Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/0ab88759a8e37d5c84e926af41869cbbbc596d9e.roa
File:                     0ab88759a8e37d5c84e926af41869cbbbc596d9e.roa (raw, json)
Hash identifier:          UyoBiwEnnnAiPNH3WFozJ8QHXs0x0bCMqyr6yLlnfn8=
Subject key identifier:   35:8A:9E:E7:F4:26:67:86:A6:BA:2B:66:03:85:98:8C:A8:F9:A5:D5
Certificate issuer:       /CN=c42687bcebd27d6fd68fc0f95a18fd8af8b436bb
Certificate serial:       205FC0
Authority key identifier: BE:3E:AB:7A:10:6B:40:B0:F6:42:8F:4B:70:13:51:7C:9C:66:64:E0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/0ab88759a8e37d5c84e926af41869cbbbc596d9e.roa
Signing time:             Sat 29 Apr 2023 14:37:58 +0000
ROA not before:           Fri 28 Apr 2023 14:37:58 +0000
ROA not after:            Tue 29 Apr 2025 14:37:58 +0000
asID:                     400317
IP address blocks:        131.72.168.0/24 maxlen: 24
                          131.72.169.0/24 maxlen: 24
                          131.72.170.0/24 maxlen: 24
                          131.72.171.0/24 maxlen: 24
                          131.72.168.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2121664 (0x205fc0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c42687bcebd27d6fd68fc0f95a18fd8af8b436bb
        Validity
            Not Before: Apr 28 14:37:58 2023 GMT
            Not After : Apr 29 14:37:58 2025 GMT
        Subject: CN=0ab88759a8e37d5c84e926af41869cbbbc596d9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:af:23:5d:94:89:d5:cb:2b:63:35:fb:2f:5c:
                    04:1b:fb:e1:09:e7:ae:a8:b6:f3:80:a2:8a:d2:c9:
                    c6:ba:bf:b2:b2:fa:e4:bd:c4:25:62:88:76:e6:ab:
                    5b:6e:38:b4:b9:70:4f:7b:5b:44:3e:d5:35:71:1a:
                    a8:93:96:9c:0e:a4:e2:af:93:ec:36:40:4c:eb:92:
                    af:af:6a:3e:14:11:6a:fd:ad:f7:07:4d:4a:7c:47:
                    55:c1:d6:5e:6d:06:fb:f3:0c:8e:87:3b:19:d4:48:
                    9e:07:66:e3:77:5e:f4:c6:c0:b2:7e:f0:ce:72:05:
                    35:ba:6b:5c:6c:18:1e:12:0a:4e:d6:c7:48:b4:9a:
                    03:4c:32:6f:19:d6:09:ae:08:68:54:b5:81:ad:3d:
                    f1:6d:9d:4d:d3:86:c3:f0:68:f2:bf:6c:5b:c6:35:
                    0b:f5:0c:2d:a1:27:5a:2e:84:03:ff:96:ab:ab:d5:
                    17:eb:8d:28:c7:c7:c2:46:c4:88:0f:60:27:c6:e0:
                    ae:f6:6b:f0:c0:de:8b:3c:70:99:b1:86:d3:06:ec:
                    81:a6:0e:24:a7:cd:60:4c:24:be:1a:85:e6:f1:de:
                    1b:01:b5:23:71:6f:fb:0f:32:af:f7:79:57:cd:a4:
                    e7:ab:17:17:b6:20:d0:87:be:9f:f2:15:96:36:73:
                    50:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:8A:9E:E7:F4:26:67:86:A6:BA:2B:66:03:85:98:8C:A8:F9:A5:D5
            X509v3 Authority Key Identifier:
                keyid:BE:3E:AB:7A:10:6B:40:B0:F6:42:8F:4B:70:13:51:7C:9C:66:64:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/0ab88759a8e37d5c84e926af41869cbbbc596d9e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         74:67:cf:26:36:54:22:65:ff:09:ab:e9:28:c3:7a:a1:d4:20:
         d8:a8:0e:9d:5e:5b:f6:0f:b3:75:fc:75:76:0e:1f:41:74:11:
         cf:75:c5:fb:90:2a:be:8a:41:49:17:dd:ce:99:a8:21:7a:70:
         7c:32:73:c1:48:c8:6b:d6:4e:e8:7a:a9:62:a7:11:4c:bf:99:
         7b:07:0c:f4:85:ec:83:c5:38:ba:2f:a9:65:3e:e2:52:a5:6a:
         e6:d5:de:40:bc:a1:c4:91:d5:6e:16:af:df:0d:fc:9e:f8:17:
         af:b9:42:ea:19:cf:7f:7a:0d:83:a5:a1:bd:e2:f2:81:2f:64:
         8e:e6:68:e2:ca:ec:25:c8:1a:c0:55:2e:d5:d1:29:7d:6f:73:
         49:73:0c:08:81:e0:46:45:4c:27:39:7d:e2:66:b6:17:95:f6:
         8b:44:84:af:21:86:ea:67:35:eb:aa:9d:b1:06:01:ba:dc:de:
         f8:24:de:de:18:d7:76:65:62:b4:e6:93:51:f6:c9:71:15:4f:
         d0:ad:47:51:5b:6a:be:48:b8:f2:ae:b6:86:1f:47:ce:7f:4f:
         ab:a6:29:0f:c6:db:97:3a:70:5f:74:48:6b:51:c5:73:b7:4d:
         30:77:37:2b:b9:35:a9:02:3d:fb:e2:e4:f8:2e:77:77:38:9f:
         d1:12:dc:cb
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIF/AMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM0
MjY4N2JjZWJkMjdkNmZkNjhmYzBmOTVhMThmZDhhZjhiNDM2YmIwHhcNMjMwNDI4
MTQzNzU4WhcNMjUwNDI5MTQzNzU4WjAzMTEwLwYDVQQDEygwYWI4ODc1OWE4ZTM3
ZDVjODRlOTI2YWY0MTg2OWNiYmJjNTk2ZDllMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA+q8jXZSJ1csrYzX7L1wEG/vhCeeuqLbzgKKK0snGur+ysvrk
vcQlYoh25qtbbji0uXBPe1tEPtU1cRqok5acDqTir5PsNkBM65Kvr2o+FBFq/a33
B01KfEdVwdZebQb78wyOhzsZ1EieB2bjd170xsCyfvDOcgU1umtcbBgeEgpO1sdI
tJoDTDJvGdYJrghoVLWBrT3xbZ1N04bD8Gjyv2xbxjUL9QwtoSdaLoQD/5arq9UX
640ox8fCRsSID2AnxuCu9mvwwN6LPHCZsYbTBuyBpg4kp81gTCS+GoXm8d4bAbUj
cW/7DzKv93lXzaTnqxcXtiDQh76f8hWWNnNQHQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDWKnuf0JmeGprorZgOFmIyo+aXVMB8GA1UdIwQYMBaAFL4+q3oQa0Cw9kKP
S3ATUXycZmTgMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzQyNjg3
YmNlYmQyN2Q2ZmQ2OGZjMGY5NWExOGZkOGFmOGI0MzZiYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTAxMzQ1NjUtOWYzYy00OWIxLWFhZjYtZGZmMmVh
MzE0NmZlLzBhYjg4NzU5YThlMzdkNWM4NGU5MjZhZjQxODY5Y2JiYmM1OTZkOWUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMDEzNDU2NS05ZjNjLTQ5YjEtYWFmNi1kZmYy
ZWEzMTQ2ZmUvYzQyNjg3YmNlYmQyN2Q2ZmQ2OGZjMGY5NWExOGZkOGFmOGI0MzZi
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAoNIqDANBgkqhkiG9w0BAQsFAAOCAQEAdGfPJjZUImX/Cavp
KMN6odQg2KgOnV5b9g+zdfx1dg4fQXQRz3XF+5AqvopBSRfdzpmoIXpwfDJzwUjI
a9ZO6HqpYqcRTL+ZewcM9IXsg8U4ui+pZT7iUqVq5tXeQLyhxJHVbhav3w38nvgX
r7lC6hnPf3oNg6WhveLygS9kjuZo4srsJcgawFUu1dEpfW9zSXMMCIHgRkVMJzl9
4ma2F5X2i0SEryGG6mc166qdsQYButze+CTe3hjXdmVitOaTUfbJcRVP0K1HUVtq
vki48q62hh9Hzn9Pq6YpD8bblzpwX3RIa1HFc7dNMHc3K7k1qQI9++Lk+C53dzif
0RLcyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-ams.rpki-client.org