Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/40e94d40ce3d887f101e0e167256ecd748a75c2d.roa
File:                     40e94d40ce3d887f101e0e167256ecd748a75c2d.roa (raw, json)
Hash identifier:          1ndM6PHGIAYYusBY3irm5RncJxAF2bP3htqodjKb1eg=
Subject key identifier:   CE:54:E3:14:6E:A9:B8:AC:7E:E6:53:D3:82:35:06:6F:AB:0D:A1:FA
Certificate issuer:       /CN=bca241a84c27bfe35e84dea65f4a7db00fab553c
Certificate serial:       05DFEE
Authority key identifier: F4:58:60:FC:8C:F0:EC:66:8C:12:40:B7:75:C3:E2:4E:6C:36:03:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bca241a84c27bfe35e84dea65f4a7db00fab553c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/40e94d40ce3d887f101e0e167256ecd748a75c2d.roa
Signing time:             Tue 11 Jul 2023 12:48:10 +0000
ROA not before:           Mon 10 Jul 2023 12:48:10 +0000
ROA not after:            Fri 11 Jul 2025 12:48:10 +0000
asID:                     7418
IP address blocks:        152.172.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 385006 (0x5dfee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bca241a84c27bfe35e84dea65f4a7db00fab553c
        Validity
            Not Before: Jul 10 12:48:10 2023 GMT
            Not After : Jul 11 12:48:10 2025 GMT
        Subject: CN=40e94d40ce3d887f101e0e167256ecd748a75c2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f0:e7:04:41:aa:3a:cb:3b:9e:37:f8:ab:b0:
                    14:ef:1a:8d:e8:18:04:3a:b6:5c:72:2d:b7:d0:e5:
                    b7:6e:5d:6e:01:db:b4:6c:35:a3:a8:31:99:83:cb:
                    bf:3c:2d:da:a6:d0:43:77:af:e4:3e:40:3a:35:08:
                    b9:d0:cd:dc:7c:8b:1b:da:d8:99:06:61:5e:19:91:
                    66:66:b1:2b:af:23:0c:af:95:db:6b:ed:d5:89:26:
                    eb:21:f3:b4:e6:d6:79:02:2f:76:16:a8:4c:1d:f4:
                    68:d3:83:39:33:c7:d2:cd:97:ab:34:25:fd:00:10:
                    51:f9:fd:f2:01:db:f8:65:08:6c:20:94:9f:86:fe:
                    10:ce:5c:a6:4a:55:98:29:05:6f:87:40:ac:d8:be:
                    8b:40:d1:5b:13:2b:21:8a:2b:c5:9a:e2:d5:67:3f:
                    53:08:e9:61:78:39:fd:73:9d:a3:9c:12:2e:b8:19:
                    e8:6a:8b:fb:cc:18:e1:61:12:5f:81:6b:9c:56:2f:
                    fb:d2:76:13:65:c8:20:c9:a0:a0:b7:ca:2a:a8:37:
                    c9:72:a9:84:d7:bf:ec:a0:f3:9a:9f:5d:d9:ab:82:
                    e1:d5:6f:0e:a8:0a:83:26:49:7c:9b:28:af:fe:d7:
                    03:18:09:a5:8c:65:b7:70:21:27:ca:f5:ee:2e:2b:
                    ff:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:54:E3:14:6E:A9:B8:AC:7E:E6:53:D3:82:35:06:6F:AB:0D:A1:FA
            X509v3 Authority Key Identifier:
                keyid:F4:58:60:FC:8C:F0:EC:66:8C:12:40:B7:75:C3:E2:4E:6C:36:03:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bca241a84c27bfe35e84dea65f4a7db00fab553c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/40e94d40ce3d887f101e0e167256ecd748a75c2d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/bca241a84c27bfe35e84dea65f4a7db00fab553c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.172.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4a:e8:d6:80:40:40:87:c1:23:b6:af:13:6a:cc:97:b1:d8:8d:
         63:be:30:90:1b:56:7a:b5:73:ec:9f:74:ee:c2:61:54:2a:5d:
         ca:a8:fc:70:f3:dd:50:7c:1f:6b:e3:f0:53:ee:46:70:f3:87:
         bd:02:f1:c3:c7:9d:25:6d:9b:56:d7:43:95:8c:af:5d:f3:d7:
         74:b8:79:7a:a4:1d:3c:06:3e:db:8a:97:8e:bd:c1:69:d4:92:
         be:ec:8e:7a:32:69:ea:e3:7c:76:f6:9c:70:77:e7:f2:a8:ff:
         59:9f:16:3b:4f:19:41:c8:08:63:b3:f1:3a:88:04:10:0b:46:
         c4:69:2b:49:40:eb:c6:f1:2d:f8:6b:66:ec:dc:be:51:21:9f:
         3a:82:e2:07:ca:ed:5e:e2:85:02:32:eb:4c:3b:fb:5e:8a:38:
         25:a2:26:d5:ff:10:fe:d2:2c:0f:5e:c8:82:0d:c9:5b:02:b5:
         1e:4d:25:a8:ff:8f:86:07:46:bf:e2:a8:4e:6f:fc:e3:69:c2:
         53:ba:a8:6a:e7:38:68:9a:f1:3c:d3:b7:09:df:5d:95:5a:e3:
         35:65:64:be:c5:31:c2:88:c8:8d:f1:6c:70:ab:3d:6e:00:9a:
         29:31:93:c0:0a:53:66:aa:d9:d2:1a:1f:99:0d:93:46:eb:2e:
         a6:4a:eb:8e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIDBd/uMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJj
YTI0MWE4NGMyN2JmZTM1ZTg0ZGVhNjVmNGE3ZGIwMGZhYjU1M2MwHhcNMjMwNzEw
MTI0ODEwWhcNMjUwNzExMTI0ODEwWjAzMTEwLwYDVQQDEyg0MGU5NGQ0MGNlM2Q4
ODdmMTAxZTBlMTY3MjU2ZWNkNzQ4YTc1YzJkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlvDnBEGqOss7njf4q7AU7xqN6BgEOrZcci230OW3bl1uAdu0
bDWjqDGZg8u/PC3aptBDd6/kPkA6NQi50M3cfIsb2tiZBmFeGZFmZrErryMMr5Xb
a+3ViSbrIfO05tZ5Ai92FqhMHfRo04M5M8fSzZerNCX9ABBR+f3yAdv4ZQhsIJSf
hv4QzlymSlWYKQVvh0Cs2L6LQNFbEyshiivFmuLVZz9TCOlheDn9c52jnBIuuBno
aov7zBjhYRJfgWucVi/70nYTZcggyaCgt8oqqDfJcqmE17/soPOan13Zq4Lh1W8O
qAqDJkl8myiv/tcDGAmljGW3cCEnyvXuLiv/UwIDAQABo4ICWjCCAlYwHQYDVR0O
BBYEFM5U4xRuqbisfuZT04I1Bm+rDaH6MB8GA1UdIwQYMBaAFPRYYPyM8OxmjBJA
t3XD4k5sNgOAMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmNhMjQx
YTg0YzI3YmZlMzVlODRkZWE2NWY0YTdkYjAwZmFiNTUzYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2Q3ZGEwYzMtYzBhMC00ZGJiLWEzNTYtNTA0NDhk
NzQ5MzE3LzQwZTk0ZDQwY2UzZDg4N2YxMDFlMGUxNjcyNTZlY2Q3NDhhNzVjMmQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83ZDdkYTBjMy1jMGEwLTRkYmItYTM1Ni01MDQ0
OGQ3NDkzMTcvYmNhMjQxYTg0YzI3YmZlMzVlODRkZWE2NWY0YTdkYjAwZmFiNTUz
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQP
MA0wCwQCAAEwBQMDAJisMA0GCSqGSIb3DQEBCwUAA4IBAQBK6NaAQECHwSO2rxNq
zJex2I1jvjCQG1Z6tXPsn3TuwmFUKl3KqPxw891QfB9r4/BT7kZw84e9AvHDx50l
bZtW10OVjK9d89d0uHl6pB08Bj7bipeOvcFp1JK+7I56Mmnq43x29pxwd+fyqP9Z
nxY7TxlByAhjs/E6iAQQC0bEaStJQOvG8S34a2bs3L5RIZ86guIHyu1e4oUCMutM
O/teijgloibV/xD+0iwPXsiCDclbArUeTSWo/4+GB0a/4qhOb/zjacJTuqhq5zho
mvE807cJ312VWuM1ZWS+xTHCiMiN8Wxwqz1uAJopMZPAClNmqtnSGh+ZDZNG6y6m
SuuO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:03 2024 by rpki-client on console-ams.rpki-client.org