Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b288d0df88b79f22c136bdad7b088e1d67c2b5e1.roa
File:                     b288d0df88b79f22c136bdad7b088e1d67c2b5e1.roa (raw, json)
Hash identifier:          a8zCKrqd9GZTXBaXbhKeYw7kqyR1dlYRCorzHdcZjPM=
Subject key identifier:   13:90:E8:2B:5A:03:1D:AE:1D:E3:F4:F5:62:42:82:B4:AB:51:90:77
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       1216B6
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b288d0df88b79f22c136bdad7b088e1d67c2b5e1.roa
Signing time:             Wed 29 Nov 2023 15:12:39 +0000
ROA not before:           Wed 29 Nov 2023 15:12:39 +0000
ROA not after:            Sat 29 Nov 2025 15:12:39 +0000
asID:                     22927
IP address blocks:        200.63.128.0/23 maxlen: 24
                          200.63.156.0/22 maxlen: 24
                          200.63.160.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1185462 (0x1216b6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 15:12:39 2023 GMT
            Not After : Nov 29 15:12:39 2025 GMT
        Subject: CN=b288d0df88b79f22c136bdad7b088e1d67c2b5e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:e5:00:23:37:8d:28:69:66:62:51:d6:ce:2d:
                    37:e8:4f:9e:7b:61:f6:44:82:dd:c9:f2:e3:d6:7f:
                    a4:42:90:21:8f:ad:3c:a5:14:2a:c5:30:ba:fa:b6:
                    5f:f0:19:93:05:32:2a:6e:50:3e:49:ea:12:bf:48:
                    f0:1e:6c:f3:4a:83:22:dc:db:17:f0:c4:fb:bf:21:
                    76:0d:26:f6:7a:c1:04:ad:cf:b2:f8:f1:7e:54:73:
                    6d:10:91:f0:a9:3b:42:81:bb:78:89:5d:28:dd:72:
                    e3:4e:9a:ef:de:8a:e9:b6:8d:93:f6:c4:e6:ec:85:
                    e5:5b:9c:2f:e7:65:98:7c:ad:05:26:9a:78:c6:00:
                    c1:98:1f:e2:c4:90:49:a4:89:4e:61:9d:17:7a:5e:
                    9b:be:52:86:a7:c5:56:9b:04:cc:90:a9:d8:11:6d:
                    16:88:d4:1c:13:6e:c4:f3:bf:e4:36:42:08:28:2f:
                    1e:c6:61:b8:5f:ef:8e:1d:53:2c:2c:54:e3:a1:98:
                    26:d2:b7:8b:5b:0a:13:2b:8d:c0:c0:b3:e7:c5:66:
                    9f:3a:4e:60:51:53:6f:79:16:80:44:a5:3c:ae:e7:
                    ff:00:9f:c9:6a:c0:f7:bd:dc:00:2c:d1:dc:dd:83:
                    fb:c2:e0:b7:c9:31:d9:66:87:52:84:f5:7a:cf:13:
                    f5:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:90:E8:2B:5A:03:1D:AE:1D:E3:F4:F5:62:42:82:B4:AB:51:90:77
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b288d0df88b79f22c136bdad7b088e1d67c2b5e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.63.128.0/23
                  200.63.156.0-200.63.167.255

    Signature Algorithm: sha256WithRSAEncryption
         3b:56:7b:e1:80:50:57:c8:c2:6b:ad:12:59:18:28:0a:62:34:
         69:39:ea:b1:ad:bb:a2:f9:4d:d9:96:20:ce:23:5b:23:3c:ab:
         cf:71:ee:04:c8:6b:8e:d7:e9:97:40:e2:1d:60:21:35:16:14:
         f2:ca:d5:56:09:90:1a:a3:95:a6:3f:fe:a0:b2:c3:42:f4:af:
         bf:53:33:c9:fb:11:6c:fd:dd:8b:9f:d0:77:bc:90:c4:0f:b6:
         5c:64:e2:dc:9b:1f:dd:3e:11:4a:ec:a9:54:f9:a7:f6:fa:97:
         33:0d:18:82:47:17:70:55:c1:aa:80:9e:1c:53:86:ed:f5:e3:
         bb:0a:ef:6f:b5:18:42:e5:53:85:f3:0a:0e:d1:58:da:05:ae:
         28:9c:de:c9:e5:f2:83:f3:bb:d5:d5:91:fb:d7:f3:34:58:b2:
         93:21:f3:96:1f:fd:e2:26:01:38:92:50:ad:e7:a4:90:e1:ec:
         e6:9c:31:b9:83:82:67:e6:3f:6d:2c:d6:2a:a1:90:a9:ce:f2:
         09:e9:a2:27:10:5a:ba:9f:48:f9:70:e0:3a:ec:6d:a2:59:b3:
         aa:74:e8:63:ac:e0:9e:8c:8e:17:c1:76:73:7e:9f:6e:27:09:
         52:cb:8f:c2:6d:39:b0:e6:e9:3d:71:62:55:cb:0b:ee:d1:92:
         1c:5e:e5:5c
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIDEha2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTUxMjM5WhcNMjUxMTI5MTUxMjM5WjAzMTEwLwYDVQQDEyhiMjg4ZDBkZjg4Yjc5
ZjIyYzEzNmJkYWQ3YjA4OGUxZDY3YzJiNWUxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAouUAIzeNKGlmYlHWzi036E+ee2H2RILdyfLj1n+kQpAhj608
pRQqxTC6+rZf8BmTBTIqblA+SeoSv0jwHmzzSoMi3NsX8MT7vyF2DSb2esEErc+y
+PF+VHNtEJHwqTtCgbt4iV0o3XLjTprv3orpto2T9sTm7IXlW5wv52WYfK0FJpp4
xgDBmB/ixJBJpIlOYZ0Xel6bvlKGp8VWmwTMkKnYEW0WiNQcE27E87/kNkIIKC8e
xmG4X++OHVMsLFTjoZgm0reLWwoTK43AwLPnxWafOk5gUVNveRaARKU8ruf/AJ/J
asD3vdwALNHc3YP7wuC3yTHZZodShPV6zxP1MQIDAQABo4ICaTCCAmUwHQYDVR0O
BBYEFBOQ6CtaAx2uHeP09WJCgrSrUZB3MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2IyODhkMGRmODhiNzlmMjJjMTM2YmRhZDdiMDg4ZTFkNjdjMmI1ZTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQe
MBwwGgQCAAEwFAMEAcg/gDAMAwQCyD+cAwQDyD+gMA0GCSqGSIb3DQEBCwUAA4IB
AQA7VnvhgFBXyMJrrRJZGCgKYjRpOeqxrbui+U3ZliDOI1sjPKvPce4EyGuO1+mX
QOIdYCE1FhTyytVWCZAao5WmP/6gssNC9K+/UzPJ+xFs/d2Ln9B3vJDED7ZcZOLc
mx/dPhFK7KlU+af2+pczDRiCRxdwVcGqgJ4cU4bt9eO7Cu9vtRhC5VOF8woO0Vja
Ba4onN7J5fKD87vV1ZH71/M0WLKTIfOWH/3iJgE4klCt56SQ4ezmnDG5g4Jn5j9t
LNYqoZCpzvIJ6aInEFq6n0j5cOA67G2iWbOqdOhjrOCejI4XwXZzfp9uJwlSy4/C
bTmw5uk9cWJVywvu0ZIcXuVc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:43 2024 by rpki-client on console-ams.rpki-client.org