Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/22b6d1c8fae3197211b44a85f159828abfa0b6b8.roa
File:                     22b6d1c8fae3197211b44a85f159828abfa0b6b8.roa (raw, json)
Hash identifier:          fJT7VlSHH6vMTEBD4UlVEWpzaMcQJcOvNL923+HUVmM=
Subject key identifier:   C5:C4:59:8A:85:75:E6:5D:EE:CC:FD:90:8C:8C:DF:1F:66:70:2B:4F
Certificate issuer:       /CN=ce24136a35f10502f080a99eec6f12882d2f04fa
Certificate serial:       100C73
Authority key identifier: 2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/22b6d1c8fae3197211b44a85f159828abfa0b6b8.roa
Signing time:             Sun 24 Oct 2021 07:18:28 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     40676
IP address blocks:        191.96.110.0/23 maxlen: 24
                          181.214.128.0/23 maxlen: 24
                          181.214.133.0/24 maxlen: 24
                          181.215.47.0/24 maxlen: 24
                          191.96.25.0/24 maxlen: 24
                          181.215.49.0/24 maxlen: 24
                          191.96.131.0/24 maxlen: 24
                          191.96.157.0/24 maxlen: 24
                          191.96.159.0/24 maxlen: 24
                          191.101.44.0/24 maxlen: 24
                          191.101.45.0/24 maxlen: 24
                          191.101.46.0/24 maxlen: 24
                          191.101.47.0/24 maxlen: 24
                          191.101.166.0/24 maxlen: 24
                          191.101.172.0/24 maxlen: 24
                          191.96.52.0/22 maxlen: 24
                          191.101.30.0/23 maxlen: 24
                          181.214.92.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1051763 (0x100c73)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce24136a35f10502f080a99eec6f12882d2f04fa
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=22b6d1c8fae3197211b44a85f159828abfa0b6b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:1d:2c:6d:64:0e:56:95:8e:d5:43:f4:85:b2:
                    51:0a:8c:8c:a8:1c:aa:d5:87:11:cb:bc:f6:b1:8d:
                    7d:6d:c9:e5:6e:eb:e6:c3:c4:9e:0a:cc:b6:33:1d:
                    96:20:ca:a7:ad:80:95:f1:c7:26:ce:9f:af:1e:01:
                    eb:06:5d:34:2d:05:37:0c:93:08:dd:c8:14:02:19:
                    8a:5c:b6:17:a1:99:24:da:82:57:0c:ec:86:6d:9c:
                    cb:46:da:a6:49:e2:95:e4:bf:ab:a3:ac:df:71:9b:
                    0d:0d:13:b2:6c:18:a9:ec:eb:ec:39:fb:0d:3e:17:
                    09:49:bb:00:3c:24:bc:b5:95:61:94:8c:89:73:3b:
                    f1:6e:ab:ff:64:1c:cf:e5:cf:c1:d1:b4:56:18:33:
                    11:29:2d:c9:73:e4:16:8a:7c:fb:cf:b9:09:72:9d:
                    3d:ea:79:38:a4:ad:2f:67:21:83:af:c3:2b:11:31:
                    6f:8f:5e:cb:79:a5:e6:95:25:ea:be:7d:94:6f:1b:
                    76:b0:62:15:e1:b8:11:a9:2c:b1:39:84:03:3b:b4:
                    65:6b:f5:ce:d2:70:63:68:ff:c3:e0:79:7c:5a:4a:
                    96:b8:ab:39:9b:72:63:c6:01:6b:1e:31:0b:53:f7:
                    ea:f5:fc:e1:48:81:f9:04:00:de:a7:35:a3:11:95:
                    57:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:C4:59:8A:85:75:E6:5D:EE:CC:FD:90:8C:8C:DF:1F:66:70:2B:4F
            X509v3 Authority Key Identifier:
                keyid:2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/22b6d1c8fae3197211b44a85f159828abfa0b6b8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/ce24136a35f10502f080a99eec6f12882d2f04fa.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.214.92.0/22
                  181.214.128.0/23
                  181.214.133.0/24
                  181.215.47.0/24
                  181.215.49.0/24
                  191.96.25.0/24
                  191.96.52.0/22
                  191.96.110.0/23
                  191.96.131.0/24
                  191.96.157.0/24
                  191.96.159.0/24
                  191.101.30.0/23
                  191.101.44.0/22
                  191.101.166.0/24
                  191.101.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:85:b6:3d:b1:25:b0:28:12:ac:84:67:46:e1:6e:d4:42:6c:
         02:18:e7:af:ad:42:da:0c:99:08:80:dc:18:d7:6d:09:ff:43:
         61:7e:fd:ba:fc:62:b3:34:c0:d8:d6:cc:e4:8d:7d:a9:88:76:
         0c:f4:90:93:d3:f5:96:3c:73:df:e6:ec:5a:69:e4:d8:4b:96:
         8d:d8:46:07:bb:6b:79:47:1e:7d:3d:66:95:a6:72:27:f1:b8:
         63:c4:58:e4:28:fb:5c:08:f9:ac:06:b2:a5:c6:4d:e3:4e:02:
         e5:5a:20:3d:a8:f1:d6:50:37:ce:1b:01:74:64:63:ae:78:e7:
         ab:29:a3:d1:9c:66:f9:5a:75:d2:2c:20:ff:bf:2a:12:28:12:
         6d:c8:c4:5e:32:9c:27:22:5c:a7:a6:87:9b:af:04:43:05:3c:
         50:30:23:57:ce:59:43:02:56:7a:82:2b:9b:d7:e5:aa:d8:da:
         8e:80:5c:28:e9:2c:ea:4e:32:01:63:29:da:72:85:64:10:12:
         09:d5:68:6b:3e:54:16:d4:fe:c4:54:e5:df:4c:e3:41:d8:47:
         c5:54:f6:6a:71:f6:84:b3:37:d6:a7:a5:58:81:a4:27:b5:6f:
         1a:b9:e2:ee:e5:7c:2f:ad:89:7a:eb:16:c3:55:1c:f6:1a:99:
         d4:6d:f0:39
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIDEAxzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
MjQxMzZhMzVmMTA1MDJmMDgwYTk5ZWVjNmYxMjg4MmQyZjA0ZmEwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygyMmI2ZDFjOGZhZTMx
OTcyMTFiNDRhODVmMTU5ODI4YWJmYTBiNmI4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxx0sbWQOVpWO1UP0hbJRCoyMqByq1YcRy7z2sY19bcnlbuvm
w8SeCsy2Mx2WIMqnrYCV8ccmzp+vHgHrBl00LQU3DJMI3cgUAhmKXLYXoZkk2oJX
DOyGbZzLRtqmSeKV5L+ro6zfcZsNDROybBip7OvsOfsNPhcJSbsAPCS8tZVhlIyJ
czvxbqv/ZBzP5c/B0bRWGDMRKS3Jc+QWinz7z7kJcp096nk4pK0vZyGDr8MrETFv
j17LeaXmlSXqvn2Ubxt2sGIV4bgRqSyxOYQDO7Rla/XO0nBjaP/D4Hl8WkqWuKs5
m3JjxgFrHjELU/fq9fzhSIH5BADepzWjEZVXJQIDAQABo4ICrzCCAqswHQYDVR0O
BBYEFMXEWYqFdeZd7sz9kIyM3x9mcCtPMB8GA1UdIwQYMBaAFCu/7xlfe0CD3zd7
L/vHe1DdEArjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2UyNDEz
NmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRmYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWVmNGIwNjYtZTRkMi00ZTUzLTgzOWUtOGJkZmZi
MTdhNTJiLzIyYjZkMWM4ZmFlMzE5NzIxMWI0NGE4NWYxNTk4MjhhYmZhMGI2Yjgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZWY0YjA2Ni1lNGQyLTRlNTMtODM5ZS04YmRm
ZmIxN2E1MmIvY2UyNDEzNmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRm
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBzBggrBgEFBQcBBwEB/wRk
MGIwYAQCAAEwWgMEArXWXAMEAbXWgAMEALXWhQMEALXXLwMEALXXMQMEAL9gGQME
Ar9gNAMEAb9gbgMEAL9ggwMEAL9gnQMEAL9gnwMEAb9lHgMEAr9lLAMEAL9lpgME
AL9lrDANBgkqhkiG9w0BAQsFAAOCAQEALIW2PbElsCgSrIRnRuFu1EJsAhjnr61C
2gyZCIDcGNdtCf9DYX79uvxiszTA2NbM5I19qYh2DPSQk9P1ljxz3+bsWmnk2EuW
jdhGB7treUcefT1mlaZyJ/G4Y8RY5Cj7XAj5rAaypcZN404C5VogPajx1lA3zhsB
dGRjrnjnqymj0Zxm+Vp10iwg/78qEigSbcjEXjKcJyJcp6aHm68EQwU8UDAjV85Z
QwJWeoIrm9flqtjajoBcKOks6k4yAWMp2nKFZBASCdVoaz5UFtT+xFTl30zjQdhH
xVT2anH2hLM31qelWIGkJ7VvGrni7uV8L62JeusWw1Uc9hqZ1G3wOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:23 2024 by rpki-client on console-fra.rpki-client.org