Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b7e2cbcb-4e1e-4451-ba9f-b839acb5a75f/7f3be158a436523b5e8327ab6ff656854aebf022.roa
File:                     7f3be158a436523b5e8327ab6ff656854aebf022.roa (raw, json)
Hash identifier:          5yNeaRqeOJV6bAoJBhnwhBcLghOxirU32tLZ1Ne4vOc=
Subject key identifier:   9A:DE:AC:A4:E3:11:16:44:0F:28:05:E3:AF:11:9A:1F:CF:DB:D9:A6
Certificate issuer:       /CN=c376ce9732a7f8438a8728863d42624058e18390
Certificate serial:       1065F3
Authority key identifier: D1:A6:22:E9:31:1A:89:37:4E:F7:42:9E:B6:EB:2C:D4:16:A2:54:92
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c376ce9732a7f8438a8728863d42624058e18390.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b7e2cbcb-4e1e-4451-ba9f-b839acb5a75f/7f3be158a436523b5e8327ab6ff656854aebf022.roa
Signing time:             Fri 09 Jul 2021 19:45:49 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Fri 24 Mar 2023 03:00:00 +0000
asID:                     18747
IP address blocks:        200.73.1.0/24 maxlen: 24
                          200.73.12.0/24 maxlen: 24
                          200.73.13.0/24 maxlen: 24
                          200.73.14.0/24 maxlen: 24
                          200.73.17.0/24 maxlen: 24
                          200.73.2.0/24 maxlen: 24
                          200.73.21.0/24 maxlen: 24
                          200.73.28.0/24 maxlen: 24
                          200.73.3.0/24 maxlen: 24
                          200.73.31.0/24 maxlen: 24
                          200.73.33.0/24 maxlen: 24
                          200.73.5.0/24 maxlen: 24
                          200.73.55.0/24 maxlen: 24
                          200.73.6.0/24 maxlen: 24
                          200.73.64.0/24 maxlen: 24
                          200.73.66.0/24 maxlen: 24
                          200.73.7.0/24 maxlen: 24
                          200.73.70.0/24 maxlen: 24
                          200.73.76.0/24 maxlen: 24
                          200.73.8.0/24 maxlen: 24
                          200.73.81.0/24 maxlen: 24
                          200.73.83.0/24 maxlen: 24
                          200.73.84.0/24 maxlen: 24
                          200.73.93.0/24 maxlen: 24
                          216.241.0.0/24 maxlen: 24
                          216.241.11.0/24 maxlen: 24
                          216.241.13.0/24 maxlen: 24
                          216.241.14.0/24 maxlen: 24
                          216.241.17.0/24 maxlen: 24
                          216.241.2.0/24 maxlen: 24
                          216.241.25.0/24 maxlen: 24
                          216.241.26.0/24 maxlen: 24
                          216.241.29.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1074675 (0x1065f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c376ce9732a7f8438a8728863d42624058e18390
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2023 GMT
        Subject: CN=7f3be158a436523b5e8327ab6ff656854aebf022
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:01:43:96:99:a4:51:90:2e:0d:39:9f:f7:77:
                    bb:53:33:27:f9:7d:67:ef:36:cd:f7:70:b3:17:ff:
                    ed:b2:db:37:6f:45:b6:f7:90:a9:17:d6:7d:ef:09:
                    1b:69:cf:2e:8e:2a:03:56:c4:05:1d:d1:fb:00:23:
                    56:a6:20:48:cf:c1:6c:33:c1:6f:cb:63:30:4d:d3:
                    09:cd:0b:b0:d6:46:c0:8e:0b:21:98:d9:01:ec:47:
                    32:41:29:ae:e0:9b:46:80:c5:72:fd:20:70:eb:10:
                    92:6f:c3:a9:0f:d6:e0:a0:7e:23:f3:8a:66:c8:14:
                    0b:a3:38:e8:43:de:00:09:27:a7:33:c5:16:79:88:
                    fc:2e:0b:39:84:a0:2d:df:ff:ff:8e:31:56:0c:63:
                    92:5d:d0:18:92:74:78:b3:cb:34:31:05:63:07:55:
                    31:32:ef:cd:07:8a:12:07:1a:77:2c:e5:1f:ab:7e:
                    6d:47:78:43:84:95:d2:1c:b9:a0:9b:b8:27:be:4c:
                    a0:4a:49:05:d2:ae:03:67:3a:ac:da:c7:7f:dd:59:
                    17:93:e4:d2:92:41:f2:f5:39:6a:5a:91:c8:8b:eb:
                    3a:2b:c1:ce:74:fb:fc:0c:34:63:95:c6:ff:9f:ab:
                    77:06:cc:9c:21:21:d5:5b:a1:3f:d7:74:1f:4b:bf:
                    13:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:DE:AC:A4:E3:11:16:44:0F:28:05:E3:AF:11:9A:1F:CF:DB:D9:A6
            X509v3 Authority Key Identifier:
                keyid:D1:A6:22:E9:31:1A:89:37:4E:F7:42:9E:B6:EB:2C:D4:16:A2:54:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c376ce9732a7f8438a8728863d42624058e18390.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b7e2cbcb-4e1e-4451-ba9f-b839acb5a75f/7f3be158a436523b5e8327ab6ff656854aebf022.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b7e2cbcb-4e1e-4451-ba9f-b839acb5a75f/c376ce9732a7f8438a8728863d42624058e18390.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.73.1.0-200.73.3.255
                  200.73.5.0-200.73.8.255
                  200.73.12.0-200.73.14.255
                  200.73.17.0/24
                  200.73.21.0/24
                  200.73.28.0/24
                  200.73.31.0/24
                  200.73.33.0/24
                  200.73.55.0/24
                  200.73.64.0/24
                  200.73.66.0/24
                  200.73.70.0/24
                  200.73.76.0/24
                  200.73.81.0/24
                  200.73.83.0-200.73.84.255
                  200.73.93.0/24
                  216.241.0.0/24
                  216.241.2.0/24
                  216.241.11.0/24
                  216.241.13.0-216.241.14.255
                  216.241.17.0/24
                  216.241.25.0-216.241.26.255
                  216.241.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:52:40:13:b9:37:aa:9f:42:c6:67:65:9e:a1:78:4b:1c:99:
         c7:20:f7:20:04:0f:30:31:7b:a2:41:bc:94:c1:20:73:db:be:
         62:a6:65:55:25:bd:a6:22:3f:ac:a0:0e:7b:62:29:cf:77:fe:
         fa:94:73:b5:93:d9:cb:1a:5f:6a:ea:96:f4:15:69:be:34:44:
         9d:c9:70:84:49:db:a1:56:99:99:4b:11:91:13:35:76:aa:a6:
         39:6e:a9:cf:d1:e5:46:d0:dc:39:8e:d4:77:7f:d6:12:ba:80:
         f0:f8:17:4a:40:d2:88:84:e4:6b:95:04:f5:3c:d6:51:51:7c:
         0e:a8:17:b7:f5:11:b7:8d:a5:2d:bd:7b:fa:bf:98:ec:d6:53:
         5d:6f:83:26:0b:c7:37:26:b4:33:3f:32:33:a3:43:83:38:9e:
         3f:c0:9d:63:c8:a9:e3:65:d1:25:a8:63:f1:35:ab:8e:5b:e5:
         1c:1f:66:a6:89:3b:0d:b3:f9:b0:89:da:06:05:99:79:cb:ef:
         c1:04:94:4f:74:3a:fb:ae:c7:9a:96:e3:36:1d:f2:92:4c:e3:
         fe:41:02:c8:7e:b8:35:d8:32:b1:a8:ce:da:34:13:ca:55:4b:
         a0:35:3d:4f:e2:d7:6b:a1:64:0f:b4:cc:9d:9e:08:32:08:da:
         f9:36:ce:08
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIDEGXzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMz
NzZjZTk3MzJhN2Y4NDM4YTg3Mjg4NjNkNDI2MjQwNThlMTgzOTAwHhcNMjEwMzI0
MDMwMDAwWhcNMjMwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg3ZjNiZTE1OGE0MzY1
MjNiNWU4MzI3YWI2ZmY2NTY4NTRhZWJmMDIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtQFDlpmkUZAuDTmf93e7UzMn+X1n7zbN93CzF//tsts3b0W2
95CpF9Z97wkbac8ujioDVsQFHdH7ACNWpiBIz8FsM8Fvy2MwTdMJzQuw1kbAjgsh
mNkB7EcyQSmu4JtGgMVy/SBw6xCSb8OpD9bgoH4j84pmyBQLozjoQ94ACSenM8UW
eYj8Lgs5hKAt3///jjFWDGOSXdAYknR4s8s0MQVjB1UxMu/NB4oSBxp3LOUfq35t
R3hDhJXSHLmgm7gnvkygSkkF0q4DZzqs2sd/3VkXk+TSkkHy9TlqWpHIi+s6K8HO
dPv8DDRjlcb/n6t3BsycISHVW6E/13QfS78TUwIDAQABo4IDFDCCAxAwHQYDVR0O
BBYEFJrerKTjERZEDygF468Rmh/P29mmMB8GA1UdIwQYMBaAFNGmIukxGok3TvdC
nrbrLNQWolSSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzM3NmNl
OTczMmE3Zjg0MzhhODcyODg2M2Q0MjYyNDA1OGUxODM5MC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjdlMmNiY2ItNGUxZS00NDUxLWJhOWYtYjgzOWFj
YjVhNzVmLzdmM2JlMTU4YTQzNjUyM2I1ZTgzMjdhYjZmZjY1Njg1NGFlYmYwMjIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iN2UyY2JjYi00ZTFlLTQ0NTEtYmE5Zi1iODM5
YWNiNWE3NWYvYzM3NmNlOTczMmE3Zjg0MzhhODcyODg2M2Q0MjYyNDA1OGUxODM5
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB1wYIKwYBBQUHAQcBAf8E
gccwgcQwgcEEAgABMIG6MAwDBADISQEDBALISQAwDAMEAMhJBQMEAMhJCDAMAwQC
yEkMAwQAyEkOAwQAyEkRAwQAyEkVAwQAyEkcAwQAyEkfAwQAyEkhAwQAyEk3AwQA
yElAAwQAyElCAwQAyElGAwQAyElMAwQAyElRMAwDBADISVMDBADISVQDBADISV0D
BADY8QADBADY8QIDBADY8QswDAMEANjxDQMEANjxDgMEANjxETAMAwQA2PEZAwQA
2PEaAwQA2PEdMA0GCSqGSIb3DQEBCwUAA4IBAQAIUkATuTeqn0LGZ2WeoXhLHJnH
IPcgBA8wMXuiQbyUwSBz275ipmVVJb2mIj+soA57YinPd/76lHO1k9nLGl9q6pb0
FWm+NESdyXCESduhVpmZSxGREzV2qqY5bqnP0eVG0Nw5jtR3f9YSuoDw+BdKQNKI
hORrlQT1PNZRUXwOqBe39RG3jaUtvXv6v5js1lNdb4MmC8c3JrQzPzIzo0ODOJ4/
wJ1jyKnjZdElqGPxNauOW+UcH2amiTsNs/mwidoGBZl5y+/BBJRPdDr7rsealuM2
HfKSTOP+QQLIfrg12DKxqM7aNBPKVUugNT1P4tdroWQPtMydnggyCNr5Ns4I
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:02 2024 by rpki-client on console-fra.rpki-client.org