Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/cb7655fd-7964-449b-bbdd-a3fb5bba6266/3a5b5a599f3b395b58f65cca28dc346464378ba9.roa
File:                     3a5b5a599f3b395b58f65cca28dc346464378ba9.roa (raw, json)
Hash identifier:          5Cw0B7aNLVXquFKJeU2buk/DhDwEBCZzhH78pVhRZKo=
Subject key identifier:   6A:DE:A5:8B:35:65:BB:7E:3A:24:B8:0C:1E:43:9A:84:6C:CC:C7:B6
Certificate issuer:       /CN=be397152a75956fca76ee04ce9c8bda3b156244d
Certificate serial:       23647B
Authority key identifier: 9D:6B:B7:07:44:26:0A:61:E0:4E:52:9C:A4:B3:E2:6C:A3:86:46:1A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/be397152a75956fca76ee04ce9c8bda3b156244d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/cb7655fd-7964-449b-bbdd-a3fb5bba6266/3a5b5a599f3b395b58f65cca28dc346464378ba9.roa
Signing time:             Wed 23 Aug 2023 02:51:20 +0000
ROA not before:           Tue 22 Aug 2023 02:51:20 +0000
ROA not after:            Sat 23 Aug 2025 02:51:20 +0000
asID:                     27810
IP address blocks:        200.14.40.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2319483 (0x23647b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be397152a75956fca76ee04ce9c8bda3b156244d
        Validity
            Not Before: Aug 22 02:51:20 2023 GMT
            Not After : Aug 23 02:51:20 2025 GMT
        Subject: CN=3a5b5a599f3b395b58f65cca28dc346464378ba9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:3f:ad:8c:0b:a4:80:20:56:c7:cd:c5:ee:6b:
                    89:7f:e6:fa:c3:85:99:46:14:e6:48:88:25:69:cb:
                    fd:a6:e5:a6:57:4e:40:8d:fe:37:05:bc:2b:2c:36:
                    40:64:a1:11:e9:4f:e9:e8:b5:62:97:38:a6:2a:7d:
                    5e:16:2b:85:6b:f5:6f:7e:fa:f2:5e:fd:9a:44:b2:
                    b6:2a:7f:33:d6:bd:91:68:62:5b:9b:58:1f:8c:ca:
                    62:8b:1d:ce:bc:13:62:c9:96:36:01:3f:e8:51:f8:
                    a3:d7:34:d4:c9:5c:49:a4:72:14:5d:2b:37:1f:94:
                    24:7f:2c:1a:3a:bb:b4:8f:f4:54:9d:46:b9:bb:f7:
                    b5:6a:14:5c:d8:51:15:0a:02:6f:82:5e:29:92:fe:
                    5f:95:4e:3e:20:42:61:e2:eb:f4:15:d2:b9:f0:c5:
                    dd:38:8d:d7:72:6c:44:0d:92:66:e6:54:80:f7:89:
                    38:a5:7a:25:e5:96:e3:76:e4:b3:73:8e:78:5e:39:
                    cf:1c:1b:53:8a:af:d7:a9:4c:70:44:cd:61:f6:66:
                    83:b4:c9:21:6c:33:e5:00:67:9b:fb:aa:b7:af:67:
                    4f:b0:40:dd:38:f2:c6:77:93:d8:0f:30:d1:bd:50:
                    87:f5:ae:97:0d:60:19:d6:fe:7e:6e:a5:39:a0:4c:
                    17:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:DE:A5:8B:35:65:BB:7E:3A:24:B8:0C:1E:43:9A:84:6C:CC:C7:B6
            X509v3 Authority Key Identifier:
                keyid:9D:6B:B7:07:44:26:0A:61:E0:4E:52:9C:A4:B3:E2:6C:A3:86:46:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/be397152a75956fca76ee04ce9c8bda3b156244d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/cb7655fd-7964-449b-bbdd-a3fb5bba6266/3a5b5a599f3b395b58f65cca28dc346464378ba9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/cb7655fd-7964-449b-bbdd-a3fb5bba6266/be397152a75956fca76ee04ce9c8bda3b156244d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         38:90:d1:ca:eb:99:fd:5e:6b:8f:da:91:68:1f:5a:d1:da:d2:
         96:b4:1f:d9:26:ea:11:61:4a:50:84:ff:56:8a:a5:ad:e8:fb:
         21:15:00:09:f5:27:15:8c:2d:0d:c6:e9:72:11:cc:d8:7a:4c:
         5a:d9:b7:b4:ce:86:c1:31:12:b0:98:8b:40:87:e3:de:7f:14:
         df:2f:dd:ae:8e:d4:a0:a9:95:a2:b2:69:7b:e8:0a:80:10:ac:
         b6:f2:ff:de:f1:d1:e6:0a:e2:fe:fe:fb:29:1c:7c:8e:33:79:
         c1:61:63:5f:2e:74:d0:17:dd:f7:21:e7:6a:14:37:44:4f:0e:
         b4:51:78:bb:65:16:4c:82:70:55:56:e9:e9:58:3a:1d:f5:43:
         21:a4:77:21:d9:a4:16:d7:29:27:46:36:39:77:b7:dc:b3:e9:
         00:68:35:f6:9e:df:b4:cf:62:ea:7b:5e:62:e7:98:e0:f7:cd:
         7d:ca:be:fa:05:a3:7e:ea:e9:a0:f1:d1:81:64:02:af:62:93:
         2a:df:93:61:d4:04:96:43:d3:fd:df:81:8f:fd:f8:80:1a:0a:
         fc:25:3d:4b:7f:9d:d6:67:3f:0a:a3:c8:61:d8:18:68:4a:4d:
         df:44:f6:15:c2:c1:c7:30:58:07:44:9a:a3:8a:67:86:85:c6:
         78:d7:91:42
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDI2R7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJl
Mzk3MTUyYTc1OTU2ZmNhNzZlZTA0Y2U5YzhiZGEzYjE1NjI0NGQwHhcNMjMwODIy
MDI1MTIwWhcNMjUwODIzMDI1MTIwWjAzMTEwLwYDVQQDEygzYTViNWE1OTlmM2Iz
OTViNThmNjVjY2EyOGRjMzQ2NDY0Mzc4YmE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhT+tjAukgCBWx83F7muJf+b6w4WZRhTmSIglacv9puWmV05A
jf43BbwrLDZAZKER6U/p6LVilzimKn1eFiuFa/VvfvryXv2aRLK2Kn8z1r2RaGJb
m1gfjMpiix3OvBNiyZY2AT/oUfij1zTUyVxJpHIUXSs3H5QkfywaOru0j/RUnUa5
u/e1ahRc2FEVCgJvgl4pkv5flU4+IEJh4uv0FdK58MXdOI3XcmxEDZJm5lSA94k4
pXol5ZbjduSzc454XjnPHBtTiq/XqUxwRM1h9maDtMkhbDPlAGeb+6q3r2dPsEDd
OPLGd5PYDzDRvVCH9a6XDWAZ1v5+bqU5oEwXSQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFGrepYs1Zbt+OiS4DB5DmoRszMe2MB8GA1UdIwQYMBaAFJ1rtwdEJgph4E5S
nKSz4myjhkYaMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmUzOTcx
NTJhNzU5NTZmY2E3NmVlMDRjZTljOGJkYTNiMTU2MjQ0ZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvY2I3NjU1ZmQtNzk2NC00NDliLWJiZGQtYTNmYjVi
YmE2MjY2LzNhNWI1YTU5OWYzYjM5NWI1OGY2NWNjYTI4ZGMzNDY0NjQzNzhiYTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jYjc2NTVmZC03OTY0LTQ0OWItYmJkZC1hM2Zi
NWJiYTYyNjYvYmUzOTcxNTJhNzU5NTZmY2E3NmVlMDRjZTljOGJkYTNiMTU2MjQ0
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA8gOKDANBgkqhkiG9w0BAQsFAAOCAQEAOJDRyuuZ/V5rj9qR
aB9a0drSlrQf2SbqEWFKUIT/Voqlrej7IRUACfUnFYwtDcbpchHM2HpMWtm3tM6G
wTESsJiLQIfj3n8U3y/dro7UoKmVorJpe+gKgBCstvL/3vHR5gri/v77KRx8jjN5
wWFjXy500Bfd9yHnahQ3RE8OtFF4u2UWTIJwVVbp6Vg6HfVDIaR3IdmkFtcpJ0Y2
OXe33LPpAGg19p7ftM9i6nteYueY4PfNfcq++gWjfurpoPHRgWQCr2KTKt+TYdQE
lkPT/d+Bj/34gBoK/CU9S3+d1mc/CqPIYdgYaEpN30T2FcLBxzBYB0Sao4pnhoXG
eNeRQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:07 2024 by rpki-client on console-fra.rpki-client.org