Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/3ec1a633f78ea817143b0561b64c8cfb137110ec.roa
File:                     3ec1a633f78ea817143b0561b64c8cfb137110ec.roa (raw, json)
Hash identifier:          w3o+5foiMDGpVqqrw1Uem3i44W2dtqlldD/djqbA9Jo=
Subject key identifier:   8E:85:E6:04:83:78:D1:DE:6A:6C:A2:52:AE:79:07:1A:07:41:65:BC
Certificate issuer:       /CN=c42687bcebd27d6fd68fc0f95a18fd8af8b436bb
Certificate serial:       1A4EED
Authority key identifier: BE:3E:AB:7A:10:6B:40:B0:F6:42:8F:4B:70:13:51:7C:9C:66:64:E0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/3ec1a633f78ea817143b0561b64c8cfb137110ec.roa
Signing time:             Wed 14 Sep 2022 18:53:17 +0000
ROA not before:           Mon 12 Sep 2022 15:47:43 +0000
ROA not after:            Thu 12 Sep 2024 15:47:43 +0000
asID:                     269918
IP address blocks:        131.72.168.0/24 maxlen: 24
                          131.72.169.0/24 maxlen: 24
                          131.72.170.0/23 maxlen: 23
                          131.72.168.0/22 maxlen: 22
                          2803:dd80::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1724141 (0x1a4eed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c42687bcebd27d6fd68fc0f95a18fd8af8b436bb
        Validity
            Not Before: Sep 12 15:47:43 2022 GMT
            Not After : Sep 12 15:47:43 2024 GMT
        Subject: CN=3ec1a633f78ea817143b0561b64c8cfb137110ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:80:7c:b6:2a:ee:4a:fd:d0:eb:2d:1f:eb:32:
                    ef:a5:09:a1:3c:a8:4c:71:52:79:f0:a0:4e:be:fa:
                    e1:c6:8c:2e:24:79:8b:c6:30:fa:3a:52:6d:bb:5b:
                    5c:7a:59:01:13:5a:75:20:f4:c5:8a:3d:e3:c8:a2:
                    b0:c9:0d:39:8a:ed:ae:93:ba:06:86:04:df:55:ac:
                    cd:f4:c8:96:7b:2b:f6:d4:a7:cc:40:f8:e0:3e:a0:
                    96:16:c5:92:32:e2:dc:5d:6d:d1:17:c1:73:50:4b:
                    60:97:d9:1c:e9:64:79:a7:76:e6:fb:6b:e8:58:cb:
                    45:9f:74:b0:b4:62:9d:48:fb:f4:54:49:79:10:29:
                    eb:b5:b1:db:51:92:1f:a8:c1:29:e5:a6:06:6e:69:
                    9a:78:7b:2e:a5:f3:20:cc:80:aa:9a:dc:6e:28:68:
                    b5:70:83:f8:3b:d4:84:8a:a3:0e:04:07:01:ce:2f:
                    1b:d1:a2:80:25:75:6a:98:ca:c0:c4:b0:56:3a:cd:
                    57:a7:e5:4f:de:6b:34:f8:90:07:eb:b4:a2:ef:1f:
                    13:61:a1:6c:16:0e:a5:75:2a:09:bf:eb:93:26:0c:
                    bd:f7:cb:61:a6:7c:ff:e3:b6:a9:17:ff:d4:18:5d:
                    de:c0:c1:bf:0f:05:c5:f4:43:43:cd:44:89:21:5d:
                    8d:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:85:E6:04:83:78:D1:DE:6A:6C:A2:52:AE:79:07:1A:07:41:65:BC
            X509v3 Authority Key Identifier:
                keyid:BE:3E:AB:7A:10:6B:40:B0:F6:42:8F:4B:70:13:51:7C:9C:66:64:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/3ec1a633f78ea817143b0561b64c8cfb137110ec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a0134565-9f3c-49b1-aaf6-dff2ea3146fe/c42687bcebd27d6fd68fc0f95a18fd8af8b436bb.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.168.0/22
                IPv6:
                  2803:dd80::/32

    Signature Algorithm: sha256WithRSAEncryption
         59:4c:52:7d:dc:77:4b:7e:63:ea:62:71:fa:29:8f:78:e1:14:
         90:0c:dd:45:9b:86:eb:b1:27:81:74:bf:da:b7:a6:5d:82:5e:
         cd:2e:f4:58:a9:48:95:95:3d:e3:98:be:0c:24:4a:5e:9c:88:
         df:71:29:fc:2b:3a:84:d3:83:e6:42:c2:88:35:74:00:0e:23:
         b0:06:7d:d7:6a:fc:f2:36:e0:b0:f3:34:9f:37:f5:64:5a:9a:
         32:33:3d:ff:c1:6a:b2:63:53:c8:f9:f9:50:45:4a:99:70:1b:
         8d:59:36:f7:71:72:4c:90:34:d3:12:ae:df:50:68:5e:65:07:
         e7:e4:ac:9f:16:ce:46:68:b8:0b:10:80:fd:5f:1f:1a:f5:c1:
         51:f1:fc:62:c8:72:aa:56:48:c5:36:b6:8e:f7:31:4b:fa:3e:
         f9:25:fb:a9:8a:a7:03:3c:63:c7:00:ff:ab:c5:63:a9:a4:9b:
         82:6d:33:2b:8d:61:40:3b:17:82:2a:74:51:4f:48:7b:49:98:
         81:c7:16:a7:73:d2:28:1b:e5:1a:f8:5a:42:7f:bb:b1:6e:1f:
         b1:a4:18:fa:c1:ba:25:68:65:05:0a:99:b8:c0:14:eb:fe:54:
         08:bc:2a:97:da:88:27:97:de:79:cc:45:61:6b:a0:2d:c1:87:
         81:4c:10:f4
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDGk7tMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM0
MjY4N2JjZWJkMjdkNmZkNjhmYzBmOTVhMThmZDhhZjhiNDM2YmIwHhcNMjIwOTEy
MTU0NzQzWhcNMjQwOTEyMTU0NzQzWjAzMTEwLwYDVQQDEygzZWMxYTYzM2Y3OGVh
ODE3MTQzYjA1NjFiNjRjOGNmYjEzNzExMGVjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAr4B8tiruSv3Q6y0f6zLvpQmhPKhMcVJ58KBOvvrhxowuJHmL
xjD6OlJtu1tcelkBE1p1IPTFij3jyKKwyQ05iu2uk7oGhgTfVazN9MiWeyv21KfM
QPjgPqCWFsWSMuLcXW3RF8FzUEtgl9kc6WR5p3bm+2voWMtFn3SwtGKdSPv0VEl5
ECnrtbHbUZIfqMEp5aYGbmmaeHsupfMgzICqmtxuKGi1cIP4O9SEiqMOBAcBzi8b
0aKAJXVqmMrAxLBWOs1Xp+VP3ms0+JAH67Si7x8TYaFsFg6ldSoJv+uTJgy998th
pnz/47apF//UGF3ewMG/DwXF9ENDzUSJIV2NYQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFI6F5gSDeNHeamyiUq55BxoHQWW8MB8GA1UdIwQYMBaAFL4+q3oQa0Cw9kKP
S3ATUXycZmTgMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzQyNjg3
YmNlYmQyN2Q2ZmQ2OGZjMGY5NWExOGZkOGFmOGI0MzZiYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTAxMzQ1NjUtOWYzYy00OWIxLWFhZjYtZGZmMmVh
MzE0NmZlLzNlYzFhNjMzZjc4ZWE4MTcxNDNiMDU2MWI2NGM4Y2ZiMTM3MTEwZWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMDEzNDU2NS05ZjNjLTQ5YjEtYWFmNi1kZmYy
ZWEzMTQ2ZmUvYzQyNjg3YmNlYmQyN2Q2ZmQ2OGZjMGY5NWExOGZkOGFmOGI0MzZi
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAoNIqDANBAIAAjAHAwUAKAPdgDANBgkqhkiG9w0BAQsFAAOC
AQEAWUxSfdx3S35j6mJx+imPeOEUkAzdRZuG67EngXS/2remXYJezS70WKlIlZU9
45i+DCRKXpyI33Ep/Cs6hNOD5kLCiDV0AA4jsAZ912r88jbgsPM0nzf1ZFqaMjM9
/8FqsmNTyPn5UEVKmXAbjVk293FyTJA00xKu31BoXmUH5+SsnxbORmi4CxCA/V8f
GvXBUfH8YshyqlZIxTa2jvcxS/o++SX7qYqnAzxjxwD/q8VjqaSbgm0zK41hQDsX
gip0UU9Ie0mYgccWp3PSKBvlGvhaQn+7sW4fsaQY+sG6JWhlBQqZuMAU6/5UCLwq
l9qIJ5feecxFYWugLcGHgUwQ9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-ams.rpki-client.org