Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/5e1022b017a97d8241890d5a907b8e9054293788.roa
File:                     5e1022b017a97d8241890d5a907b8e9054293788.roa (raw, json)
Hash identifier:          O2Qht+eXYOZfhH5Qi/9DvImJ0i/wsxzkwV/m763HmtU=
Subject key identifier:   F4:13:5F:4F:C8:92:DE:3C:37:AC:20:8A:B4:AE:58:62:D6:1E:ED:ED
Certificate issuer:       /CN=a68aca945e5b4e0fa575bbe03b1af65146ef0b6f
Certificate serial:       2081F0
Authority key identifier: 5C:50:E5:03:69:FD:9F:99:A6:92:F6:88:B9:62:BC:77:AC:8A:A9:CB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/5e1022b017a97d8241890d5a907b8e9054293788.roa
Signing time:             Fri 12 May 2023 17:03:31 +0000
ROA not before:           Thu 11 May 2023 17:03:30 +0000
ROA not after:            Mon 12 May 2025 17:03:30 +0000
asID:                     26611
IP address blocks:        191.156.24.0/21 maxlen: 24
                          190.127.128.0/21 maxlen: 24
                          191.156.32.0/19 maxlen: 24
                          190.127.208.0/20 maxlen: 24
                          190.127.224.0/21 maxlen: 24
                          181.144.0.0/12 maxlen: 24
                          181.240.0.0/12 maxlen: 24
                          191.156.64.0/20 maxlen: 24
                          190.126.0.0/16 maxlen: 24
                          191.156.96.0/20 maxlen: 24
                          191.158.0.0/15 maxlen: 24
                          191.156.224.0/19 maxlen: 24
                          190.125.0.0/16 maxlen: 24
                          191.157.0.0/16 maxlen: 24
                          191.64.0.0/12 maxlen: 24
                          190.243.0.0/16 maxlen: 24
                          190.126.0.0/15 maxlen: 24
                          190.130.64.0/18 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2130416 (0x2081f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a68aca945e5b4e0fa575bbe03b1af65146ef0b6f
        Validity
            Not Before: May 11 17:03:30 2023 GMT
            Not After : May 12 17:03:30 2025 GMT
        Subject: CN=5e1022b017a97d8241890d5a907b8e9054293788
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:b3:8b:54:99:e6:be:74:95:74:0f:8b:00:9a:
                    5e:7e:ce:6a:89:54:b0:c9:35:d1:d1:f6:f6:b5:8c:
                    3c:ee:2c:2f:41:23:83:83:81:8c:59:6b:26:ef:b1:
                    ae:37:e9:e6:ed:c7:21:65:cb:be:c4:31:d2:93:1c:
                    62:5f:68:76:59:d5:14:16:09:e4:d9:ee:60:60:06:
                    c8:15:64:c9:f8:d6:f8:b9:07:a7:6d:06:4f:31:dc:
                    ca:3d:70:63:51:b8:0b:96:0a:77:a4:f9:5c:ea:05:
                    b1:bd:dd:3d:99:bb:79:eb:d1:33:f1:f3:63:d3:d5:
                    76:af:b3:a5:61:b7:e9:e4:15:4f:d4:41:32:a8:66:
                    3a:cf:03:b5:67:c9:01:49:9a:a5:3d:df:6f:94:3b:
                    8e:bf:c5:6c:74:5c:c6:20:b5:24:c5:45:ca:9c:d9:
                    bb:f8:28:b5:88:b2:3f:ec:bc:ea:41:92:3e:31:36:
                    ef:1a:60:7b:83:1e:3f:84:65:72:6e:f0:18:b8:82:
                    a2:f9:d9:5b:65:41:1d:02:a8:2b:90:27:a4:d4:61:
                    96:ab:80:15:a1:b4:f5:02:b4:59:d5:39:c2:d5:5d:
                    1f:34:d5:c4:46:e0:f2:03:b0:79:91:85:2f:89:33:
                    ec:2e:21:e7:47:1b:0f:8d:b3:d1:fa:8a:e4:27:6f:
                    91:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:13:5F:4F:C8:92:DE:3C:37:AC:20:8A:B4:AE:58:62:D6:1E:ED:ED
            X509v3 Authority Key Identifier:
                keyid:5C:50:E5:03:69:FD:9F:99:A6:92:F6:88:B9:62:BC:77:AC:8A:A9:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/5e1022b017a97d8241890d5a907b8e9054293788.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.144.0.0/12
                  181.240.0.0/12
                  190.125.0.0-190.127.255.255
                  190.130.64.0/18
                  190.243.0.0/16
                  191.64.0.0/12
                  191.156.24.0-191.156.79.255
                  191.156.96.0/20
                  191.156.224.0-191.159.255.255

    Signature Algorithm: sha256WithRSAEncryption
         7a:74:0c:d0:37:50:a2:d5:6e:ab:22:27:72:8a:27:6e:52:c6:
         8c:d6:02:33:4f:13:6b:52:3d:68:65:6f:39:d5:19:c0:3d:6d:
         f0:d7:15:07:79:8a:3e:50:cf:1c:6f:48:ff:2b:6f:2c:7a:9b:
         43:88:11:b4:1e:22:3f:da:82:52:7d:b1:df:76:02:d3:da:f0:
         2b:48:20:05:80:3e:70:30:cd:6f:e7:f4:63:17:cc:a4:ab:bb:
         93:b2:93:66:b6:ab:8d:e3:79:2e:a1:81:3c:5c:4c:07:60:80:
         23:03:67:f8:44:1e:f6:8a:80:cc:e1:93:a4:54:f8:48:49:20:
         c2:a4:03:94:34:ef:99:ed:41:ef:f3:99:75:43:1d:fa:80:09:
         a7:69:1b:fa:35:71:78:1a:73:a8:6e:5e:c6:15:19:f6:44:33:
         00:02:93:22:37:eb:74:0f:40:2b:21:8e:f3:c1:6f:3c:4a:34:
         e9:97:1a:13:fb:54:73:0f:64:44:a9:58:0d:58:63:c1:38:7d:
         dc:27:7f:1d:71:56:7b:25:01:2d:60:b1:02:d1:fb:be:1b:fb:
         65:52:55:ac:b5:1f:cf:11:ca:b0:50:ad:6d:64:02:02:80:59:
         d2:65:c3:b0:b9:6c:f0:8f:44:12:6c:a2:6c:09:6f:c5:b8:17:
         73:e9:34:e0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDIIHwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE2
OGFjYTk0NWU1YjRlMGZhNTc1YmJlMDNiMWFmNjUxNDZlZjBiNmYwHhcNMjMwNTEx
MTcwMzMwWhcNMjUwNTEyMTcwMzMwWjAzMTEwLwYDVQQDEyg1ZTEwMjJiMDE3YTk3
ZDgyNDE4OTBkNWE5MDdiOGU5MDU0MjkzNzg4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhLOLVJnmvnSVdA+LAJpefs5qiVSwyTXR0fb2tYw87iwvQSOD
g4GMWWsm77GuN+nm7cchZcu+xDHSkxxiX2h2WdUUFgnk2e5gYAbIFWTJ+Nb4uQen
bQZPMdzKPXBjUbgLlgp3pPlc6gWxvd09mbt569Ez8fNj09V2r7OlYbfp5BVP1EEy
qGY6zwO1Z8kBSZqlPd9vlDuOv8VsdFzGILUkxUXKnNm7+Ci1iLI/7LzqQZI+MTbv
GmB7gx4/hGVybvAYuIKi+dlbZUEdAqgrkCek1GGWq4AVobT1ArRZ1TnC1V0fNNXE
RuDyA7B5kYUviTPsLiHnRxsPjbPR+orkJ2+RRQIDAQABo4ICnDCCApgwHQYDVR0O
BBYEFPQTX0/Ikt48N6wgirSuWGLWHu3tMB8GA1UdIwQYMBaAFFxQ5QNp/Z+ZppL2
iLlivHesiqnLMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTY4YWNh
OTQ1ZTViNGUwZmE1NzViYmUwM2IxYWY2NTE0NmVmMGI2Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTgyMTgwNmMtMGU4Mi00MjA0LThiM2MtZGRlN2Mw
ZmM4ZDYyLzVlMTAyMmIwMTdhOTdkODI0MTg5MGQ1YTkwN2I4ZTkwNTQyOTM3ODgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xODIxODA2Yy0wZTgyLTQyMDQtOGIzYy1kZGU3
YzBmYzhkNjIvYTY4YWNhOTQ1ZTViNGUwZmE1NzViYmUwM2IxYWY2NTE0NmVmMGI2
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBggrBgEFBQcBBwEB/wRR
ME8wTQQCAAEwRwMDBLWQAwMEtfAwCgMDAL59AwMHvgADBAa+gkADAwC+8wMDBL9A
MAwDBAO/nBgDBAS/nEADBAS/nGAwCwMEBb+c4AMDBb+AMA0GCSqGSIb3DQEBCwUA
A4IBAQB6dAzQN1Ci1W6rIidyiiduUsaM1gIzTxNrUj1oZW851RnAPW3w1xUHeYo+
UM8cb0j/K28septDiBG0HiI/2oJSfbHfdgLT2vArSCAFgD5wMM1v5/RjF8ykq7uT
spNmtquN43kuoYE8XEwHYIAjA2f4RB72ioDM4ZOkVPhISSDCpAOUNO+Z7UHv85l1
Qx36gAmnaRv6NXF4GnOobl7GFRn2RDMAApMiN+t0D0ArIY7zwW88SjTplxoT+1Rz
D2REqVgNWGPBOH3cJ38dcVZ7JQEtYLEC0fu+G/tlUlWstR/PEcqwUK1tZAICgFnS
ZcOwuWzwj0QSbKJsCW/FuBdz6TTg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:01 2024 by rpki-client on console-ams.rpki-client.org