Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2cdf0e7a-484f-4a67-93f7-c8dc1c918920/aa8adff7d9ddfbe3b171ad426f190858f9e6f0fe.roa
File:                     aa8adff7d9ddfbe3b171ad426f190858f9e6f0fe.roa (raw, json)
Hash identifier:          kYBrfK4q6sPr3forsK5bU7g1vLabem/5coCv4mdt7m8=
Subject key identifier:   94:58:FD:8E:E8:B5:20:8D:E5:24:78:56:61:0E:94:36:82:35:B9:24
Certificate issuer:       /CN=972a4f5b52574437a3dc7a10774c52406e630539
Certificate serial:       06B7
Authority key identifier: 93:CA:6A:00:61:87:4D:25:D6:BA:17:C5:0D:BD:84:E0:5B:19:68:69
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/972a4f5b52574437a3dc7a10774c52406e630539.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2cdf0e7a-484f-4a67-93f7-c8dc1c918920/aa8adff7d9ddfbe3b171ad426f190858f9e6f0fe.roa
Signing time:             Mon 15 May 2023 19:32:31 +0000
ROA not before:           Sun 14 May 2023 19:32:31 +0000
ROA not after:            Thu 15 May 2025 19:32:31 +0000
asID:                     27957
IP address blocks:        200.3.1.0/24 maxlen: 24
                          200.3.2.0/23 maxlen: 24
                          200.3.4.0/23 maxlen: 24
                          200.3.8.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1719 (0x6b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=972a4f5b52574437a3dc7a10774c52406e630539
        Validity
            Not Before: May 14 19:32:31 2023 GMT
            Not After : May 15 19:32:31 2025 GMT
        Subject: CN=aa8adff7d9ddfbe3b171ad426f190858f9e6f0fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:0a:7a:e5:f8:f5:b0:e9:69:43:51:70:0e:a8:
                    7a:5d:f8:71:1e:56:ff:af:7f:6c:67:47:80:25:47:
                    55:48:01:08:53:50:51:88:78:28:30:c3:92:0f:69:
                    4b:89:23:57:eb:bb:7f:4e:d9:2b:90:0e:a7:a2:b7:
                    23:f8:8f:b6:ee:b3:c2:a0:15:d2:2b:3a:fc:ff:96:
                    ea:f3:b3:40:1c:0a:bf:ab:f6:71:c2:65:0b:26:13:
                    10:46:d9:87:d1:c6:e4:2c:6a:99:ac:42:3e:1a:3c:
                    c7:72:94:7e:11:c5:d3:73:4b:03:de:93:8e:34:79:
                    2a:dd:d1:7f:3a:6a:1a:cc:83:9e:dc:13:55:59:3e:
                    4c:e9:16:bb:df:af:58:f4:f0:9b:fe:ee:54:c1:85:
                    03:b9:a4:19:8a:f3:43:2d:bb:d8:0a:57:82:d7:f8:
                    6a:c6:54:46:9f:07:e4:1c:e9:a2:0e:ff:cd:ab:fd:
                    55:5b:61:10:3f:53:93:38:0d:87:01:19:2b:07:5e:
                    93:41:5c:34:ff:2d:70:1a:8b:3e:14:d2:b7:aa:38:
                    c2:b2:c0:f0:c8:dd:81:b1:bc:8b:eb:62:d7:df:30:
                    4f:65:e4:3a:05:d3:f6:6e:4e:ff:67:5a:db:bf:1f:
                    9f:cb:2e:d1:51:13:52:a6:f3:15:d9:c9:af:1b:6b:
                    48:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:58:FD:8E:E8:B5:20:8D:E5:24:78:56:61:0E:94:36:82:35:B9:24
            X509v3 Authority Key Identifier:
                keyid:93:CA:6A:00:61:87:4D:25:D6:BA:17:C5:0D:BD:84:E0:5B:19:68:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/972a4f5b52574437a3dc7a10774c52406e630539.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2cdf0e7a-484f-4a67-93f7-c8dc1c918920/aa8adff7d9ddfbe3b171ad426f190858f9e6f0fe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2cdf0e7a-484f-4a67-93f7-c8dc1c918920/972a4f5b52574437a3dc7a10774c52406e630539.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.3.1.0-200.3.5.255
                  200.3.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:58:da:b7:a9:af:f1:99:89:08:36:03:30:9f:1d:14:c0:1c:
         60:c0:f9:54:4e:1d:3b:c4:92:1d:b4:c3:b9:b4:24:04:ba:64:
         35:f4:a5:e2:ac:4f:5d:18:06:4a:b8:2c:01:fd:dd:97:a7:db:
         35:75:d7:6a:d3:76:94:60:51:59:fa:c0:d0:e0:48:c1:7b:9c:
         dd:97:cc:42:5b:c9:93:90:85:bf:49:2e:0d:92:77:3f:3a:b3:
         00:d4:07:a7:56:c4:14:83:5d:ac:77:fd:b7:fa:63:d9:48:f9:
         24:a1:2c:53:b7:64:6c:81:75:ba:9a:66:fa:59:a4:ff:1a:39:
         02:fe:c5:0d:7e:41:55:fd:a2:92:f7:25:5c:9e:49:45:2e:af:
         60:6d:1c:2c:f6:32:9e:12:c7:fc:db:ac:45:9d:c6:14:d7:25:
         2d:4c:82:db:2a:ef:a2:f0:90:7f:26:91:4a:72:1f:14:27:e7:
         6e:15:3e:f2:e1:ea:55:1b:2c:15:08:bc:08:53:9b:6b:e1:50:
         23:2a:f9:97:a9:cf:e7:94:97:51:d0:54:06:0b:03:b3:d8:ef:
         9a:24:b4:fa:37:88:3e:18:a9:c7:09:cc:ae:93:20:74:66:1b:
         7c:bb:2a:1a:c3:d7:31:0a:06:af:97:0d:f3:33:ff:77:7a:19:
         28:e0:84:8a
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgICBrcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTcy
YTRmNWI1MjU3NDQzN2EzZGM3YTEwNzc0YzUyNDA2ZTYzMDUzOTAeFw0yMzA1MTQx
OTMyMzFaFw0yNTA1MTUxOTMyMzFaMDMxMTAvBgNVBAMTKGFhOGFkZmY3ZDlkZGZi
ZTNiMTcxYWQ0MjZmMTkwODU4ZjllNmYwZmUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsCnrl+PWw6WlDUXAOqHpd+HEeVv+vf2xnR4AlR1VIAQhTUFGI
eCgww5IPaUuJI1fru39O2SuQDqeityP4j7bus8KgFdIrOvz/lurzs0AcCr+r9nHC
ZQsmExBG2YfRxuQsapmsQj4aPMdylH4RxdNzSwPek440eSrd0X86ahrMg57cE1VZ
PkzpFrvfr1j08Jv+7lTBhQO5pBmK80Mtu9gKV4LX+GrGVEafB+Qc6aIO/82r/VVb
YRA/U5M4DYcBGSsHXpNBXDT/LXAaiz4U0reqOMKywPDI3YGxvIvrYtffME9l5DoF
0/ZuTv9nWtu/H5/LLtFRE1Km8xXZya8ba0gHAgMBAAGjggJpMIICZTAdBgNVHQ4E
FgQUlFj9jui1II3lJHhWYQ6UNoI1uSQwHwYDVR0jBBgwFoAUk8pqAGGHTSXWuhfF
Db2E4FsZaGkwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS85NzJhNGY1
YjUyNTc0NDM3YTNkYzdhMTA3NzRjNTI0MDZlNjMwNTM5LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy8yY2RmMGU3YS00ODRmLTRhNjctOTNmNy1jOGRjMWM5
MTg5MjAvYWE4YWRmZjdkOWRkZmJlM2IxNzFhZDQyNmYxOTA4NThmOWU2ZjBmZS5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzJjZGYwZTdhLTQ4NGYtNGE2Ny05M2Y3LWM4ZGMx
YzkxODkyMC85NzJhNGY1YjUyNTc0NDM3YTNkYzdhMTA3NzRjNTI0MDZlNjMwNTM5
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4w
HDAaBAIAATAUMAwDBADIAwEDBAHIAwQDBADIAwgwDQYJKoZIhvcNAQELBQADggEB
AERY2repr/GZiQg2AzCfHRTAHGDA+VROHTvEkh20w7m0JAS6ZDX0peKsT10YBkq4
LAH93Zen2zV112rTdpRgUVn6wNDgSMF7nN2XzEJbyZOQhb9JLg2Sdz86swDUB6dW
xBSDXax3/bf6Y9lI+SShLFO3ZGyBdbqaZvpZpP8aOQL+xQ1+QVX9opL3JVyeSUUu
r2BtHCz2Mp4Sx/zbrEWdxhTXJS1Mgtsq76LwkH8mkUpyHxQn524VPvLh6lUbLBUI
vAhTm2vhUCMq+Zepz+eUl1HQVAYLA7PY75oktPo3iD4YqccJzK6TIHRmG3y7KhrD
1zEKBq+XDfMz/3d6GSjghIo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:25 2024 by rpki-client on console-fra.rpki-client.org