Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/b0868d91f1016a697917c8ea73aeb10f06df4c18.roa
File:                     b0868d91f1016a697917c8ea73aeb10f06df4c18.roa (raw, json)
Hash identifier:          mh7u7zUssHlOBwKzmj1aM5XwIakSBGaluLspXx81I5Q=
Subject key identifier:   98:6F:30:03:44:CC:73:F5:26:AF:AF:1F:E2:C4:4E:52:9F:8A:63:D5
Certificate issuer:       /CN=20cfd36a556e1a46c18de53d3fa81b0e1e970f23
Certificate serial:       023BAA
Authority key identifier: D6:76:54:78:51:E9:6F:3D:87:FA:EF:A4:05:EA:D4:A4:B7:0D:89:00
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/20cfd36a556e1a46c18de53d3fa81b0e1e970f23.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/b0868d91f1016a697917c8ea73aeb10f06df4c18.roa
Signing time:             Wed 07 Dec 2022 03:16:04 +0000
ROA not before:           Tue 20 Sep 2022 20:52:04 +0000
ROA not after:            Sat 21 Sep 2024 20:52:04 +0000
asID:                     8163
IP address blocks:        201.220.64.0/20 maxlen: 20
                          201.220.66.0/24 maxlen: 24
                          201.220.67.0/24 maxlen: 24
                          201.220.68.0/24 maxlen: 24
                          201.220.70.0/24 maxlen: 24
                          201.220.71.0/24 maxlen: 24
                          201.220.72.0/24 maxlen: 24
                          201.220.74.0/24 maxlen: 24
                          201.220.75.0/24 maxlen: 24
                          201.220.77.0/24 maxlen: 24
                          201.220.78.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 146346 (0x23baa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20cfd36a556e1a46c18de53d3fa81b0e1e970f23
        Validity
            Not Before: Sep 20 20:52:04 2022 GMT
            Not After : Sep 21 20:52:04 2024 GMT
        Subject: CN=b0868d91f1016a697917c8ea73aeb10f06df4c18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:9d:7f:a5:70:a4:e8:f4:50:c7:0c:54:12:58:
                    74:63:10:a0:c9:2a:03:00:6d:5c:44:0a:d3:7e:17:
                    c4:b6:9c:e6:06:b3:39:b1:b5:b8:df:99:b8:68:39:
                    7b:0e:20:52:2d:e7:15:e0:1c:a5:f6:b4:09:b9:98:
                    80:24:80:97:73:ec:5f:ef:8c:8a:54:f9:60:80:0b:
                    c9:20:2a:75:0a:1d:e9:42:75:9d:ab:18:4f:10:93:
                    12:7e:1d:e4:9d:63:25:c9:8f:a9:20:40:c0:31:80:
                    96:2b:fa:2a:5a:7c:df:f9:8f:86:2e:de:98:9f:a9:
                    cb:ef:57:69:e4:fb:35:37:4a:6f:39:78:5d:71:5a:
                    a5:0a:26:fa:f2:3a:73:80:5a:32:ca:19:ce:f4:c5:
                    ba:42:a1:a4:3a:da:61:34:34:29:53:2b:41:e1:6a:
                    32:9c:fa:f3:cd:d4:a9:a0:60:ad:40:8c:8d:12:de:
                    08:e9:fe:3b:cf:e2:13:79:90:a3:09:34:00:fb:7f:
                    59:93:3e:83:b2:eb:96:54:b4:40:3b:ad:bb:01:e9:
                    77:86:62:d6:91:65:9d:df:9e:b7:99:06:1c:9b:cd:
                    ea:2c:90:91:4c:fb:64:37:42:5d:e5:e2:6e:c0:70:
                    68:d6:b0:9e:45:98:01:f3:3e:fb:58:20:1a:64:bb:
                    b6:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:6F:30:03:44:CC:73:F5:26:AF:AF:1F:E2:C4:4E:52:9F:8A:63:D5
            X509v3 Authority Key Identifier:
                keyid:D6:76:54:78:51:E9:6F:3D:87:FA:EF:A4:05:EA:D4:A4:B7:0D:89:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/20cfd36a556e1a46c18de53d3fa81b0e1e970f23.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/b0868d91f1016a697917c8ea73aeb10f06df4c18.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/20cfd36a556e1a46c18de53d3fa81b0e1e970f23.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.220.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         0d:0a:9e:cd:cc:0b:6c:e7:5c:0b:c1:bc:87:2f:de:4e:b3:4d:
         f7:fc:0f:33:87:f2:ba:ba:a8:e3:df:16:93:3d:7f:b6:49:48:
         f6:db:2a:5f:5d:7a:61:78:2d:0f:27:90:c0:12:cd:6b:58:fc:
         25:de:4d:df:0b:1a:cd:14:32:61:e3:af:7d:43:98:43:c6:8c:
         a8:dc:ee:cc:16:d3:c1:a0:05:25:34:63:f6:01:8d:72:80:28:
         3a:23:04:bf:37:30:2e:3c:fc:04:fb:cf:96:e4:9c:f2:c7:00:
         00:75:8a:36:40:a7:d2:0f:2f:be:c0:16:e3:95:fe:f4:26:28:
         b8:96:5b:3b:96:92:74:e9:4d:c6:95:9c:96:ad:73:d2:e2:1d:
         c7:37:3d:15:82:de:f4:d9:6b:80:03:03:21:a8:f9:d7:ba:a3:
         a5:43:ae:8a:a8:09:af:5b:d2:3a:12:16:1a:5c:4c:71:8b:bd:
         27:27:46:6a:0e:34:c4:48:54:ad:7b:03:98:4a:b7:d8:81:f0:
         df:63:a3:36:21:b0:6e:f2:ef:31:43:d5:7a:74:73:00:64:7d:
         35:20:a6:88:9f:02:57:39:61:3a:f7:71:b7:dd:9c:be:3d:cf:
         6e:bb:6b:4b:e3:a6:2c:e3:47:f6:5f:4e:5c:9d:24:91:2c:30:
         0b:f7:9a:ca
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDAjuqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIw
Y2ZkMzZhNTU2ZTFhNDZjMThkZTUzZDNmYTgxYjBlMWU5NzBmMjMwHhcNMjIwOTIw
MjA1MjA0WhcNMjQwOTIxMjA1MjA0WjAzMTEwLwYDVQQDEyhiMDg2OGQ5MWYxMDE2
YTY5NzkxN2M4ZWE3M2FlYjEwZjA2ZGY0YzE4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjp1/pXCk6PRQxwxUElh0YxCgySoDAG1cRArTfhfEtpzmBrM5
sbW435m4aDl7DiBSLecV4Byl9rQJuZiAJICXc+xf74yKVPlggAvJICp1Ch3pQnWd
qxhPEJMSfh3knWMlyY+pIEDAMYCWK/oqWnzf+Y+GLt6Yn6nL71dp5Ps1N0pvOXhd
cVqlCib68jpzgFoyyhnO9MW6QqGkOtphNDQpUytB4WoynPrzzdSpoGCtQIyNEt4I
6f47z+ITeZCjCTQA+39Zkz6DsuuWVLRAO627Ael3hmLWkWWd3563mQYcm83qLJCR
TPtkN0Jd5eJuwHBo1rCeRZgB8z77WCAaZLu2yQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJhvMANEzHP1Jq+vH+LETlKfimPVMB8GA1UdIwQYMBaAFNZ2VHhR6W89h/rv
pAXq1KS3DYkAMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjBjZmQz
NmE1NTZlMWE0NmMxOGRlNTNkM2ZhODFiMGUxZTk3MGYyMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTU4YjMxZWMtMzEzMy00MjNkLThhZGItMzgxMzZi
M2M5ZjUxL2IwODY4ZDkxZjEwMTZhNjk3OTE3YzhlYTczYWViMTBmMDZkZjRjMTgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NThiMzFlYy0zMTMzLTQyM2QtOGFkYi0zODEz
NmIzYzlmNTEvMjBjZmQzNmE1NTZlMWE0NmMxOGRlNTNkM2ZhODFiMGUxZTk3MGYy
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBMncQDANBgkqhkiG9w0BAQsFAAOCAQEADQqezcwLbOdcC8G8
hy/eTrNN9/wPM4fyurqo498Wkz1/tklI9tsqX116YXgtDyeQwBLNa1j8Jd5N3wsa
zRQyYeOvfUOYQ8aMqNzuzBbTwaAFJTRj9gGNcoAoOiMEvzcwLjz8BPvPluSc8scA
AHWKNkCn0g8vvsAW45X+9CYouJZbO5aSdOlNxpWclq1z0uIdxzc9FYLe9NlrgAMD
Iaj517qjpUOuiqgJr1vSOhIWGlxMcYu9JydGag40xEhUrXsDmEq32IHw32OjNiGw
bvLvMUPVenRzAGR9NSCmiJ8CVzlhOvdxt92cvj3PbrtrS+OmLONH9l9OXJ0kkSww
C/eayg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:54 2024 by rpki-client on console-fra.rpki-client.org