Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bcfef1f6-7cc6-495b-9d71-be57a0cd79b8/6840180344a5c48f9697498c61b796b58b7c8c74.roa
File:                     6840180344a5c48f9697498c61b796b58b7c8c74.roa (raw, json)
Hash identifier:          po9uXnAs6IZ2pn0BiFsE/QLMI0zt1jK1xVWckOfhwOs=
Subject key identifier:   39:DD:85:4C:20:7F:14:77:CD:A7:6F:4D:0E:ED:54:E7:82:F5:CE:54
Certificate issuer:       /CN=1df9a14191089eaefc01526e171a2fc63b8cc044
Certificate serial:       2643A8
Authority key identifier: B0:8F:8A:6D:C7:00:4B:DC:A9:5D:9A:5E:E1:93:44:4C:E4:71:D1:75
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1df9a14191089eaefc01526e171a2fc63b8cc044.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bcfef1f6-7cc6-495b-9d71-be57a0cd79b8/6840180344a5c48f9697498c61b796b58b7c8c74.roa
Signing time:             Fri 05 Jan 2024 06:07:10 +0000
ROA not before:           Fri 05 Jan 2024 06:07:10 +0000
ROA not after:            Mon 05 Jan 2026 06:07:10 +0000
asID:                     21575
IP address blocks:        148.102.102.0/24 maxlen: 24
                          148.102.103.0/24 maxlen: 24
                          148.102.104.0/24 maxlen: 24
                          148.102.105.0/24 maxlen: 24
                          148.102.106.0/24 maxlen: 24
                          148.102.107.0/24 maxlen: 24
                          148.102.108.0/24 maxlen: 24
                          148.102.109.0/24 maxlen: 24
                          148.102.110.0/24 maxlen: 24
                          148.102.111.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2507688 (0x2643a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1df9a14191089eaefc01526e171a2fc63b8cc044
        Validity
            Not Before: Jan  5 06:07:10 2024 GMT
            Not After : Jan  5 06:07:10 2026 GMT
        Subject: CN=6840180344a5c48f9697498c61b796b58b7c8c74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:e2:c8:e2:ba:21:2b:e8:cb:c7:61:2d:12:7b:
                    57:70:a7:ef:77:c3:52:52:fa:ab:00:e1:06:1d:3e:
                    32:14:e2:ac:07:6d:8f:e6:22:54:61:ad:e1:bd:b6:
                    34:eb:b8:1d:b6:bb:5c:83:08:22:77:a5:57:0f:72:
                    74:7d:76:40:12:bc:b0:f8:d5:63:89:c5:8e:11:e8:
                    1a:63:2d:5c:f8:b4:07:b0:ea:59:52:d8:53:c6:7f:
                    73:50:a0:28:99:d0:58:03:29:93:d4:5a:5e:19:cb:
                    3d:bb:9f:8b:b6:01:62:fb:47:2a:81:f5:b0:a4:e8:
                    aa:50:7f:54:fa:00:72:5a:18:80:14:d8:00:72:30:
                    fb:a3:bf:e7:bc:1b:be:8b:af:28:94:7d:69:03:1e:
                    f2:ee:b2:14:70:db:df:5d:c3:f6:cd:f6:9e:71:da:
                    84:be:69:1c:40:9c:91:51:99:0c:b3:d6:d8:19:f1:
                    d3:c7:71:d8:65:40:1b:64:da:4d:94:0a:ef:c6:93:
                    b9:97:5f:f5:8a:73:f2:75:43:d7:b4:4e:6f:16:5d:
                    63:01:3b:1d:48:53:2a:dc:0b:5b:06:9c:44:a7:7e:
                    80:20:ff:77:bb:e4:57:16:30:fd:85:1b:b5:20:8a:
                    ff:1f:17:16:9a:b8:37:3c:b7:58:9b:ed:a2:09:e4:
                    bc:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:DD:85:4C:20:7F:14:77:CD:A7:6F:4D:0E:ED:54:E7:82:F5:CE:54
            X509v3 Authority Key Identifier:
                keyid:B0:8F:8A:6D:C7:00:4B:DC:A9:5D:9A:5E:E1:93:44:4C:E4:71:D1:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1df9a14191089eaefc01526e171a2fc63b8cc044.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bcfef1f6-7cc6-495b-9d71-be57a0cd79b8/6840180344a5c48f9697498c61b796b58b7c8c74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bcfef1f6-7cc6-495b-9d71-be57a0cd79b8/1df9a14191089eaefc01526e171a2fc63b8cc044.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.102.102.0-148.102.111.255

    Signature Algorithm: sha256WithRSAEncryption
         2a:5e:a4:85:ed:4e:ac:35:9c:0b:fe:17:fd:1a:dc:3e:cd:b3:
         71:27:41:04:ac:e7:9e:37:66:46:16:82:d2:f5:0a:1c:3e:dd:
         9c:75:2f:a5:04:26:18:5e:e6:e5:05:b4:0e:4f:58:ff:fc:67:
         e3:4d:3c:5d:6e:ca:26:64:a9:78:30:7b:44:40:48:36:9f:99:
         28:28:07:c2:da:24:dc:d2:30:f9:9f:97:17:e2:c7:12:f2:fc:
         f1:e1:91:4a:dd:e2:d1:c5:3e:6c:04:27:68:e9:5b:92:5e:d8:
         a5:51:e0:83:c3:a5:38:a9:c5:5a:7e:78:1c:33:dc:39:d6:9f:
         a5:31:db:0d:04:48:17:b9:99:6a:38:7a:e0:1b:32:21:8b:0b:
         b8:8d:d4:69:38:b5:ea:78:84:8a:29:ef:94:f3:1b:64:8f:39:
         94:87:cd:64:60:d4:30:a6:4f:a6:b1:30:24:4b:8e:95:39:a4:
         e5:67:b6:70:a4:31:ae:75:ec:c5:48:38:9a:a3:03:0b:cd:e6:
         ab:04:2e:2f:03:3f:23:16:f5:ef:38:bb:8c:9f:3b:c6:87:36:
         26:a0:01:52:90:f2:ed:64:51:ac:a4:99:c0:e8:e9:4a:8d:b9:
         e7:57:50:71:44:49:91:c3:57:78:99:57:5a:f6:73:4e:64:05:
         37:df:ed:3b
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDJkOoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFk
ZjlhMTQxOTEwODllYWVmYzAxNTI2ZTE3MWEyZmM2M2I4Y2MwNDQwHhcNMjQwMTA1
MDYwNzEwWhcNMjYwMTA1MDYwNzEwWjAzMTEwLwYDVQQDEyg2ODQwMTgwMzQ0YTVj
NDhmOTY5NzQ5OGM2MWI3OTZiNThiN2M4Yzc0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhuLI4rohK+jLx2EtEntXcKfvd8NSUvqrAOEGHT4yFOKsB22P
5iJUYa3hvbY067gdtrtcgwgid6VXD3J0fXZAEryw+NVjicWOEegaYy1c+LQHsOpZ
UthTxn9zUKAomdBYAymT1FpeGcs9u5+LtgFi+0cqgfWwpOiqUH9U+gByWhiAFNgA
cjD7o7/nvBu+i68olH1pAx7y7rIUcNvfXcP2zfaecdqEvmkcQJyRUZkMs9bYGfHT
x3HYZUAbZNpNlArvxpO5l1/1inPydUPXtE5vFl1jATsdSFMq3AtbBpxEp36AIP93
u+RXFjD9hRu1IIr/HxcWmrg3PLdYm+2iCeS8BQIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFDndhUwgfxR3zadvTQ7tVOeC9c5UMB8GA1UdIwQYMBaAFLCPim3HAEvcqV2a
XuGTREzkcdF1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMWRmOWEx
NDE5MTA4OWVhZWZjMDE1MjZlMTcxYTJmYzYzYjhjYzA0NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmNmZWYxZjYtN2NjNi00OTViLTlkNzEtYmU1N2Ew
Y2Q3OWI4LzY4NDAxODAzNDRhNWM0OGY5Njk3NDk4YzYxYjc5NmI1OGI3YzhjNzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iY2ZlZjFmNi03Y2M2LTQ5NWItOWQ3MS1iZTU3
YTBjZDc5YjgvMWRmOWExNDE5MTA4OWVhZWZjMDE1MjZlMTcxYTJmYzYzYjhjYzA0
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQBlGZmAwQElGZgMA0GCSqGSIb3DQEBCwUAA4IBAQAqXqSF
7U6sNZwL/hf9Gtw+zbNxJ0EErOeeN2ZGFoLS9QocPt2cdS+lBCYYXublBbQOT1j/
/GfjTTxdbsomZKl4MHtEQEg2n5koKAfC2iTc0jD5n5cX4scS8vzx4ZFK3eLRxT5s
BCdo6VuSXtilUeCDw6U4qcVafngcM9w51p+lMdsNBEgXuZlqOHrgGzIhiwu4jdRp
OLXqeISKKe+U8xtkjzmUh81kYNQwpk+msTAkS46VOaTlZ7ZwpDGudezFSDiaowML
zearBC4vAz8jFvXvOLuMnzvGhzYmoAFSkPLtZFGspJnA6OlKjbnnV1BxREmRw1d4
mVda9nNOZAU33+07
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:03 2024 by rpki-client on console-fra.rpki-client.org