Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D0A76A37CCDDA60FAA3806F550F54723B2051F7F40A6BAEBF1D865EC3591B80D/0/3137392e35302e33322e302f32312d3231203d3e203236363139.roa
File:                     3137392e35302e33322e302f32312d3231203d3e203236363139.roa (raw, json)
Hash identifier:          Knsx1uJLSR5U9LSmFo6imWn6Sw4mVzMlQUjXg/zdffI=
Subject key identifier:   A0:7C:15:21:A0:27:B6:3B:D3:8E:1D:6B:5D:A2:02:90:41:48:88:72
Certificate issuer:       /CN=486B0BE5445E23C8D136BD0B04CDCBC0E7E31EFF
Certificate serial:       2959805E593147C0EBEC3E9DE9A222496477FDEE
Authority key identifier: 48:6B:0B:E5:44:5E:23:C8:D1:36:BD:0B:04:CD:CB:C0:E7:E3:1E:FF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/486B0BE5445E23C8D136BD0B04CDCBC0E7E31EFF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D0A76A37CCDDA60FAA3806F550F54723B2051F7F40A6BAEBF1D865EC3591B80D/0/3137392e35302e33322e302f32312d3231203d3e203236363139.roa
Signing time:             Tue 05 Mar 2024 17:56:41 +0000
ROA not before:           Tue 05 Mar 2024 17:51:41 +0000
ROA not after:            Tue 04 Mar 2025 17:56:41 +0000
asID:                     26619
IP address blocks:        179.50.32.0/21 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:59:80:5e:59:31:47:c0:eb:ec:3e:9d:e9:a2:22:49:64:77:fd:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=486B0BE5445E23C8D136BD0B04CDCBC0E7E31EFF
        Validity
            Not Before: Mar  5 17:51:41 2024 GMT
            Not After : Mar  4 17:56:41 2025 GMT
        Subject: CN=A07C1521A027B63BD38E1D6B5DA2029041488872
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:7a:ba:d2:f7:94:4d:a0:17:4b:95:2b:e5:fb:
                    70:7e:5a:d4:bf:b7:8b:30:3c:39:c0:e9:99:2e:46:
                    6b:1b:09:2f:2f:f4:8b:8e:40:20:59:ef:df:c2:cc:
                    1b:07:b6:33:cc:b8:9b:e2:63:bc:61:31:87:da:73:
                    1c:72:05:6a:7d:8e:5f:5e:46:a3:06:43:67:bf:32:
                    d5:2e:31:ec:7a:fb:c0:67:e1:ec:a4:dd:f3:bc:a5:
                    f6:4c:39:90:e2:80:10:a3:dd:b9:97:4d:93:c3:bc:
                    c8:59:7f:6c:60:0a:b3:13:43:dd:51:95:10:25:81:
                    64:7d:26:a0:a0:89:1a:12:47:ff:10:57:f7:5f:a0:
                    cf:33:d5:53:d4:0f:4e:60:42:8b:db:24:8e:7f:90:
                    b2:39:23:3a:b4:f6:eb:58:8a:7e:cc:91:2e:f8:73:
                    d4:ec:f7:19:be:04:d6:b5:c2:80:de:81:29:1b:e6:
                    7f:fc:93:5c:c1:6f:2c:1d:07:cc:8c:5d:6b:b0:a4:
                    89:c1:5d:50:49:b6:b5:86:01:fb:86:6d:2e:f7:b6:
                    f8:48:ab:f2:0a:6c:c5:2f:60:ec:f4:4a:7e:19:8d:
                    9b:b3:5c:91:58:54:f2:38:58:03:fa:29:bf:c8:1e:
                    b9:14:f2:2e:25:4b:a4:f0:2d:68:28:0a:3c:08:0a:
                    39:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:7C:15:21:A0:27:B6:3B:D3:8E:1D:6B:5D:A2:02:90:41:48:88:72
            X509v3 Authority Key Identifier:
                keyid:48:6B:0B:E5:44:5E:23:C8:D1:36:BD:0B:04:CD:CB:C0:E7:E3:1E:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D0A76A37CCDDA60FAA3806F550F54723B2051F7F40A6BAEBF1D865EC3591B80D/0/486B0BE5445E23C8D136BD0B04CDCBC0E7E31EFF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/486B0BE5445E23C8D136BD0B04CDCBC0E7E31EFF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D0A76A37CCDDA60FAA3806F550F54723B2051F7F40A6BAEBF1D865EC3591B80D/0/3137392e35302e33322e302f32312d3231203d3e203236363139.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.50.32.0/21

    Signature Algorithm: sha256WithRSAEncryption
         88:6d:a0:da:3c:93:1c:67:8a:29:34:cf:b9:6f:e9:16:a9:04:
         d8:1a:de:bd:fe:ab:c8:5f:4f:1c:75:f3:12:97:c2:92:d7:16:
         af:c9:62:3d:8c:8d:fd:da:f4:a8:c8:d2:75:db:0b:20:d4:e3:
         12:94:b9:a9:3f:db:92:54:73:c9:4c:2e:5d:77:91:a8:bd:b0:
         c9:47:bb:e8:cb:dd:5b:c8:48:6f:bc:36:61:6e:65:59:7b:d7:
         8f:bd:2e:ed:90:cb:48:9a:8d:b9:01:93:2e:72:e7:7d:b8:67:
         73:f0:cc:3e:97:5e:35:8b:a8:85:46:55:01:30:91:bd:a8:02:
         09:cb:54:6a:41:66:d8:dc:72:c3:aa:4d:f4:be:0d:c9:fc:4e:
         2d:fd:71:bf:59:e2:e4:c8:76:89:fc:15:ae:91:e6:99:89:48:
         62:f1:7d:ef:9d:e0:85:2e:8d:bf:1a:24:f8:25:9d:40:d5:28:
         89:35:21:ff:b5:f0:86:5a:57:48:5a:7a:93:af:a3:dc:82:67:
         88:2c:d6:f0:6d:07:8c:c5:26:6c:79:53:70:8a:0c:16:22:24:
         c1:96:c2:62:9a:7e:45:21:ac:78:ca:40:38:01:90:6f:03:e3:
         97:04:27:20:0d:8a:80:74:a5:e4:f3:7a:9f:92:d2:b6:86:3f:
         2c:41:f8:1d
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUKVmAXlkxR8Dr7D6d6aIiSWR3/e4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDg2QjBCRTU0NDVFMjNDOEQxMzZCRDBCMDRDRENCQzBF
N0UzMUVGRjAeFw0yNDAzMDUxNzUxNDFaFw0yNTAzMDQxNzU2NDFaMDMxMTAvBgNV
BAMTKEEwN0MxNTIxQTAyN0I2M0JEMzhFMUQ2QjVEQTIwMjkwNDE0ODg4NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrerrS95RNoBdLlSvl+3B+WtS/
t4swPDnA6ZkuRmsbCS8v9IuOQCBZ79/CzBsHtjPMuJviY7xhMYfacxxyBWp9jl9e
RqMGQ2e/MtUuMex6+8Bn4eyk3fO8pfZMOZDigBCj3bmXTZPDvMhZf2xgCrMTQ91R
lRAlgWR9JqCgiRoSR/8QV/dfoM8z1VPUD05gQovbJI5/kLI5Izq09utYin7MkS74
c9Ts9xm+BNa1woDegSkb5n/8k1zBbywdB8yMXWuwpInBXVBJtrWGAfuGbS73tvhI
q/IKbMUvYOz0Sn4ZjZuzXJFYVPI4WAP6Kb/IHrkU8i4lS6TwLWgoCjwICjn1AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUoHwVIaAntjvTjh1rXaICkEFIiHIwHwYDVR0j
BBgwFoAUSGsL5UReI8jRNr0LBM3LwOfjHv8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMEE3NkEzN0NDRERBNjBGQUEzODA2RjU1MEY1NDcyM0Iy
MDUxRjdGNDBBNkJBRUJGMUQ4NjVFQzM1OTFCODBELzAvNDg2QjBCRTU0NDVFMjND
OEQxMzZCRDBCMDRDRENCQzBFN0UzMUVGRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80ODZCMEJFNTQ0NUUyM0M4RDEz
NkJEMEIwNENEQ0JDMEU3RTMxRUZGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDBBNzZBMzdDQ0REQTYwRkFBMzgwNkY1NTBGNTQ3MjNCMjA1MUY3RjQw
QTZCQUVCRjFEODY1RUMzNTkxQjgwRC8wLzMxMzczOTJlMzUzMDJlMzMzMjJlMzAy
ZjMyMzEyZDMyMzEyMDNkM2UyMDMyMzYzNjMxMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOzMiAwDQYJ
KoZIhvcNAQELBQADggEBAIhtoNo8kxxniik0z7lv6RapBNga3r3+q8hfTxx18xKX
wpLXFq/JYj2Mjf3a9KjI0nXbCyDU4xKUuak/25JUc8lMLl13kai9sMlHu+jL3VvI
SG+8NmFuZVl714+9Lu2Qy0iajbkBky5y5324Z3PwzD6XXjWLqIVGVQEwkb2oAgnL
VGpBZtjccsOqTfS+Dcn8Ti39cb9Z4uTIdon8Fa6R5pmJSGLxfe+d4IUujb8aJPgl
nUDVKIk1If+18IZaV0haepOvo9yCZ4gs1vBtB4zFJmx5U3CKDBYiJMGWwmKafkUh
rHjKQDgBkG8D45cEJyANioB0peTzep+S0raGPyxB+B0=
-----END CERTIFICATE-----
Generated at Mon Oct 28 21:48:52 2024 by rpki-client on console-fra.rpki-client.org