Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2af7cee6-f2a7-4137-8cf1-f51c58e4d7d6/1f5fa04a820fa53f9967e319ece8d03ce48a12b2.roa
File:                     1f5fa04a820fa53f9967e319ece8d03ce48a12b2.roa (raw, json)
Hash identifier:          QFOKzDPAUMDcda8vQ8ufyOT3C+l284dOal1R7dD5ZH4=
Subject key identifier:   F4:B8:DC:08:76:51:B6:8B:BB:DC:0D:25:8C:9F:63:0A:AC:BA:26:99
Certificate issuer:       /CN=0d3fd40f1570dd6e7ef4b855d45ec68703ec8cb2
Certificate serial:       1217FF
Authority key identifier: 23:0C:88:03:8A:F4:DE:38:2C:6C:59:D6:5B:FE:FF:E0:74:3D:73:8C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0d3fd40f1570dd6e7ef4b855d45ec68703ec8cb2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2af7cee6-f2a7-4137-8cf1-f51c58e4d7d6/1f5fa04a820fa53f9967e319ece8d03ce48a12b2.roa
Signing time:             Thu 29 Jun 2023 08:30:00 +0000
ROA not before:           Wed 28 Jun 2023 08:30:00 +0000
ROA not after:            Fri 27 Jun 2025 08:30:00 +0000
asID:                     52449
IP address blocks:        138.97.156.0/22 maxlen: 22
                          167.249.200.0/22 maxlen: 22
                          168.195.76.0/22 maxlen: 22
                          170.247.220.0/22 maxlen: 22
                          2803:3d00::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1185791 (0x1217ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3fd40f1570dd6e7ef4b855d45ec68703ec8cb2
        Validity
            Not Before: Jun 28 08:30:00 2023 GMT
            Not After : Jun 27 08:30:00 2025 GMT
        Subject: CN=1f5fa04a820fa53f9967e319ece8d03ce48a12b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:4a:28:dc:04:cb:f0:c9:17:c6:6d:18:81:f2:
                    0c:d5:af:96:19:f9:ed:f2:6f:d7:f9:a8:b7:d1:fa:
                    84:2d:94:3c:3e:69:8f:43:38:a7:63:73:2b:32:63:
                    66:ab:a7:48:a4:8a:29:21:f8:cb:b4:23:af:f4:0f:
                    f6:e8:c7:da:1b:8b:ca:43:f3:d7:f3:7e:fa:4e:ca:
                    cf:6c:7c:24:4c:e3:28:3a:10:04:c8:02:e7:e6:c8:
                    03:94:bc:ad:14:c3:39:e3:6c:97:0c:7e:2e:6a:02:
                    b9:5d:f7:a1:2a:43:38:56:14:ff:c6:b6:fe:c1:b8:
                    6d:03:c1:44:24:3e:fb:4a:fd:5c:58:bf:da:81:d5:
                    18:f0:a6:54:72:a1:ef:31:5f:e1:ee:40:24:2c:9a:
                    f8:5d:f8:ec:6b:47:3b:b9:ed:d3:b0:c6:8a:96:b1:
                    55:0c:1e:71:1b:eb:84:a0:7e:92:28:62:01:71:0d:
                    a0:01:2f:f6:fb:ae:9b:be:65:48:41:65:91:be:7e:
                    46:c5:1f:61:22:87:6d:e4:71:6d:42:52:26:98:cd:
                    9d:18:e9:e4:cd:ed:81:95:ec:ab:98:b2:33:be:75:
                    e0:41:49:81:7c:cc:ff:07:59:3f:6d:9f:0d:b1:40:
                    21:c6:66:c8:29:95:f5:c9:c4:aa:78:0e:33:7e:3f:
                    86:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:B8:DC:08:76:51:B6:8B:BB:DC:0D:25:8C:9F:63:0A:AC:BA:26:99
            X509v3 Authority Key Identifier:
                keyid:23:0C:88:03:8A:F4:DE:38:2C:6C:59:D6:5B:FE:FF:E0:74:3D:73:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0d3fd40f1570dd6e7ef4b855d45ec68703ec8cb2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2af7cee6-f2a7-4137-8cf1-f51c58e4d7d6/1f5fa04a820fa53f9967e319ece8d03ce48a12b2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2af7cee6-f2a7-4137-8cf1-f51c58e4d7d6/0d3fd40f1570dd6e7ef4b855d45ec68703ec8cb2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.97.156.0/22
                  167.249.200.0/22
                  168.195.76.0/22
                  170.247.220.0/22
                IPv6:
                  2803:3d00::/32

    Signature Algorithm: sha256WithRSAEncryption
         46:ee:f5:a5:35:e4:06:b8:d3:aa:72:98:5b:62:67:07:c7:7b:
         59:3e:d3:0b:61:26:8c:0d:db:30:66:d8:fe:7b:fc:7b:d9:ca:
         aa:11:e9:39:fa:dc:f7:b6:0d:0f:9a:99:3d:6a:6b:9e:73:5e:
         7d:2d:df:a8:3e:1c:d0:13:3e:a1:b5:38:7d:67:af:09:2f:9c:
         c3:7f:47:a8:92:73:69:02:33:6f:0e:88:b8:a8:29:70:10:bb:
         da:0c:a3:05:5b:8f:85:21:41:30:3c:20:39:1d:19:e7:9e:75:
         7d:af:56:3b:1e:6a:76:37:49:13:ef:51:ad:4b:17:a2:98:25:
         d5:0d:9a:c6:d5:42:cf:92:aa:d2:70:da:eb:68:bf:c7:b0:d7:
         0b:ab:f0:d3:52:fa:d8:24:f3:2d:ae:24:23:b5:d9:85:15:99:
         e1:7d:f8:e7:fb:74:6e:f5:6b:b7:4e:19:2f:a8:b5:f2:a9:25:
         a6:3c:49:9c:47:ee:af:2d:44:e0:48:e6:60:cb:2e:f7:cf:c9:
         73:f9:f6:ac:38:08:ba:ca:6f:1a:0f:d2:9a:93:cc:87:a6:6f:
         43:9b:78:46:73:21:5a:29:4a:73:ba:ac:9b:e7:94:ab:22:08:
         2d:cf:03:a0:6b:5f:52:23:59:c8:af:f4:e4:4a:25:87:1e:80:
         0e:21:3e:34
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIDEhf/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBk
M2ZkNDBmMTU3MGRkNmU3ZWY0Yjg1NWQ0NWVjNjg3MDNlYzhjYjIwHhcNMjMwNjI4
MDgzMDAwWhcNMjUwNjI3MDgzMDAwWjAzMTEwLwYDVQQDEygxZjVmYTA0YTgyMGZh
NTNmOTk2N2UzMTllY2U4ZDAzY2U0OGExMmIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxEoo3ATL8MkXxm0YgfIM1a+WGfnt8m/X+ai30fqELZQ8PmmP
QzinY3MrMmNmq6dIpIopIfjLtCOv9A/26MfaG4vKQ/PX8376TsrPbHwkTOMoOhAE
yALn5sgDlLytFMM542yXDH4uagK5XfehKkM4VhT/xrb+wbhtA8FEJD77Sv1cWL/a
gdUY8KZUcqHvMV/h7kAkLJr4Xfjsa0c7ue3TsMaKlrFVDB5xG+uEoH6SKGIBcQ2g
AS/2+66bvmVIQWWRvn5GxR9hIodt5HFtQlImmM2dGOnkze2BleyrmLIzvnXgQUmB
fMz/B1k/bZ8NsUAhxmbIKZX1ycSqeA4zfj+GhQIDAQABo4ICfDCCAngwHQYDVR0O
BBYEFPS43Ah2UbaLu9wNJYyfYwqsuiaZMB8GA1UdIwQYMBaAFCMMiAOK9N44LGxZ
1lv+/+B0PXOMMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMGQzZmQ0
MGYxNTcwZGQ2ZTdlZjRiODU1ZDQ1ZWM2ODcwM2VjOGNiMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFmN2NlZTYtZjJhNy00MTM3LThjZjEtZjUxYzU4
ZTRkN2Q2LzFmNWZhMDRhODIwZmE1M2Y5OTY3ZTMxOWVjZThkMDNjZTQ4YTEyYjIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWY3Y2VlNi1mMmE3LTQxMzctOGNmMS1mNTFj
NThlNGQ3ZDYvMGQzZmQ0MGYxNTcwZGQ2ZTdlZjRiODU1ZDQ1ZWM2ODcwM2VjOGNi
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAophnAMEAqf5yAMEAqjDTAMEAqr33DANBAIAAjAHAwUAKAM9
ADANBgkqhkiG9w0BAQsFAAOCAQEARu71pTXkBrjTqnKYW2JnB8d7WT7TC2EmjA3b
MGbY/nv8e9nKqhHpOfrc97YND5qZPWprnnNefS3fqD4c0BM+obU4fWevCS+cw39H
qJJzaQIzbw6IuKgpcBC72gyjBVuPhSFBMDwgOR0Z5551fa9WOx5qdjdJE+9RrUsX
opgl1Q2axtVCz5Kq0nDa62i/x7DXC6vw01L62CTzLa4kI7XZhRWZ4X345/t0bvVr
t04ZL6i18qklpjxJnEfury1E4EjmYMsu98/Jc/n2rDgIuspvGg/SmpPMh6ZvQ5t4
RnMhWilKc7qsm+eUqyIILc8DoGtfUiNZyK/05Eolhx6ADiE+NA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:05 2024 by rpki-client on console-ams.rpki-client.org