Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bb98b792-3f0b-40af-bc01-a504db88531c/416dc57cfcd2852ef58b8a6e7c7abca49f2baeb7.roa
File:                     416dc57cfcd2852ef58b8a6e7c7abca49f2baeb7.roa (raw, json)
Hash identifier:          XaJsRGR0zLVrMUyCaaRdX52X0ckPo3dt4WuJjUuta64=
Subject key identifier:   AC:0B:DC:51:61:64:24:5E:5B:D2:B3:37:EE:E9:6A:CC:62:15:A5:7E
Certificate issuer:       /CN=3fd7e91493678e5c49e72c20d07d4a277e63f224
Certificate serial:       0DB448
Authority key identifier: 53:47:76:B6:35:82:22:3D:B7:70:E1:E7:C8:FC:AB:13:24:64:75:A5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3fd7e91493678e5c49e72c20d07d4a277e63f224.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bb98b792-3f0b-40af-bc01-a504db88531c/416dc57cfcd2852ef58b8a6e7c7abca49f2baeb7.roa
Signing time:             Wed 24 Mar 2021 14:30:00 +0000
ROA not before:           Wed 24 Mar 2021 14:30:00 +0000
ROA not after:            Tue 24 Mar 2026 14:30:00 +0000
asID:                     27960
IP address blocks:        179.60.96.0/20 maxlen: 21
                          190.122.32.0/20 maxlen: 21
                          190.122.48.0/20 maxlen: 21
                          200.49.120.0/21 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 898120 (0xdb448)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd7e91493678e5c49e72c20d07d4a277e63f224
        Validity
            Not Before: Mar 24 14:30:00 2021 GMT
            Not After : Mar 24 14:30:00 2026 GMT
        Subject: CN=416dc57cfcd2852ef58b8a6e7c7abca49f2baeb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:38:ea:cb:2d:93:71:4f:2d:df:a9:72:c7:7e:
                    8c:d4:07:a3:86:23:a5:00:27:4c:36:79:54:9b:29:
                    90:43:5c:2e:57:35:c1:5a:25:f5:34:2b:1a:9a:08:
                    b5:81:4d:2e:25:b0:bd:b5:09:46:c4:26:98:f9:c8:
                    e8:42:35:c1:af:71:0d:10:a3:88:d3:04:60:7c:f2:
                    81:c9:5c:1f:3a:0e:03:1b:73:e8:25:04:3b:97:fb:
                    09:43:02:a0:5e:77:fb:d9:b0:12:a7:40:ba:1d:5c:
                    05:ca:c7:c4:ae:ed:ef:ca:c6:26:c2:e9:0a:6d:0f:
                    57:7b:d6:1e:ac:c7:ec:06:2b:2d:ca:78:62:2d:d6:
                    3c:c6:76:7f:fd:37:0d:46:5f:7e:1f:66:79:83:d7:
                    f0:34:c4:04:68:d5:83:a2:37:a8:52:6e:0a:c5:7f:
                    44:3d:ee:0a:f3:16:f6:66:cc:73:15:cd:4d:10:8f:
                    dc:05:0e:fe:7d:16:4e:cd:19:60:d4:de:c1:7c:46:
                    7d:90:5c:5f:28:c7:94:82:d6:0e:9a:1d:ec:a9:df:
                    ed:b7:b1:e5:89:6d:bb:87:28:b1:5d:11:1c:2a:a1:
                    9a:64:65:5a:7d:15:cd:af:ba:11:2a:bd:3b:96:6c:
                    1c:05:05:2a:7b:56:e4:ae:48:24:13:49:2c:87:f3:
                    99:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:0B:DC:51:61:64:24:5E:5B:D2:B3:37:EE:E9:6A:CC:62:15:A5:7E
            X509v3 Authority Key Identifier:
                keyid:53:47:76:B6:35:82:22:3D:B7:70:E1:E7:C8:FC:AB:13:24:64:75:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3fd7e91493678e5c49e72c20d07d4a277e63f224.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bb98b792-3f0b-40af-bc01-a504db88531c/416dc57cfcd2852ef58b8a6e7c7abca49f2baeb7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bb98b792-3f0b-40af-bc01-a504db88531c/3fd7e91493678e5c49e72c20d07d4a277e63f224.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.60.96.0/20
                  190.122.32.0/19
                  200.49.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         50:75:88:f3:a8:66:c3:82:90:9a:b8:ad:43:94:45:b4:d7:7f:
         bc:91:66:9b:5c:d7:38:41:7e:8a:3f:52:fc:c5:9b:46:77:c2:
         00:8b:b7:09:2e:b7:50:61:5c:df:23:61:0f:03:93:3f:bc:20:
         5e:04:1a:70:55:ea:41:d7:86:82:56:62:c4:fa:2a:c1:c4:84:
         13:c6:0e:5d:ef:ff:a4:e8:45:0d:a3:a5:c0:72:7d:92:57:c7:
         8d:7c:1d:a1:c5:41:2d:c2:db:9e:56:ee:48:f9:6e:5d:ea:07:
         18:eb:e6:72:55:3e:89:2e:00:4d:ed:8c:03:ae:13:e4:a6:b4:
         b9:bf:4f:2e:f7:00:bd:b3:3b:ee:28:97:55:ae:35:a9:3e:64:
         02:49:f4:44:5f:16:db:25:3b:db:9f:05:a0:89:83:48:c1:01:
         7f:44:8f:84:82:0f:8c:d4:b9:88:43:94:0b:d9:78:36:d6:52:
         6d:a9:73:05:8c:b3:2d:96:28:8a:a7:ab:29:6f:4e:05:5d:c1:
         05:b0:92:69:b3:4b:2f:94:d0:83:dc:7b:b1:4c:0f:61:85:46:
         30:5c:8d:7a:98:85:48:7a:35:0d:6c:e3:4f:e6:ba:32:a5:97:
         a4:50:ba:e3:ec:9d:f0:9c:fb:96:e4:b7:d6:11:5a:9f:df:49:
         f0:fe:c6:09
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIDDbRIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNm
ZDdlOTE0OTM2NzhlNWM0OWU3MmMyMGQwN2Q0YTI3N2U2M2YyMjQwHhcNMjEwMzI0
MTQzMDAwWhcNMjYwMzI0MTQzMDAwWjAzMTEwLwYDVQQDEyg0MTZkYzU3Y2ZjZDI4
NTJlZjU4YjhhNmU3YzdhYmNhNDlmMmJhZWI3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgDjqyy2TcU8t36lyx36M1AejhiOlACdMNnlUmymQQ1wuVzXB
WiX1NCsamgi1gU0uJbC9tQlGxCaY+cjoQjXBr3ENEKOI0wRgfPKByVwfOg4DG3Po
JQQ7l/sJQwKgXnf72bASp0C6HVwFysfEru3vysYmwukKbQ9Xe9YerMfsBistynhi
LdY8xnZ//TcNRl9+H2Z5g9fwNMQEaNWDojeoUm4KxX9EPe4K8xb2ZsxzFc1NEI/c
BQ7+fRZOzRlg1N7BfEZ9kFxfKMeUgtYOmh3sqd/tt7HliW27hyixXREcKqGaZGVa
fRXNr7oRKr07lmwcBQUqe1bkrkgkE0ksh/OZOQIDAQABo4ICZzCCAmMwHQYDVR0O
BBYEFKwL3FFhZCReW9KzN+7pasxiFaV+MB8GA1UdIwQYMBaAFFNHdrY1giI9t3Dh
58j8qxMkZHWlMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2ZkN2U5
MTQ5MzY3OGU1YzQ5ZTcyYzIwZDA3ZDRhMjc3ZTYzZjIyNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmI5OGI3OTItM2YwYi00MGFmLWJjMDEtYTUwNGRi
ODg1MzFjLzQxNmRjNTdjZmNkMjg1MmVmNThiOGE2ZTdjN2FiY2E0OWYyYmFlYjcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYjk4Yjc5Mi0zZjBiLTQwYWYtYmMwMS1hNTA0
ZGI4ODUzMWMvM2ZkN2U5MTQ5MzY3OGU1YzQ5ZTcyYzIwZDA3ZDRhMjc3ZTYzZjIy
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEBLM8YAMEBb56IAMEA8gxeDANBgkqhkiG9w0BAQsFAAOCAQEA
UHWI86hmw4KQmritQ5RFtNd/vJFmm1zXOEF+ij9S/MWbRnfCAIu3CS63UGFc3yNh
DwOTP7wgXgQacFXqQdeGglZixPoqwcSEE8YOXe//pOhFDaOlwHJ9klfHjXwdocVB
LcLbnlbuSPluXeoHGOvmclU+iS4ATe2MA64T5Ka0ub9PLvcAvbM77iiXVa41qT5k
Akn0RF8W2yU7258FoImDSMEBf0SPhIIPjNS5iEOUC9l4NtZSbalzBYyzLZYoiqer
KW9OBV3BBbCSabNLL5TQg9x7sUwPYYVGMFyNepiFSHo1DWzjT+a6MqWXpFC64+yd
8Jz7luS31hFan99J8P7GCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:25 2024 by rpki-client on console-ams.rpki-client.org