-fra.rpki-client.org