Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c752683c-8f51-490e-8a07-751745131d2b/41c837735ad1bf342f3a8a816ad4aa52de708f40.roa
File:                     41c837735ad1bf342f3a8a816ad4aa52de708f40.roa (raw, json)
Hash identifier:          t9dbvdTu/j+hNECrA89/3YcQRk7eU7hlYz4JiXJFrIo=
Subject key identifier:   5A:64:2B:3B:98:51:BF:87:60:95:65:4F:26:DB:74:04:7C:97:7C:BB
Certificate issuer:       /CN=b9478f23e3a1abb0f6d0fa43aa951eb27d6ec00c
Certificate serial:       0CB963
Authority key identifier: 11:6A:C1:D9:55:1F:E3:5F:A5:A7:BE:4D:7F:4E:AF:D4:C2:39:B9:AA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b9478f23e3a1abb0f6d0fa43aa951eb27d6ec00c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c752683c-8f51-490e-8a07-751745131d2b/41c837735ad1bf342f3a8a816ad4aa52de708f40.roa
Signing time:             Wed 24 Mar 2021 14:29:54 +0000
ROA not before:           Wed 24 Mar 2021 14:29:54 +0000
ROA not after:            Tue 24 Mar 2026 14:29:54 +0000
asID:                     263789
IP address blocks:        138.121.84.0/22 maxlen: 24
                          2803:8c40::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 833891 (0xcb963)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9478f23e3a1abb0f6d0fa43aa951eb27d6ec00c
        Validity
            Not Before: Mar 24 14:29:54 2021 GMT
            Not After : Mar 24 14:29:54 2026 GMT
        Subject: CN=41c837735ad1bf342f3a8a816ad4aa52de708f40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:b5:53:f5:8a:c1:86:6d:86:8a:b2:fc:43:80:
                    34:ea:81:1b:e7:c3:4c:aa:a6:f0:99:f8:7e:5c:6e:
                    d6:16:e3:83:19:c0:02:ba:50:f0:a2:21:d8:55:74:
                    e1:39:07:f6:47:89:bf:e5:18:6d:08:7d:0a:e8:00:
                    fe:6d:83:4a:df:de:2c:cc:f4:cf:0c:43:44:22:a8:
                    81:45:fd:1e:9f:3c:4a:b2:d3:c6:70:3b:28:38:de:
                    11:a8:90:92:72:d2:be:0d:d5:f7:4e:d2:62:96:ec:
                    ea:0c:d7:3b:90:df:60:8f:c0:2b:6e:9f:37:f4:65:
                    e9:39:1d:f7:b8:a5:eb:f0:b6:51:63:e5:b1:e5:53:
                    68:01:7a:33:50:f9:a4:dc:39:8c:7c:a4:09:cc:f2:
                    ca:64:07:ba:bd:e6:a8:b9:61:6f:ac:eb:cd:56:06:
                    60:3c:d1:8f:11:61:c1:68:1d:f7:b8:e6:aa:b8:38:
                    cf:28:84:1b:ea:55:7a:46:68:3a:8d:98:47:be:75:
                    3b:48:08:ea:45:84:64:f7:e3:a8:46:29:cb:3e:6a:
                    2a:b5:c4:bb:e2:1e:d7:84:31:8a:4e:9f:10:b4:8c:
                    3d:d1:1a:a5:ae:03:26:5f:fa:cc:14:54:f0:a4:d3:
                    6c:68:af:56:bc:4b:a4:45:7b:9a:5e:62:f6:af:0c:
                    ec:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:64:2B:3B:98:51:BF:87:60:95:65:4F:26:DB:74:04:7C:97:7C:BB
            X509v3 Authority Key Identifier:
                keyid:11:6A:C1:D9:55:1F:E3:5F:A5:A7:BE:4D:7F:4E:AF:D4:C2:39:B9:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b9478f23e3a1abb0f6d0fa43aa951eb27d6ec00c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c752683c-8f51-490e-8a07-751745131d2b/41c837735ad1bf342f3a8a816ad4aa52de708f40.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c752683c-8f51-490e-8a07-751745131d2b/b9478f23e3a1abb0f6d0fa43aa951eb27d6ec00c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.121.84.0/22
                IPv6:
                  2803:8c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         93:c6:ef:86:2d:20:71:48:57:e2:b4:30:b8:cb:02:1f:89:e3:
         29:d5:51:7f:b2:2b:83:bc:54:94:cc:98:ae:02:95:ed:b6:c1:
         7f:93:59:b1:5f:cb:6f:49:ed:5b:c6:31:20:d6:0f:8e:bd:8c:
         55:9e:89:f0:11:45:d8:c1:2d:e6:8c:50:e7:c4:b8:51:d2:17:
         c5:be:b9:70:fb:52:2b:00:69:21:8d:bd:fb:92:61:20:99:31:
         53:43:a2:5e:2a:c8:ca:f5:08:86:68:4e:eb:44:8c:46:bf:9f:
         70:0c:94:f7:b0:8d:80:01:2f:af:e6:bb:16:c6:81:23:18:ff:
         91:92:59:0b:88:23:fe:9d:9f:49:bb:65:59:6c:57:ef:1e:49:
         52:c8:b5:15:d2:8d:bf:2f:f2:af:60:a9:55:99:1f:70:bc:67:
         cf:39:f5:99:a3:7d:49:a6:41:4a:f5:63:a3:86:f0:c6:c7:f8:
         95:43:0e:47:c6:d7:fb:75:20:fc:2b:0a:4d:e1:6e:cb:fb:93:
         c3:0c:84:f0:74:5d:5b:5d:d2:05:f8:e2:d7:b1:a0:ba:e5:a0:
         37:43:b9:67:6e:bc:1e:e7:fb:e5:82:f7:3a:ce:12:b2:82:a1:
         5d:5c:5c:09:51:bf:56:06:36:e3:bc:ef:2c:18:0b:39:4e:1e:
         64:38:66:5f
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDLljMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI5
NDc4ZjIzZTNhMWFiYjBmNmQwZmE0M2FhOTUxZWIyN2Q2ZWMwMGMwHhcNMjEwMzI0
MTQyOTU0WhcNMjYwMzI0MTQyOTU0WjAzMTEwLwYDVQQDEyg0MWM4Mzc3MzVhZDFi
ZjM0MmYzYThhODE2YWQ0YWE1MmRlNzA4ZjQwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAg7VT9YrBhm2GirL8Q4A06oEb58NMqqbwmfh+XG7WFuODGcAC
ulDwoiHYVXThOQf2R4m/5RhtCH0K6AD+bYNK394szPTPDENEIqiBRf0enzxKstPG
cDsoON4RqJCSctK+DdX3TtJiluzqDNc7kN9gj8Arbp839GXpOR33uKXr8LZRY+Wx
5VNoAXozUPmk3DmMfKQJzPLKZAe6veaouWFvrOvNVgZgPNGPEWHBaB33uOaquDjP
KIQb6lV6Rmg6jZhHvnU7SAjqRYRk9+OoRinLPmoqtcS74h7XhDGKTp8QtIw90Rql
rgMmX/rMFFTwpNNsaK9WvEukRXuaXmL2rwzsPwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFFpkKzuYUb+HYJVlTybbdAR8l3y7MB8GA1UdIwQYMBaAFBFqwdlVH+Nfpae+
TX9Or9TCObmqMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjk0Nzhm
MjNlM2ExYWJiMGY2ZDBmYTQzYWE5NTFlYjI3ZDZlYzAwYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzc1MjY4M2MtOGY1MS00OTBlLThhMDctNzUxNzQ1
MTMxZDJiLzQxYzgzNzczNWFkMWJmMzQyZjNhOGE4MTZhZDRhYTUyZGU3MDhmNDAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jNzUyNjgzYy04ZjUxLTQ5MGUtOGEwNy03NTE3
NDUxMzFkMmIvYjk0NzhmMjNlM2ExYWJiMGY2ZDBmYTQzYWE5NTFlYjI3ZDZlYzAw
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAop5VDANBAIAAjAHAwUAKAOMQDANBgkqhkiG9w0BAQsFAAOC
AQEAk8bvhi0gcUhX4rQwuMsCH4njKdVRf7Irg7xUlMyYrgKV7bbBf5NZsV/Lb0nt
W8YxINYPjr2MVZ6J8BFF2MEt5oxQ58S4UdIXxb65cPtSKwBpIY29+5JhIJkxU0Oi
XirIyvUIhmhO60SMRr+fcAyU97CNgAEvr+a7FsaBIxj/kZJZC4gj/p2fSbtlWWxX
7x5JUsi1FdKNvy/yr2CpVZkfcLxnzzn1maN9SaZBSvVjo4bwxsf4lUMOR8bX+3Ug
/CsKTeFuy/uTwwyE8HRdW13SBfji17GguuWgN0O5Z268Huf75YL3Os4SsoKhXVxc
CVG/VgY247zvLBgLOU4eZDhmXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:07 2024 by rpki-client on console-fra.rpki-client.org