Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/2723b59fdc4cf12647cc747355a8f9bcb6723b53.roa
File:                     2723b59fdc4cf12647cc747355a8f9bcb6723b53.roa (raw, json)
Hash identifier:          faNJwNHB6QLZ01iCYWM+HHrXJxJRA2Sr8WI81jGkyAc=
Subject key identifier:   09:B3:CD:85:2E:94:20:A2:C4:78:4E:7F:AA:5B:59:3D:56:3A:91:86
Certificate issuer:       /CN=ce24136a35f10502f080a99eec6f12882d2f04fa
Certificate serial:       1636AD
Authority key identifier: 2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/2723b59fdc4cf12647cc747355a8f9bcb6723b53.roa
Signing time:             Tue 15 Feb 2022 19:39:17 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     3356
IP address blocks:        191.96.94.0/24 maxlen: 24
                          181.214.197.0/24 maxlen: 24
                          181.215.35.0/24 maxlen: 24
                          181.215.31.0/24 maxlen: 24
                          191.96.206.0/24 maxlen: 24
                          191.96.168.0/24 maxlen: 24
                          191.101.202.0/23 maxlen: 24
                          181.215.252.0/23 maxlen: 24
                          181.214.78.0/23 maxlen: 24
                          181.214.198.0/24 maxlen: 24
                          191.96.52.0/22 maxlen: 24
                          181.214.84.0/23 maxlen: 24
                          181.215.244.0/23 maxlen: 24
                          191.96.118.0/24 maxlen: 24
                          191.101.187.0/24 maxlen: 24
                          191.101.194.0/23 maxlen: 24
                          181.214.146.0/24 maxlen: 24
                          191.96.29.0/24 maxlen: 24
                          191.96.61.0/24 maxlen: 24
                          191.96.34.0/24 maxlen: 24
                          191.96.233.0/24 maxlen: 24
                          191.101.190.0/24 maxlen: 24
                          191.101.191.0/24 maxlen: 24
                          181.214.13.0/24 maxlen: 24
                          181.214.255.0/24 maxlen: 24
                          179.61.226.0/24 maxlen: 24
                          191.96.140.0/24 maxlen: 24
                          191.96.149.0/24 maxlen: 24
                          179.61.203.0/24 maxlen: 24
                          191.101.181.0/24 maxlen: 24
                          191.96.245.0/24 maxlen: 24
                          191.96.118.0/24 maxlen: 24
                          181.214.244.0/24 maxlen: 24
                          181.214.122.0/24 maxlen: 24
                          181.215.9.0/24 maxlen: 24
                          191.101.168.0/24 maxlen: 24
                          191.96.207.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1455789 (0x1636ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce24136a35f10502f080a99eec6f12882d2f04fa
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=2723b59fdc4cf12647cc747355a8f9bcb6723b53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:8a:cb:61:f4:0a:1e:28:0a:a3:9f:45:b5:0f:
                    31:70:03:88:72:c4:65:86:f8:2e:53:ae:3a:95:91:
                    d7:18:a0:ea:5f:5a:3b:d5:bd:c7:d2:66:0f:79:e3:
                    e4:95:bd:c2:88:e4:18:84:72:22:30:7f:6f:31:d4:
                    1a:39:da:75:36:99:3f:88:a9:0b:6f:9e:4c:33:35:
                    ad:f0:49:67:fa:48:e1:ab:2b:08:e8:5d:40:42:27:
                    c7:da:47:3e:ec:29:a9:02:63:26:4a:44:ec:2b:b7:
                    6b:96:dc:ed:09:f8:bd:6b:a6:ac:dc:7d:8b:60:2b:
                    cc:52:77:8a:b3:97:ea:5e:76:bf:f7:1d:32:a4:17:
                    2a:8f:f7:64:5a:54:54:32:21:e8:7f:bf:d0:0d:d8:
                    b4:b5:25:2e:07:d7:3e:26:a9:e9:12:31:1b:77:d7:
                    23:f5:a4:a3:9f:80:c9:a6:29:ff:78:bb:bc:10:e7:
                    99:be:5b:b8:ff:f1:a1:a6:ff:fc:6a:c0:2f:79:9b:
                    8b:5d:ec:51:b9:77:da:e2:1b:3c:f1:5f:a7:7d:7c:
                    aa:3a:d1:52:40:98:97:12:67:e0:02:27:7c:7d:a0:
                    76:cd:16:16:78:c8:d3:93:48:b2:24:99:7b:a4:ef:
                    bd:0b:51:62:1e:27:22:b4:fe:05:3c:1f:27:0e:78:
                    af:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:B3:CD:85:2E:94:20:A2:C4:78:4E:7F:AA:5B:59:3D:56:3A:91:86
            X509v3 Authority Key Identifier:
                keyid:2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/2723b59fdc4cf12647cc747355a8f9bcb6723b53.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/ce24136a35f10502f080a99eec6f12882d2f04fa.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.203.0/24
                  179.61.226.0/24
                  181.214.13.0/24
                  181.214.78.0/23
                  181.214.84.0/23
                  181.214.122.0/24
                  181.214.146.0/24
                  181.214.197.0-181.214.198.255
                  181.214.244.0/24
                  181.214.255.0/24
                  181.215.9.0/24
                  181.215.31.0/24
                  181.215.35.0/24
                  181.215.244.0/23
                  181.215.252.0/23
                  191.96.29.0/24
                  191.96.34.0/24
                  191.96.52.0/22
                  191.96.61.0/24
                  191.96.94.0/24
                  191.96.118.0/24
                  191.96.140.0/24
                  191.96.149.0/24
                  191.96.168.0/24
                  191.96.206.0/23
                  191.96.233.0/24
                  191.96.245.0/24
                  191.101.168.0/24
                  191.101.181.0/24
                  191.101.187.0/24
                  191.101.190.0/23
                  191.101.194.0/23
                  191.101.202.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:80:ce:11:33:b5:da:a6:f6:cf:92:75:61:cd:72:4a:98:35:
         a9:60:be:48:c5:c4:ca:89:8b:16:8d:83:45:0a:1b:cc:56:6e:
         89:81:7e:7f:80:36:ce:85:99:39:7a:fa:90:19:4d:67:21:85:
         29:13:84:1c:4a:c0:dd:0f:09:4d:5a:2c:be:da:e7:ec:aa:92:
         9b:22:68:e3:2f:3c:2f:ee:6d:3e:b0:4f:f5:d9:19:39:b4:a3:
         d8:33:92:a4:51:28:29:fc:1b:a0:ae:cd:51:cd:66:6f:2e:52:
         53:15:55:d5:0c:4f:a5:7b:72:15:fc:8d:13:48:e0:c6:34:be:
         58:20:95:aa:48:85:64:56:4e:bf:2d:8a:0d:0d:d7:4a:48:f1:
         16:3b:fb:b7:23:9d:a2:9b:2b:80:c6:cc:06:40:05:1b:ec:23:
         2f:18:c3:34:0f:47:60:21:d3:fd:7e:6e:ac:d3:dc:17:cb:31:
         34:98:0d:c5:4f:53:69:f7:34:a7:8f:d6:37:38:2f:75:33:ba:
         6d:6d:1c:43:ba:24:51:f7:32:51:5f:57:08:c7:76:7b:fe:71:
         23:ff:af:9d:50:bc:51:51:a5:86:2e:95:fb:8c:5f:7b:3a:e6:
         3e:b3:78:44:23:56:95:9a:91:e5:e8:9b:22:e6:51:f2:1d:15:
         c0:e8:b3:98
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIDFjatMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
MjQxMzZhMzVmMTA1MDJmMDgwYTk5ZWVjNmYxMjg4MmQyZjA0ZmEwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygyNzIzYjU5ZmRjNGNm
MTI2NDdjYzc0NzM1NWE4ZjliY2I2NzIzYjUzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl4rLYfQKHigKo59FtQ8xcAOIcsRlhvguU646lZHXGKDqX1o7
1b3H0mYPeePklb3CiOQYhHIiMH9vMdQaOdp1Npk/iKkLb55MMzWt8Eln+kjhqysI
6F1AQifH2kc+7CmpAmMmSkTsK7drltztCfi9a6as3H2LYCvMUneKs5fqXna/9x0y
pBcqj/dkWlRUMiHof7/QDdi0tSUuB9c+JqnpEjEbd9cj9aSjn4DJpin/eLu8EOeZ
vlu4//Ghpv/8asAveZuLXexRuXfa4hs88V+nfXyqOtFSQJiXEmfgAid8faB2zRYW
eMjTk0iyJJl7pO+9C1FiHicitP4FPB8nDnivVwIDAQABo4IDKDCCAyQwHQYDVR0O
BBYEFAmzzYUulCCixHhOf6pbWT1WOpGGMB8GA1UdIwQYMBaAFCu/7xlfe0CD3zd7
L/vHe1DdEArjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2UyNDEz
NmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRmYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWVmNGIwNjYtZTRkMi00ZTUzLTgzOWUtOGJkZmZi
MTdhNTJiLzI3MjNiNTlmZGM0Y2YxMjY0N2NjNzQ3MzU1YThmOWJjYjY3MjNiNTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZWY0YjA2Ni1lNGQyLTRlNTMtODM5ZS04YmRm
ZmIxN2E1MmIvY2UyNDEzNmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRm
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB6wYIKwYBBQUHAQcBAf8E
gdswgdgwgdUEAgABMIHOAwQAsz3LAwQAsz3iAwQAtdYNAwQBtdZOAwQBtdZUAwQA
tdZ6AwQAtdaSMAwDBAC11sUDBAC11sYDBAC11vQDBAC11v8DBAC11wkDBAC11x8D
BAC11yMDBAG11/QDBAG11/wDBAC/YB0DBAC/YCIDBAK/YDQDBAC/YD0DBAC/YF4D
BAC/YHYDBAC/YIwDBAC/YJUDBAC/YKgDBAG/YM4DBAC/YOkDBAC/YPUDBAC/ZagD
BAC/ZbUDBAC/ZbsDBAG/Zb4DBAG/ZcIDBAG/ZcowDQYJKoZIhvcNAQELBQADggEB
AImAzhEztdqm9s+SdWHNckqYNalgvkjFxMqJixaNg0UKG8xWbomBfn+ANs6FmTl6
+pAZTWchhSkThBxKwN0PCU1aLL7a5+yqkpsiaOMvPC/ubT6wT/XZGTm0o9gzkqRR
KCn8G6CuzVHNZm8uUlMVVdUMT6V7chX8jRNI4MY0vlgglapIhWRWTr8tig0N10pI
8RY7+7cjnaKbK4DGzAZABRvsIy8YwzQPR2Ah0/1+bqzT3BfLMTSYDcVPU2n3NKeP
1jc4L3Uzum1tHEO6JFH3MlFfVwjHdnv+cSP/r51QvFFRpYYulfuMX3s65j6zeEQj
VpWakeXomyLmUfIdFcDos5g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:02 2024 by rpki-client on console-ams.rpki-client.org