Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2b60c749-7252-4de4-8abf-186b4d4575a8/292711d9a9194340c355691e81939dfdc9f2a974.roa
File:                     292711d9a9194340c355691e81939dfdc9f2a974.roa (raw, json)
Hash identifier:          tKXya9lRyGWSLrqObs+IhkfCeY+k4ZVfGklF3W0tZKk=
Subject key identifier:   61:6D:4E:1D:10:B3:84:56:57:2B:64:3C:B7:90:9D:79:29:63:F9:13
Certificate issuer:       /CN=845adae5513877104ae603037bff400bad521b19
Certificate serial:       0CD240
Authority key identifier: D7:C9:09:3B:A2:67:D2:E0:40:38:47:98:DA:40:B6:0C:07:31:D5:69
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/845adae5513877104ae603037bff400bad521b19.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2b60c749-7252-4de4-8abf-186b4d4575a8/292711d9a9194340c355691e81939dfdc9f2a974.roa
Signing time:             Wed 24 Mar 2021 14:46:20 +0000
ROA not before:           Wed 24 Mar 2021 14:46:20 +0000
ROA not after:            Tue 24 Mar 2026 14:46:20 +0000
asID:                     264770
IP address blocks:        170.254.216.0/22 maxlen: 24
                          168.194.240.0/22 maxlen: 24
                          2803:10c0::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 840256 (0xcd240)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=845adae5513877104ae603037bff400bad521b19
        Validity
            Not Before: Mar 24 14:46:20 2021 GMT
            Not After : Mar 24 14:46:20 2026 GMT
        Subject: CN=292711d9a9194340c355691e81939dfdc9f2a974
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:73:55:20:db:66:08:0d:98:06:5b:93:44:30:
                    77:9e:36:9a:de:92:3a:e3:af:59:93:41:3a:82:7c:
                    8b:32:35:8f:91:91:dd:e5:2c:30:63:20:91:d1:46:
                    53:1f:36:64:b9:7b:f7:7e:fd:28:1e:28:95:fe:3f:
                    15:cb:a1:61:ba:26:9f:e3:5d:fc:cf:59:5f:b0:46:
                    17:1d:8d:c1:8e:d4:3c:2f:b9:a7:46:5f:c0:7b:e0:
                    ec:95:08:f7:7d:d4:eb:6a:9b:2d:7f:98:1d:1b:01:
                    5c:1e:e9:f5:cf:ca:bc:28:82:99:7b:11:3a:fe:e6:
                    b1:41:b1:24:ce:4c:98:24:1c:5a:4d:ae:54:89:ef:
                    5c:7d:3a:ec:93:bf:da:c8:5b:ed:2f:59:73:9a:70:
                    6b:9f:d2:63:c4:86:6a:f9:2a:13:4b:4a:69:14:dc:
                    5a:05:92:16:c2:15:e5:3d:9f:56:2d:24:91:2a:21:
                    4f:40:46:61:48:93:9e:6e:5c:c4:dd:39:ac:6e:51:
                    15:15:d3:e6:fb:6c:a4:ee:a0:de:00:81:fe:e2:c4:
                    b9:b1:1c:3a:fe:d2:c0:a3:24:2c:23:4f:6f:f8:39:
                    f1:d6:81:79:10:2e:e7:7e:e2:aa:f6:4f:5c:f0:88:
                    a1:8b:96:81:9a:54:16:0a:d2:19:05:1f:47:74:4c:
                    b3:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:6D:4E:1D:10:B3:84:56:57:2B:64:3C:B7:90:9D:79:29:63:F9:13
            X509v3 Authority Key Identifier:
                keyid:D7:C9:09:3B:A2:67:D2:E0:40:38:47:98:DA:40:B6:0C:07:31:D5:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/845adae5513877104ae603037bff400bad521b19.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2b60c749-7252-4de4-8abf-186b4d4575a8/292711d9a9194340c355691e81939dfdc9f2a974.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2b60c749-7252-4de4-8abf-186b4d4575a8/845adae5513877104ae603037bff400bad521b19.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.194.240.0/22
                  170.254.216.0/22
                IPv6:
                  2803:10c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         5a:6b:51:7f:b9:bf:cf:14:33:a5:62:3a:09:6e:df:36:d3:78:
         47:fc:e3:07:fa:79:d9:33:da:10:76:a3:67:18:b1:1f:c1:bc:
         ca:8b:a1:3a:2b:ad:a1:7b:3f:23:83:1c:67:57:67:64:3d:cb:
         16:69:7c:1d:f6:b0:a7:cf:b3:bc:61:89:1e:5d:ac:93:7f:a3:
         de:e7:be:f7:e8:05:22:67:cc:d5:d8:c4:95:a3:6d:97:a1:a3:
         71:75:c0:96:a0:53:56:49:36:be:6f:c8:62:b3:47:74:80:a3:
         b8:7a:cd:b1:1f:35:3f:dc:14:b1:56:86:65:ad:7c:d7:24:53:
         5f:3f:14:77:07:5e:78:70:04:83:b1:b5:92:82:7f:82:1f:f7:
         b2:7a:8c:53:4f:20:68:39:bb:87:d8:f5:b3:3b:3e:7e:12:6c:
         67:9e:a0:0f:82:2a:6a:96:06:dc:14:85:db:e4:50:ae:8a:9b:
         3f:3f:40:07:7b:c2:3b:e8:4d:b4:5a:f0:2e:33:b4:66:28:f9:
         6d:7f:b1:1b:87:fb:0d:32:0f:73:eb:b9:7b:d1:87:28:3f:9c:
         28:4c:de:3f:d2:7b:84:ca:96:af:a6:3f:61:12:cd:9a:92:c4:
         49:9a:3a:f7:d0:96:e0:54:a5:5b:ac:b5:ee:34:f4:69:35:30:
         fa:4d:15:e2
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDDNJAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg0
NWFkYWU1NTEzODc3MTA0YWU2MDMwMzdiZmY0MDBiYWQ1MjFiMTkwHhcNMjEwMzI0
MTQ0NjIwWhcNMjYwMzI0MTQ0NjIwWjAzMTEwLwYDVQQDEygyOTI3MTFkOWE5MTk0
MzQwYzM1NTY5MWU4MTkzOWRmZGM5ZjJhOTc0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0nNVINtmCA2YBluTRDB3njaa3pI6469Zk0E6gnyLMjWPkZHd
5SwwYyCR0UZTHzZkuXv3fv0oHiiV/j8Vy6Fhuiaf4138z1lfsEYXHY3BjtQ8L7mn
Rl/Ae+DslQj3fdTrapstf5gdGwFcHun1z8q8KIKZexE6/uaxQbEkzkyYJBxaTa5U
ie9cfTrsk7/ayFvtL1lzmnBrn9JjxIZq+SoTS0ppFNxaBZIWwhXlPZ9WLSSRKiFP
QEZhSJOeblzE3TmsblEVFdPm+2yk7qDeAIH+4sS5sRw6/tLAoyQsI09v+Dnx1oF5
EC7nfuKq9k9c8Iihi5aBmlQWCtIZBR9HdEyz1QIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFGFtTh0Qs4RWVytkPLeQnXkpY/kTMB8GA1UdIwQYMBaAFNfJCTuiZ9LgQDhH
mNpAtgwHMdVpMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODQ1YWRh
ZTU1MTM4NzcxMDRhZTYwMzAzN2JmZjQwMGJhZDUyMWIxOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmI2MGM3NDktNzI1Mi00ZGU0LThhYmYtMTg2YjRk
NDU3NWE4LzI5MjcxMWQ5YTkxOTQzNDBjMzU1NjkxZTgxOTM5ZGZkYzlmMmE5NzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYjYwYzc0OS03MjUyLTRkZTQtOGFiZi0xODZi
NGQ0NTc1YTgvODQ1YWRhZTU1MTM4NzcxMDRhZTYwMzAzN2JmZjQwMGJhZDUyMWIx
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAqjC8AMEAqr+2DANBAIAAjAHAwUAKAMQwDANBgkqhkiG9w0B
AQsFAAOCAQEAWmtRf7m/zxQzpWI6CW7fNtN4R/zjB/p52TPaEHajZxixH8G8youh
OiutoXs/I4McZ1dnZD3LFml8Hfawp8+zvGGJHl2sk3+j3ue+9+gFImfM1djElaNt
l6GjcXXAlqBTVkk2vm/IYrNHdICjuHrNsR81P9wUsVaGZa181yRTXz8UdwdeeHAE
g7G1koJ/gh/3snqMU08gaDm7h9j1szs+fhJsZ56gD4IqapYG3BSF2+RQroqbPz9A
B3vCO+hNtFrwLjO0Zij5bX+xG4f7DTIPc+u5e9GHKD+cKEzeP9J7hMqWr6Y/YRLN
mpLESZo699CW4FSlW6y17jT0aTUw+k0V4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:05 2024 by rpki-client on console-ams.rpki-client.org