Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/87bed75a8e954b8796efc31363a2295ecc1217e2.roa
File:                     87bed75a8e954b8796efc31363a2295ecc1217e2.roa (raw, json)
Hash identifier:          Ek7geriZMYkk7/N1PCH/5ZQohiSt1C2pwb1/EyFEu5Y=
Subject key identifier:   78:D1:3E:41:4B:78:C0:39:39:88:9C:48:46:82:F7:6D:09:98:3E:76
Certificate issuer:       /CN=1059e1e3317704575f2c0b750ee73b166a39cd37
Certificate serial:       0E80A6
Authority key identifier: 80:F0:C7:27:4F:82:24:D1:E9:76:F3:80:E6:EF:32:CF:10:F8:9D:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/87bed75a8e954b8796efc31363a2295ecc1217e2.roa
Signing time:             Wed 24 Mar 2021 14:38:33 +0000
ROA not before:           Wed 24 Mar 2021 14:38:31 +0000
ROA not after:            Tue 24 Mar 2026 14:38:31 +0000
asID:                     28006
IP address blocks:        2800:370::/32 maxlen: 48
                          2800:4f0::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 950438 (0xe80a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1059e1e3317704575f2c0b750ee73b166a39cd37
        Validity
            Not Before: Mar 24 14:38:31 2021 GMT
            Not After : Mar 24 14:38:31 2026 GMT
        Subject: CN=87bed75a8e954b8796efc31363a2295ecc1217e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:69:97:7c:d2:37:48:d1:32:11:d3:72:76:ce:
                    f6:7e:cc:ba:76:93:5b:87:e0:8d:f1:11:d7:bb:e1:
                    09:29:00:7b:05:66:aa:05:bb:a6:54:d9:84:cf:01:
                    b1:e3:97:e2:be:6c:b4:2e:7e:7a:92:7b:9e:7d:f4:
                    06:f7:c1:30:fa:57:12:93:71:9d:72:4d:34:f0:b3:
                    48:e8:df:7e:b7:6e:a7:2b:42:81:3c:e8:53:15:9a:
                    33:8a:8a:90:b6:12:76:69:6e:fa:89:2a:fb:cb:57:
                    85:38:63:20:f0:91:16:36:32:6d:ba:b4:5c:a0:e2:
                    f9:7d:bc:5c:a5:04:dd:63:f4:0d:18:07:ac:83:66:
                    e2:b1:5d:23:ef:5c:c5:01:23:59:78:23:00:0e:ef:
                    5f:74:6c:b9:cc:25:03:a0:d7:6f:89:62:9a:77:0a:
                    f5:10:f8:ee:36:07:d3:d9:47:ae:30:80:34:d1:f4:
                    67:d9:e2:e2:4b:58:76:a2:79:6e:99:da:f1:31:cd:
                    9e:8f:4b:d0:ee:95:a3:9f:ab:21:ba:f9:03:b8:59:
                    9b:7e:f9:d6:26:a9:be:f7:aa:ac:d9:74:75:cd:60:
                    06:3a:b1:ef:ed:d3:4e:de:7c:b9:bc:01:64:73:44:
                    9d:c4:6d:3e:fb:03:2d:2b:45:69:67:69:2d:ca:38:
                    13:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:D1:3E:41:4B:78:C0:39:39:88:9C:48:46:82:F7:6D:09:98:3E:76
            X509v3 Authority Key Identifier:
                keyid:80:F0:C7:27:4F:82:24:D1:E9:76:F3:80:E6:EF:32:CF:10:F8:9D:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/87bed75a8e954b8796efc31363a2295ecc1217e2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/1059e1e3317704575f2c0b750ee73b166a39cd37.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:370::/32
                  2800:4f0::/32

    Signature Algorithm: sha256WithRSAEncryption
         26:e9:c4:06:d5:4a:6b:83:76:27:58:ac:e2:06:3f:8e:59:6b:
         f8:df:4f:2a:ed:71:0d:15:e2:3f:4b:e2:74:f5:7b:5a:78:fc:
         f6:13:6e:d1:2b:6d:64:8c:ef:5c:47:aa:57:06:52:3e:94:cc:
         4c:24:d0:52:de:fb:11:0c:03:79:a2:b6:1a:87:b6:2c:80:d7:
         9a:62:d2:00:1c:55:a2:71:d6:6c:a8:fe:0b:fc:71:ce:12:60:
         d4:dc:bc:a0:e4:7f:fc:07:19:a6:be:e4:bb:60:5e:9e:96:a3:
         6a:68:77:f7:ea:dd:cc:fd:91:cd:a5:1c:2c:f1:84:d9:d4:f2:
         b9:26:aa:84:85:ae:14:5f:54:c4:64:57:89:87:48:9b:ef:7c:
         8d:7f:8e:f5:d1:c9:8e:ea:c0:06:aa:fd:2d:bd:d1:bb:b8:86:
         e5:ff:61:1a:e3:5b:6f:b7:41:6c:fd:4e:ce:77:f2:9e:b8:a2:
         5c:e6:1f:7a:1b:f5:05:10:b4:08:16:0a:b5:1b:f9:17:8b:a1:
         54:30:f1:7f:78:a4:ab:51:82:87:d8:3c:b7:ce:84:6b:11:70:
         67:f7:09:d0:4a:bc:ba:98:57:52:dd:b0:4a:44:33:8d:33:2d:
         30:ad:9b:59:be:bd:e7:12:2c:df:11:a5:01:98:cd:ab:20:c6:
         c9:df:f4:e9
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDDoCmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEw
NTllMWUzMzE3NzA0NTc1ZjJjMGI3NTBlZTczYjE2NmEzOWNkMzcwHhcNMjEwMzI0
MTQzODMxWhcNMjYwMzI0MTQzODMxWjAzMTEwLwYDVQQDEyg4N2JlZDc1YThlOTU0
Yjg3OTZlZmMzMTM2M2EyMjk1ZWNjMTIxN2UyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqGmXfNI3SNEyEdNyds72fsy6dpNbh+CN8RHXu+EJKQB7BWaq
BbumVNmEzwGx45fivmy0Ln56knueffQG98Ew+lcSk3Gdck008LNI6N9+t26nK0KB
POhTFZozioqQthJ2aW76iSr7y1eFOGMg8JEWNjJturRcoOL5fbxcpQTdY/QNGAes
g2bisV0j71zFASNZeCMADu9fdGy5zCUDoNdviWKadwr1EPjuNgfT2UeuMIA00fRn
2eLiS1h2onlumdrxMc2ej0vQ7pWjn6shuvkDuFmbfvnWJqm+96qs2XR1zWAGOrHv
7dNO3ny5vAFkc0SdxG0++wMtK0VpZ2ktyjgTXQIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFHjRPkFLeMA5OYicSEaC920JmD52MB8GA1UdIwQYMBaAFIDwxydPgiTR6Xbz
gObvMs8Q+J3TMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTA1OWUx
ZTMzMTc3MDQ1NzVmMmMwYjc1MGVlNzNiMTY2YTM5Y2QzNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWNhNzEzZjUtNmNhYy00ODZlLWEwMTYtYTNlOGIz
MWJmMDI5Lzg3YmVkNzVhOGU5NTRiODc5NmVmYzMxMzYzYTIyOTVlY2MxMjE3ZTIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hY2E3MTNmNS02Y2FjLTQ4NmUtYTAxNi1hM2U4
YjMxYmYwMjkvMTA1OWUxZTMzMTc3MDQ1NzVmMmMwYjc1MGVlNzNiMTY2YTM5Y2Qz
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAIwDgMFACgAA3ADBQAoAATwMA0GCSqGSIb3DQEBCwUAA4IBAQAm6cQG
1Uprg3YnWKziBj+OWWv4308q7XENFeI/S+J09XtaePz2E27RK21kjO9cR6pXBlI+
lMxMJNBS3vsRDAN5orYah7YsgNeaYtIAHFWicdZsqP4L/HHOEmDU3Lyg5H/8Bxmm
vuS7YF6elqNqaHf36t3M/ZHNpRws8YTZ1PK5JqqEha4UX1TEZFeJh0ib73yNf471
0cmO6sAGqv0tvdG7uIbl/2Ea41tvt0Fs/U7Od/KeuKJc5h96G/UFELQIFgq1G/kX
i6FUMPF/eKSrUYKH2Dy3zoRrEXBn9wnQSry6mFdS3bBKRDONMy0wrZtZvr3nEizf
EaUBmM2rIMbJ3/Tp
-----END CERTIFICATE-----
Generated at Mon Apr 15 17:25:45 2024 by rpki-client on console-ams.rpki-client.org