Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b71230ce-a950-4a0b-b8cd-0f4cd8eb3219/f485f9fbeaffbe6f9722411effda2f30207eadb0.roa
File:                     f485f9fbeaffbe6f9722411effda2f30207eadb0.roa (raw, json)
Hash identifier:          TQkvWCfGKZvkp7tc8Oq3vGybbDHpYIz+0UxQUTxBCic=
Subject key identifier:   84:AD:0F:22:3F:61:40:3B:31:FE:E0:1B:FA:42:FB:34:5D:F3:27:84
Certificate issuer:       /CN=d407c72537519f11553c7ee9eb83baa042334380
Certificate serial:       15BC7E
Authority key identifier: 44:BD:8F:E3:EF:F8:DC:07:25:9C:DF:BE:27:D0:8C:8B:E5:E5:47:DB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d407c72537519f11553c7ee9eb83baa042334380.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b71230ce-a950-4a0b-b8cd-0f4cd8eb3219/f485f9fbeaffbe6f9722411effda2f30207eadb0.roa
Signing time:             Mon 04 Dec 2023 10:17:39 +0000
ROA not before:           Mon 04 Dec 2023 10:17:39 +0000
ROA not after:            Thu 04 Dec 2025 10:17:39 +0000
asID:                     269070
IP address blocks:        200.26.185.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1424510 (0x15bc7e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d407c72537519f11553c7ee9eb83baa042334380
        Validity
            Not Before: Dec  4 10:17:39 2023 GMT
            Not After : Dec  4 10:17:39 2025 GMT
        Subject: CN=f485f9fbeaffbe6f9722411effda2f30207eadb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:7e:20:93:29:6c:b4:17:98:fe:71:7f:42:1a:
                    64:d6:53:e4:20:87:50:cb:17:0b:54:77:9d:59:2d:
                    1b:d8:b6:4a:2b:68:29:04:e9:9e:4d:f0:00:10:63:
                    99:3b:23:c1:1e:c2:2b:89:70:7a:ad:75:d4:d5:11:
                    0c:29:60:89:9d:cc:29:70:83:9f:3a:42:0e:c3:1f:
                    36:7c:bd:4a:a1:9c:4f:e1:a6:54:e1:c5:07:fd:18:
                    e9:7e:ff:94:ca:f2:7c:09:0d:5e:2b:bd:91:f2:c7:
                    03:b0:94:db:0d:78:f1:bb:9a:c4:fd:7c:3b:68:4e:
                    b5:f6:69:86:8f:0b:a6:82:40:5f:0c:41:6e:b8:b0:
                    dc:b5:a2:d2:fb:ff:41:c8:8e:6e:01:bc:79:f2:07:
                    1a:41:3f:a1:8e:67:d7:9a:5a:45:d7:ed:79:f6:24:
                    8a:c1:9e:4a:81:a4:a9:ff:ff:ca:eb:1b:75:56:80:
                    0f:22:66:13:fd:12:b8:af:f3:6d:05:a0:db:3c:a4:
                    5c:d5:f6:a4:f9:da:01:dd:c4:b2:ff:82:c9:0b:4e:
                    5b:2c:4a:30:ff:3d:f6:63:21:c9:64:74:9f:b9:07:
                    34:ca:41:cd:8e:55:12:af:e3:10:e6:b1:94:cb:ff:
                    48:71:5a:74:9b:3b:8c:4c:47:24:27:64:a0:d3:65:
                    4e:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:AD:0F:22:3F:61:40:3B:31:FE:E0:1B:FA:42:FB:34:5D:F3:27:84
            X509v3 Authority Key Identifier:
                keyid:44:BD:8F:E3:EF:F8:DC:07:25:9C:DF:BE:27:D0:8C:8B:E5:E5:47:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d407c72537519f11553c7ee9eb83baa042334380.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b71230ce-a950-4a0b-b8cd-0f4cd8eb3219/f485f9fbeaffbe6f9722411effda2f30207eadb0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b71230ce-a950-4a0b-b8cd-0f4cd8eb3219/d407c72537519f11553c7ee9eb83baa042334380.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:7f:e9:a1:97:f4:41:e7:b7:68:51:b3:f7:7d:73:52:b5:70:
         c8:2e:88:45:78:ae:66:7a:9a:7d:53:f4:c5:93:4e:66:58:21:
         a4:70:f9:c5:5d:c6:2a:54:62:15:79:02:cc:5c:df:c8:8f:31:
         c6:aa:1f:4f:f9:9e:15:2b:e6:49:fc:9f:09:14:b7:55:ec:d6:
         9b:d2:c0:8a:09:e8:f6:a5:5c:f3:cf:36:dc:cc:56:95:21:fa:
         1e:8a:6d:4d:1c:c0:4d:02:b9:5c:3f:ce:24:98:44:c9:2f:4d:
         55:68:5d:43:59:8c:41:18:bb:18:9f:48:77:29:96:eb:fd:74:
         21:2e:89:40:fa:48:ff:1b:cb:4d:27:94:de:50:ea:de:d9:71:
         e5:29:d8:d6:18:0d:0e:98:8a:f9:8e:73:98:12:76:52:fd:99:
         53:89:b5:59:aa:80:bd:c3:3e:f8:a0:92:ab:aa:4b:04:f1:fb:
         f6:76:58:b9:2d:de:e4:ac:51:73:6e:6e:50:06:15:31:e0:57:
         bd:e2:05:d7:b1:f0:5a:c5:7a:43:e6:d0:5c:b6:8b:f5:d6:c2:
         ef:e9:24:88:d4:31:58:70:16:1d:a7:a4:d9:55:90:6f:95:8d:
         15:ed:84:63:4a:39:78:df:8b:8c:6d:4f:a6:f0:d7:09:57:db:
         64:4e:cb:fc
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFbx+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ0
MDdjNzI1Mzc1MTlmMTE1NTNjN2VlOWViODNiYWEwNDIzMzQzODAwHhcNMjMxMjA0
MTAxNzM5WhcNMjUxMjA0MTAxNzM5WjAzMTEwLwYDVQQDEyhmNDg1ZjlmYmVhZmZi
ZTZmOTcyMjQxMWVmZmRhMmYzMDIwN2VhZGIwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhX4gkylstBeY/nF/Qhpk1lPkIIdQyxcLVHedWS0b2LZKK2gp
BOmeTfAAEGOZOyPBHsIriXB6rXXU1REMKWCJncwpcIOfOkIOwx82fL1KoZxP4aZU
4cUH/Rjpfv+UyvJ8CQ1eK72R8scDsJTbDXjxu5rE/Xw7aE619mmGjwumgkBfDEFu
uLDctaLS+/9ByI5uAbx58gcaQT+hjmfXmlpF1+159iSKwZ5KgaSp///K6xt1VoAP
ImYT/RK4r/NtBaDbPKRc1fak+doB3cSy/4LJC05bLEow/z32YyHJZHSfuQc0ykHN
jlUSr+MQ5rGUy/9IcVp0mzuMTEckJ2Sg02VOFQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFIStDyI/YUA7Mf7gG/pC+zRd8yeEMB8GA1UdIwQYMBaAFES9j+Pv+NwHJZzf
vifQjIvl5UfbMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDQwN2M3
MjUzNzUxOWYxMTU1M2M3ZWU5ZWI4M2JhYTA0MjMzNDM4MC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjcxMjMwY2UtYTk1MC00YTBiLWI4Y2QtMGY0Y2Q4
ZWIzMjE5L2Y0ODVmOWZiZWFmZmJlNmY5NzIyNDExZWZmZGEyZjMwMjA3ZWFkYjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iNzEyMzBjZS1hOTUwLTRhMGItYjhjZC0wZjRj
ZDhlYjMyMTkvZDQwN2M3MjUzNzUxOWYxMTU1M2M3ZWU5ZWI4M2JhYTA0MjMzNDM4
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgauTANBgkqhkiG9w0BAQsFAAOCAQEAZX/poZf0Qee3aFGz
931zUrVwyC6IRXiuZnqafVP0xZNOZlghpHD5xV3GKlRiFXkCzFzfyI8xxqofT/me
FSvmSfyfCRS3VezWm9LAigno9qVc88823MxWlSH6HoptTRzATQK5XD/OJJhEyS9N
VWhdQ1mMQRi7GJ9IdymW6/10IS6JQPpI/xvLTSeU3lDq3tlx5SnY1hgNDpiK+Y5z
mBJ2Uv2ZU4m1WaqAvcM++KCSq6pLBPH79nZYuS3e5KxRc25uUAYVMeBXveIF17Hw
WsV6Q+bQXLaL9dbC7+kkiNQxWHAWHaek2VWQb5WNFe2EY0o5eN+LjG1PpvDXCVfb
ZE7L/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:02 2024 by rpki-client on console-fra.rpki-client.org