Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b9c7e2c6-a0d3-44db-bbf0-c194d576f88c/9a403f3ab2c4449b7cda03480813d2d617ebd207.roa
File:                     9a403f3ab2c4449b7cda03480813d2d617ebd207.roa (raw, json)
Hash identifier:          RSeZral87PyCGMN4R3Llv5fSWNwC8O3Ual8d9jwTzGM=
Subject key identifier:   9D:E8:A3:AC:B3:8D:F2:71:99:7B:BF:15:45:01:04:55:09:87:3E:31
Certificate issuer:       /CN=30855b14b9a043ea2127093be7f867b091f60231
Certificate serial:       0D2445
Authority key identifier: 2A:F0:2A:C0:4A:03:65:65:77:24:46:AD:9B:A9:03:43:2F:00:64:F9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/30855b14b9a043ea2127093be7f867b091f60231.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b9c7e2c6-a0d3-44db-bbf0-c194d576f88c/9a403f3ab2c4449b7cda03480813d2d617ebd207.roa
Signing time:             Wed 24 Mar 2021 14:35:06 +0000
ROA not before:           Wed 24 Mar 2021 14:35:06 +0000
ROA not after:            Tue 24 Mar 2026 14:35:06 +0000
asID:                     263819
IP address blocks:        138.0.89.0/24 maxlen: 24
                          138.0.91.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 861253 (0xd2445)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30855b14b9a043ea2127093be7f867b091f60231
        Validity
            Not Before: Mar 24 14:35:06 2021 GMT
            Not After : Mar 24 14:35:06 2026 GMT
        Subject: CN=9a403f3ab2c4449b7cda03480813d2d617ebd207
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:87:1b:c1:7d:2d:2a:c9:8b:64:e0:81:8b:aa:
                    fb:8a:25:29:02:5f:e4:9a:c0:ac:7b:1b:6c:6c:23:
                    51:fd:9f:f1:70:9c:c7:08:08:d5:50:81:29:bf:6d:
                    c1:ca:ee:28:64:20:06:11:27:b8:aa:e4:a6:2a:65:
                    6e:b9:34:60:cb:ea:bc:e5:e1:95:1a:7f:d3:28:4e:
                    15:63:40:93:f6:07:f3:30:7e:9e:fe:d4:85:13:99:
                    b0:2a:8f:09:c7:0a:42:9a:9f:4e:d2:05:d7:79:89:
                    a9:03:e5:3a:f3:e7:35:6d:d7:f1:d7:21:c9:34:ed:
                    67:24:82:b8:4f:50:02:f0:e8:06:80:bc:ed:8e:85:
                    7e:6a:ba:63:95:98:85:01:85:17:e9:44:c9:d3:4e:
                    40:2c:a2:0e:8d:96:fb:e7:f4:79:f3:81:a5:32:16:
                    86:06:a3:dd:02:87:54:4b:c0:e2:c7:85:8c:e7:dc:
                    f6:e9:fc:41:40:da:4c:d6:60:55:89:d5:37:47:83:
                    18:97:c6:7e:09:3e:87:d9:f7:7c:fb:4c:5a:41:9f:
                    09:be:38:a9:e2:08:33:5b:c2:91:fc:7c:f1:8a:e8:
                    fa:14:5e:91:31:e5:5a:0d:c1:55:c8:ac:9c:f7:11:
                    c5:43:d4:d0:6b:89:7d:2a:8a:3c:8d:af:d3:a0:14:
                    33:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:E8:A3:AC:B3:8D:F2:71:99:7B:BF:15:45:01:04:55:09:87:3E:31
            X509v3 Authority Key Identifier:
                keyid:2A:F0:2A:C0:4A:03:65:65:77:24:46:AD:9B:A9:03:43:2F:00:64:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/30855b14b9a043ea2127093be7f867b091f60231.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b9c7e2c6-a0d3-44db-bbf0-c194d576f88c/9a403f3ab2c4449b7cda03480813d2d617ebd207.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b9c7e2c6-a0d3-44db-bbf0-c194d576f88c/30855b14b9a043ea2127093be7f867b091f60231.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.0.89.0/24
                  138.0.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:c2:07:db:2b:bb:16:da:e0:db:1c:7a:45:90:92:7c:bb:9d:
         bc:64:eb:e9:16:4e:7a:d0:67:38:d4:db:1e:5d:85:c4:f9:53:
         73:80:23:26:17:e9:01:1a:54:99:a7:e2:71:7a:1a:a8:9b:16:
         be:3d:ee:71:00:3b:58:1d:58:77:c9:88:dd:5d:f6:47:e6:2c:
         62:a7:8c:1e:d9:f6:69:30:44:bd:55:c1:53:0c:7e:0a:b1:a3:
         ca:21:85:0d:54:dc:7a:64:81:1e:ce:0e:da:01:1a:7d:16:30:
         8d:e4:12:41:73:b7:07:fd:cd:5a:b3:43:7d:0f:8d:a0:db:63:
         84:a4:a7:a5:48:87:4b:21:9f:66:66:f2:82:44:07:4d:68:d6:
         fc:24:ef:2d:7f:c8:e7:78:4e:7b:cc:f2:a8:d1:24:69:fd:e7:
         c4:db:b2:d9:c6:ae:e4:cc:7c:65:05:96:52:ba:b9:c8:4a:c2:
         e8:06:b1:ad:4c:e3:d3:a9:4f:13:b6:96:6a:60:f4:93:12:c1:
         20:b4:6e:ae:a8:c0:a7:58:f6:44:2b:b2:f0:9b:70:45:fe:cc:
         2c:02:df:73:8a:6c:d5:a3:c7:f9:ca:eb:64:bc:3d:83:16:d4:
         f4:74:c9:74:b1:2a:8d:9b:b1:e2:cf:bc:29:13:4e:3e:59:18:
         0b:bc:b5:ea
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDDSRFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMw
ODU1YjE0YjlhMDQzZWEyMTI3MDkzYmU3Zjg2N2IwOTFmNjAyMzEwHhcNMjEwMzI0
MTQzNTA2WhcNMjYwMzI0MTQzNTA2WjAzMTEwLwYDVQQDEyg5YTQwM2YzYWIyYzQ0
NDliN2NkYTAzNDgwODEzZDJkNjE3ZWJkMjA3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmIcbwX0tKsmLZOCBi6r7iiUpAl/kmsCsextsbCNR/Z/xcJzH
CAjVUIEpv23Byu4oZCAGESe4quSmKmVuuTRgy+q85eGVGn/TKE4VY0CT9gfzMH6e
/tSFE5mwKo8JxwpCmp9O0gXXeYmpA+U68+c1bdfx1yHJNO1nJIK4T1AC8OgGgLzt
joV+arpjlZiFAYUX6UTJ005ALKIOjZb75/R584GlMhaGBqPdAodUS8Dix4WM59z2
6fxBQNpM1mBVidU3R4MYl8Z+CT6H2fd8+0xaQZ8Jvjip4ggzW8KR/Hzxiuj6FF6R
MeVaDcFVyKyc9xHFQ9TQa4l9Koo8ja/ToBQztwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFJ3oo6yzjfJxmXu/FUUBBFUJhz4xMB8GA1UdIwQYMBaAFCrwKsBKA2VldyRG
rZupA0MvAGT5MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzA4NTVi
MTRiOWEwNDNlYTIxMjcwOTNiZTdmODY3YjA5MWY2MDIzMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjljN2UyYzYtYTBkMy00NGRiLWJiZjAtYzE5NGQ1
NzZmODhjLzlhNDAzZjNhYjJjNDQ0OWI3Y2RhMDM0ODA4MTNkMmQ2MTdlYmQyMDcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iOWM3ZTJjNi1hMGQzLTQ0ZGItYmJmMC1jMTk0
ZDU3NmY4OGMvMzA4NTViMTRiOWEwNDNlYTIxMjcwOTNiZTdmODY3YjA5MWY2MDIz
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAIoAWQMEAIoAWzANBgkqhkiG9w0BAQsFAAOCAQEAacIH2yu7
Ftrg2xx6RZCSfLudvGTr6RZOetBnONTbHl2FxPlTc4AjJhfpARpUmaficXoaqJsW
vj3ucQA7WB1Yd8mI3V32R+YsYqeMHtn2aTBEvVXBUwx+CrGjyiGFDVTcemSBHs4O
2gEafRYwjeQSQXO3B/3NWrNDfQ+NoNtjhKSnpUiHSyGfZmbygkQHTWjW/CTvLX/I
53hOe8zyqNEkaf3nxNuy2cau5Mx8ZQWWUrq5yErC6AaxrUzj06lPE7aWamD0kxLB
ILRurqjAp1j2RCuy8JtwRf7MLALfc4ps1aPH+crrZLw9gxbU9HTJdLEqjZux4s+8
KRNOPlkYC7y16g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:25 2024 by rpki-client on console-ams.rpki-client.org