Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d9f4d316-901c-4c6b-bbd6-4cbb703b0cfd/70dced258be210c38e4d952bb82b8bb12811682e.roa
File:                     70dced258be210c38e4d952bb82b8bb12811682e.roa (raw, json)
Hash identifier:          ggwK13BvOFL+e5PaUFd6noM5759HJr6PbW0TXJnL4EY=
Subject key identifier:   CC:DF:F0:B5:F2:C6:BE:44:E7:DA:B4:95:EB:B5:C2:B1:62:46:B3:56
Certificate issuer:       /CN=85d428ed766701b593558a22e1fc08c17acc6e27
Certificate serial:       031A6C
Authority key identifier: 95:95:8D:0A:54:4B:87:6D:5D:74:C9:FA:66:99:C6:AB:96:71:4E:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/85d428ed766701b593558a22e1fc08c17acc6e27.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d9f4d316-901c-4c6b-bbd6-4cbb703b0cfd/70dced258be210c38e4d952bb82b8bb12811682e.roa
Signing time:             Wed 12 Jul 2023 15:44:00 +0000
ROA not before:           Tue 11 Jul 2023 15:44:00 +0000
ROA not after:            Sat 12 Jul 2025 15:44:00 +0000
asID:                     16629
IP address blocks:        200.90.160.0/20 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 203372 (0x31a6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85d428ed766701b593558a22e1fc08c17acc6e27
        Validity
            Not Before: Jul 11 15:44:00 2023 GMT
            Not After : Jul 12 15:44:00 2025 GMT
        Subject: CN=70dced258be210c38e4d952bb82b8bb12811682e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:35:7b:aa:fd:0f:9c:b5:68:81:7e:d4:0c:df:
                    5b:0a:5e:86:65:44:32:8d:79:17:2d:cd:d7:a6:d6:
                    bd:0f:bc:b8:ac:7b:52:f2:ce:92:40:33:ca:ce:09:
                    e6:77:d6:b8:4c:45:98:c6:8d:72:4c:05:2c:4d:ab:
                    09:46:76:b3:43:eb:f2:20:1b:af:fc:18:dd:bd:2d:
                    b5:06:cf:30:0e:75:ea:11:02:46:ad:81:5e:5e:3d:
                    4f:27:52:10:a4:80:98:36:84:5b:3a:d4:ff:81:e6:
                    78:86:b9:3b:3e:33:a5:46:83:82:50:5f:20:3f:f3:
                    3d:f7:d1:1b:4c:5b:68:e2:aa:b8:da:a9:3d:d8:33:
                    a6:ef:d1:a1:af:36:c7:b0:67:39:22:58:66:c0:50:
                    4e:54:e7:00:63:93:32:99:75:79:a2:7c:2a:2a:e8:
                    5d:7f:f3:89:50:6e:0c:0d:fc:ef:44:8d:b2:b1:0f:
                    b9:1a:5e:6a:a0:79:46:3f:99:12:de:0e:ae:59:5e:
                    38:35:03:a3:45:a3:91:67:bd:a6:6c:86:42:ba:e6:
                    8a:99:77:1d:68:54:c2:ab:b5:23:04:61:fd:a6:43:
                    59:8a:48:27:42:68:fc:38:f1:1e:ec:c2:d2:19:b3:
                    52:8e:e0:69:ea:50:a9:bb:2a:ca:cf:55:88:1d:e4:
                    14:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:DF:F0:B5:F2:C6:BE:44:E7:DA:B4:95:EB:B5:C2:B1:62:46:B3:56
            X509v3 Authority Key Identifier:
                keyid:95:95:8D:0A:54:4B:87:6D:5D:74:C9:FA:66:99:C6:AB:96:71:4E:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/85d428ed766701b593558a22e1fc08c17acc6e27.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d9f4d316-901c-4c6b-bbd6-4cbb703b0cfd/70dced258be210c38e4d952bb82b8bb12811682e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d9f4d316-901c-4c6b-bbd6-4cbb703b0cfd/85d428ed766701b593558a22e1fc08c17acc6e27.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.90.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         e9:fb:9f:6e:bc:da:1f:25:26:f1:a0:a7:27:c6:ae:e4:6d:ea:
         67:f5:c9:69:78:5d:2b:22:44:c8:38:f9:1a:52:f6:7a:23:91:
         9f:9a:ce:3e:38:56:c5:da:ce:c5:45:56:a8:11:be:25:7d:49:
         d0:1b:f4:5d:0f:8c:d6:89:55:27:07:40:04:df:9c:69:ae:e9:
         80:b8:1e:c9:bc:dc:49:59:a0:f0:06:77:4c:60:84:6b:e7:67:
         17:98:fa:21:7c:51:b8:0a:0b:f7:fb:ab:9f:d2:df:83:b9:43:
         6d:ef:14:d1:a9:31:c0:45:60:99:2c:43:59:30:11:64:49:83:
         9b:0a:61:17:ce:99:27:98:1d:cc:e9:95:9f:14:52:6a:43:55:
         c5:8b:6d:88:25:25:53:a1:97:d2:09:2f:1f:e0:8b:a5:15:7c:
         dd:06:a8:a3:a4:4f:64:87:8d:78:2a:11:60:bc:5b:3b:a4:c0:
         36:80:6a:99:c9:1c:d2:64:54:af:80:47:b5:0b:c3:00:80:7e:
         44:a8:85:ee:c2:d4:ce:95:de:94:26:7a:77:f7:d2:ff:d5:f8:
         f7:37:31:65:ba:98:52:84:2c:7f:e1:30:45:c2:8d:6f:96:4d:
         b2:1a:1a:51:28:16:d5:23:c8:2e:d7:a2:c9:b7:d8:d2:99:37:
         b1:6c:e8:db
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDAxpsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg1
ZDQyOGVkNzY2NzAxYjU5MzU1OGEyMmUxZmMwOGMxN2FjYzZlMjcwHhcNMjMwNzEx
MTU0NDAwWhcNMjUwNzEyMTU0NDAwWjAzMTEwLwYDVQQDEyg3MGRjZWQyNThiZTIx
MGMzOGU0ZDk1MmJiODJiOGJiMTI4MTE2ODJlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnDV7qv0PnLVogX7UDN9bCl6GZUQyjXkXLc3Xpta9D7y4rHtS
8s6SQDPKzgnmd9a4TEWYxo1yTAUsTasJRnazQ+vyIBuv/BjdvS21Bs8wDnXqEQJG
rYFeXj1PJ1IQpICYNoRbOtT/geZ4hrk7PjOlRoOCUF8gP/M999EbTFto4qq42qk9
2DOm79GhrzbHsGc5IlhmwFBOVOcAY5MymXV5onwqKuhdf/OJUG4MDfzvRI2ysQ+5
Gl5qoHlGP5kS3g6uWV44NQOjRaORZ72mbIZCuuaKmXcdaFTCq7UjBGH9pkNZikgn
Qmj8OPEe7MLSGbNSjuBp6lCpuyrKz1WIHeQUuQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFMzf8LXyxr5E59q0leu1wrFiRrNWMB8GA1UdIwQYMBaAFJWVjQpUS4dtXXTJ
+maZxquWcU7TMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODVkNDI4
ZWQ3NjY3MDFiNTkzNTU4YTIyZTFmYzA4YzE3YWNjNmUyNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDlmNGQzMTYtOTAxYy00YzZiLWJiZDYtNGNiYjcw
M2IwY2ZkLzcwZGNlZDI1OGJlMjEwYzM4ZTRkOTUyYmI4MmI4YmIxMjgxMTY4MmUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kOWY0ZDMxNi05MDFjLTRjNmItYmJkNi00Y2Ji
NzAzYjBjZmQvODVkNDI4ZWQ3NjY3MDFiNTkzNTU4YTIyZTFmYzA4YzE3YWNjNmUy
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBMhaoDANBgkqhkiG9w0BAQsFAAOCAQEA6fufbrzaHyUm8aCn
J8au5G3qZ/XJaXhdKyJEyDj5GlL2eiORn5rOPjhWxdrOxUVWqBG+JX1J0Bv0XQ+M
1olVJwdABN+caa7pgLgeybzcSVmg8AZ3TGCEa+dnF5j6IXxRuAoL9/urn9Lfg7lD
be8U0akxwEVgmSxDWTARZEmDmwphF86ZJ5gdzOmVnxRSakNVxYttiCUlU6GX0gkv
H+CLpRV83Qaoo6RPZIeNeCoRYLxbO6TANoBqmckc0mRUr4BHtQvDAIB+RKiF7sLU
zpXelCZ6d/fS/9X49zcxZbqYUoQsf+EwRcKNb5ZNshoaUSgW1SPILteiybfY0pk3
sWzo2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:08 2024 by rpki-client on console-fra.rpki-client.org