Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a32c4240-ceea-470e-964c-74d9bc1e380a/e0ba5ecf857853ec3098e4a843e92ecb7c9a44df.roa
File:                     e0ba5ecf857853ec3098e4a843e92ecb7c9a44df.roa (raw, json)
Hash identifier:          gJxLPugMYzBxqRMxAMIifwtdFkVakk3C4nDkAAWdZmA=
Subject key identifier:   23:83:B1:10:FA:7B:BD:44:BF:98:FF:87:C7:F2:D3:9B:AF:75:BB:85
Certificate issuer:       /CN=7855197f590ff298b52ab358da08a0fdbfe6a883
Certificate serial:       21BC4F
Authority key identifier: 3C:DC:D1:E5:5B:5D:9A:16:FD:75:FF:23:10:FC:F3:D3:86:8A:5A:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7855197f590ff298b52ab358da08a0fdbfe6a883.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a32c4240-ceea-470e-964c-74d9bc1e380a/e0ba5ecf857853ec3098e4a843e92ecb7c9a44df.roa
Signing time:             Fri 09 Jun 2023 18:33:58 +0000
ROA not before:           Thu 08 Jun 2023 18:33:58 +0000
ROA not after:            Mon 09 Jun 2025 18:33:58 +0000
asID:                     19429
IP address blocks:        200.11.40.0/21 maxlen: 24
                          200.119.0.0/17 maxlen: 24
                          201.244.0.0/15 maxlen: 24
                          186.28.0.0/14 maxlen: 24
                          200.69.96.0/19 maxlen: 24
                          186.154.0.0/15 maxlen: 24
                          190.93.128.0/19 maxlen: 24
                          200.93.128.0/18 maxlen: 24
                          190.24.0.0/14 maxlen: 24
                          200.75.32.0/19 maxlen: 24
                          2800:260::/28 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2210895 (0x21bc4f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7855197f590ff298b52ab358da08a0fdbfe6a883
        Validity
            Not Before: Jun  8 18:33:58 2023 GMT
            Not After : Jun  9 18:33:58 2025 GMT
        Subject: CN=e0ba5ecf857853ec3098e4a843e92ecb7c9a44df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:fc:60:6f:49:78:e4:66:87:f4:c4:2c:f5:ae:
                    ee:24:38:77:d6:4f:2d:0e:04:04:14:1d:ca:1d:4b:
                    2c:3f:a2:23:fd:d4:4f:44:68:a4:06:88:3e:e2:82:
                    98:ce:36:c3:8c:24:e7:62:7b:d3:a3:c0:6c:68:72:
                    ef:3e:69:6b:5b:14:f5:d0:e8:4f:f0:39:99:8a:96:
                    19:e3:ac:cb:15:61:50:95:3a:02:d4:44:97:10:03:
                    12:a2:cf:1d:45:ec:09:9e:35:99:28:36:36:5a:b1:
                    7b:31:b3:a8:40:0e:e9:c1:6c:84:d9:0e:5c:67:5b:
                    a2:72:17:70:62:56:53:87:6c:d1:d0:18:0a:9b:fd:
                    93:53:a8:a0:b5:7a:a0:16:75:d6:4b:9d:13:84:ca:
                    52:bf:40:eb:b4:e5:8d:55:4f:9e:f9:fb:39:c2:70:
                    fa:f4:f1:79:3c:c2:1e:1b:08:1b:c7:a2:c6:c4:11:
                    89:a1:17:ac:2c:c3:9a:ac:fc:cc:1e:47:18:38:65:
                    bd:7e:9b:7d:42:a6:20:86:76:50:0d:7b:bc:a1:24:
                    74:79:20:b3:34:88:e7:22:0a:04:3d:bb:cf:b6:88:
                    5a:2d:44:7a:cc:8b:9b:3e:67:29:5b:52:b4:b1:65:
                    83:8e:56:ca:34:ec:93:49:1c:12:a3:62:d1:ce:dd:
                    8f:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:83:B1:10:FA:7B:BD:44:BF:98:FF:87:C7:F2:D3:9B:AF:75:BB:85
            X509v3 Authority Key Identifier:
                keyid:3C:DC:D1:E5:5B:5D:9A:16:FD:75:FF:23:10:FC:F3:D3:86:8A:5A:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7855197f590ff298b52ab358da08a0fdbfe6a883.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a32c4240-ceea-470e-964c-74d9bc1e380a/e0ba5ecf857853ec3098e4a843e92ecb7c9a44df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a32c4240-ceea-470e-964c-74d9bc1e380a/7855197f590ff298b52ab358da08a0fdbfe6a883.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.28.0.0/14
                  186.154.0.0/15
                  190.24.0.0/14
                  190.93.128.0/19
                  200.11.40.0/21
                  200.69.96.0/19
                  200.75.32.0/19
                  200.93.128.0/18
                  200.119.0.0/17
                  201.244.0.0/15
                IPv6:
                  2800:260::/28

    Signature Algorithm: sha256WithRSAEncryption
         92:59:ee:08:e1:ea:38:fa:4b:c0:b9:fb:91:38:2f:cf:37:19:
         a9:81:aa:f6:a7:92:1e:dc:a1:5b:5a:e4:2d:65:b8:a3:eb:28:
         f1:f1:7f:0d:41:f0:72:f5:0c:42:71:10:a1:4e:8d:9c:38:12:
         dd:9b:5a:07:50:97:83:eb:11:98:b7:2e:98:4b:45:80:df:70:
         d7:22:8b:56:d7:23:d6:10:b3:14:ab:6b:a8:55:1c:e0:b2:f1:
         d6:2a:de:65:66:ac:88:39:4a:e7:e1:cc:ec:fa:15:e9:17:99:
         26:0a:87:11:21:6d:10:f9:c5:09:f4:c8:6f:82:b9:bd:35:3d:
         e8:3e:f5:89:29:7c:6a:15:7b:cd:00:47:47:c9:d2:65:9b:c6:
         1a:ad:e1:97:7c:d1:40:f9:84:ba:5e:c5:da:f3:5d:25:d8:64:
         9c:98:17:71:d1:97:f1:a2:7e:5d:5e:bb:cc:83:96:3b:a2:83:
         f0:31:b5:22:4c:89:fd:73:2e:ac:9b:6c:2f:ec:44:3c:05:47:
         5e:30:05:b5:55:34:c1:90:76:da:1b:00:6a:d3:7c:d3:66:c8:
         e3:0d:cd:41:ac:54:b9:09:1f:98:d5:01:65:75:94:1a:9f:fb:
         8a:57:92:b5:c2:42:2d:b6:2a:d7:ba:6f:2d:c7:16:e5:0b:ca:
         8e:40:7a:87
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDIbxPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc4
NTUxOTdmNTkwZmYyOThiNTJhYjM1OGRhMDhhMGZkYmZlNmE4ODMwHhcNMjMwNjA4
MTgzMzU4WhcNMjUwNjA5MTgzMzU4WjAzMTEwLwYDVQQDEyhlMGJhNWVjZjg1Nzg1
M2VjMzA5OGU0YTg0M2U5MmVjYjdjOWE0NGRmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm/xgb0l45GaH9MQs9a7uJDh31k8tDgQEFB3KHUssP6Ij/dRP
RGikBog+4oKYzjbDjCTnYnvTo8BsaHLvPmlrWxT10OhP8DmZipYZ46zLFWFQlToC
1ESXEAMSos8dRewJnjWZKDY2WrF7MbOoQA7pwWyE2Q5cZ1uichdwYlZTh2zR0BgK
m/2TU6igtXqgFnXWS50ThMpSv0DrtOWNVU+e+fs5wnD69PF5PMIeGwgbx6LGxBGJ
oResLMOarPzMHkcYOGW9fpt9QqYghnZQDXu8oSR0eSCzNIjnIgoEPbvPtohaLUR6
zIubPmcpW1K0sWWDjlbKNOyTSRwSo2LRzt2PiQIDAQABo4ICnDCCApgwHQYDVR0O
BBYEFCODsRD6e71Ev5j/h8fy05uvdbuFMB8GA1UdIwQYMBaAFDzc0eVbXZoW/XX/
IxD889OGilrKMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzg1NTE5
N2Y1OTBmZjI5OGI1MmFiMzU4ZGEwOGEwZmRiZmU2YTg4My5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTMyYzQyNDAtY2VlYS00NzBlLTk2NGMtNzRkOWJj
MWUzODBhL2UwYmE1ZWNmODU3ODUzZWMzMDk4ZTRhODQzZTkyZWNiN2M5YTQ0ZGYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMzJjNDI0MC1jZWVhLTQ3MGUtOTY0Yy03NGQ5
YmMxZTM4MGEvNzg1NTE5N2Y1OTBmZjI5OGI1MmFiMzU4ZGEwOGEwZmRiZmU2YTg4
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBggrBgEFBQcBBwEB/wRR
ME8wPgQCAAEwOAMDArocAwMBupoDAwK+GAMEBb5dgAMEA8gLKAMEBchFYAMEBchL
IAMEBshdgAMEB8h3AAMDAcn0MA0EAgACMAcDBQQoAAJgMA0GCSqGSIb3DQEBCwUA
A4IBAQCSWe4I4eo4+kvAufuROC/PNxmpgar2p5Ie3KFbWuQtZbij6yjx8X8NQfBy
9QxCcRChTo2cOBLdm1oHUJeD6xGYty6YS0WA33DXIotW1yPWELMUq2uoVRzgsvHW
Kt5lZqyIOUrn4czs+hXpF5kmCocRIW0Q+cUJ9Mhvgrm9NT3oPvWJKXxqFXvNAEdH
ydJlm8YareGXfNFA+YS6XsXa810l2GScmBdx0Zfxon5dXrvMg5Y7ooPwMbUiTIn9
cy6sm2wv7EQ8BUdeMAW1VTTBkHbaGwBq03zTZsjjDc1BrFS5CR+Y1QFldZQan/uK
V5K1wkIttirXum8txxblC8qOQHqH
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:00 2024 by rpki-client on console-fra.rpki-client.org