Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/8456fa19a8671e02ef679de18db0d71e0375fbeb.roa
File:                     8456fa19a8671e02ef679de18db0d71e0375fbeb.roa (raw, json)
Hash identifier:          ORKBWyFtFcwEe/QfWiEeXHavwYKABe7pytsrb3aJRdo=
Subject key identifier:   17:3D:89:FC:16:43:44:30:E2:68:9D:E9:2A:18:A1:8F:5E:06:B4:DB
Certificate issuer:       /CN=9db9b9135b4d3333a2e412cf69bbebbc30229f4a
Certificate serial:       0DB491
Authority key identifier: 75:82:21:D0:B5:2D:06:A9:75:E0:A5:3A:16:0E:B3:15:AC:1C:43:79
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9db9b9135b4d3333a2e412cf69bbebbc30229f4a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/8456fa19a8671e02ef679de18db0d71e0375fbeb.roa
Signing time:             Wed 24 Mar 2021 14:32:10 +0000
ROA not before:           Wed 24 Mar 2021 14:32:10 +0000
ROA not after:            Tue 24 Mar 2026 14:32:10 +0000
asID:                     52327
IP address blocks:        131.161.232.0/22 maxlen: 24
                          170.80.116.0/22 maxlen: 24
                          181.177.208.0/21 maxlen: 24
                          190.52.56.0/21 maxlen: 24
                          2803:7d00::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 898193 (0xdb491)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9db9b9135b4d3333a2e412cf69bbebbc30229f4a
        Validity
            Not Before: Mar 24 14:32:10 2021 GMT
            Not After : Mar 24 14:32:10 2026 GMT
        Subject: CN=8456fa19a8671e02ef679de18db0d71e0375fbeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:2b:98:a6:91:b2:5b:c4:9e:ed:9d:8e:64:a0:
                    b5:4b:5d:fc:10:e9:d6:1a:81:50:8f:d6:07:f0:da:
                    92:6c:0a:eb:50:f7:9a:93:c1:5b:b8:81:d7:91:ec:
                    9b:00:d2:81:60:f2:e3:cc:94:d6:29:c6:79:6c:92:
                    85:37:03:6e:f0:91:09:cf:a3:a9:5b:2a:d9:14:d4:
                    93:00:90:c1:0e:ca:5c:54:aa:36:8c:bc:5a:c8:cf:
                    28:42:58:38:c8:1e:52:c5:9a:10:b2:5c:8c:21:26:
                    ac:65:39:62:cf:cd:65:ee:b8:2d:5e:fb:07:b3:b5:
                    fd:36:f4:eb:28:99:30:77:f6:70:66:cd:51:62:84:
                    99:22:b5:8d:34:9f:4f:00:cd:f7:20:96:43:e2:a2:
                    af:1f:5d:bf:3e:78:72:e1:ef:a2:4b:0c:eb:d4:b6:
                    07:b9:dd:3d:2d:6b:a2:98:6c:34:39:47:de:df:1e:
                    b9:cf:aa:f9:ce:52:ff:3d:3a:8b:ce:2f:15:76:86:
                    24:a9:d9:a3:f6:72:cd:ca:36:a0:b7:d1:5c:e5:7c:
                    38:fd:9c:9b:7a:83:87:a4:25:f3:16:3d:42:f7:d0:
                    e5:e0:ba:b8:50:09:dc:ae:16:64:8a:9c:c2:a1:d8:
                    d8:66:18:de:5a:51:68:bc:aa:89:87:f1:82:32:ba:
                    74:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:3D:89:FC:16:43:44:30:E2:68:9D:E9:2A:18:A1:8F:5E:06:B4:DB
            X509v3 Authority Key Identifier:
                keyid:75:82:21:D0:B5:2D:06:A9:75:E0:A5:3A:16:0E:B3:15:AC:1C:43:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9db9b9135b4d3333a2e412cf69bbebbc30229f4a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/8456fa19a8671e02ef679de18db0d71e0375fbeb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/24d94e66-349b-41aa-9621-26e188a8ebba/9db9b9135b4d3333a2e412cf69bbebbc30229f4a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.161.232.0/22
                  170.80.116.0/22
                  181.177.208.0/21
                  190.52.56.0/21
                IPv6:
                  2803:7d00::/32

    Signature Algorithm: sha256WithRSAEncryption
         66:e2:a9:30:93:c9:1b:43:2a:e5:bf:d0:90:c7:84:83:90:5f:
         b0:26:5d:03:e4:be:c5:08:ce:65:ae:29:3b:2e:75:0a:19:5e:
         1c:d8:66:52:98:65:48:9f:40:c0:c3:77:d7:b6:fa:24:66:c4:
         8c:b4:7e:6c:f6:e1:b5:5f:69:03:68:c5:ca:6a:9a:3e:5f:24:
         64:ce:3f:8f:1a:c9:f6:18:87:41:2b:e9:4a:eb:7d:1a:54:59:
         dc:13:87:4f:60:33:9f:06:39:b6:43:94:7f:93:79:d7:e7:51:
         34:54:97:57:a2:77:6f:46:24:26:59:ef:35:be:6d:09:6c:c6:
         df:d0:60:53:78:9b:5a:17:8e:27:6a:d9:59:e0:93:74:a8:b8:
         25:37:4a:52:24:98:53:22:9f:2b:79:04:ae:5a:36:4c:25:d1:
         31:f7:fe:ed:c6:af:9e:eb:a8:b7:83:0f:6c:df:3b:f9:be:fa:
         55:be:42:16:a3:cc:3a:37:59:2c:48:8e:c7:5e:12:15:ed:6a:
         25:fd:3f:27:ab:3a:05:bc:f7:ff:0b:a3:bd:5b:c4:c2:90:6f:
         26:0e:d2:c4:95:34:b4:ef:bb:a3:87:f4:fa:04:32:6d:cf:78:
         ce:d1:b8:de:19:12:e2:ba:4d:9a:99:50:39:88:b7:ee:94:75:
         47:27:26:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIDDbSRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlk
YjliOTEzNWI0ZDMzMzNhMmU0MTJjZjY5YmJlYmJjMzAyMjlmNGEwHhcNMjEwMzI0
MTQzMjEwWhcNMjYwMzI0MTQzMjEwWjAzMTEwLwYDVQQDEyg4NDU2ZmExOWE4Njcx
ZTAyZWY2NzlkZTE4ZGIwZDcxZTAzNzVmYmViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAniuYppGyW8Se7Z2OZKC1S138EOnWGoFQj9YH8NqSbArrUPea
k8FbuIHXkeybANKBYPLjzJTWKcZ5bJKFNwNu8JEJz6OpWyrZFNSTAJDBDspcVKo2
jLxayM8oQlg4yB5SxZoQslyMISasZTliz81l7rgtXvsHs7X9NvTrKJkwd/ZwZs1R
YoSZIrWNNJ9PAM33IJZD4qKvH12/Pnhy4e+iSwzr1LYHud09LWuimGw0OUfe3x65
z6r5zlL/PTqLzi8VdoYkqdmj9nLNyjagt9Fc5Xw4/ZybeoOHpCXzFj1C99Dl4Lq4
UAncrhZkipzCodjYZhjeWlFovKqJh/GCMrp0MQIDAQABo4ICfDCCAngwHQYDVR0O
BBYEFBc9ifwWQ0Qw4mid6SoYoY9eBrTbMB8GA1UdIwQYMBaAFHWCIdC1LQapdeCl
OhYOsxWsHEN5MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWRiOWI5
MTM1YjRkMzMzM2EyZTQxMmNmNjliYmViYmMzMDIyOWY0YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjRkOTRlNjYtMzQ5Yi00MWFhLTk2MjEtMjZlMTg4
YThlYmJhLzg0NTZmYTE5YTg2NzFlMDJlZjY3OWRlMThkYjBkNzFlMDM3NWZiZWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNGQ5NGU2Ni0zNDliLTQxYWEtOTYyMS0yNmUx
ODhhOGViYmEvOWRiOWI5MTM1YjRkMzMzM2EyZTQxMmNmNjliYmViYmMzMDIyOWY0
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAoOh6AMEAqpQdAMEA7Wx0AMEA740ODANBAIAAjAHAwUAKAN9
ADANBgkqhkiG9w0BAQsFAAOCAQEAZuKpMJPJG0Mq5b/QkMeEg5BfsCZdA+S+xQjO
Za4pOy51ChleHNhmUphlSJ9AwMN317b6JGbEjLR+bPbhtV9pA2jFymqaPl8kZM4/
jxrJ9hiHQSvpSut9GlRZ3BOHT2AznwY5tkOUf5N51+dRNFSXV6J3b0YkJlnvNb5t
CWzG39BgU3ibWheOJ2rZWeCTdKi4JTdKUiSYUyKfK3kErlo2TCXRMff+7cavnuuo
t4MPbN87+b76Vb5CFqPMOjdZLEiOx14SFe1qJf0/J6s6Bbz3/wujvVvEwpBvJg7S
xJU0tO+7o4f0+gQybc94ztG43hkS4rpNmplQOYi37pR1RycmwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:24 2024 by rpki-client on console-fra.rpki-client.org