Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d9f4d316-901c-4c6b-bbd6-4cbb703b0cfd/3fb8c37d49852d431a3caa98ae6df227c65946fb.roa
File:                     3fb8c37d49852d431a3caa98ae6df227c65946fb.roa (raw, json)
Hash identifier:          fnDbzandMi53un3bWlSjvZXNLDNQDJkpF9tIEBfKbq4=
Subject key identifier:   18:71:4F:E1:5A:A2:5D:65:01:40:A2:FE:39:C8:36:AD:45:F0:9B:68
Certificate issuer:       /CN=85d428ed766701b593558a22e1fc08c17acc6e27
Certificate serial:       029688
Authority key identifier: 95:95:8D:0A:54:4B:87:6D:5D:74:C9:FA:66:99:C6:AB:96:71:4E:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/85d428ed766701b593558a22e1fc08c17acc6e27.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d9f4d316-901c-4c6b-bbd6-4cbb703b0cfd/3fb8c37d49852d431a3caa98ae6df227c65946fb.roa
Signing time:             Tue 11 Jul 2023 17:45:44 +0000
ROA not before:           Mon 10 Jul 2023 17:45:44 +0000
ROA not after:            Fri 11 Jul 2025 17:45:44 +0000
asID:                     16629
IP address blocks:        200.42.184.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 169608 (0x29688)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85d428ed766701b593558a22e1fc08c17acc6e27
        Validity
            Not Before: Jul 10 17:45:44 2023 GMT
            Not After : Jul 11 17:45:44 2025 GMT
        Subject: CN=3fb8c37d49852d431a3caa98ae6df227c65946fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:66:9a:7a:f9:01:ca:90:33:10:32:1d:4c:cb:
                    a4:aa:22:41:51:f8:50:12:bf:b2:77:7e:92:77:86:
                    30:84:8f:c6:c2:88:6c:03:b4:7c:91:36:b8:24:f7:
                    0e:d1:b3:3b:9d:53:b9:45:c1:8f:dd:46:ef:4a:65:
                    d8:49:3a:8b:50:3f:70:10:09:f5:82:84:8e:04:d4:
                    eb:76:5e:1b:95:d7:f1:61:d6:14:a4:f9:68:23:5d:
                    aa:7b:72:ac:9e:3e:01:d1:6e:5e:1e:eb:11:b7:8a:
                    68:5c:78:8f:2e:95:f5:fd:95:d4:f4:96:05:cd:09:
                    a8:cd:6d:06:d5:cb:69:91:7c:ef:47:8f:7a:21:4b:
                    4b:6b:5a:54:78:79:0d:9c:c2:25:55:06:96:ca:21:
                    3d:76:09:87:71:66:31:78:6d:b2:3a:5b:5b:88:9c:
                    30:f0:a3:88:50:18:86:8b:2c:77:fd:0f:f1:02:6f:
                    ed:33:02:25:62:78:b3:86:95:48:0d:0e:2a:70:14:
                    d6:45:e1:3c:c0:dd:74:71:f0:c6:5c:58:d2:d7:39:
                    7d:ad:db:f2:6e:3a:23:e7:c7:ff:64:fb:5d:55:d6:
                    1b:0a:2a:94:7b:24:1e:32:ea:e2:a8:f0:14:dc:51:
                    e8:f2:5b:b5:5f:22:6f:09:f9:d4:b6:f0:b3:41:d9:
                    9b:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:71:4F:E1:5A:A2:5D:65:01:40:A2:FE:39:C8:36:AD:45:F0:9B:68
            X509v3 Authority Key Identifier:
                keyid:95:95:8D:0A:54:4B:87:6D:5D:74:C9:FA:66:99:C6:AB:96:71:4E:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/85d428ed766701b593558a22e1fc08c17acc6e27.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d9f4d316-901c-4c6b-bbd6-4cbb703b0cfd/3fb8c37d49852d431a3caa98ae6df227c65946fb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d9f4d316-901c-4c6b-bbd6-4cbb703b0cfd/85d428ed766701b593558a22e1fc08c17acc6e27.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.42.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b2:bc:38:37:23:56:91:0c:46:0f:dc:ef:1b:29:38:25:6f:98:
         eb:fe:13:75:f4:2f:1f:23:40:6a:42:af:cc:ba:00:10:a0:19:
         bc:0e:43:7c:95:0c:8c:27:b7:a0:1c:ed:e0:34:65:1c:b8:d1:
         9a:88:14:5a:7a:a5:ee:36:7e:9f:73:63:ed:1e:cf:a1:a9:71:
         f0:8c:63:b0:03:4e:20:c2:75:dc:f2:72:34:27:28:51:15:34:
         4c:7b:5a:11:1e:4b:a3:0f:62:71:6f:61:2a:83:5a:1c:ca:57:
         94:a7:f3:0c:50:e9:74:cd:09:c9:ff:76:cd:5a:bb:a1:98:3c:
         86:d9:5f:7b:2f:6a:0e:70:a9:8c:fa:b9:f0:5b:0e:89:8b:21:
         93:76:59:91:5b:87:08:85:8c:9e:34:c3:5d:d9:d1:16:87:e8:
         de:81:ba:e8:bb:05:a9:f2:55:52:4e:fc:34:35:c4:39:3f:75:
         c4:47:a7:c2:bb:21:81:14:73:03:bb:e0:a2:56:d9:0a:01:a0:
         fc:65:df:ed:fd:63:07:20:8b:cb:b7:e4:dd:50:c3:93:40:d6:
         86:39:f0:8c:e9:fa:84:90:7f:65:6e:37:8b:bd:47:5b:e7:25:
         fa:0f:0e:c1:d1:28:fe:09:92:6e:6b:8f:70:5b:ec:f8:e4:d9:
         18:90:07:46
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDApaIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg1
ZDQyOGVkNzY2NzAxYjU5MzU1OGEyMmUxZmMwOGMxN2FjYzZlMjcwHhcNMjMwNzEw
MTc0NTQ0WhcNMjUwNzExMTc0NTQ0WjAzMTEwLwYDVQQDEygzZmI4YzM3ZDQ5ODUy
ZDQzMWEzY2FhOThhZTZkZjIyN2M2NTk0NmZiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAw2aaevkBypAzEDIdTMukqiJBUfhQEr+yd36Sd4YwhI/Gwohs
A7R8kTa4JPcO0bM7nVO5RcGP3UbvSmXYSTqLUD9wEAn1goSOBNTrdl4bldfxYdYU
pPloI12qe3Ksnj4B0W5eHusRt4poXHiPLpX1/ZXU9JYFzQmozW0G1ctpkXzvR496
IUtLa1pUeHkNnMIlVQaWyiE9dgmHcWYxeG2yOltbiJww8KOIUBiGiyx3/Q/xAm/t
MwIlYnizhpVIDQ4qcBTWReE8wN10cfDGXFjS1zl9rdvybjoj58f/ZPtdVdYbCiqU
eyQeMuriqPAU3FHo8lu1XyJvCfnUtvCzQdmbwQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBhxT+Faol1lAUCi/jnINq1F8JtoMB8GA1UdIwQYMBaAFJWVjQpUS4dtXXTJ
+maZxquWcU7TMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODVkNDI4
ZWQ3NjY3MDFiNTkzNTU4YTIyZTFmYzA4YzE3YWNjNmUyNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDlmNGQzMTYtOTAxYy00YzZiLWJiZDYtNGNiYjcw
M2IwY2ZkLzNmYjhjMzdkNDk4NTJkNDMxYTNjYWE5OGFlNmRmMjI3YzY1OTQ2ZmIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kOWY0ZDMxNi05MDFjLTRjNmItYmJkNi00Y2Ji
NzAzYjBjZmQvODVkNDI4ZWQ3NjY3MDFiNTkzNTU4YTIyZTFmYzA4YzE3YWNjNmUy
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAsgquDANBgkqhkiG9w0BAQsFAAOCAQEAsrw4NyNWkQxGD9zv
Gyk4JW+Y6/4TdfQvHyNAakKvzLoAEKAZvA5DfJUMjCe3oBzt4DRlHLjRmogUWnql
7jZ+n3Nj7R7Poalx8IxjsANOIMJ13PJyNCcoURU0THtaER5Low9icW9hKoNaHMpX
lKfzDFDpdM0Jyf92zVq7oZg8htlfey9qDnCpjPq58FsOiYshk3ZZkVuHCIWMnjTD
XdnRFofo3oG66LsFqfJVUk78NDXEOT91xEenwrshgRRzA7vgolbZCgGg/GXf7f1j
ByCLy7fk3VDDk0DWhjnwjOn6hJB/ZW43i71HW+cl+g8OwdEo/gmSbmuPcFvs+OTZ
GJAHRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:36 2024 by rpki-client on console-ams.rpki-client.org