Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f80cb3d1-8335-49f8-b600-49f350103b02/9cbe1ef14f6ff6bef34570746d682b8a02709653.roa
File:                     9cbe1ef14f6ff6bef34570746d682b8a02709653.roa (raw, json)
Hash identifier:          2nlVHtHGm5utNkr3OGcphrU79YjhXgY65jCtRGzc08Q=
Subject key identifier:   35:C1:7F:82:97:06:D8:C6:37:6D:F0:CA:C2:A0:8B:C4:32:BB:30:43
Certificate issuer:       /CN=bc60fae2b8b5d118366d0ffb0d7ecacf0167aed0
Certificate serial:       25F449
Authority key identifier: 0A:26:3B:CE:B9:F7:4D:A9:83:42:09:5A:07:6F:E6:16:8D:F5:83:E3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bc60fae2b8b5d118366d0ffb0d7ecacf0167aed0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f80cb3d1-8335-49f8-b600-49f350103b02/9cbe1ef14f6ff6bef34570746d682b8a02709653.roa
Signing time:             Thu 09 Nov 2023 20:58:08 +0000
ROA not before:           Thu 09 Nov 2023 20:58:08 +0000
ROA not after:            Sun 09 Nov 2025 20:58:08 +0000
asID:                     27843
IP address blocks:        45.226.68.0/22 maxlen: 24
                          45.231.80.0/22 maxlen: 24
                          45.232.104.0/22 maxlen: 24
                          143.0.248.0/22 maxlen: 24
                          167.249.8.0/22 maxlen: 24
                          168.121.44.0/22 maxlen: 24
                          168.121.48.0/22 maxlen: 24
                          168.121.220.0/22 maxlen: 24
                          168.121.236.0/22 maxlen: 24
                          168.181.8.0/22 maxlen: 24
                          168.205.132.0/22 maxlen: 24
                          170.0.232.0/22 maxlen: 24
                          170.82.96.0/22 maxlen: 24
                          170.231.80.0/22 maxlen: 24
                          170.231.168.0/22 maxlen: 24
                          170.254.232.0/22 maxlen: 24
                          181.177.224.0/19 maxlen: 24
                          190.12.64.0/20 maxlen: 24
                          190.12.80.0/20 maxlen: 24
                          190.102.128.0/19 maxlen: 24
                          191.98.128.0/18 maxlen: 24
                          45.226.68.0/23 maxlen: 24
                          45.226.70.0/23 maxlen: 24
                          45.232.104.0/23 maxlen: 24
                          45.232.106.0/23 maxlen: 24
                          168.121.44.0/24 maxlen: 24
                          168.121.45.0/24 maxlen: 24
                          168.121.46.0/23 maxlen: 24
                          2800:120::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2487369 (0x25f449)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc60fae2b8b5d118366d0ffb0d7ecacf0167aed0
        Validity
            Not Before: Nov  9 20:58:08 2023 GMT
            Not After : Nov  9 20:58:08 2025 GMT
        Subject: CN=9cbe1ef14f6ff6bef34570746d682b8a02709653
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:08:f9:de:cc:40:4a:a8:4a:8d:03:71:d0:6b:
                    ac:29:4d:da:51:13:e4:b5:8e:b3:dc:64:e9:8d:10:
                    44:c1:6e:c4:e0:2a:17:8b:48:90:e2:80:56:10:3b:
                    7b:f0:fe:02:00:94:ba:a0:91:2c:02:a7:71:10:8b:
                    53:67:59:ca:52:be:cc:98:ff:b1:f1:12:d8:53:82:
                    7a:81:da:15:3d:06:c7:e5:4b:22:d5:55:bf:62:25:
                    1a:6a:89:fd:1c:e0:cd:b6:7f:5b:42:94:68:59:08:
                    4d:2d:0c:bb:8d:02:00:4f:6e:48:7f:f2:e0:9d:12:
                    7c:31:63:c9:bd:d3:16:d6:b0:d1:92:5c:53:e2:4b:
                    62:bf:83:eb:61:87:3c:6f:7d:45:34:9b:01:3e:97:
                    5b:4c:ff:c2:d7:7b:12:31:77:a2:eb:84:1f:97:c5:
                    1d:5f:5b:bb:74:e7:31:15:9f:1a:83:ce:c8:54:18:
                    56:ac:76:35:f1:46:79:1f:6e:92:4f:75:4f:16:a7:
                    81:0b:ff:a7:1a:4a:47:0d:4d:a0:81:30:c0:75:db:
                    de:66:a1:97:3b:c6:ec:04:45:f0:2f:d5:aa:36:54:
                    b7:a9:79:d6:93:63:9d:b2:5c:8d:fc:c7:38:ed:1e:
                    da:88:c1:ba:36:86:65:9e:63:6d:68:ae:19:9e:38:
                    e4:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:C1:7F:82:97:06:D8:C6:37:6D:F0:CA:C2:A0:8B:C4:32:BB:30:43
            X509v3 Authority Key Identifier:
                keyid:0A:26:3B:CE:B9:F7:4D:A9:83:42:09:5A:07:6F:E6:16:8D:F5:83:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bc60fae2b8b5d118366d0ffb0d7ecacf0167aed0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f80cb3d1-8335-49f8-b600-49f350103b02/9cbe1ef14f6ff6bef34570746d682b8a02709653.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f80cb3d1-8335-49f8-b600-49f350103b02/bc60fae2b8b5d118366d0ffb0d7ecacf0167aed0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.226.68.0/22
                  45.231.80.0/22
                  45.232.104.0/22
                  143.0.248.0/22
                  167.249.8.0/22
                  168.121.44.0-168.121.51.255
                  168.121.220.0/22
                  168.121.236.0/22
                  168.181.8.0/22
                  168.205.132.0/22
                  170.0.232.0/22
                  170.82.96.0/22
                  170.231.80.0/22
                  170.231.168.0/22
                  170.254.232.0/22
                  181.177.224.0/19
                  190.12.64.0/19
                  190.102.128.0/19
                  191.98.128.0/18
                IPv6:
                  2800:120::/32

    Signature Algorithm: sha256WithRSAEncryption
         0c:a8:25:01:0a:3e:e2:b2:d6:10:33:b5:44:9b:1b:0e:25:45:
         87:04:76:ea:c9:3e:f4:5a:45:e1:61:39:53:07:b7:02:12:ac:
         90:36:ef:3b:b9:14:29:6b:cf:1b:e3:b1:e2:4e:1f:56:46:92:
         1c:2c:ef:fe:c6:a0:fb:56:00:8d:c0:d5:b8:24:d9:bb:28:f3:
         92:b1:cb:ea:72:0b:c7:42:50:3e:6a:fe:02:a7:c1:4b:0b:28:
         fa:92:5c:2f:bb:b6:46:ab:93:27:af:1d:9b:2b:7d:bc:0f:66:
         79:ca:90:2c:0b:95:5a:5a:af:bd:22:7e:70:97:46:a8:97:fe:
         81:e7:61:71:23:a9:80:7e:15:1e:0c:95:be:2b:c3:53:c7:88:
         67:82:d6:3f:87:bb:6c:9a:fd:4a:e1:3d:67:c4:83:76:4c:88:
         77:2a:00:16:ca:e9:88:17:3c:48:89:f0:10:a5:f4:10:b6:3e:
         f2:96:e8:14:66:d3:88:eb:c8:89:85:5d:4d:51:33:42:d4:e9:
         eb:cd:14:d9:e2:68:b0:78:53:c5:03:58:ed:1f:fa:2a:04:4d:
         bd:a9:c7:62:b1:c2:da:8c:e8:9e:07:9b:d3:33:bf:d6:29:fe:
         d3:e0:5a:a1:4b:4c:68:99:d2:46:74:4d:a8:3b:cf:9f:de:a9:
         81:cb:74:ad
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIDJfRJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJj
NjBmYWUyYjhiNWQxMTgzNjZkMGZmYjBkN2VjYWNmMDE2N2FlZDAwHhcNMjMxMTA5
MjA1ODA4WhcNMjUxMTA5MjA1ODA4WjAzMTEwLwYDVQQDEyg5Y2JlMWVmMTRmNmZm
NmJlZjM0NTcwNzQ2ZDY4MmI4YTAyNzA5NjUzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhwj53sxASqhKjQNx0GusKU3aURPktY6z3GTpjRBEwW7E4CoX
i0iQ4oBWEDt78P4CAJS6oJEsAqdxEItTZ1nKUr7MmP+x8RLYU4J6gdoVPQbH5Usi
1VW/YiUaaon9HODNtn9bQpRoWQhNLQy7jQIAT25If/LgnRJ8MWPJvdMW1rDRklxT
4ktiv4PrYYc8b31FNJsBPpdbTP/C13sSMXei64Qfl8UdX1u7dOcxFZ8ag87IVBhW
rHY18UZ5H26ST3VPFqeBC/+nGkpHDU2ggTDAddveZqGXO8bsBEXwL9WqNlS3qXnW
k2OdslyN/Mc47R7aiMG6NoZlnmNtaK4ZnjjkzQIDAQABo4IC4jCCAt4wHQYDVR0O
BBYEFDXBf4KXBtjGN23wysKgi8QyuzBDMB8GA1UdIwQYMBaAFAomO865902pg0IJ
Wgdv5haN9YPjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmM2MGZh
ZTJiOGI1ZDExODM2NmQwZmZiMGQ3ZWNhY2YwMTY3YWVkMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjgwY2IzZDEtODMzNS00OWY4LWI2MDAtNDlmMzUw
MTAzYjAyLzljYmUxZWYxNGY2ZmY2YmVmMzQ1NzA3NDZkNjgyYjhhMDI3MDk2NTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mODBjYjNkMS04MzM1LTQ5ZjgtYjYwMC00OWYz
NTAxMDNiMDIvYmM2MGZhZTJiOGI1ZDExODM2NmQwZmZiMGQ3ZWNhY2YwMTY3YWVk
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBpQYIKwYBBQUHAQcBAf8E
gZUwgZIwgYAEAgABMHoDBAIt4kQDBAIt51ADBAIt6GgDBAKPAPgDBAKn+QgwDAME
Aqh5LAMEAqh5MAMEAqh53AMEAqh57AMEAqi1CAMEAqjNhAMEAqoA6AMEAqpSYAME
AqrnUAMEAqrnqAMEAqr+6AMEBbWx4AMEBb4MQAMEBb5mgAMEBr9igDANBAIAAjAH
AwUAKAABIDANBgkqhkiG9w0BAQsFAAOCAQEADKglAQo+4rLWEDO1RJsbDiVFhwR2
6sk+9FpF4WE5Uwe3AhKskDbvO7kUKWvPG+Ox4k4fVkaSHCzv/sag+1YAjcDVuCTZ
uyjzkrHL6nILx0JQPmr+AqfBSwso+pJcL7u2RquTJ68dmyt9vA9mecqQLAuVWlqv
vSJ+cJdGqJf+gedhcSOpgH4VHgyVvivDU8eIZ4LWP4e7bJr9SuE9Z8SDdkyIdyoA
FsrpiBc8SInwEKX0ELY+8pboFGbTiOvIiYVdTVEzQtTp680U2eJosHhTxQNY7R/6
KgRNvanHYrHC2ozongeb0zO/1in+0+BaoUtMaJnSRnRNqDvPn96pgct0rQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:56 2024 by rpki-client on console-ams.rpki-client.org