Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8d7114b0-b656-4c1b-9754-27388538e321/7940f5e3d97eea0dad3dcca332f5fb570369b17a.roa
File:                     7940f5e3d97eea0dad3dcca332f5fb570369b17a.roa (raw, json)
Hash identifier:          MKibkYmbTtLtT6gwzspTAC0NZPAV7MNJ/thnMKjDHAY=
Subject key identifier:   71:69:D4:44:C0:72:1C:D2:2F:93:0B:B4:1E:2A:BB:8B:22:6C:D4:CF
Certificate issuer:       /CN=569d9c53d2d7a2dabbb573b437a4edbd78719117
Certificate serial:       15B383
Authority key identifier: 7E:23:73:C2:1C:1C:73:EA:50:DA:EE:CE:10:06:0B:BB:52:C4:C2:23
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/569d9c53d2d7a2dabbb573b437a4edbd78719117.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8d7114b0-b656-4c1b-9754-27388538e321/7940f5e3d97eea0dad3dcca332f5fb570369b17a.roa
Signing time:             Tue 03 Oct 2023 08:30:05 +0000
ROA not before:           Mon 02 Oct 2023 08:30:05 +0000
ROA not after:            Wed 01 Oct 2025 08:30:05 +0000
asID:                     264658
IP address blocks:        167.250.212.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1422211 (0x15b383)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=569d9c53d2d7a2dabbb573b437a4edbd78719117
        Validity
            Not Before: Oct  2 08:30:05 2023 GMT
            Not After : Oct  1 08:30:05 2025 GMT
        Subject: CN=7940f5e3d97eea0dad3dcca332f5fb570369b17a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:28:80:86:1b:bd:b4:d6:c9:08:a2:6b:c6:dc:
                    fb:f6:c4:8e:b4:74:b3:fe:83:e7:13:f7:39:d0:69:
                    34:40:eb:a0:0b:3f:0a:f3:a4:50:a9:b1:6f:95:97:
                    ba:f5:ca:59:08:fd:f3:5f:43:ec:cf:69:69:79:58:
                    d3:da:ab:69:55:09:a8:b7:77:20:72:7a:0f:41:56:
                    8b:44:c4:a9:47:df:33:68:c1:b4:fd:5a:ca:28:da:
                    89:ba:a6:ca:f2:47:db:4a:43:e7:a1:e3:90:70:d4:
                    ff:ab:79:b1:45:bc:7d:ec:24:01:1b:e8:c4:ea:41:
                    37:aa:8d:7c:47:d2:6a:43:9b:1c:63:46:9f:b8:d3:
                    69:26:2d:89:7c:b9:44:63:32:61:4c:8a:3d:a0:5d:
                    1c:e7:65:a7:95:2b:98:50:59:6a:bb:f6:83:15:4e:
                    fe:05:7a:74:1c:1e:d1:eb:10:3e:3c:8d:5a:c0:b2:
                    9f:e3:d6:09:7c:b9:e2:b1:8a:9f:d1:49:6d:7e:b6:
                    dd:ae:ad:1f:54:87:5a:ca:cb:c2:21:1f:e6:25:19:
                    41:70:7b:54:43:99:06:2b:4e:69:bb:a6:79:c8:73:
                    6f:ac:5c:c7:5b:d3:9e:4d:43:41:8a:06:05:11:dc:
                    be:74:c3:fa:e1:58:77:b4:60:79:4d:04:bc:70:3c:
                    bb:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:69:D4:44:C0:72:1C:D2:2F:93:0B:B4:1E:2A:BB:8B:22:6C:D4:CF
            X509v3 Authority Key Identifier:
                keyid:7E:23:73:C2:1C:1C:73:EA:50:DA:EE:CE:10:06:0B:BB:52:C4:C2:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/569d9c53d2d7a2dabbb573b437a4edbd78719117.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8d7114b0-b656-4c1b-9754-27388538e321/7940f5e3d97eea0dad3dcca332f5fb570369b17a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8d7114b0-b656-4c1b-9754-27388538e321/569d9c53d2d7a2dabbb573b437a4edbd78719117.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.250.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:a0:90:8c:fd:1d:ce:02:85:9c:bd:f5:8c:3f:da:c2:70:4f:
         15:89:d5:f4:65:81:ef:e8:c1:af:09:70:57:f2:f3:37:84:42:
         50:a1:3d:2f:c2:32:52:b5:05:48:4e:a2:59:42:39:91:30:1a:
         50:02:bd:72:ce:08:ed:48:39:fc:45:8f:1c:f9:a9:76:ff:88:
         f4:a8:28:39:20:4b:bb:f9:c5:c7:e5:78:5c:9e:77:be:4d:5c:
         84:3c:b7:83:11:2f:7b:7b:42:44:d8:97:59:d4:3c:72:f6:a7:
         69:97:07:89:a5:d6:6c:fa:fa:b1:e7:e6:6e:ff:fa:87:c7:66:
         8b:24:f4:f1:87:97:9b:97:90:b6:ae:8b:0f:ba:61:f0:3d:81:
         d7:7a:85:8b:4b:52:16:d2:85:c7:b4:e4:3c:cb:79:23:64:8c:
         b7:2f:b9:d2:a3:3e:5a:0e:db:1d:b1:af:5e:6e:74:e2:cd:5f:
         08:8a:3b:29:bc:13:de:af:ab:cd:8f:c8:6a:1b:ae:aa:c7:cd:
         d8:62:8f:cc:b1:86:8b:05:b8:65:1e:e8:f6:74:86:7e:ac:db:
         8d:b3:48:b7:4d:c0:90:be:9d:bb:78:43:02:d1:a5:69:fe:df:
         68:7a:30:78:29:23:49:57:dc:01:c0:21:c4:56:ae:25:12:d8:
         17:be:9f:fc
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFbODMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU2
OWQ5YzUzZDJkN2EyZGFiYmI1NzNiNDM3YTRlZGJkNzg3MTkxMTcwHhcNMjMxMDAy
MDgzMDA1WhcNMjUxMDAxMDgzMDA1WjAzMTEwLwYDVQQDEyg3OTQwZjVlM2Q5N2Vl
YTBkYWQzZGNjYTMzMmY1ZmI1NzAzNjliMTdhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsSiAhhu9tNbJCKJrxtz79sSOtHSz/oPnE/c50Gk0QOugCz8K
86RQqbFvlZe69cpZCP3zX0Psz2lpeVjT2qtpVQmot3cgcnoPQVaLRMSpR98zaMG0
/VrKKNqJuqbK8kfbSkPnoeOQcNT/q3mxRbx97CQBG+jE6kE3qo18R9JqQ5scY0af
uNNpJi2JfLlEYzJhTIo9oF0c52WnlSuYUFlqu/aDFU7+BXp0HB7R6xA+PI1awLKf
49YJfLnisYqf0Ultfrbdrq0fVIdaysvCIR/mJRlBcHtUQ5kGK05pu6Z5yHNvrFzH
W9OeTUNBigYFEdy+dMP64Vh3tGB5TQS8cDy72wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHFp1ETAchzSL5MLtB4qu4sibNTPMB8GA1UdIwQYMBaAFH4jc8IcHHPqUNru
zhAGC7tSxMIjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTY5ZDlj
NTNkMmQ3YTJkYWJiYjU3M2I0MzdhNGVkYmQ3ODcxOTExNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOGQ3MTE0YjAtYjY1Ni00YzFiLTk3NTQtMjczODg1
MzhlMzIxLzc5NDBmNWUzZDk3ZWVhMGRhZDNkY2NhMzMyZjVmYjU3MDM2OWIxN2Eu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84ZDcxMTRiMC1iNjU2LTRjMWItOTc1NC0yNzM4
ODUzOGUzMjEvNTY5ZDljNTNkMmQ3YTJkYWJiYjU3M2I0MzdhNGVkYmQ3ODcxOTEx
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqf61DANBgkqhkiG9w0BAQsFAAOCAQEAHKCQjP0dzgKFnL31
jD/awnBPFYnV9GWB7+jBrwlwV/LzN4RCUKE9L8IyUrUFSE6iWUI5kTAaUAK9cs4I
7Ug5/EWPHPmpdv+I9KgoOSBLu/nFx+V4XJ53vk1chDy3gxEve3tCRNiXWdQ8cvan
aZcHiaXWbPr6sefmbv/6h8dmiyT08YeXm5eQtq6LD7ph8D2B13qFi0tSFtKFx7Tk
PMt5I2SMty+50qM+Wg7bHbGvXm504s1fCIo7KbwT3q+rzY/IahuuqsfN2GKPzLGG
iwW4ZR7o9nSGfqzbjbNIt03AkL6du3hDAtGlaf7faHoweCkjSVfcAcAhxFauJRLY
F76f/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:54 2024 by rpki-client on console-fra.rpki-client.org