Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/468d8f19889b783ba93f393b2084f14ec6076072.roa
File:                     468d8f19889b783ba93f393b2084f14ec6076072.roa (raw, json)
Hash identifier:          xI9PwcsIh9s4pnpQZ+p5ytqp/mIovwGpH6adPa5AONE=
Subject key identifier:   B0:94:32:6E:C1:A1:C5:3E:F7:2A:11:8F:60:22:C3:59:A1:57:3F:0B
Certificate issuer:       /CN=ce24136a35f10502f080a99eec6f12882d2f04fa
Certificate serial:       130459
Authority key identifier: 2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/468d8f19889b783ba93f393b2084f14ec6076072.roa
Signing time:             Tue 28 Dec 2021 08:16:57 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     46337
IP address blocks:        179.61.137.0/24 maxlen: 24
                          179.61.192.0/24 maxlen: 24
                          179.61.232.0/24 maxlen: 24
                          181.214.31.0/24 maxlen: 24
                          181.214.83.0/24 maxlen: 24
                          181.214.142.0/24 maxlen: 24
                          181.214.156.0/24 maxlen: 24
                          181.215.55.0/24 maxlen: 24
                          191.96.133.0/24 maxlen: 24
                          191.96.151.0/24 maxlen: 24
                          191.96.165.0/24 maxlen: 24
                          191.96.223.0/24 maxlen: 24
                          191.101.33.0/24 maxlen: 24
                          191.101.50.0/24 maxlen: 24
                          191.101.241.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1246297 (0x130459)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce24136a35f10502f080a99eec6f12882d2f04fa
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=468d8f19889b783ba93f393b2084f14ec6076072
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:a9:41:6d:c9:5b:a2:69:87:bb:e8:85:62:82:
                    63:4a:44:38:37:4b:ef:a7:d0:ed:3b:b7:53:f6:ee:
                    4b:3b:8a:52:f4:29:ce:14:3c:9a:1c:5b:dd:8e:65:
                    79:b7:fe:0f:a5:ae:a6:2f:c3:d6:4d:72:4f:93:34:
                    a8:d1:e2:5a:75:e0:ee:c5:68:da:f7:e8:28:a8:2c:
                    39:2f:15:7f:a6:c9:ce:ac:6b:a7:35:0b:b7:c1:e0:
                    13:6d:4b:fb:f0:4d:32:2a:15:8e:d8:7d:c5:b0:0e:
                    59:c4:42:17:64:6a:1a:83:78:ee:02:8b:a6:e1:1b:
                    be:a1:27:41:f8:f1:b8:9d:60:c4:a5:74:d1:5f:8e:
                    92:14:cb:b9:97:b9:9c:0a:5e:46:58:e2:88:63:3c:
                    f2:9a:57:f8:0a:7a:14:78:1f:b4:8f:e7:6d:f4:e1:
                    f0:01:bb:21:ea:d1:f4:d4:95:2d:21:78:5f:27:1a:
                    35:02:db:a9:b4:2f:45:9f:29:a9:b5:0a:46:76:ca:
                    46:1b:a2:36:da:7b:7d:0e:b5:0c:75:c5:26:e6:35:
                    97:ae:e5:4f:ae:1a:41:fe:68:f3:73:85:d0:45:bb:
                    ab:6d:4a:12:43:81:74:19:a9:c7:c5:6e:5a:0d:5f:
                    70:61:c8:df:96:c1:47:f4:08:f7:ba:f3:55:7e:12:
                    00:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:94:32:6E:C1:A1:C5:3E:F7:2A:11:8F:60:22:C3:59:A1:57:3F:0B
            X509v3 Authority Key Identifier:
                keyid:2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/468d8f19889b783ba93f393b2084f14ec6076072.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/ce24136a35f10502f080a99eec6f12882d2f04fa.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.137.0/24
                  179.61.192.0/24
                  179.61.232.0/24
                  181.214.31.0/24
                  181.214.83.0/24
                  181.214.142.0/24
                  181.214.156.0/24
                  181.215.55.0/24
                  191.96.133.0/24
                  191.96.151.0/24
                  191.96.165.0/24
                  191.96.223.0/24
                  191.101.33.0/24
                  191.101.50.0/24
                  191.101.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:ec:ca:b9:7b:8e:16:6e:d0:da:d1:81:c1:36:01:00:89:ec:
         f4:d0:c3:c4:54:ae:e5:26:a1:08:ec:50:fa:f6:20:03:27:d9:
         07:90:18:b0:f3:b9:82:1d:94:ea:39:aa:b3:a7:07:c8:06:dd:
         b5:78:3a:db:6a:a2:2d:08:0e:3d:55:55:2e:cd:bd:c1:e1:d7:
         9a:3f:27:e3:e3:96:a2:91:ff:68:43:14:60:b7:14:e0:56:fc:
         10:ee:af:9c:b7:42:21:6a:83:75:e6:c9:09:b9:b1:3f:5e:81:
         20:fa:16:ce:6e:88:58:aa:77:22:27:4c:4b:de:88:ae:4c:a6:
         9d:0f:94:4c:7e:1b:a3:6b:7b:27:da:ee:62:11:5d:31:ce:98:
         58:45:96:b5:d2:81:a7:15:5c:2f:4d:19:60:98:ce:c4:f5:0e:
         d5:bb:0b:ca:75:18:40:98:6a:ae:c3:76:b0:65:71:d9:3d:36:
         80:fd:4d:0e:d3:b4:dc:85:d4:f8:cc:a3:71:4e:07:8e:55:9c:
         78:74:ce:0d:bf:55:27:86:b3:7a:eb:63:04:97:55:a5:9c:9f:
         5d:5c:d0:a2:80:2c:20:7f:9b:22:cf:1b:f4:47:96:5e:cd:c2:
         c2:4a:4d:96:78:b2:54:41:c4:55:19:87:b9:fb:86:d6:f3:a0:
         1b:e0:29:f9
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIDEwRZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
MjQxMzZhMzVmMTA1MDJmMDgwYTk5ZWVjNmYxMjg4MmQyZjA0ZmEwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg0NjhkOGYxOTg4OWI3
ODNiYTkzZjM5M2IyMDg0ZjE0ZWM2MDc2MDcyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkKlBbclbommHu+iFYoJjSkQ4N0vvp9DtO7dT9u5LO4pS9CnO
FDyaHFvdjmV5t/4Ppa6mL8PWTXJPkzSo0eJadeDuxWja9+goqCw5LxV/psnOrGun
NQu3weATbUv78E0yKhWO2H3FsA5ZxEIXZGoag3juAoum4Ru+oSdB+PG4nWDEpXTR
X46SFMu5l7mcCl5GWOKIYzzymlf4CnoUeB+0j+dt9OHwAbsh6tH01JUtIXhfJxo1
AtuptC9FnymptQpGdspGG6I22nt9DrUMdcUm5jWXruVPrhpB/mjzc4XQRburbUoS
Q4F0GanHxW5aDV9wYcjflsFH9Aj3uvNVfhIAswIDAQABo4ICrzCCAqswHQYDVR0O
BBYEFLCUMm7BocU+9yoRj2Aiw1mhVz8LMB8GA1UdIwQYMBaAFCu/7xlfe0CD3zd7
L/vHe1DdEArjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2UyNDEz
NmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRmYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWVmNGIwNjYtZTRkMi00ZTUzLTgzOWUtOGJkZmZi
MTdhNTJiLzQ2OGQ4ZjE5ODg5Yjc4M2JhOTNmMzkzYjIwODRmMTRlYzYwNzYwNzIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZWY0YjA2Ni1lNGQyLTRlNTMtODM5ZS04YmRm
ZmIxN2E1MmIvY2UyNDEzNmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRm
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBzBggrBgEFBQcBBwEB/wRk
MGIwYAQCAAEwWgMEALM9iQMEALM9wAMEALM96AMEALXWHwMEALXWUwMEALXWjgME
ALXWnAMEALXXNwMEAL9ghQMEAL9glwMEAL9gpQMEAL9g3wMEAL9lIQMEAL9lMgME
AL9l8TANBgkqhkiG9w0BAQsFAAOCAQEAjuzKuXuOFm7Q2tGBwTYBAIns9NDDxFSu
5SahCOxQ+vYgAyfZB5AYsPO5gh2U6jmqs6cHyAbdtXg622qiLQgOPVVVLs29weHX
mj8n4+OWopH/aEMUYLcU4Fb8EO6vnLdCIWqDdebJCbmxP16BIPoWzm6IWKp3IidM
S96IrkymnQ+UTH4bo2t7J9ruYhFdMc6YWEWWtdKBpxVcL00ZYJjOxPUO1bsLynUY
QJhqrsN2sGVx2T02gP1NDtO03IXU+MyjcU4HjlWceHTODb9VJ4azeutjBJdVpZyf
XVzQooAsIH+bIs8b9EeWXs3CwkpNlniyVEHEVRmHufuG1vOgG+Ap+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:23 2024 by rpki-client on console-fra.rpki-client.org