Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/9135659fd8e5a70f0c30ecda89e949c355265748.roa
File:                     9135659fd8e5a70f0c30ecda89e949c355265748.roa (raw, json)
Hash identifier:          i+HvWz6LU+Jmt0Gz5YaC7uCqF8AJaEL2vn09STeaq8I=
Subject key identifier:   78:78:E9:E3:F3:9A:CB:EA:75:AB:41:A2:9B:BC:75:25:9A:D4:FD:67
Certificate issuer:       /CN=72dcf4f6ae59843fdce24c28f903c9595129b623
Certificate serial:       12220F
Authority key identifier: 89:86:D7:8F:18:A2:0B:CB:15:07:EB:D2:31:2C:0D:8E:09:AD:2E:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72dcf4f6ae59843fdce24c28f903c9595129b623.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/9135659fd8e5a70f0c30ecda89e949c355265748.roa
Signing time:             Fri 24 Nov 2023 07:30:03 +0000
ROA not before:           Fri 24 Nov 2023 07:30:03 +0000
ROA not after:            Sun 23 Nov 2025 07:30:03 +0000
asID:                     271867
IP address blocks:        200.36.211.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1188367 (0x12220f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72dcf4f6ae59843fdce24c28f903c9595129b623
        Validity
            Not Before: Nov 24 07:30:03 2023 GMT
            Not After : Nov 23 07:30:03 2025 GMT
        Subject: CN=9135659fd8e5a70f0c30ecda89e949c355265748
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d3:6a:1b:33:f3:0a:5a:64:2d:d7:32:2f:62:
                    36:6f:76:0f:08:55:a8:59:22:2b:bf:f6:24:4f:ff:
                    6e:c0:11:3b:3e:de:54:40:d1:76:aa:b5:cf:61:ca:
                    6f:d1:55:03:02:24:84:05:5d:f8:7f:00:a9:2e:f7:
                    ca:fa:20:5d:f1:fa:c0:c1:f7:c6:c0:89:52:27:cd:
                    70:47:99:0b:68:3a:fa:9b:6b:c9:d3:92:f9:69:bc:
                    5e:b9:dd:43:b4:d5:d9:dd:86:69:77:97:d4:48:13:
                    33:db:52:91:e4:75:c8:91:8e:11:24:8a:8a:5d:d9:
                    cf:63:18:9a:ad:f8:b8:17:0c:ec:30:db:ef:78:5d:
                    a4:20:50:cb:45:c0:d1:48:36:70:dd:0b:00:dc:a9:
                    c1:52:36:3e:79:85:46:e6:f0:51:09:59:7f:8e:a5:
                    d3:16:1e:cb:a5:2b:4b:39:45:62:d6:90:69:4f:9a:
                    84:bc:47:63:73:e3:69:ab:c3:67:12:e6:aa:82:66:
                    a8:55:0a:20:b3:5a:c0:3c:62:1c:5f:0d:33:a8:f6:
                    dd:a2:59:71:bf:e4:d0:3a:5d:5b:c1:cf:f0:58:0c:
                    03:6f:bc:c3:1e:d4:8b:6b:88:8d:e7:46:55:31:5b:
                    32:b1:c7:0a:80:7b:ed:84:40:b5:32:3f:80:04:11:
                    ad:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:78:E9:E3:F3:9A:CB:EA:75:AB:41:A2:9B:BC:75:25:9A:D4:FD:67
            X509v3 Authority Key Identifier:
                keyid:89:86:D7:8F:18:A2:0B:CB:15:07:EB:D2:31:2C:0D:8E:09:AD:2E:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72dcf4f6ae59843fdce24c28f903c9595129b623.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/9135659fd8e5a70f0c30ecda89e949c355265748.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/72dcf4f6ae59843fdce24c28f903c9595129b623.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.36.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:30:9d:e7:45:c5:7c:26:60:7f:74:31:60:eb:f2:d2:5b:bf:
         d5:fd:d6:70:86:8d:6b:2b:60:76:d5:1b:35:e7:00:a0:6b:96:
         e1:80:2e:76:11:8c:78:41:ba:ec:de:19:b3:03:7a:74:bd:4c:
         89:1b:79:2b:5a:92:55:ec:40:ba:f0:2c:e4:3a:80:01:48:37:
         69:61:62:9d:da:11:fd:f2:6b:f4:2e:da:ab:d4:11:ea:a0:17:
         33:63:b1:da:76:a9:ca:7a:47:45:08:a9:f2:a0:aa:04:c9:45:
         54:e7:a6:87:09:6b:dc:19:56:31:b6:b2:f6:36:3f:dc:7a:fb:
         2c:c6:84:f6:b4:89:08:a0:63:01:be:fd:60:5d:71:1a:15:87:
         60:8c:e9:8b:c7:e3:82:a5:66:2b:05:67:dd:05:f6:98:ca:61:
         93:c1:de:ef:fa:24:4e:e8:10:f9:9a:37:b8:12:27:1b:b3:b5:
         1e:bf:cf:33:a6:eb:e9:05:b3:7a:36:b2:28:a8:b9:49:07:7f:
         54:b0:8b:f3:0f:cf:c2:82:ef:24:19:c2:bc:ee:db:da:3f:91:
         b6:f2:12:92:47:38:64:15:d5:e2:97:e0:01:37:99:84:4b:6f:
         f8:ea:65:6f:bc:f0:65:98:ea:ba:95:df:7d:f7:cb:2a:54:d8:
         fe:a2:21:49
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEiIPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcy
ZGNmNGY2YWU1OTg0M2ZkY2UyNGMyOGY5MDNjOTU5NTEyOWI2MjMwHhcNMjMxMTI0
MDczMDAzWhcNMjUxMTIzMDczMDAzWjAzMTEwLwYDVQQDEyg5MTM1NjU5ZmQ4ZTVh
NzBmMGMzMGVjZGE4OWU5NDljMzU1MjY1NzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAn9NqGzPzClpkLdcyL2I2b3YPCFWoWSIrv/YkT/9uwBE7Pt5U
QNF2qrXPYcpv0VUDAiSEBV34fwCpLvfK+iBd8frAwffGwIlSJ81wR5kLaDr6m2vJ
05L5abxeud1DtNXZ3YZpd5fUSBMz21KR5HXIkY4RJIqKXdnPYxiarfi4FwzsMNvv
eF2kIFDLRcDRSDZw3QsA3KnBUjY+eYVG5vBRCVl/jqXTFh7LpStLOUVi1pBpT5qE
vEdjc+Npq8NnEuaqgmaoVQogs1rAPGIcXw0zqPbdollxv+TQOl1bwc/wWAwDb7zD
HtSLa4iN50ZVMVsysccKgHvthEC1Mj+ABBGtfQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHh46ePzmsvqdatBopu8dSWa1P1nMB8GA1UdIwQYMBaAFImG148YogvLFQfr
0jEsDY4JrS62MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzJkY2Y0
ZjZhZTU5ODQzZmRjZTI0YzI4ZjkwM2M5NTk1MTI5YjYyMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTEyNjUwMWEtMWYyZC00ZWFmLWJiM2EtOWQ3ODcy
YWQ5YmFhLzkxMzU2NTlmZDhlNWE3MGYwYzMwZWNkYTg5ZTk0OWMzNTUyNjU3NDgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMTI2NTAxYS0xZjJkLTRlYWYtYmIzYS05ZDc4
NzJhZDliYWEvNzJkY2Y0ZjZhZTU5ODQzZmRjZTI0YzI4ZjkwM2M5NTk1MTI5YjYy
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgk0zANBgkqhkiG9w0BAQsFAAOCAQEAQjCd50XFfCZgf3Qx
YOvy0lu/1f3WcIaNaytgdtUbNecAoGuW4YAudhGMeEG67N4ZswN6dL1MiRt5K1qS
VexAuvAs5DqAAUg3aWFindoR/fJr9C7aq9QR6qAXM2Ox2napynpHRQip8qCqBMlF
VOemhwlr3BlWMbay9jY/3Hr7LMaE9rSJCKBjAb79YF1xGhWHYIzpi8fjgqVmKwVn
3QX2mMphk8He7/okTugQ+Zo3uBInG7O1Hr/PM6br6QWzejayKKi5SQd/VLCL8w/P
woLvJBnCvO7b2j+RtvISkkc4ZBXV4pfgATeZhEtv+Oplb7zwZZjqupXffffLKlTY
/qIhSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:59 2024 by rpki-client on console-fra.rpki-client.org