Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/328e507f9cbc837462474ddd9e02baf952b22a1b.roa
File:                     328e507f9cbc837462474ddd9e02baf952b22a1b.roa (raw, json)
Hash identifier:          WujkOd4QXsQ7DSIeH/0D/iaJCQXT9Lft621xweU2aj4=
Subject key identifier:   CA:53:5B:3E:00:FD:10:8A:12:59:84:B3:CA:62:35:93:9D:D5:5A:25
Certificate issuer:       /CN=ce64e257eae04ee26d8eb339f148791b31cc0875
Certificate serial:       223F9D
Authority key identifier: 67:C6:3B:A4:47:A2:35:D2:28:1C:33:3E:9A:83:87:25:17:A4:B1:BE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce64e257eae04ee26d8eb339f148791b31cc0875.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/328e507f9cbc837462474ddd9e02baf952b22a1b.roa
Signing time:             Fri 14 Jul 2023 20:39:24 +0000
ROA not before:           Thu 13 Jul 2023 20:39:21 +0000
ROA not after:            Mon 14 Jul 2025 20:39:21 +0000
asID:                     270049
IP address blocks:        66.231.65.0/24 maxlen: 24
                          66.231.69.0/24 maxlen: 24
                          66.231.72.0/24 maxlen: 24
                          66.231.74.0/24 maxlen: 24
                          66.231.76.0/24 maxlen: 24
                          66.231.78.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2244509 (0x223f9d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce64e257eae04ee26d8eb339f148791b31cc0875
        Validity
            Not Before: Jul 13 20:39:21 2023 GMT
            Not After : Jul 14 20:39:21 2025 GMT
        Subject: CN=328e507f9cbc837462474ddd9e02baf952b22a1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:c0:15:45:b5:af:81:b4:c1:c5:b5:90:24:25:
                    54:56:39:e1:6b:b4:2b:b1:fc:68:64:0b:c1:b5:73:
                    99:ed:39:8c:33:01:1a:c1:2e:6d:58:5f:30:c6:d0:
                    e3:fb:3e:ef:68:76:4a:b9:64:bb:54:7b:76:8a:10:
                    3f:07:06:9d:c1:04:cf:5f:14:59:7f:2f:da:b8:2d:
                    05:27:98:d4:d5:c9:93:76:43:e7:3b:6e:a0:0b:c8:
                    5d:1b:aa:03:d8:03:17:11:4e:73:d6:c7:00:39:b1:
                    b8:ff:8b:6f:86:2d:6c:8e:55:69:db:ce:98:4c:55:
                    a1:ce:f0:ad:9f:27:7e:42:1a:63:22:68:3e:b6:66:
                    6c:3a:55:20:ab:9e:12:fc:d1:99:f8:a8:db:72:f1:
                    ef:17:15:c6:6a:74:d7:f3:9c:69:a8:ac:f6:8b:ea:
                    d1:f0:21:0c:27:b6:21:90:61:5e:0b:90:67:5d:b1:
                    6f:77:91:c1:f5:e7:57:59:f9:fb:d8:38:af:bb:e5:
                    57:d8:94:a5:48:bd:8e:73:30:3f:ca:fe:a6:14:90:
                    e4:1f:b6:fd:bb:0f:fd:cd:b3:c0:9f:a2:2d:46:f5:
                    4a:69:7e:f9:e5:df:1f:3a:67:22:3f:d9:b1:96:6a:
                    53:96:3e:dc:b0:c5:a4:94:0b:c8:2a:f3:1c:e5:97:
                    66:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:53:5B:3E:00:FD:10:8A:12:59:84:B3:CA:62:35:93:9D:D5:5A:25
            X509v3 Authority Key Identifier:
                keyid:67:C6:3B:A4:47:A2:35:D2:28:1C:33:3E:9A:83:87:25:17:A4:B1:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce64e257eae04ee26d8eb339f148791b31cc0875.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/328e507f9cbc837462474ddd9e02baf952b22a1b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/ce64e257eae04ee26d8eb339f148791b31cc0875.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.231.65.0/24
                  66.231.69.0/24
                  66.231.72.0/24
                  66.231.74.0/24
                  66.231.76.0/24
                  66.231.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:25:8d:67:24:64:1c:bf:ae:d2:b9:36:61:0a:a8:ad:9b:ed:
         68:c0:68:20:b4:aa:18:a8:e2:93:16:c4:fe:98:62:6b:7b:25:
         c9:6d:95:75:f4:60:4a:a6:c7:18:b2:35:af:73:ac:79:b0:8d:
         77:2c:28:89:be:c3:13:23:f1:e5:8d:b7:fc:7c:cd:97:0e:76:
         7c:ee:e2:51:0d:fa:68:ee:1b:e2:7c:db:85:63:fb:c0:c1:af:
         5d:de:53:0a:96:15:ca:58:05:3b:1d:8a:51:c6:d7:d2:40:0b:
         4b:9f:77:a8:19:67:23:c6:53:93:ab:2d:34:61:75:8c:82:e6:
         8c:f7:a7:33:e6:f7:d0:e4:c6:24:92:ae:2f:d5:1f:7b:2a:ad:
         c3:49:fb:06:2a:69:e6:af:02:20:ff:8d:10:dd:66:21:63:12:
         e9:0f:1d:b0:46:d9:8b:96:c2:d6:fb:e4:3b:8e:62:d8:1a:57:
         68:9f:b6:33:f7:aa:9e:89:7c:bb:8c:bb:b2:f7:3d:8d:06:3a:
         aa:ae:e0:b9:e9:2a:1e:b2:21:ec:08:92:2f:c2:4b:6e:9d:9c:
         f2:0e:e8:39:4b:3d:54:a5:ab:5c:24:d7:11:fc:6a:e8:02:58:
         b0:62:4e:ff:c2:20:28:db:eb:40:6d:85:0f:29:f0:a5:fa:a3:
         99:44:89:ed
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIDIj+dMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
NjRlMjU3ZWFlMDRlZTI2ZDhlYjMzOWYxNDg3OTFiMzFjYzA4NzUwHhcNMjMwNzEz
MjAzOTIxWhcNMjUwNzE0MjAzOTIxWjAzMTEwLwYDVQQDEygzMjhlNTA3ZjljYmM4
Mzc0NjI0NzRkZGQ5ZTAyYmFmOTUyYjIyYTFiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAh8AVRbWvgbTBxbWQJCVUVjnha7QrsfxoZAvBtXOZ7TmMMwEa
wS5tWF8wxtDj+z7vaHZKuWS7VHt2ihA/BwadwQTPXxRZfy/auC0FJ5jU1cmTdkPn
O26gC8hdG6oD2AMXEU5z1scAObG4/4tvhi1sjlVp286YTFWhzvCtnyd+QhpjImg+
tmZsOlUgq54S/NGZ+KjbcvHvFxXGanTX85xpqKz2i+rR8CEMJ7YhkGFeC5BnXbFv
d5HB9edXWfn72Divu+VX2JSlSL2OczA/yv6mFJDkH7b9uw/9zbPAn6ItRvVKaX75
5d8fOmciP9mxlmpTlj7csMWklAvIKvMc5ZdmdwIDAQABo4ICeTCCAnUwHQYDVR0O
BBYEFMpTWz4A/RCKElmEs8piNZOd1VolMB8GA1UdIwQYMBaAFGfGO6RHojXSKBwz
PpqDhyUXpLG+MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2U2NGUy
NTdlYWUwNGVlMjZkOGViMzM5ZjE0ODc5MWIzMWNjMDg3NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjViNjM3YzYtY2RjZi00MjNkLThjMGMtY2Q2MTVh
Yjk4YTI0LzMyOGU1MDdmOWNiYzgzNzQ2MjQ3NGRkZDllMDJiYWY5NTJiMjJhMWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNWI2MzdjNi1jZGNmLTQyM2QtOGMwYy1jZDYx
NWFiOThhMjQvY2U2NGUyNTdlYWUwNGVlMjZkOGViMzM5ZjE0ODc5MWIzMWNjMDg3
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQu
MCwwKgQCAAEwJAMEAELnQQMEAELnRQMEAELnSAMEAELnSgMEAELnTAMEAELnTjAN
BgkqhkiG9w0BAQsFAAOCAQEAKCWNZyRkHL+u0rk2YQqorZvtaMBoILSqGKjikxbE
/phia3slyW2VdfRgSqbHGLI1r3OsebCNdywoib7DEyPx5Y23/HzNlw52fO7iUQ36
aO4b4nzbhWP7wMGvXd5TCpYVylgFOx2KUcbX0kALS593qBlnI8ZTk6stNGF1jILm
jPenM+b30OTGJJKuL9Ufeyqtw0n7Bipp5q8CIP+NEN1mIWMS6Q8dsEbZi5bC1vvk
O45i2BpXaJ+2M/eqnol8u4y7svc9jQY6qq7guekqHrIh7AiSL8JLbp2c8g7oOUs9
VKWrXCTXEfxq6AJYsGJO/8IgKNvrQG2FDynwpfqjmUSJ7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:05 2024 by rpki-client on console-ams.rpki-client.org