Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/15fb26f0aa2fb03a6fc948fefcb191f08d1390fc.roa
File:                     15fb26f0aa2fb03a6fc948fefcb191f08d1390fc.roa (raw, json)
Hash identifier:          DqReX2Gi/QBaDqKuviKMmxd+m3mHxR/T+tTRC3a9nfg=
Subject key identifier:   1C:EA:7A:33:F7:04:C6:BC:3E:40:07:82:8A:DD:41:0F:8A:A9:16:33
Certificate issuer:       /CN=c42687bcebd27d6fd68fc0f95a18fd8af8b436bb
Certificate serial:       205A9D
Authority key identifier: BE:3E:AB:7A:10:6B:40:B0:F6:42:8F:4B:70:13:51:7C:9C:66:64:E0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/15fb26f0aa2fb03a6fc948fefcb191f08d1390fc.roa
Signing time:             Sat 29 Apr 2023 14:37:14 +0000
ROA not before:           Fri 28 Apr 2023 14:37:14 +0000
ROA not after:            Tue 29 Apr 2025 14:37:14 +0000
asID:                     3549
IP address blocks:        131.72.168.0/24 maxlen: 24
                          131.72.169.0/24 maxlen: 24
                          131.72.170.0/24 maxlen: 24
                          131.72.171.0/24 maxlen: 24
                          131.72.168.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2120349 (0x205a9d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c42687bcebd27d6fd68fc0f95a18fd8af8b436bb
        Validity
            Not Before: Apr 28 14:37:14 2023 GMT
            Not After : Apr 29 14:37:14 2025 GMT
        Subject: CN=15fb26f0aa2fb03a6fc948fefcb191f08d1390fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:8e:5b:f6:7c:cb:dc:22:a2:cc:e4:85:47:33:
                    44:91:a0:0a:e7:42:27:1e:1b:8e:50:51:a2:7a:9e:
                    96:bb:17:15:9e:41:78:cc:e4:08:6d:75:5a:55:ea:
                    df:80:db:70:9d:98:f9:63:de:a1:36:c3:4c:91:35:
                    33:85:d5:65:03:43:ae:84:7f:c8:21:fc:ee:eb:49:
                    76:67:8a:04:b8:cf:c6:30:f3:89:d0:ea:1b:ab:92:
                    82:d1:9a:95:94:70:79:d2:1b:7c:3e:a7:09:63:39:
                    8f:c5:10:f2:ad:67:de:27:0f:bb:4e:d1:6b:0b:37:
                    81:ee:f5:83:4b:93:13:36:53:a6:5c:2b:61:fe:60:
                    ba:7b:99:a4:80:07:a8:a9:2f:cf:f6:ed:35:4f:19:
                    56:cb:71:60:42:8e:23:4b:cb:db:9e:5f:f9:f3:33:
                    7f:65:b0:10:af:ab:26:e0:74:f0:5c:10:f7:f5:22:
                    a3:b1:f2:1a:e2:e4:0c:99:29:a9:08:4a:d7:07:55:
                    ba:b1:14:f3:85:e5:4d:2c:b2:67:01:f3:82:5e:d4:
                    c3:94:21:60:fb:0c:60:0f:54:12:b9:b7:e7:31:69:
                    be:47:92:43:0c:1a:23:b4:03:62:90:89:4e:be:57:
                    53:27:da:cf:af:3d:4a:59:e8:a4:4f:11:72:37:ce:
                    80:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:EA:7A:33:F7:04:C6:BC:3E:40:07:82:8A:DD:41:0F:8A:A9:16:33
            X509v3 Authority Key Identifier:
                keyid:BE:3E:AB:7A:10:6B:40:B0:F6:42:8F:4B:70:13:51:7C:9C:66:64:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/15fb26f0aa2fb03a6fc948fefcb191f08d1390fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         95:fe:47:cf:f4:d5:b4:bc:9f:06:c6:c9:c4:b5:13:b9:1b:ac:
         fc:a8:02:47:b2:f9:1f:39:6f:93:8c:3b:7d:8f:c0:4a:da:8d:
         ca:0d:14:64:87:d0:8b:d4:c6:53:60:7c:82:dc:73:22:95:96:
         af:3f:e4:79:4f:03:ac:27:dc:33:df:94:e6:61:f9:2b:d1:4a:
         5e:9d:e6:be:c7:3e:df:6c:fa:77:81:3d:d2:8e:93:76:1f:7e:
         63:aa:b9:ee:cf:a7:5c:33:69:6a:98:9f:61:c5:41:1d:d5:f3:
         bf:df:fe:ae:d6:27:88:cd:ff:a1:c3:83:f5:dc:cb:a3:6b:7f:
         e8:42:55:d6:fe:1f:63:ef:63:ae:5f:3b:4c:7a:e6:2c:fc:46:
         56:74:23:ca:5e:4e:2b:48:d9:21:23:cb:06:e2:6d:7c:59:81:
         81:8e:a3:01:92:14:ec:79:30:4c:7c:84:00:20:e0:49:fc:83:
         9d:d2:ec:43:21:2d:98:5e:79:9f:3e:e1:39:5d:53:f3:47:cd:
         6d:4c:f5:43:90:f8:95:87:af:47:f1:86:94:16:6b:b4:22:f5:
         80:e6:c3:57:a6:7d:83:b3:50:de:9f:00:32:79:0c:ab:83:24:
         28:b4:ca:f5:d4:a1:bb:9b:40:46:04:10:58:df:3a:a9:56:7c:
         f3:bc:ad:4f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIFqdMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM0
MjY4N2JjZWJkMjdkNmZkNjhmYzBmOTVhMThmZDhhZjhiNDM2YmIwHhcNMjMwNDI4
MTQzNzE0WhcNMjUwNDI5MTQzNzE0WjAzMTEwLwYDVQQDEygxNWZiMjZmMGFhMmZi
MDNhNmZjOTQ4ZmVmY2IxOTFmMDhkMTM5MGZjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuo5b9nzL3CKizOSFRzNEkaAK50InHhuOUFGiep6WuxcVnkF4
zOQIbXVaVerfgNtwnZj5Y96hNsNMkTUzhdVlA0OuhH/IIfzu60l2Z4oEuM/GMPOJ
0Oobq5KC0ZqVlHB50ht8PqcJYzmPxRDyrWfeJw+7TtFrCzeB7vWDS5MTNlOmXCth
/mC6e5mkgAeoqS/P9u01TxlWy3FgQo4jS8vbnl/58zN/ZbAQr6sm4HTwXBD39SKj
sfIa4uQMmSmpCErXB1W6sRTzheVNLLJnAfOCXtTDlCFg+wxgD1QSubfnMWm+R5JD
DBojtANikIlOvldTJ9rPrz1KWeikTxFyN86AHQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBzqejP3BMa8PkAHgordQQ+KqRYzMB8GA1UdIwQYMBaAFL4+q3oQa0Cw9kKP
S3ATUXycZmTgMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzQyNjg3
YmNlYmQyN2Q2ZmQ2OGZjMGY5NWExOGZkOGFmOGI0MzZiYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTAxMzQ1NjUtOWYzYy00OWIxLWFhZjYtZGZmMmVh
MzE0NmZlLzE1ZmIyNmYwYWEyZmIwM2E2ZmM5NDhmZWZjYjE5MWYwOGQxMzkwZmMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMDEzNDU2NS05ZjNjLTQ5YjEtYWFmNi1kZmYy
ZWEzMTQ2ZmUvYzQyNjg3YmNlYmQyN2Q2ZmQ2OGZjMGY5NWExOGZkOGFmOGI0MzZi
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAoNIqDANBgkqhkiG9w0BAQsFAAOCAQEAlf5Hz/TVtLyfBsbJ
xLUTuRus/KgCR7L5Hzlvk4w7fY/AStqNyg0UZIfQi9TGU2B8gtxzIpWWrz/keU8D
rCfcM9+U5mH5K9FKXp3mvsc+32z6d4E90o6Tdh9+Y6q57s+nXDNpapifYcVBHdXz
v9/+rtYniM3/ocOD9dzLo2t/6EJV1v4fY+9jrl87THrmLPxGVnQjyl5OK0jZISPL
BuJtfFmBgY6jAZIU7HkwTHyEACDgSfyDndLsQyEtmF55nz7hOV1T80fNbUz1Q5D4
lYevR/GGlBZrtCL1gObDV6Z9g7NQ3p8AMnkMq4MkKLTK9dShu5tARgQQWN86qVZ8
87ytTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:59 2024 by rpki-client on console-fra.rpki-client.org