Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/4353d749773c6e4f7c968ded734f292db6fa337f.roa
File:                     4353d749773c6e4f7c968ded734f292db6fa337f.roa (raw, json)
Hash identifier:          70WWlT3WuernIazekLVsPdcvnvYJTrxCaPRXQEFimFQ=
Subject key identifier:   87:C7:E0:35:F4:C6:F8:16:3C:AC:15:32:C4:20:43:8E:ED:37:36:56
Certificate issuer:       /CN=bca241a84c27bfe35e84dea65f4a7db00fab553c
Certificate serial:       05A73B
Authority key identifier: F4:58:60:FC:8C:F0:EC:66:8C:12:40:B7:75:C3:E2:4E:6C:36:03:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bca241a84c27bfe35e84dea65f4a7db00fab553c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/4353d749773c6e4f7c968ded734f292db6fa337f.roa
Signing time:             Thu 06 Jul 2023 14:53:21 +0000
ROA not before:           Wed 05 Jul 2023 14:53:21 +0000
ROA not after:            Sun 06 Jul 2025 14:53:21 +0000
asID:                     16629
IP address blocks:        152.172.0.0/16 maxlen: 24
                          181.172.0.0/15 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 370491 (0x5a73b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bca241a84c27bfe35e84dea65f4a7db00fab553c
        Validity
            Not Before: Jul  5 14:53:21 2023 GMT
            Not After : Jul  6 14:53:21 2025 GMT
        Subject: CN=4353d749773c6e4f7c968ded734f292db6fa337f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:f5:18:f5:7d:04:a0:ab:1e:eb:2f:ac:f1:e6:
                    f6:9f:76:38:43:ce:38:2e:aa:45:20:32:cc:09:f5:
                    30:a6:e8:e0:5a:38:fa:b6:f6:5e:1c:1d:ac:f5:2c:
                    55:6b:02:cc:ce:dd:d3:9b:b5:89:5a:53:f0:60:c1:
                    b9:ef:cf:ae:d3:13:0e:5e:74:1a:41:50:9b:88:20:
                    e1:f1:ae:dd:77:54:f9:3f:17:55:20:db:aa:4a:7c:
                    9d:58:66:37:09:98:a2:3c:31:c9:9a:07:c3:09:fb:
                    0e:8f:a9:1b:6c:cc:74:58:2e:65:cb:50:fe:e4:6f:
                    b7:22:ac:e3:8b:0f:8c:e4:2b:ce:f9:fe:f2:20:64:
                    97:ba:aa:a5:c8:4c:27:37:80:eb:6c:b9:78:c7:5b:
                    b5:bf:9d:74:5d:04:3d:30:b4:4e:76:e3:80:a3:9f:
                    03:6b:bb:66:13:44:90:51:a8:15:c4:47:70:7d:99:
                    6a:07:e7:e7:a3:1d:c9:ab:e3:79:61:de:66:94:3f:
                    b1:6a:c6:e1:bd:78:27:ae:11:c8:b2:86:30:3c:37:
                    4b:3c:cf:3f:4d:c1:99:5a:8c:7d:6d:b1:de:84:b8:
                    f0:5f:e7:04:5b:4a:19:0b:24:e1:60:ad:c2:24:0a:
                    a7:3e:6a:3a:97:91:8c:6d:28:d1:17:50:92:64:3c:
                    45:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:C7:E0:35:F4:C6:F8:16:3C:AC:15:32:C4:20:43:8E:ED:37:36:56
            X509v3 Authority Key Identifier:
                keyid:F4:58:60:FC:8C:F0:EC:66:8C:12:40:B7:75:C3:E2:4E:6C:36:03:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bca241a84c27bfe35e84dea65f4a7db00fab553c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/4353d749773c6e4f7c968ded734f292db6fa337f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7d7da0c3-c0a0-4dbb-a356-50448d749317/bca241a84c27bfe35e84dea65f4a7db00fab553c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.172.0.0/16
                  181.172.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         13:f5:d5:48:d9:96:aa:9b:d6:f8:34:32:54:c8:2c:a9:31:71:
         ef:da:bd:e6:eb:41:a6:05:b7:f1:25:f7:87:e5:e8:ca:67:39:
         9a:d0:89:a9:c6:0f:7f:60:bc:f7:73:fc:84:76:a8:b8:44:a1:
         e9:2f:5c:5c:f6:9c:78:b6:8d:2e:f6:18:16:71:48:0f:f0:ab:
         b1:ea:0d:06:89:41:8e:d7:fd:54:8d:2c:98:1c:bd:0f:08:b2:
         f1:83:ce:66:5b:48:d3:21:6e:21:9e:a8:c8:47:3a:76:98:3c:
         28:98:86:92:99:7a:a8:b6:b8:76:d9:e3:92:00:28:96:df:19:
         14:bf:09:da:f5:b5:70:ba:71:cc:b8:90:2e:b0:59:0e:60:38:
         e3:62:54:b3:e9:f5:36:c3:96:c5:b1:77:82:33:29:0f:41:f6:
         0b:30:12:cf:43:25:20:6e:f8:a7:8d:19:37:25:14:6a:56:63:
         15:f1:8d:1a:bc:b4:ef:bd:89:b2:da:70:d6:3e:dc:fc:11:9e:
         34:19:6b:d8:b6:c1:2b:31:37:7a:33:5a:c7:1d:bc:a9:08:cc:
         5c:13:0f:10:92:00:27:39:c3:d5:ec:7e:5a:66:74:96:30:58:
         b4:77:93:ab:0c:35:26:bd:b6:e4:c8:3e:28:2c:38:df:46:fc:
         e7:8e:fc:4f
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIDBac7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJj
YTI0MWE4NGMyN2JmZTM1ZTg0ZGVhNjVmNGE3ZGIwMGZhYjU1M2MwHhcNMjMwNzA1
MTQ1MzIxWhcNMjUwNzA2MTQ1MzIxWjAzMTEwLwYDVQQDEyg0MzUzZDc0OTc3M2M2
ZTRmN2M5NjhkZWQ3MzRmMjkyZGI2ZmEzMzdmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAg/UY9X0EoKse6y+s8eb2n3Y4Q844LqpFIDLMCfUwpujgWjj6
tvZeHB2s9SxVawLMzt3Tm7WJWlPwYMG578+u0xMOXnQaQVCbiCDh8a7dd1T5PxdV
INuqSnydWGY3CZiiPDHJmgfDCfsOj6kbbMx0WC5ly1D+5G+3Iqzjiw+M5CvO+f7y
IGSXuqqlyEwnN4DrbLl4x1u1v510XQQ9MLROduOAo58Da7tmE0SQUagVxEdwfZlq
B+fnox3Jq+N5Yd5mlD+xasbhvXgnrhHIsoYwPDdLPM8/TcGZWox9bbHehLjwX+cE
W0oZCyThYK3CJAqnPmo6l5GMbSjRF1CSZDxFIQIDAQABo4ICXzCCAlswHQYDVR0O
BBYEFIfH4DX0xvgWPKwVMsQgQ47tNzZWMB8GA1UdIwQYMBaAFPRYYPyM8OxmjBJA
t3XD4k5sNgOAMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmNhMjQx
YTg0YzI3YmZlMzVlODRkZWE2NWY0YTdkYjAwZmFiNTUzYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2Q3ZGEwYzMtYzBhMC00ZGJiLWEzNTYtNTA0NDhk
NzQ5MzE3LzQzNTNkNzQ5NzczYzZlNGY3Yzk2OGRlZDczNGYyOTJkYjZmYTMzN2Yu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83ZDdkYTBjMy1jMGEwLTRkYmItYTM1Ni01MDQ0
OGQ3NDkzMTcvYmNhMjQxYTg0YzI3YmZlMzVlODRkZWE2NWY0YTdkYjAwZmFiNTUz
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAjBggrBgEFBQcBBwEB/wQU
MBIwEAQCAAEwCgMDAJisAwMBtawwDQYJKoZIhvcNAQELBQADggEBABP11UjZlqqb
1vg0MlTILKkxce/avebrQaYFt/El94fl6MpnOZrQianGD39gvPdz/IR2qLhEoekv
XFz2nHi2jS72GBZxSA/wq7HqDQaJQY7X/VSNLJgcvQ8IsvGDzmZbSNMhbiGeqMhH
OnaYPCiYhpKZeqi2uHbZ45IAKJbfGRS/Cdr1tXC6ccy4kC6wWQ5gOONiVLPp9TbD
lsWxd4IzKQ9B9gswEs9DJSBu+KeNGTclFGpWYxXxjRq8tO+9ibLacNY+3PwRnjQZ
a9i2wSsxN3ozWscdvKkIzFwTDxCSACc5w9XsflpmdJYwWLR3k6sMNSa9tuTIPigs
ON9G/OeO/E8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:51 2024 by rpki-client on console-fra.rpki-client.org