Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9450d0b7-caac-4bd4-a517-23250bd3d509/12ca213c9e0a533bcb3550eca079e0c43333accd.roa
File:                     12ca213c9e0a533bcb3550eca079e0c43333accd.roa (raw, json)
Hash identifier:          yaUeHJZB1h2ydDlHF1WzDXhH7QotKkOS8P4lFTrkYx0=
Subject key identifier:   7D:55:39:86:83:A2:18:C1:64:79:B0:53:2F:5A:B5:B1:0E:F2:32:FB
Certificate issuer:       /CN=2d7ada75860472b45a97cb9e0c6698ff1f4fb086
Certificate serial:       098103
Authority key identifier: DB:2D:9C:F6:4E:E6:D5:B4:9A:8D:AF:E3:A1:3D:E9:0E:C4:A4:46:C5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2d7ada75860472b45a97cb9e0c6698ff1f4fb086.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9450d0b7-caac-4bd4-a517-23250bd3d509/12ca213c9e0a533bcb3550eca079e0c43333accd.roa
Signing time:             Tue 03 Oct 2023 20:35:11 +0000
ROA not before:           Mon 02 Oct 2023 20:35:11 +0000
ROA not after:            Fri 03 Oct 2025 21:35:11 +0000
asID:                     3223
IP address blocks:        167.249.252.0/22 maxlen: 22
                          170.244.108.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 622851 (0x98103)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d7ada75860472b45a97cb9e0c6698ff1f4fb086
        Validity
            Not Before: Oct  2 20:35:11 2023 GMT
            Not After : Oct  3 21:35:11 2025 GMT
        Subject: CN=12ca213c9e0a533bcb3550eca079e0c43333accd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7b:27:bb:a4:f6:8b:ea:fe:4b:a2:e7:23:eb:
                    da:07:e3:89:00:ae:e7:25:fe:69:8d:c2:77:f2:7b:
                    61:df:08:44:6e:2d:c5:f0:b3:cb:14:d8:2d:e1:1e:
                    76:ea:aa:e2:26:e9:2e:52:9c:56:d7:95:4e:0d:10:
                    c2:95:d7:3e:f1:5b:55:78:5e:f7:92:80:72:be:76:
                    c5:a1:88:79:d1:87:6e:ca:83:82:43:ed:fb:06:a2:
                    66:7c:a8:4e:b2:ea:5a:8a:0b:00:3d:c3:6c:d2:b4:
                    95:89:f4:2b:45:a3:82:1f:cf:47:56:e6:5d:21:0a:
                    86:a3:14:f8:88:6a:0c:62:f4:6f:03:cc:c3:39:1e:
                    00:cd:50:19:42:15:ee:f5:1e:28:85:e8:66:0d:9f:
                    87:a9:a6:f2:24:29:6c:b1:85:a2:37:a3:5c:12:7b:
                    72:99:13:4a:da:ae:19:b0:10:23:53:f2:c6:c1:a3:
                    34:2f:64:d3:74:e6:36:1a:cc:62:6d:ad:80:a7:e6:
                    48:1c:a6:f3:73:60:74:10:66:52:96:27:a5:79:af:
                    94:14:75:2b:6e:56:cd:25:e3:2d:0e:6c:aa:b2:a2:
                    db:08:a4:ea:3e:a9:ae:75:6c:34:67:1e:02:54:13:
                    9b:28:94:10:ea:3f:2a:5c:3c:d1:c2:04:98:55:59:
                    77:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:55:39:86:83:A2:18:C1:64:79:B0:53:2F:5A:B5:B1:0E:F2:32:FB
            X509v3 Authority Key Identifier:
                keyid:DB:2D:9C:F6:4E:E6:D5:B4:9A:8D:AF:E3:A1:3D:E9:0E:C4:A4:46:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2d7ada75860472b45a97cb9e0c6698ff1f4fb086.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9450d0b7-caac-4bd4-a517-23250bd3d509/12ca213c9e0a533bcb3550eca079e0c43333accd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9450d0b7-caac-4bd4-a517-23250bd3d509/2d7ada75860472b45a97cb9e0c6698ff1f4fb086.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.249.252.0/22
                  170.244.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:7e:c7:a2:63:1d:0d:7f:05:02:42:ab:c0:3b:ca:eb:f0:59:
         b1:12:a4:c4:e2:60:ba:78:e8:a8:97:89:e6:e0:0a:74:32:a2:
         1e:8e:b6:e8:6c:9a:0a:70:82:2f:07:59:53:60:4f:68:5a:29:
         9d:59:f7:bb:b2:da:a4:94:60:be:34:58:70:a1:98:88:78:c1:
         d8:73:35:8a:bd:5a:a5:00:70:6f:3e:e2:d0:04:8e:e5:25:f3:
         99:d4:16:03:1e:08:4c:33:96:5f:27:db:08:15:9b:c8:90:ee:
         06:a7:95:ff:d9:f5:7a:61:0b:f1:43:bf:15:4b:6b:b2:f1:59:
         6f:d6:0a:e9:c9:54:06:db:6d:db:d5:b3:b7:d2:80:15:a9:41:
         f6:1d:40:eb:a5:45:52:ad:ba:e4:03:c1:2c:ca:a3:2c:2f:d5:
         dd:d9:56:d5:59:8e:c4:ac:40:02:82:1d:ac:9a:84:87:e9:ae:
         d5:10:c1:7d:cb:4a:73:a7:c8:78:2f:ff:a8:ef:9c:58:6b:3e:
         2f:37:5c:26:5b:6f:8a:13:cc:80:cd:07:02:5c:10:51:54:cd:
         5e:53:33:62:96:56:94:e3:07:93:0b:24:1d:d9:22:80:33:d9:
         2e:59:db:db:92:df:84:91:04:2e:29:65:55:af:9e:a2:21:b2:
         7f:a6:0a:ed
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDCYEDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJk
N2FkYTc1ODYwNDcyYjQ1YTk3Y2I5ZTBjNjY5OGZmMWY0ZmIwODYwHhcNMjMxMDAy
MjAzNTExWhcNMjUxMDAzMjEzNTExWjAzMTEwLwYDVQQDEygxMmNhMjEzYzllMGE1
MzNiY2IzNTUwZWNhMDc5ZTBjNDMzMzNhY2NkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoXsnu6T2i+r+S6LnI+vaB+OJAK7nJf5pjcJ38nth3whEbi3F
8LPLFNgt4R526qriJukuUpxW15VODRDCldc+8VtVeF73koByvnbFoYh50YduyoOC
Q+37BqJmfKhOsupaigsAPcNs0rSVifQrRaOCH89HVuZdIQqGoxT4iGoMYvRvA8zD
OR4AzVAZQhXu9R4ohehmDZ+HqabyJClssYWiN6NcEntymRNK2q4ZsBAjU/LGwaM0
L2TTdOY2Gsxiba2Ap+ZIHKbzc2B0EGZSlielea+UFHUrblbNJeMtDmyqsqLbCKTq
PqmudWw0Zx4CVBObKJQQ6j8qXDzRwgSYVVl3SwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFH1VOYaDohjBZHmwUy9atbEO8jL7MB8GA1UdIwQYMBaAFNstnPZO5tW0mo2v
46E96Q7EpEbFMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmQ3YWRh
NzU4NjA0NzJiNDVhOTdjYjllMGM2Njk4ZmYxZjRmYjA4Ni5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTQ1MGQwYjctY2FhYy00YmQ0LWE1MTctMjMyNTBi
ZDNkNTA5LzEyY2EyMTNjOWUwYTUzM2JjYjM1NTBlY2EwNzllMGM0MzMzM2FjY2Qu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NDUwZDBiNy1jYWFjLTRiZDQtYTUxNy0yMzI1
MGJkM2Q1MDkvMmQ3YWRhNzU4NjA0NzJiNDVhOTdjYjllMGM2Njk4ZmYxZjRmYjA4
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAqf5/AMEAqr0bDANBgkqhkiG9w0BAQsFAAOCAQEAOX7HomMd
DX8FAkKrwDvK6/BZsRKkxOJgunjoqJeJ5uAKdDKiHo626GyaCnCCLwdZU2BPaFop
nVn3u7LapJRgvjRYcKGYiHjB2HM1ir1apQBwbz7i0ASO5SXzmdQWAx4ITDOWXyfb
CBWbyJDuBqeV/9n1emEL8UO/FUtrsvFZb9YK6clUBttt29Wzt9KAFalB9h1A66VF
Uq265APBLMqjLC/V3dlW1VmOxKxAAoIdrJqEh+mu1RDBfctKc6fIeC//qO+cWGs+
LzdcJltvihPMgM0HAlwQUVTNXlMzYpZWlOMHkwskHdkigDPZLlnb25LfhJEELill
Va+eoiGyf6YK7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:54 2024 by rpki-client on console-fra.rpki-client.org