Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/420d6709a327a8dde22134351ce14ae8e5bf0a17.roa
File:                     420d6709a327a8dde22134351ce14ae8e5bf0a17.roa (raw, json)
Hash identifier:          mV6J0o0lgpHNnQrpSdA6gPWt+hkpOXTAcU2NtX5zXjg=
Subject key identifier:   A1:88:7B:19:8B:BB:D5:B0:BC:D3:A2:43:88:20:4F:86:19:61:11:0F
Certificate issuer:       /CN=b4e4e225e8b14e2e1c7420fb4cd2fad1a009e2ce
Certificate serial:       279FA9
Authority key identifier: 81:2B:26:72:FD:7E:1F:C6:DD:07:A5:C3:F7:2C:0A:C0:C8:EB:AC:1D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b4e4e225e8b14e2e1c7420fb4cd2fad1a009e2ce.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/420d6709a327a8dde22134351ce14ae8e5bf0a17.roa
Signing time:             Tue 07 Nov 2023 16:01:03 +0000
ROA not before:           Tue 07 Nov 2023 16:00:38 +0000
ROA not after:            Tue 07 Nov 2028 16:00:38 +0000
asID:                     52399
IP address blocks:        200.50.191.0/24 maxlen: 24
                          190.110.250.0/23 maxlen: 24
                          190.114.102.0/24 maxlen: 24
                          190.110.224.0/24 maxlen: 24
                          190.110.232.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2596777 (0x279fa9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4e4e225e8b14e2e1c7420fb4cd2fad1a009e2ce
        Validity
            Not Before: Nov  7 16:00:38 2023 GMT
            Not After : Nov  7 16:00:38 2028 GMT
        Subject: CN=420d6709a327a8dde22134351ce14ae8e5bf0a17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e4:43:f1:42:67:4f:40:8a:af:96:c3:46:6c:
                    d8:56:69:ee:3a:c2:f2:1d:0f:9d:d7:57:b1:01:13:
                    4e:fd:f3:52:95:70:1a:6c:f7:6f:50:61:d9:82:66:
                    9c:1b:ca:9b:89:7e:07:e0:6d:09:37:b1:85:ac:ba:
                    28:51:3a:7d:2e:b8:ac:75:1d:b3:34:93:c8:73:24:
                    76:12:de:11:f1:4b:2e:43:e3:01:b9:da:d1:2f:bc:
                    a6:af:ba:dc:0e:45:a4:a6:9e:5c:37:95:ca:b0:29:
                    82:e3:10:8e:a3:89:c2:04:e9:23:24:ba:9f:c3:e1:
                    8d:c5:ed:b6:4e:a7:a3:78:f4:6c:7e:1d:81:3d:ec:
                    a5:2d:73:84:7f:e3:1b:c7:ba:b5:0a:5f:8a:ff:24:
                    4b:5b:e5:e6:5e:26:5a:b4:29:d8:41:4f:56:af:77:
                    ac:86:13:bd:9d:31:31:80:9e:15:59:bc:97:14:97:
                    91:c1:63:95:b1:6d:6c:11:a3:7e:6a:fc:11:4e:83:
                    7c:ba:ef:af:33:8f:d5:e9:f3:df:1c:0a:ab:13:d3:
                    4d:6a:c0:ab:d8:12:f1:55:c2:3d:03:1a:d5:1e:ea:
                    e0:8b:18:0e:7f:b2:04:f2:e6:e9:af:bc:40:74:ed:
                    c8:cd:bd:7c:d2:d9:2d:ca:58:51:77:a2:82:8c:94:
                    57:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:88:7B:19:8B:BB:D5:B0:BC:D3:A2:43:88:20:4F:86:19:61:11:0F
            X509v3 Authority Key Identifier:
                keyid:81:2B:26:72:FD:7E:1F:C6:DD:07:A5:C3:F7:2C:0A:C0:C8:EB:AC:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b4e4e225e8b14e2e1c7420fb4cd2fad1a009e2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/420d6709a327a8dde22134351ce14ae8e5bf0a17.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/b4e4e225e8b14e2e1c7420fb4cd2fad1a009e2ce.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.110.224.0/24
                  190.110.232.0/22
                  190.110.250.0/23
                  190.114.102.0/24
                  200.50.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:09:40:4c:20:cf:84:e9:b9:03:dd:a4:22:4a:24:18:16:56:
         50:e7:bc:8a:09:5e:f8:97:d6:eb:d7:26:67:8f:1c:11:6a:cb:
         f3:2b:ce:75:20:2c:3d:31:98:58:5a:d3:99:51:ff:81:c1:67:
         13:93:9d:79:88:77:ee:b7:c8:61:4a:e0:2c:44:db:31:e0:ad:
         e0:0c:db:30:80:8e:48:84:1a:3d:6a:cd:49:d8:49:47:ac:81:
         14:f6:5e:d2:49:e8:09:ae:fc:f3:fd:ae:08:52:6f:4c:92:8e:
         83:09:37:8b:70:3e:f7:5c:1b:ac:6d:a7:73:97:c3:7f:da:c0:
         14:cc:4c:3b:8b:3e:fe:6b:48:62:6c:00:7c:3e:8b:2a:ea:90:
         9c:e5:50:a7:8b:52:6e:ca:c0:f1:2f:31:59:40:33:69:d8:fb:
         f5:49:76:54:cf:8b:71:7a:34:21:1c:7e:ae:54:e5:0c:69:ac:
         ee:c6:24:d7:a4:f1:7c:2c:17:e6:31:46:d6:1c:bc:2b:ed:24:
         03:de:4b:cf:22:83:90:2f:08:00:cc:c7:f0:e8:5e:57:05:c4:
         13:15:4d:0d:e6:ba:af:ea:25:2e:3c:5b:07:3f:f5:86:5b:b8:
         bb:e5:12:cc:4c:cb:88:7a:f8:c3:a5:a4:e3:c1:a9:b7:55:00:
         16:22:a4:8f
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIDJ5+pMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI0
ZTRlMjI1ZThiMTRlMmUxYzc0MjBmYjRjZDJmYWQxYTAwOWUyY2UwHhcNMjMxMTA3
MTYwMDM4WhcNMjgxMTA3MTYwMDM4WjAzMTEwLwYDVQQDEyg0MjBkNjcwOWEzMjdh
OGRkZTIyMTM0MzUxY2UxNGFlOGU1YmYwYTE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnuRD8UJnT0CKr5bDRmzYVmnuOsLyHQ+d11exARNO/fNSlXAa
bPdvUGHZgmacG8qbiX4H4G0JN7GFrLooUTp9LrisdR2zNJPIcyR2Et4R8UsuQ+MB
udrRL7ymr7rcDkWkpp5cN5XKsCmC4xCOo4nCBOkjJLqfw+GNxe22TqejePRsfh2B
PeylLXOEf+Mbx7q1Cl+K/yRLW+XmXiZatCnYQU9Wr3eshhO9nTExgJ4VWbyXFJeR
wWOVsW1sEaN+avwRToN8uu+vM4/V6fPfHAqrE9NNasCr2BLxVcI9AxrVHurgixgO
f7IE8ubpr7xAdO3Izb180tktylhRd6KCjJRXSwIDAQABo4ICczCCAm8wHQYDVR0O
BBYEFKGIexmLu9WwvNOiQ4ggT4YZYREPMB8GA1UdIwQYMBaAFIErJnL9fh/G3Qel
w/csCsDI66wdMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjRlNGUy
MjVlOGIxNGUyZTFjNzQyMGZiNGNkMmZhZDFhMDA5ZTJjZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlLzQyMGQ2NzA5YTMyN2E4ZGRlMjIxMzQzNTFjZTE0YWU4ZTViZjBhMTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvYjRlNGUyMjVlOGIxNGUyZTFjNzQyMGZiNGNkMmZhZDFhMDA5ZTJj
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEAL5u4AMEAr5u6AMEAb5u+gMEAL5yZgMEAMgyvzANBgkqhkiG
9w0BAQsFAAOCAQEAeglATCDPhOm5A92kIkokGBZWUOe8igle+JfW69cmZ48cEWrL
8yvOdSAsPTGYWFrTmVH/gcFnE5OdeYh37rfIYUrgLETbMeCt4AzbMICOSIQaPWrN
SdhJR6yBFPZe0knoCa788/2uCFJvTJKOgwk3i3A+91wbrG2nc5fDf9rAFMxMO4s+
/mtIYmwAfD6LKuqQnOVQp4tSbsrA8S8xWUAzadj79Ul2VM+LcXo0IRx+rlTlDGms
7sYk16TxfCwX5jFG1hy8K+0kA95LzyKDkC8IAMzH8OheVwXEExVNDea6r+olLjxb
Bz/1hlu4u+USzEzLiHr4w6Wk48Gpt1UAFiKkjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:10 2024 by rpki-client on console-ams.rpki-client.org