Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/60351cdf6322d835efbf77cc99aff9a73980935a.roa
File:                     60351cdf6322d835efbf77cc99aff9a73980935a.roa (raw, json)
Hash identifier:          /kiLXLSHYq0zrvcevUrBJ4Es/IgszA97p6Vwr2u5Htw=
Subject key identifier:   35:15:5D:E4:72:FB:39:96:39:7C:8C:87:C0:2C:65:DE:18:13:42:AA
Certificate issuer:       /CN=529d28a5769af1e1987aada52d4d9ac3bec39b68
Certificate serial:       29D5DF
Authority key identifier: 43:76:7A:C8:B9:C4:46:E4:13:DD:A2:B5:C9:85:3A:17:68:A4:E1:C5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/529d28a5769af1e1987aada52d4d9ac3bec39b68.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/60351cdf6322d835efbf77cc99aff9a73980935a.roa
Signing time:             Tue 30 Jan 2024 15:00:51 +0000
ROA not before:           Tue 30 Jan 2024 15:00:49 +0000
ROA not after:            Tue 30 Jan 2029 15:00:49 +0000
asID:                     263699
IP address blocks:        190.114.96.0/22 maxlen: 24
                          190.114.96.0/22 maxlen: 24
                          190.114.100.0/23 maxlen: 24
                          200.123.36.0/22 maxlen: 24
                          200.123.40.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2741727 (0x29d5df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=529d28a5769af1e1987aada52d4d9ac3bec39b68
        Validity
            Not Before: Jan 30 15:00:49 2024 GMT
            Not After : Jan 30 15:00:49 2029 GMT
        Subject: CN=60351cdf6322d835efbf77cc99aff9a73980935a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b6:13:02:5e:b8:d8:86:8d:e2:f7:74:d4:71:
                    b1:89:69:a4:9a:10:e3:ed:95:7f:70:ce:59:9d:c9:
                    12:99:72:c3:70:80:35:b1:12:b4:b2:c2:e2:bb:7d:
                    ff:52:4e:71:35:70:d1:ae:f2:38:e2:db:47:18:c2:
                    c8:ee:96:d6:b6:c0:8d:81:3d:42:fd:00:6f:40:9a:
                    b0:be:bd:64:64:3a:7a:28:db:e9:6c:89:c8:1f:ef:
                    e1:14:26:68:65:a0:2b:c0:c1:5d:da:0d:d9:4a:6e:
                    e2:5c:13:87:0c:b1:0d:17:c5:f0:f4:73:38:3e:8c:
                    1c:53:e9:15:eb:62:78:25:b6:8b:84:10:bd:0b:ed:
                    f1:e4:c3:29:ec:2d:9a:f8:4e:1c:d8:c1:0e:2e:48:
                    c2:41:92:39:6d:cc:81:40:b8:ab:3d:dc:1a:07:5b:
                    47:a2:7b:ee:1a:e9:85:cf:28:15:ea:fa:ba:60:62:
                    92:fe:0a:4f:62:52:d1:be:2b:41:28:2e:51:38:f5:
                    69:e8:88:ff:4d:8f:65:20:2b:db:d3:ac:27:a9:f2:
                    0c:e1:2d:16:81:ab:44:65:f6:a9:67:19:f6:f3:6a:
                    e7:30:fe:fd:a8:a3:5b:ab:e5:69:1e:d4:9d:1e:4b:
                    53:8f:a3:15:04:e4:16:c1:2a:bf:92:d0:a4:90:28:
                    b9:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:15:5D:E4:72:FB:39:96:39:7C:8C:87:C0:2C:65:DE:18:13:42:AA
            X509v3 Authority Key Identifier:
                keyid:43:76:7A:C8:B9:C4:46:E4:13:DD:A2:B5:C9:85:3A:17:68:A4:E1:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/529d28a5769af1e1987aada52d4d9ac3bec39b68.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/60351cdf6322d835efbf77cc99aff9a73980935a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/529d28a5769af1e1987aada52d4d9ac3bec39b68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.114.96.0-190.114.101.255
                  200.123.36.0-200.123.47.255

    Signature Algorithm: sha256WithRSAEncryption
         21:bd:17:30:9f:56:a9:65:de:fe:e2:33:30:70:4e:bd:7a:44:
         2b:a6:8b:93:33:7f:c9:28:09:50:6a:4a:4d:10:22:e2:e2:0f:
         9b:0c:74:12:02:c5:15:bb:57:95:58:f9:35:25:52:26:d4:36:
         16:99:cc:4b:47:0a:3b:ca:34:27:d5:9c:1f:9d:8e:bf:6c:64:
         40:7b:81:f4:1d:e1:ff:70:83:d2:04:88:2c:37:62:84:0b:f1:
         06:45:f8:cd:75:7e:01:1c:4f:dc:7a:c9:57:6d:6f:fe:95:b6:
         e7:7b:b4:5a:ee:24:e5:3a:10:71:f2:6d:ad:7a:d2:cf:d8:72:
         b6:e5:1f:b2:ea:a4:c7:15:6d:ab:22:9a:3f:dd:7c:d8:85:e1:
         84:b1:12:70:7f:51:61:6b:da:1a:da:ef:20:4e:c5:e5:b2:92:
         d8:7c:bf:19:9b:c8:8c:81:12:e7:4b:d2:f3:83:7a:2c:91:34:
         18:66:7e:a7:06:03:fd:9c:6b:8a:78:12:32:cf:b9:95:b1:ef:
         cb:28:0e:82:df:d4:95:f5:5c:25:f1:d2:cb:d4:09:7f:79:38:
         28:d7:c7:0a:e0:b7:47:d6:17:a6:fd:93:25:f3:96:70:12:10:
         a4:ab:df:8f:73:51:5c:5b:2f:90:88:04:7a:93:11:e8:e9:89:
         a6:e8:db:ae
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIDKdXfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUy
OWQyOGE1NzY5YWYxZTE5ODdhYWRhNTJkNGQ5YWMzYmVjMzliNjgwHhcNMjQwMTMw
MTUwMDQ5WhcNMjkwMTMwMTUwMDQ5WjAzMTEwLwYDVQQDEyg2MDM1MWNkZjYzMjJk
ODM1ZWZiZjc3Y2M5OWFmZjlhNzM5ODA5MzVhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAu7YTAl642IaN4vd01HGxiWmkmhDj7ZV/cM5ZnckSmXLDcIA1
sRK0ssLiu33/Uk5xNXDRrvI44ttHGMLI7pbWtsCNgT1C/QBvQJqwvr1kZDp6KNvp
bInIH+/hFCZoZaArwMFd2g3ZSm7iXBOHDLENF8Xw9HM4PowcU+kV62J4JbaLhBC9
C+3x5MMp7C2a+E4c2MEOLkjCQZI5bcyBQLirPdwaB1tHonvuGumFzygV6vq6YGKS
/gpPYlLRvitBKC5ROPVp6Ij/TY9lICvb06wnqfIM4S0WgatEZfapZxn282rnMP79
qKNbq+VpHtSdHktTj6MVBOQWwSq/ktCkkCi5XQIDAQABo4ICcTCCAm0wHQYDVR0O
BBYEFDUVXeRy+zmWOXyMh8AsZd4YE0KqMB8GA1UdIwQYMBaAFEN2esi5xEbkE92i
tcmFOhdopOHFMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTI5ZDI4
YTU3NjlhZjFlMTk4N2FhZGE1MmQ0ZDlhYzNiZWMzOWI2OC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlLzYwMzUxY2RmNjMyMmQ4MzVlZmJmNzdjYzk5YWZmOWE3Mzk4MDkzNWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvNTI5ZDI4YTU3NjlhZjFlMTk4N2FhZGE1MmQ0ZDlhYzNiZWMzOWI2
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQm
MCQwIgQCAAEwHDAMAwQFvnJgAwQBvnJkMAwDBALIeyQDBATIeyAwDQYJKoZIhvcN
AQELBQADggEBACG9FzCfVqll3v7iMzBwTr16RCumi5Mzf8koCVBqSk0QIuLiD5sM
dBICxRW7V5VY+TUlUibUNhaZzEtHCjvKNCfVnB+djr9sZEB7gfQd4f9wg9IEiCw3
YoQL8QZF+M11fgEcT9x6yVdtb/6Vtud7tFruJOU6EHHyba160s/YcrblH7LqpMcV
basimj/dfNiF4YSxEnB/UWFr2hra7yBOxeWykth8vxmbyIyBEudL0vODeiyRNBhm
fqcGA/2ca4p4EjLPuZWx78soDoLf1JX1XCXx0svUCX95OCjXxwrgt0fWF6b9kyXz
lnASEKSr349zUVxbL5CIBHqTEejpiabo264=
-----END CERTIFICATE-----
Generated at Thu Feb 15 23:53:32 2024 by rpki-client on console-fra.rpki-client.org