Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/d7053799f733231f1c72b03bcb1cd1f93ca36f94.roa
File:                     d7053799f733231f1c72b03bcb1cd1f93ca36f94.roa (raw, json)
Hash identifier:          pVACAVarAWBIa+ozn4MvCLG7wY2VkeAeB5QZ2WZh5jw=
Subject key identifier:   23:62:94:DA:0B:30:45:17:2A:B8:82:79:AC:EC:10:08:A1:3D:9B:80
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       14414C
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/d7053799f733231f1c72b03bcb1cd1f93ca36f94.roa
Signing time:             Wed 31 Jan 2024 23:51:30 +0000
ROA not before:           Wed 31 Jan 2024 23:51:30 +0000
ROA not after:            Sat 31 Jan 2026 23:51:30 +0000
asID:                     22927
IP address blocks:        200.51.171.0/24 maxlen: 24
                          200.51.208.0/22 maxlen: 24
                          200.51.212.0/22 maxlen: 24
                          200.51.215.0/24 maxlen: 24
                          200.51.232.0/24 maxlen: 24
                          200.51.236.0/22 maxlen: 24
                          200.51.252.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1327436 (0x14414c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Jan 31 23:51:30 2024 GMT
            Not After : Jan 31 23:51:30 2026 GMT
        Subject: CN=d7053799f733231f1c72b03bcb1cd1f93ca36f94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ba:30:40:0f:36:10:b5:12:e8:a9:62:09:a8:
                    3e:ad:6d:13:6e:b4:c5:a6:87:5e:e1:ab:f8:f6:62:
                    6a:0d:b9:3d:73:90:83:e3:a2:97:4f:74:fb:49:61:
                    1c:97:b5:c3:36:55:7f:fe:68:b0:93:90:66:10:86:
                    ae:dd:e2:80:7e:ab:85:eb:f6:24:90:b7:22:75:e3:
                    39:da:a3:25:73:ef:45:76:31:03:3d:0d:85:fa:3d:
                    95:8d:52:18:04:7a:ca:99:08:04:f5:1a:84:bb:b1:
                    94:2d:91:e9:63:e8:2a:50:89:00:db:64:ab:9c:75:
                    cf:ee:4a:3e:ea:28:f3:46:60:0e:fb:02:71:7d:05:
                    9a:3a:57:ec:4b:d6:bd:29:c2:19:72:2d:70:4a:3e:
                    e6:0b:b4:2a:58:a9:85:77:6a:b8:00:fe:25:19:25:
                    3f:1b:c6:8c:99:69:e0:24:80:58:0c:30:bf:79:13:
                    e0:40:19:1d:95:2c:d4:72:6b:f3:69:86:ac:bd:d9:
                    b0:57:3d:14:ad:80:35:a9:25:b3:fa:68:4f:4a:ed:
                    e1:d1:42:f0:92:40:cf:93:43:06:37:83:99:ea:4c:
                    fe:0d:02:1d:4e:83:62:5a:01:01:57:95:fd:d1:7e:
                    85:03:f8:91:77:c2:2f:11:f1:08:dc:9b:e1:8a:cc:
                    b3:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:62:94:DA:0B:30:45:17:2A:B8:82:79:AC:EC:10:08:A1:3D:9B:80
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/d7053799f733231f1c72b03bcb1cd1f93ca36f94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.51.171.0/24
                  200.51.208.0/21
                  200.51.232.0/24
                  200.51.236.0/22
                  200.51.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         33:9b:3c:d6:d9:73:81:5c:75:74:51:40:07:2f:2e:f9:c6:9e:
         b6:0f:fd:1f:ca:38:36:fe:8f:73:c7:6e:8a:f8:da:55:4f:51:
         5e:94:da:f1:5d:3a:51:7f:d2:86:ba:93:b7:e1:f4:eb:b7:43:
         1e:37:a7:fe:49:18:01:f7:2a:50:48:0b:de:63:50:0b:4d:10:
         39:c5:5d:82:13:09:39:1f:d8:a4:fc:0e:2f:a3:8f:66:2c:45:
         8b:f1:32:09:40:ba:b8:6f:84:91:60:d0:11:92:09:5a:81:2a:
         2e:b6:db:dd:1f:0b:5b:cf:e0:7d:af:e1:65:cc:75:3b:a3:bd:
         73:e8:f4:2e:22:1e:73:d1:3b:51:de:83:08:ae:40:68:fa:44:
         00:ae:ac:7e:fc:88:cc:29:63:0b:63:3c:91:17:ee:bd:78:95:
         6f:06:73:0c:50:fc:21:7a:ed:4e:13:32:cb:2e:19:97:e8:26:
         d4:32:3e:47:24:82:ce:74:6d:ba:2b:41:dd:ea:fd:8c:8b:64:
         83:1b:6a:fb:09:16:6b:b3:be:29:43:13:f9:e3:0e:22:30:0d:
         fa:dc:66:4d:36:7e:69:71:0f:6e:f5:d5:0c:f8:5f:6d:24:c7:
         cd:6d:cb:28:34:ff:b9:ac:6b:1c:74:b1:b6:aa:6b:15:63:ca:
         8f:79:4e:9b
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIDFEFMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjQwMTMx
MjM1MTMwWhcNMjYwMTMxMjM1MTMwWjAzMTEwLwYDVQQDEyhkNzA1Mzc5OWY3MzMy
MzFmMWM3MmIwM2JjYjFjZDFmOTNjYTM2Zjk0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArbowQA82ELUS6KliCag+rW0TbrTFpode4av49mJqDbk9c5CD
46KXT3T7SWEcl7XDNlV//miwk5BmEIau3eKAfquF6/YkkLcideM52qMlc+9FdjED
PQ2F+j2VjVIYBHrKmQgE9RqEu7GULZHpY+gqUIkA22SrnHXP7ko+6ijzRmAO+wJx
fQWaOlfsS9a9KcIZci1wSj7mC7QqWKmFd2q4AP4lGSU/G8aMmWngJIBYDDC/eRPg
QBkdlSzUcmvzaYasvdmwVz0UrYA1qSWz+mhPSu3h0ULwkkDPk0MGN4OZ6kz+DQId
ToNiWgEBV5X90X6FA/iRd8IvEfEI3JvhisyzAwIDAQABo4ICczCCAm8wHQYDVR0O
BBYEFCNilNoLMEUXKriCeazsEAihPZuAMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2Q3MDUzNzk5ZjczMzIzMWYxYzcyYjAzYmNiMWNkMWY5M2NhMzZmOTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEAMgzqwMEA8gz0AMEAMgz6AMEAsgz7AMEAsgz/DANBgkqhkiG
9w0BAQsFAAOCAQEAM5s81tlzgVx1dFFABy8u+caetg/9H8o4Nv6Pc8duivjaVU9R
XpTa8V06UX/ShrqTt+H067dDHjen/kkYAfcqUEgL3mNQC00QOcVdghMJOR/YpPwO
L6OPZixFi/EyCUC6uG+EkWDQEZIJWoEqLrbb3R8LW8/gfa/hZcx1O6O9c+j0LiIe
c9E7Ud6DCK5AaPpEAK6sfvyIzCljC2M8kRfuvXiVbwZzDFD8IXrtThMyyy4Zl+gm
1DI+RySCznRtuitB3er9jItkgxtq+wkWa7O+KUMT+eMOIjAN+txmTTZ+aXEPbvXV
DPhfbSTHzW3LKDT/uaxrHHSxtqprFWPKj3lOmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:43 2024 by rpki-client on console-ams.rpki-client.org