Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/84c08841-437f-4c6a-91e6-183763f57c51/4368e74634de66b66b0a8894598b56533b7d8d98.roa
File:                     4368e74634de66b66b0a8894598b56533b7d8d98.roa (raw, json)
Hash identifier:          CSJTicjl69xSKgxSCVaiFthlsMVNI2LxfUxBYvfxqvw=
Subject key identifier:   B5:0A:70:2E:65:10:AB:7E:66:76:32:1D:1D:C4:17:7C:BF:FB:72:0D
Certificate issuer:       /CN=f4cc2529c25b6ff72b64f9e86fd3c50d5a4a3ccb
Certificate serial:       08275C
Authority key identifier: 56:61:2E:13:6C:AF:57:C0:54:E7:1B:C5:5A:79:B9:9D:78:9E:1A:8B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f4cc2529c25b6ff72b64f9e86fd3c50d5a4a3ccb.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/84c08841-437f-4c6a-91e6-183763f57c51/4368e74634de66b66b0a8894598b56533b7d8d98.roa
Signing time:             Fri 15 Mar 2024 01:04:28 +0000
ROA not before:           Fri 15 Mar 2024 01:04:28 +0000
ROA not after:            Sun 15 Mar 2026 01:04:28 +0000
asID:                     269836
IP address blocks:        45.176.70.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 534364 (0x8275c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4cc2529c25b6ff72b64f9e86fd3c50d5a4a3ccb
        Validity
            Not Before: Mar 15 01:04:28 2024 GMT
            Not After : Mar 15 01:04:28 2026 GMT
        Subject: CN=4368e74634de66b66b0a8894598b56533b7d8d98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:3b:70:a3:dc:a4:2a:1c:7c:b9:22:69:aa:f9:
                    a9:72:ca:ba:42:30:58:82:11:04:22:e2:4e:10:a4:
                    76:07:fb:f0:f0:17:fc:19:f7:3f:79:fb:30:52:ab:
                    dd:6e:07:fb:f8:46:7d:6f:cc:37:d8:f7:41:a6:e1:
                    cf:1b:a1:ee:63:93:4f:2a:59:f7:d2:5b:92:38:b9:
                    9c:d0:98:d4:22:11:a0:0c:e9:d5:78:60:6a:e2:1b:
                    5b:9d:ce:31:22:13:61:47:15:e1:7c:9f:02:63:72:
                    1c:5c:a1:61:66:3f:71:c6:89:a9:b2:8c:fe:fb:8a:
                    b6:bf:bd:de:e7:a1:6f:72:7d:79:1d:39:4e:cc:0d:
                    4e:ca:f4:7f:1b:a4:d9:9d:8e:f8:f3:c2:22:0b:dd:
                    f7:81:84:66:51:33:a1:b0:ae:3c:dd:d4:3e:79:da:
                    a4:0a:79:65:1e:be:2e:26:4a:67:43:30:68:d7:09:
                    17:c9:cc:ba:2a:20:7c:6c:91:7f:5a:04:49:e0:e1:
                    a2:dd:8f:3d:73:91:bf:fb:79:a6:2d:94:e2:61:f1:
                    49:eb:39:dd:f7:44:f4:92:8a:87:2f:91:5e:7e:5a:
                    4a:c7:6d:84:9e:ae:4a:86:6c:47:08:62:d3:0f:d8:
                    e4:9e:d5:46:9e:68:32:9e:93:bb:6f:bc:42:4b:75:
                    04:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:0A:70:2E:65:10:AB:7E:66:76:32:1D:1D:C4:17:7C:BF:FB:72:0D
            X509v3 Authority Key Identifier:
                keyid:56:61:2E:13:6C:AF:57:C0:54:E7:1B:C5:5A:79:B9:9D:78:9E:1A:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f4cc2529c25b6ff72b64f9e86fd3c50d5a4a3ccb.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/84c08841-437f-4c6a-91e6-183763f57c51/4368e74634de66b66b0a8894598b56533b7d8d98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/84c08841-437f-4c6a-91e6-183763f57c51/f4cc2529c25b6ff72b64f9e86fd3c50d5a4a3ccb.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.176.70.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1c:1a:0b:e7:c5:b3:a4:61:71:20:19:e8:97:6d:92:13:33:30:
         42:3c:50:99:52:c8:8a:fd:ff:c1:44:47:5c:98:ee:b1:96:d2:
         3a:bc:30:d5:2c:bc:2a:58:84:b1:68:e7:ff:98:21:df:6a:38:
         ec:4d:86:ff:73:af:a5:1d:27:41:87:65:b3:d7:ad:19:8f:ba:
         6f:59:9b:14:55:d1:47:ab:c4:2e:50:f8:10:b2:41:cc:e7:54:
         f1:8c:eb:c3:42:bb:df:4c:73:ca:4d:07:e6:aa:06:36:d4:f3:
         0f:a5:ab:6d:6f:22:ca:70:e9:ba:10:57:c8:23:7f:7a:71:03:
         7e:e0:a5:84:83:27:58:7a:4f:5c:43:ae:4f:b5:16:46:df:f1:
         ba:5e:77:12:c4:94:be:e7:87:ec:9a:7c:eb:81:b0:3e:19:5b:
         39:aa:e5:7d:c9:c9:fd:47:79:56:2a:76:bf:4f:f0:95:1d:17:
         f5:22:21:3c:42:33:be:c5:e3:38:a0:be:96:26:d6:66:90:96:
         7f:59:94:26:1e:2d:f2:93:bb:ef:29:65:86:b3:ca:87:f0:88:
         dd:2d:02:6a:85:a0:84:b9:03:75:84:14:f5:ea:0e:fe:11:8c:
         d8:33:5b:aa:fd:e1:65:64:d9:7c:f5:93:3b:9a:7d:73:77:b2:
         19:21:5c:d7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDCCdcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY0
Y2MyNTI5YzI1YjZmZjcyYjY0ZjllODZmZDNjNTBkNWE0YTNjY2IwHhcNMjQwMzE1
MDEwNDI4WhcNMjYwMzE1MDEwNDI4WjAzMTEwLwYDVQQDEyg0MzY4ZTc0NjM0ZGU2
NmI2NmIwYTg4OTQ1OThiNTY1MzNiN2Q4ZDk4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkDtwo9ykKhx8uSJpqvmpcsq6QjBYghEEIuJOEKR2B/vw8Bf8
Gfc/efswUqvdbgf7+EZ9b8w32PdBpuHPG6HuY5NPKln30luSOLmc0JjUIhGgDOnV
eGBq4htbnc4xIhNhRxXhfJ8CY3IcXKFhZj9xxompsoz++4q2v73e56Fvcn15HTlO
zA1OyvR/G6TZnY7488IiC933gYRmUTOhsK483dQ+edqkCnllHr4uJkpnQzBo1wkX
ycy6KiB8bJF/WgRJ4OGi3Y89c5G/+3mmLZTiYfFJ6znd90T0koqHL5FeflpKx22E
nq5KhmxHCGLTD9jkntVGnmgynpO7b7xCS3UE+QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFLUKcC5lEKt+ZnYyHR3EF3y/+3INMB8GA1UdIwQYMBaAFFZhLhNsr1fAVOcb
xVp5uZ14nhqLMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjRjYzI1
MjljMjViNmZmNzJiNjRmOWU4NmZkM2M1MGQ1YTRhM2NjYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvODRjMDg4NDEtNDM3Zi00YzZhLTkxZTYtMTgzNzYz
ZjU3YzUxLzQzNjhlNzQ2MzRkZTY2YjY2YjBhODg5NDU5OGI1NjUzM2I3ZDhkOTgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84NGMwODg0MS00MzdmLTRjNmEtOTFlNi0xODM3
NjNmNTdjNTEvZjRjYzI1MjljMjViNmZmNzJiNjRmOWU4NmZkM2M1MGQ1YTRhM2Nj
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAS2wRjANBgkqhkiG9w0BAQsFAAOCAQEAHBoL58WzpGFxIBno
l22SEzMwQjxQmVLIiv3/wURHXJjusZbSOrww1Sy8KliEsWjn/5gh32o47E2G/3Ov
pR0nQYdls9etGY+6b1mbFFXRR6vELlD4ELJBzOdU8Yzrw0K730xzyk0H5qoGNtTz
D6WrbW8iynDpuhBXyCN/enEDfuClhIMnWHpPXEOuT7UWRt/xul53EsSUvueH7Jp8
64GwPhlbOarlfcnJ/Ud5Vip2v0/wlR0X9SIhPEIzvsXjOKC+libWZpCWf1mUJh4t
8pO77yllhrPKh/CI3S0CaoWghLkDdYQU9eoO/hGM2DNbqv3hZWTZfPWTO5p9c3ey
GSFc1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:53 2024 by rpki-client on console-fra.rpki-client.org