Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b976380d-2e90-4e28-b0a6-4b3dfe1d8ad5/91d5e8d203394bcff46730d215fccdcf77e37608.roa
File:                     91d5e8d203394bcff46730d215fccdcf77e37608.roa (raw, json)
Hash identifier:          Gf/AH4iDbncorhH0CaIAl51e1APFHJduSpkdazLblE4=
Subject key identifier:   8B:2E:F1:D9:83:41:10:E0:42:9E:74:0B:BC:74:36:3B:37:6B:06:5C
Certificate issuer:       /CN=ae85768adef6d4dde1ca45bae430571e45d9370a
Certificate serial:       25B940
Authority key identifier: 19:6C:07:87:F8:83:DF:6F:A4:8F:29:4A:61:D0:34:D2:3D:EF:8C:36
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ae85768adef6d4dde1ca45bae430571e45d9370a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b976380d-2e90-4e28-b0a6-4b3dfe1d8ad5/91d5e8d203394bcff46730d215fccdcf77e37608.roa
Signing time:             Sat 27 Jan 2024 13:11:35 +0000
ROA not before:           Sat 27 Jan 2024 13:11:34 +0000
ROA not after:            Tue 27 Jan 2026 13:11:34 +0000
asID:                     262589
IP address blocks:        2800:ac0::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2472256 (0x25b940)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae85768adef6d4dde1ca45bae430571e45d9370a
        Validity
            Not Before: Jan 27 13:11:34 2024 GMT
            Not After : Jan 27 13:11:34 2026 GMT
        Subject: CN=91d5e8d203394bcff46730d215fccdcf77e37608
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:81:b8:9f:2d:c9:a9:cb:26:3e:63:69:14:9a:
                    6c:bd:08:46:75:27:93:d9:52:29:3a:ac:98:59:be:
                    50:23:02:c8:59:e8:4a:d7:fc:37:58:dc:cd:7a:26:
                    da:dc:e4:c1:fa:42:5a:ec:5d:b2:1c:92:05:12:ba:
                    35:44:dc:21:b7:d3:a0:9b:63:81:f4:4e:2d:a0:0f:
                    63:1e:88:2b:40:48:02:01:9f:d6:40:5c:8c:1d:bc:
                    a0:8d:ed:03:1a:89:89:fb:cd:06:4a:8a:dd:c5:d3:
                    02:ea:47:1d:86:2b:47:fd:29:ff:13:e6:a2:28:81:
                    ae:f7:b5:65:a5:13:de:c3:93:87:36:a5:dc:ca:63:
                    e7:c0:3b:8a:c4:1f:2d:ec:d3:58:5c:09:39:3e:b2:
                    1d:45:cb:fe:3d:69:13:61:4d:4b:40:6c:7e:6f:d3:
                    db:31:9e:4b:af:8b:43:02:98:ea:49:86:bc:aa:89:
                    70:89:24:f6:33:c0:1c:0b:a6:72:61:ab:50:ca:24:
                    14:ef:43:c1:5b:7f:3c:51:8b:b8:46:2f:d7:bc:f8:
                    a8:0d:3a:a2:46:a7:cb:03:90:b4:5f:f9:f9:cc:ed:
                    4a:cb:67:19:8e:59:89:92:9d:05:44:ab:5b:86:d7:
                    4e:d1:b1:ec:89:82:5b:b4:16:8a:8b:df:a6:b8:ab:
                    2d:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:2E:F1:D9:83:41:10:E0:42:9E:74:0B:BC:74:36:3B:37:6B:06:5C
            X509v3 Authority Key Identifier:
                keyid:19:6C:07:87:F8:83:DF:6F:A4:8F:29:4A:61:D0:34:D2:3D:EF:8C:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ae85768adef6d4dde1ca45bae430571e45d9370a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b976380d-2e90-4e28-b0a6-4b3dfe1d8ad5/91d5e8d203394bcff46730d215fccdcf77e37608.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b976380d-2e90-4e28-b0a6-4b3dfe1d8ad5/ae85768adef6d4dde1ca45bae430571e45d9370a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:ac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         ad:f6:10:53:3c:cc:87:22:e8:df:8b:5c:d0:b8:31:29:04:62:
         64:4e:7a:bd:7a:ae:c3:d4:1d:cb:2b:5f:17:c8:a8:9a:47:12:
         04:ec:23:7e:0a:ba:5a:50:db:9c:2b:02:de:84:06:19:fc:f5:
         86:29:bb:e7:37:51:00:52:0e:ad:18:a7:11:94:39:af:68:3c:
         f0:8e:40:90:96:57:18:53:62:6a:47:86:6b:fd:be:7f:99:08:
         eb:55:11:bd:fe:75:3b:ca:b9:41:87:58:e9:45:0b:ec:eb:1d:
         9d:e3:69:87:f7:c6:cc:8d:4a:7b:0c:e9:a5:2c:3a:b1:68:72:
         39:b8:f7:72:a3:2c:48:53:2d:d9:ba:e2:f4:fe:39:aa:12:39:
         16:ba:b4:4c:a3:23:4e:5b:71:5c:38:50:0e:35:4c:eb:7a:ca:
         47:ce:a5:a3:4f:ac:25:79:97:5e:65:33:02:03:93:27:33:30:
         ee:72:4b:c3:2d:63:d3:f0:05:22:a8:2e:60:e7:cc:af:2c:04:
         89:67:c2:c9:4c:65:c9:01:52:ce:8a:f5:ac:20:ae:4f:d4:c8:
         3f:3b:71:35:7c:b3:1e:9c:26:13:85:f2:27:72:e2:d5:0c:d0:
         80:e9:71:d3:9e:5c:a6:99:b9:2f:0e:b9:0a:26:fd:5c:a3:1c:
         dd:76:ba:67
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDJblAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFl
ODU3NjhhZGVmNmQ0ZGRlMWNhNDViYWU0MzA1NzFlNDVkOTM3MGEwHhcNMjQwMTI3
MTMxMTM0WhcNMjYwMTI3MTMxMTM0WjAzMTEwLwYDVQQDEyg5MWQ1ZThkMjAzMzk0
YmNmZjQ2NzMwZDIxNWZjY2RjZjc3ZTM3NjA4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAn4G4ny3JqcsmPmNpFJpsvQhGdSeT2VIpOqyYWb5QIwLIWehK
1/w3WNzNeiba3OTB+kJa7F2yHJIFEro1RNwht9Ogm2OB9E4toA9jHogrQEgCAZ/W
QFyMHbygje0DGomJ+80GSordxdMC6kcdhitH/Sn/E+aiKIGu97VlpRPew5OHNqXc
ymPnwDuKxB8t7NNYXAk5PrIdRcv+PWkTYU1LQGx+b9PbMZ5Lr4tDApjqSYa8qolw
iST2M8AcC6ZyYatQyiQU70PBW388UYu4Ri/XvPioDTqiRqfLA5C0X/n5zO1Ky2cZ
jlmJkp0FRKtbhtdO0bHsiYJbtBaKi9+muKstqQIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFIsu8dmDQRDgQp50C7x0Njs3awZcMB8GA1UdIwQYMBaAFBlsB4f4g99vpI8p
SmHQNNI974w2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYWU4NTc2
OGFkZWY2ZDRkZGUxY2E0NWJhZTQzMDU3MWU0NWQ5MzcwYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjk3NjM4MGQtMmU5MC00ZTI4LWIwYTYtNGIzZGZl
MWQ4YWQ1LzkxZDVlOGQyMDMzOTRiY2ZmNDY3MzBkMjE1ZmNjZGNmNzdlMzc2MDgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iOTc2MzgwZC0yZTkwLTRlMjgtYjBhNi00YjNk
ZmUxZDhhZDUvYWU4NTc2OGFkZWY2ZDRkZGUxY2E0NWJhZTQzMDU3MWU0NWQ5Mzcw
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgACsAwDQYJKoZIhvcNAQELBQADggEBAK32EFM8zIci6N+L
XNC4MSkEYmROer16rsPUHcsrXxfIqJpHEgTsI34KulpQ25wrAt6EBhn89YYpu+c3
UQBSDq0YpxGUOa9oPPCOQJCWVxhTYmpHhmv9vn+ZCOtVEb3+dTvKuUGHWOlFC+zr
HZ3jaYf3xsyNSnsM6aUsOrFocjm493KjLEhTLdm64vT+OaoSORa6tEyjI05bcVw4
UA41TOt6ykfOpaNPrCV5l15lMwIDkyczMO5yS8MtY9PwBSKoLmDnzK8sBIlnwslM
ZckBUs6K9awgrk/UyD87cTV8sx6cJhOF8idy4tUM0IDpcdOeXKaZuS8OuQom/Vyj
HN12umc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:25 2024 by rpki-client on console-ams.rpki-client.org