Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/7dc509a6fd80796a49abc35bddf1c5598324d40b.roa
File:                     7dc509a6fd80796a49abc35bddf1c5598324d40b.roa (raw, json)
Hash identifier:          kIvXOHo/Z3tNjUAfafFK/LWzzU8Y7QuZDLuA66PlTDc=
Subject key identifier:   45:D3:E4:1F:E8:06:A7:A8:96:53:E2:75:17:CD:57:91:6E:BF:02:E4
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       196031
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/7dc509a6fd80796a49abc35bddf1c5598324d40b.roa
Signing time:             Sun 17 Jul 2022 19:52:15 +0000
ROA not before:           Fri 09 Apr 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        200.26.195.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1663025 (0x196031)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Apr  9 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=7dc509a6fd80796a49abc35bddf1c5598324d40b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:32:54:a7:e1:73:73:56:c8:78:30:66:e0:01:
                    63:60:27:7d:a6:1f:88:41:ef:47:ad:8c:ad:e2:52:
                    fc:ce:55:ad:12:90:06:ad:9b:9d:da:bc:fa:04:7f:
                    02:91:9f:a2:66:70:6d:92:4a:29:5c:16:3d:44:0c:
                    9d:85:d1:49:2a:44:b2:70:ac:84:8e:ce:74:ec:ed:
                    f7:3b:45:76:29:5b:83:b7:45:77:1a:8f:81:c1:0e:
                    3f:76:0e:05:16:9e:af:1a:af:55:a5:5c:e4:15:c0:
                    60:74:cd:7e:b2:72:c1:a9:87:3b:35:b0:47:e3:68:
                    75:06:15:5e:d8:a5:b3:3e:3c:5d:8f:be:6d:a4:c1:
                    13:dd:36:bb:05:d8:dc:ec:19:01:cc:b8:4c:47:4e:
                    ad:fb:af:5c:af:8a:d7:cb:20:cb:69:9e:b1:10:e2:
                    ba:df:2f:c8:20:fb:03:a6:43:57:9b:0f:57:4c:98:
                    1b:93:06:31:76:39:f2:6f:90:ca:25:81:5c:57:2e:
                    66:9f:59:49:d1:be:51:2b:94:07:80:8a:18:c2:9c:
                    be:45:0e:dd:bd:a5:e9:44:af:0c:ab:bb:e6:e5:14:
                    1e:b1:a3:51:54:21:ad:ee:e0:6a:d1:97:18:31:c0:
                    7c:38:6e:64:0f:8c:f9:22:86:46:14:3c:a8:50:e4:
                    67:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:D3:E4:1F:E8:06:A7:A8:96:53:E2:75:17:CD:57:91:6E:BF:02:E4
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/7dc509a6fd80796a49abc35bddf1c5598324d40b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:aa:45:c7:11:3a:04:48:69:dc:9a:64:7f:6a:d4:2a:7d:6f:
         23:94:3b:79:47:34:b8:58:7b:8f:9b:5b:ea:b6:1f:89:39:f1:
         93:ec:b7:63:54:74:18:71:55:58:75:a0:4e:6f:9b:a4:c3:fe:
         1f:71:98:c4:51:24:19:48:65:69:2b:99:09:59:2d:c0:ad:5d:
         8d:d6:d4:c7:7a:7c:ec:a4:60:13:f7:02:3d:c5:fb:89:ba:26:
         72:1c:05:bf:ff:0d:5d:da:21:76:dc:8e:d9:5d:df:35:46:40:
         d6:e4:b7:0c:54:82:83:b0:03:41:e4:0d:a7:b3:ca:3c:ad:82:
         3c:d9:79:ff:5c:d2:31:67:53:13:f2:47:4e:72:d2:b3:95:a4:
         8a:53:9b:5d:c6:43:25:cb:4a:d1:7f:b4:55:5b:2d:54:fb:02:
         a2:78:85:0d:4e:08:88:df:fc:a6:ca:41:4f:bc:1c:9d:f2:e0:
         4d:ac:f7:a0:3a:24:2d:1b:35:53:00:b2:a1:d7:28:14:8b:dd:
         ff:fa:a5:98:69:71:d0:1c:f3:b1:89:67:18:de:ef:06:3c:77:
         39:6e:eb:d6:23:ad:28:8f:2d:6d:2d:dc:55:51:1b:94:ea:a2:
         4f:5a:31:ce:aa:f5:55:bb:02:a0:f5:33:82:6c:c2:7d:b0:13:
         c0:48:f7:75
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGWAxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwNDA5
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg3ZGM1MDlhNmZkODA3
OTZhNDlhYmMzNWJkZGYxYzU1OTgzMjRkNDBiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtjJUp+Fzc1bIeDBm4AFjYCd9ph+IQe9HrYyt4lL8zlWtEpAG
rZud2rz6BH8CkZ+iZnBtkkopXBY9RAydhdFJKkSycKyEjs507O33O0V2KVuDt0V3
Go+BwQ4/dg4FFp6vGq9VpVzkFcBgdM1+snLBqYc7NbBH42h1BhVe2KWzPjxdj75t
pMET3Ta7Bdjc7BkBzLhMR06t+69cr4rXyyDLaZ6xEOK63y/IIPsDpkNXmw9XTJgb
kwYxdjnyb5DKJYFcVy5mn1lJ0b5RK5QHgIoYwpy+RQ7dvaXpRK8Mq7vm5RQesaNR
VCGt7uBq0ZcYMcB8OG5kD4z5IoZGFDyoUORnUQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFEXT5B/oBqeollPidRfNV5FuvwLkMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzdkYzUwOWE2ZmQ4MDc5NmE0OWFiYzM1YmRkZjFjNTU5ODMyNGQ0MGIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgawzANBgkqhkiG9w0BAQsFAAOCAQEAE6pFxxE6BEhp3Jpk
f2rUKn1vI5Q7eUc0uFh7j5tb6rYfiTnxk+y3Y1R0GHFVWHWgTm+bpMP+H3GYxFEk
GUhlaSuZCVktwK1djdbUx3p87KRgE/cCPcX7ibomchwFv/8NXdohdtyO2V3fNUZA
1uS3DFSCg7ADQeQNp7PKPK2CPNl5/1zSMWdTE/JHTnLSs5WkilObXcZDJctK0X+0
VVstVPsConiFDU4IiN/8pspBT7wcnfLgTaz3oDokLRs1UwCyodcoFIvd//qlmGlx
0BzzsYlnGN7vBjx3OW7r1iOtKI8tbS3cVVEblOqiT1oxzqr1VbsCoPUzgmzCfbAT
wEj3dQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:25 2024 by rpki-client on console-fra.rpki-client.org