Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/842b633f-80b8-4f4c-be98-656d6f9a7f38/4021f6c923fe79d09f6622be7de65f3a7449801a.roa
File:                     4021f6c923fe79d09f6622be7de65f3a7449801a.roa (raw, json)
Hash identifier:          itjT+XX210z10U5EmmRgdI1iGIFdFRa0pHsBV8fSzH4=
Subject key identifier:   66:B5:3D:7F:C1:AB:0F:BA:5A:0A:EC:0E:C0:6F:72:59:48:7D:63:14
Certificate issuer:       /CN=490a4fa4caf480cb76c0bc4aefbf633f8ce3b1f9
Certificate serial:       0F8679
Authority key identifier: 48:B1:BD:0F:CA:73:B8:AE:61:49:CE:25:46:CC:0F:15:E0:7E:76:83
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/490a4fa4caf480cb76c0bc4aefbf633f8ce3b1f9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/842b633f-80b8-4f4c-be98-656d6f9a7f38/4021f6c923fe79d09f6622be7de65f3a7449801a.roa
Signing time:             Wed 24 Mar 2021 14:43:56 +0000
ROA not before:           Wed 24 Mar 2021 14:43:44 +0000
ROA not after:            Tue 24 Mar 2026 14:43:44 +0000
asID:                     278
IP address blocks:        2001:1218:5001::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1017465 (0xf8679)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=490a4fa4caf480cb76c0bc4aefbf633f8ce3b1f9
        Validity
            Not Before: Mar 24 14:43:44 2021 GMT
            Not After : Mar 24 14:43:44 2026 GMT
        Subject: CN=4021f6c923fe79d09f6622be7de65f3a7449801a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:22:37:8a:72:4c:de:e2:3f:37:0c:b1:9b:d8:
                    c9:8c:d4:e1:73:44:ba:44:10:bc:e8:0c:0b:81:a9:
                    71:ab:f0:b7:e0:94:d5:bb:ac:2c:db:77:d6:5e:18:
                    40:17:af:f0:c4:c5:24:0c:c2:9a:56:8c:67:63:8a:
                    96:f4:8a:08:df:d0:a3:30:e0:bf:6f:e6:c9:fe:d2:
                    36:07:fc:68:d9:18:b8:35:fb:57:09:29:7e:78:9f:
                    80:db:e8:f1:ee:d1:02:78:23:6e:28:06:85:63:69:
                    56:21:a0:6a:d2:88:69:7c:2d:3d:b0:03:26:3e:19:
                    ce:6c:db:d6:ab:a7:6e:06:15:bc:14:51:4a:ee:5b:
                    c1:ce:c3:35:bd:e6:14:18:0e:b5:bb:e4:87:b7:bb:
                    d7:79:76:cd:1e:4a:06:7d:22:2e:4e:0c:8b:61:a1:
                    b0:20:81:88:24:33:38:60:ca:11:cd:50:10:b2:b7:
                    11:41:9b:af:24:56:b0:f1:ce:ac:1f:1c:95:dc:29:
                    e0:87:c5:22:a3:fb:b1:0f:80:03:a3:96:76:1a:cd:
                    b7:9d:44:ec:b7:2c:5b:5e:e5:dc:62:4d:e7:8f:77:
                    ac:22:e9:f1:ac:7c:0a:47:94:45:b4:3d:5b:35:e0:
                    a6:a5:40:7a:36:d5:8d:c6:60:aa:db:ec:e8:07:c2:
                    e5:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:B5:3D:7F:C1:AB:0F:BA:5A:0A:EC:0E:C0:6F:72:59:48:7D:63:14
            X509v3 Authority Key Identifier:
                keyid:48:B1:BD:0F:CA:73:B8:AE:61:49:CE:25:46:CC:0F:15:E0:7E:76:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/490a4fa4caf480cb76c0bc4aefbf633f8ce3b1f9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/842b633f-80b8-4f4c-be98-656d6f9a7f38/4021f6c923fe79d09f6622be7de65f3a7449801a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/842b633f-80b8-4f4c-be98-656d6f9a7f38/490a4fa4caf480cb76c0bc4aefbf633f8ce3b1f9.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:1218:5001::/48

    Signature Algorithm: sha256WithRSAEncryption
         5c:c0:43:18:19:0d:a9:ff:48:92:14:a6:e2:ce:e5:b7:5e:2b:
         57:85:9a:33:5b:28:eb:28:2e:a3:81:ec:46:ad:82:70:03:28:
         f3:b2:44:54:dd:f2:1d:12:9b:e4:39:1d:b2:3a:4e:d7:65:1a:
         cb:ec:48:b1:fc:a6:67:ca:00:52:ae:8e:d5:3a:59:c6:03:d4:
         2e:81:ed:74:a4:0a:08:bc:83:e3:5d:a3:64:24:06:05:37:80:
         51:18:7b:7d:df:c3:45:4c:d1:43:15:8b:89:81:54:3b:f3:2e:
         70:24:8e:a9:c9:88:c5:1c:01:af:cf:f5:c4:71:40:f2:b9:52:
         c4:9a:8a:0c:57:f5:cf:3e:2a:49:fc:96:1a:21:db:c2:51:01:
         ec:20:20:b6:72:58:aa:ca:ee:ab:df:27:0a:c7:ed:af:35:06:
         08:21:1d:d5:3c:56:40:35:2a:54:d4:bf:e4:ab:9f:b1:6b:5f:
         42:4e:f4:a0:eb:15:93:40:a6:62:bb:cc:84:0d:c3:ed:bf:a2:
         33:5a:78:ca:51:3d:9d:5d:68:0c:2e:51:0b:e6:e4:cc:68:cc:
         e6:7a:c6:59:18:a5:3c:34:fb:f6:82:29:f7:36:3e:bd:09:97:
         e8:28:15:42:a0:44:3e:f5:0c:6b:1e:d1:59:df:0e:ca:15:ce:
         a9:b1:91:c5
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDD4Z5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ5
MGE0ZmE0Y2FmNDgwY2I3NmMwYmM0YWVmYmY2MzNmOGNlM2IxZjkwHhcNMjEwMzI0
MTQ0MzQ0WhcNMjYwMzI0MTQ0MzQ0WjAzMTEwLwYDVQQDEyg0MDIxZjZjOTIzZmU3
OWQwOWY2NjIyYmU3ZGU2NWYzYTc0NDk4MDFhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoiI3inJM3uI/Nwyxm9jJjNThc0S6RBC86AwLgalxq/C34JTV
u6ws23fWXhhAF6/wxMUkDMKaVoxnY4qW9IoI39CjMOC/b+bJ/tI2B/xo2Ri4NftX
CSl+eJ+A2+jx7tECeCNuKAaFY2lWIaBq0ohpfC09sAMmPhnObNvWq6duBhW8FFFK
7lvBzsM1veYUGA61u+SHt7vXeXbNHkoGfSIuTgyLYaGwIIGIJDM4YMoRzVAQsrcR
QZuvJFaw8c6sHxyV3Cngh8Uio/uxD4ADo5Z2Gs23nUTstyxbXuXcYk3nj3esIunx
rHwKR5RFtD1bNeCmpUB6NtWNxmCq2+zoB8LlKwIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFGa1PX/Bqw+6WgrsDsBvcllIfWMUMB8GA1UdIwQYMBaAFEixvQ/Kc7iuYUnO
JUbMDxXgfnaDMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDkwYTRm
YTRjYWY0ODBjYjc2YzBiYzRhZWZiZjYzM2Y4Y2UzYjFmOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvODQyYjYzM2YtODBiOC00ZjRjLWJlOTgtNjU2ZDZm
OWE3ZjM4LzQwMjFmNmM5MjNmZTc5ZDA5ZjY2MjJiZTdkZTY1ZjNhNzQ0OTgwMWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84NDJiNjMzZi04MGI4LTRmNGMtYmU5OC02NTZk
NmY5YTdmMzgvNDkwYTRmYTRjYWY0ODBjYjc2YzBiYzRhZWZiZjYzM2Y4Y2UzYjFm
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABEhhQATANBgkqhkiG9w0BAQsFAAOCAQEAXMBDGBkNqf9I
khSm4s7lt14rV4WaM1so6yguo4HsRq2CcAMo87JEVN3yHRKb5DkdsjpO12Uay+xI
sfymZ8oAUq6O1TpZxgPULoHtdKQKCLyD412jZCQGBTeAURh7fd/DRUzRQxWLiYFU
O/MucCSOqcmIxRwBr8/1xHFA8rlSxJqKDFf1zz4qSfyWGiHbwlEB7CAgtnJYqsru
q98nCsftrzUGCCEd1TxWQDUqVNS/5KufsWtfQk70oOsVk0CmYrvMhA3D7b+iM1p4
ylE9nV1oDC5RC+bkzGjM5nrGWRilPDT79oIp9zY+vQmX6CgVQqBEPvUMax7RWd8O
yhXOqbGRxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:04 2024 by rpki-client on console-ams.rpki-client.org