Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/4b85ce453fa19a2f7b32215fbd43872e387472bc.roa
File:                     4b85ce453fa19a2f7b32215fbd43872e387472bc.roa (raw, json)
Hash identifier:          dUVJrRtcYkVb3UFHdSihFDsGT8bKXHNEQfe63XHS2eI=
Subject key identifier:   CF:6E:2D:5B:0A:4D:55:09:E4:F0:5C:E3:47:C9:44:DF:1B:7C:2A:B1
Certificate issuer:       /CN=ce64e257eae04ee26d8eb339f148791b31cc0875
Certificate serial:       1A604D
Authority key identifier: 67:C6:3B:A4:47:A2:35:D2:28:1C:33:3E:9A:83:87:25:17:A4:B1:BE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce64e257eae04ee26d8eb339f148791b31cc0875.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/4b85ce453fa19a2f7b32215fbd43872e387472bc.roa
Signing time:             Fri 09 Sep 2022 15:04:11 +0000
ROA not before:           Fri 19 Nov 2021 03:00:00 +0000
ROA not after:            Sun 19 Nov 2023 03:00:00 +0000
asID:                     270049
IP address blocks:        66.231.78.0/24 maxlen: 24
                          66.231.74.0/24 maxlen: 24
                          66.231.72.0/24 maxlen: 24
                          66.231.76.0/24 maxlen: 24
                          66.231.65.0/24 maxlen: 24
                          66.231.69.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1728589 (0x1a604d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce64e257eae04ee26d8eb339f148791b31cc0875
        Validity
            Not Before: Nov 19 03:00:00 2021 GMT
            Not After : Nov 19 03:00:00 2023 GMT
        Subject: CN=4b85ce453fa19a2f7b32215fbd43872e387472bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:58:2d:a5:cb:b6:70:57:12:04:55:c8:1f:6a:
                    13:41:c3:e8:15:33:da:4f:62:89:e0:61:6f:09:a1:
                    e6:76:42:a7:90:dd:5f:6e:ab:47:52:3d:51:85:50:
                    bb:46:93:1f:95:59:91:32:36:14:75:2d:c5:17:8f:
                    e5:52:d4:6d:5c:8c:c6:aa:21:72:c3:99:4b:32:ec:
                    45:71:4a:0e:b6:0a:82:e2:6d:30:f8:8b:01:bd:c3:
                    65:f3:4a:53:31:a6:82:94:9e:09:08:97:c6:93:e0:
                    1a:f7:3a:18:e3:94:ed:2f:43:fe:ad:d7:56:d7:d2:
                    82:ed:53:48:e2:65:41:fd:7b:0b:9b:43:05:66:61:
                    e0:51:15:ae:4f:54:6a:ac:3b:3a:3b:ac:34:c4:6f:
                    0e:33:a6:36:3d:3d:94:99:cf:42:e8:94:3e:21:28:
                    e6:81:37:26:57:95:30:ce:82:45:de:5b:98:1b:1c:
                    42:0d:5f:cc:97:7f:34:18:16:17:f3:ab:e4:6b:1c:
                    77:1a:bd:b8:ac:e6:d2:43:4d:81:66:48:6c:1e:3c:
                    d5:32:89:0d:fe:99:a7:2c:b3:81:86:d3:24:b8:2c:
                    d0:8d:40:94:57:e4:79:3c:76:7c:f7:a5:38:9f:93:
                    e5:00:69:d1:26:ae:1d:29:c4:50:0b:a9:57:d0:ca:
                    8e:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:6E:2D:5B:0A:4D:55:09:E4:F0:5C:E3:47:C9:44:DF:1B:7C:2A:B1
            X509v3 Authority Key Identifier:
                keyid:67:C6:3B:A4:47:A2:35:D2:28:1C:33:3E:9A:83:87:25:17:A4:B1:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce64e257eae04ee26d8eb339f148791b31cc0875.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/4b85ce453fa19a2f7b32215fbd43872e387472bc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/25b637c6-cdcf-423d-8c0c-cd615ab98a24/ce64e257eae04ee26d8eb339f148791b31cc0875.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.231.65.0/24
                  66.231.69.0/24
                  66.231.72.0/24
                  66.231.74.0/24
                  66.231.76.0/24
                  66.231.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:c3:74:4f:2e:d1:e1:e1:4a:00:7c:e4:ef:e9:4f:bb:63:21:
         d9:ff:a0:93:9e:09:c8:ec:77:85:f1:2e:a4:cf:30:d9:84:60:
         6e:01:37:62:4e:5d:14:d1:39:87:2a:5b:c3:36:91:2d:bd:0d:
         c3:c3:65:bd:d4:bb:f3:b7:59:38:4f:be:d9:23:10:7c:63:00:
         50:18:0f:58:71:02:a8:5a:6c:b7:1d:08:13:28:85:98:a8:52:
         42:6e:3a:b3:fb:63:8d:0f:ee:81:41:c9:6b:0e:92:d8:7f:55:
         f4:f5:df:9f:0f:36:d7:a2:20:61:16:d5:1a:f2:2a:c7:94:3a:
         6e:87:5e:2a:6e:68:53:3b:a2:85:73:32:6d:31:37:f8:3d:7f:
         bf:d9:d6:77:47:5a:97:d5:6e:08:7b:d9:b7:a0:e7:a9:dc:31:
         56:c0:54:7a:b2:a2:d4:42:28:7e:be:d6:a1:46:a4:ff:28:9c:
         8e:9a:6d:40:64:46:9e:1b:07:38:c3:d8:84:0c:ef:8c:15:ed:
         dc:2b:38:f6:fd:25:82:70:12:be:0d:f1:6c:36:c8:94:df:22:
         f1:07:a0:8b:32:f4:34:a6:da:8e:bf:62:c3:ce:bd:67:76:d5:
         68:13:2b:7d:ee:47:59:6b:fd:83:08:ce:84:3c:72:22:61:1e:
         17:d2:cd:05
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIDGmBNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
NjRlMjU3ZWFlMDRlZTI2ZDhlYjMzOWYxNDg3OTFiMzFjYzA4NzUwHhcNMjExMTE5
MDMwMDAwWhcNMjMxMTE5MDMwMDAwWjAzMTEwLwYDVQQDEyg0Yjg1Y2U0NTNmYTE5
YTJmN2IzMjIxNWZiZDQzODcyZTM4NzQ3MmJjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqlgtpcu2cFcSBFXIH2oTQcPoFTPaT2KJ4GFvCaHmdkKnkN1f
bqtHUj1RhVC7RpMflVmRMjYUdS3FF4/lUtRtXIzGqiFyw5lLMuxFcUoOtgqC4m0w
+IsBvcNl80pTMaaClJ4JCJfGk+Aa9zoY45TtL0P+rddW19KC7VNI4mVB/XsLm0MF
ZmHgURWuT1RqrDs6O6w0xG8OM6Y2PT2Umc9C6JQ+ISjmgTcmV5UwzoJF3luYGxxC
DV/Ml380GBYX86vkaxx3Gr24rObSQ02BZkhsHjzVMokN/pmnLLOBhtMkuCzQjUCU
V+R5PHZ896U4n5PlAGnRJq4dKcRQC6lX0MqOWQIDAQABo4ICeTCCAnUwHQYDVR0O
BBYEFM9uLVsKTVUJ5PBc40fJRN8bfCqxMB8GA1UdIwQYMBaAFGfGO6RHojXSKBwz
PpqDhyUXpLG+MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2U2NGUy
NTdlYWUwNGVlMjZkOGViMzM5ZjE0ODc5MWIzMWNjMDg3NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjViNjM3YzYtY2RjZi00MjNkLThjMGMtY2Q2MTVh
Yjk4YTI0LzRiODVjZTQ1M2ZhMTlhMmY3YjMyMjE1ZmJkNDM4NzJlMzg3NDcyYmMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNWI2MzdjNi1jZGNmLTQyM2QtOGMwYy1jZDYx
NWFiOThhMjQvY2U2NGUyNTdlYWUwNGVlMjZkOGViMzM5ZjE0ODc5MWIzMWNjMDg3
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQu
MCwwKgQCAAEwJAMEAELnQQMEAELnRQMEAELnSAMEAELnSgMEAELnTAMEAELnTjAN
BgkqhkiG9w0BAQsFAAOCAQEABMN0Ty7R4eFKAHzk7+lPu2Mh2f+gk54JyOx3hfEu
pM8w2YRgbgE3Yk5dFNE5hypbwzaRLb0Nw8NlvdS787dZOE++2SMQfGMAUBgPWHEC
qFpstx0IEyiFmKhSQm46s/tjjQ/ugUHJaw6S2H9V9PXfnw8216IgYRbVGvIqx5Q6
bodeKm5oUzuihXMybTE3+D1/v9nWd0dal9VuCHvZt6DnqdwxVsBUerKi1EIofr7W
oUak/yicjpptQGRGnhsHOMPYhAzvjBXt3Cs49v0lgnASvg3xbDbIlN8i8QegizL0
NKbajr9iw869Z3bVaBMrfe5HWWv9gwjOhDxyImEeF9LNBQ==
-----END CERTIFICATE-----