Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/640cddb80f8604a80c6943bf1e0e3963074e1d6c.roa
File:                     640cddb80f8604a80c6943bf1e0e3963074e1d6c.roa (raw, json)
Hash identifier:          ZZe/G8aSXYmxlEKdsYrj1YsdPITEXvdMX0HrFtTNNwk=
Subject key identifier:   EA:48:DF:D0:63:66:D5:FA:7B:E7:8C:C4:E0:5B:0C:DF:50:37:40:AA
Certificate issuer:       /CN=33b7a43fc33bfc7ff5ea592decadde645288705e
Certificate serial:       24319A
Authority key identifier: C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/640cddb80f8604a80c6943bf1e0e3963074e1d6c.roa
Signing time:             Mon 17 Jul 2023 16:09:30 +0000
ROA not before:           Sun 16 Jul 2023 16:08:49 +0000
ROA not after:            Thu 17 Jul 2025 16:08:49 +0000
asID:                     272862
IP address blocks:        200.50.190.0/24 maxlen: 24
                          200.50.167.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2371994 (0x24319a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33b7a43fc33bfc7ff5ea592decadde645288705e
        Validity
            Not Before: Jul 16 16:08:49 2023 GMT
            Not After : Jul 17 16:08:49 2025 GMT
        Subject: CN=640cddb80f8604a80c6943bf1e0e3963074e1d6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:cb:a5:f2:2a:fa:88:49:71:1e:bf:5c:f4:e4:
                    d2:ab:86:87:15:aa:84:fc:17:06:66:91:08:b1:38:
                    d8:60:2e:32:41:ab:04:e5:29:96:82:17:cf:d9:18:
                    50:d9:11:7b:11:d0:3c:d5:1e:bb:33:64:5e:4f:c2:
                    df:71:4c:25:7b:d8:d4:42:da:e9:c9:c4:4e:38:d5:
                    6e:da:80:61:fd:b6:1a:57:4e:5f:ef:c0:a5:56:bc:
                    89:da:2e:c1:81:7b:27:68:5c:42:9a:21:ad:74:86:
                    f5:65:d7:5c:fb:2b:2d:1e:20:7a:17:b5:ea:9a:1c:
                    b1:7c:a2:78:9a:b6:a6:00:96:d5:d2:4a:f9:1f:b9:
                    5b:d4:a9:9d:e1:dd:55:c7:7f:d9:09:8a:bf:ee:31:
                    4d:d6:d8:90:61:be:3c:7b:75:2e:36:e7:ee:0a:33:
                    70:0a:82:0e:64:52:5c:5e:62:44:73:ac:87:41:68:
                    75:72:67:6d:40:41:af:38:e8:c8:72:7d:7f:d4:4f:
                    b2:fe:c9:85:82:38:68:4f:27:82:31:3a:79:0d:7f:
                    a7:58:74:e8:b4:8f:b6:bf:f4:6c:7b:25:33:63:99:
                    f7:41:60:fe:3e:87:71:4b:8e:89:c2:31:47:88:7f:
                    34:d1:e7:35:a3:fc:f1:dd:f8:5a:20:f1:56:75:f7:
                    16:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:48:DF:D0:63:66:D5:FA:7B:E7:8C:C4:E0:5B:0C:DF:50:37:40:AA
            X509v3 Authority Key Identifier:
                keyid:C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/640cddb80f8604a80c6943bf1e0e3963074e1d6c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/33b7a43fc33bfc7ff5ea592decadde645288705e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.50.167.0/24
                  200.50.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:3e:d3:12:6c:22:b0:06:68:6e:fe:47:dc:80:e6:79:b2:50:
         22:2e:81:1a:c4:ab:e4:de:c5:d6:5a:72:02:77:75:3f:42:ea:
         7f:ae:a7:0e:21:a5:1c:e7:1f:85:5a:eb:f2:0d:93:1d:d9:6b:
         67:25:ab:a6:4e:5f:4f:29:47:1b:d0:71:32:0a:98:df:2a:f4:
         f0:e5:9c:7a:6a:03:b9:03:15:a3:8c:7a:e4:bf:cf:04:83:42:
         98:67:ee:ed:02:85:79:fc:ee:9e:68:7a:aa:8b:e9:15:16:02:
         2a:68:c0:90:e4:df:ca:d7:28:f6:1f:43:7b:32:20:84:b3:73:
         f5:3a:ff:87:08:af:c5:7d:61:4b:b6:d1:48:f7:c8:0e:5b:6c:
         39:33:98:61:e2:41:73:8a:cf:0b:fe:cd:d2:e8:a2:2f:9b:72:
         25:2b:c3:67:62:e5:49:3b:54:a3:22:77:d6:5f:cf:13:ca:74:
         70:c3:16:00:bc:07:b9:d3:ff:58:2d:09:02:fc:15:7b:65:1f:
         98:d5:19:8a:7e:03:1a:8e:e4:6e:af:97:59:7a:82:b5:0e:2c:
         3e:60:35:af:ae:e1:68:c4:39:ae:52:e1:6b:e9:79:32:14:d3:
         0f:f9:12:30:4b:a8:2f:ff:2f:3e:02:92:5d:34:ed:43:0a:4b:
         9e:f5:92:0e
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDJDGaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
YjdhNDNmYzMzYmZjN2ZmNWVhNTkyZGVjYWRkZTY0NTI4ODcwNWUwHhcNMjMwNzE2
MTYwODQ5WhcNMjUwNzE3MTYwODQ5WjAzMTEwLwYDVQQDEyg2NDBjZGRiODBmODYw
NGE4MGM2OTQzYmYxZTBlMzk2MzA3NGUxZDZjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmsul8ir6iElxHr9c9OTSq4aHFaqE/BcGZpEIsTjYYC4yQasE
5SmWghfP2RhQ2RF7EdA81R67M2ReT8LfcUwle9jUQtrpycROONVu2oBh/bYaV05f
78ClVryJ2i7BgXsnaFxCmiGtdIb1Zddc+ystHiB6F7XqmhyxfKJ4mramAJbV0kr5
H7lb1Kmd4d1Vx3/ZCYq/7jFN1tiQYb48e3UuNufuCjNwCoIOZFJcXmJEc6yHQWh1
cmdtQEGvOOjIcn1/1E+y/smFgjhoTyeCMTp5DX+nWHTotI+2v/RseyUzY5n3QWD+
PodxS46JwjFHiH800ec1o/zx3fhaIPFWdfcW1wIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFOpI39BjZtX6e+eMxOBbDN9QN0CqMB8GA1UdIwQYMBaAFMGk+QbXxWt9XjK0
PK4zar0RfTlWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNiN2E0
M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlLzY0MGNkZGI4MGY4NjA0YTgwYzY5NDNiZjFlMGUzOTYzMDc0ZTFkNmMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvMzNiN2E0M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAMgypwMEAMgyvjANBgkqhkiG9w0BAQsFAAOCAQEAQT7TEmwi
sAZobv5H3IDmebJQIi6BGsSr5N7F1lpyAnd1P0Lqf66nDiGlHOcfhVrr8g2THdlr
ZyWrpk5fTylHG9BxMgqY3yr08OWcemoDuQMVo4x65L/PBINCmGfu7QKFefzunmh6
qovpFRYCKmjAkOTfytco9h9DezIghLNz9Tr/hwivxX1hS7bRSPfIDltsOTOYYeJB
c4rPC/7N0uiiL5tyJSvDZ2LlSTtUoyJ31l/PE8p0cMMWALwHudP/WC0JAvwVe2Uf
mNUZin4DGo7kbq+XWXqCtQ4sPmA1r67haMQ5rlLha+l5MhTTD/kSMEuoL/8vPgKS
XTTtQwpLnvWSDg==
-----END CERTIFICATE-----
Generated at Thu Aug 10 18:21:06 2023 by rpki-client on console-fra.rpki-client.org