Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bef91ee1-4224-4c1c-aee6-5ce138641c48/14989d50dc70f1033735efe558d3b4ae643e23e1.roa
File:                     14989d50dc70f1033735efe558d3b4ae643e23e1.roa (raw, json)
Hash identifier:          8oNzWSHB51cjcBBnHhwdAVeo2a+qjWgEV6GFk7UKrUk=
Subject key identifier:   82:0F:48:96:9E:5B:9D:AF:23:48:07:77:61:81:C7:EB:65:AD:E2:4B
Certificate issuer:       /CN=c4935075ec435dbda09406df9fa324ff802f1d14
Certificate serial:       219A4E
Authority key identifier: 76:83:16:F0:88:5D:BF:BD:21:FF:F5:2D:ED:2B:87:BE:D1:53:D7:ED
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c4935075ec435dbda09406df9fa324ff802f1d14.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bef91ee1-4224-4c1c-aee6-5ce138641c48/14989d50dc70f1033735efe558d3b4ae643e23e1.roa
Signing time:             Thu 15 Jun 2023 16:42:10 +0000
ROA not before:           Wed 14 Jun 2023 16:42:09 +0000
ROA not after:            Sun 15 Jun 2025 16:42:09 +0000
asID:                     26617
IP address blocks:        190.111.0.0/20 maxlen: 24
                          190.111.16.0/24 maxlen: 24
                          200.35.160.0/22 maxlen: 24
                          200.35.164.0/24 maxlen: 24
                          200.35.167.0/24 maxlen: 24
                          200.35.168.0/21 maxlen: 24
                          200.35.176.0/22 maxlen: 24
                          200.35.180.0/23 maxlen: 24
                          200.35.182.0/24 maxlen: 24
                          190.111.18.0/23 maxlen: 24
                          190.111.20.0/22 maxlen: 24
                          200.35.184.0/22 maxlen: 24
                          200.35.188.0/23 maxlen: 24
                          200.35.190.0/24 maxlen: 24
                          190.111.25.0/24 maxlen: 24
                          190.111.26.0/23 maxlen: 24
                          190.111.28.0/24 maxlen: 24
                          181.189.129.0/24 maxlen: 24
                          181.189.130.0/23 maxlen: 24
                          190.14.0.0/23 maxlen: 24
                          181.189.159.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2202190 (0x219a4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4935075ec435dbda09406df9fa324ff802f1d14
        Validity
            Not Before: Jun 14 16:42:09 2023 GMT
            Not After : Jun 15 16:42:09 2025 GMT
        Subject: CN=14989d50dc70f1033735efe558d3b4ae643e23e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b6:6e:2e:da:a4:45:05:be:06:23:a3:97:87:
                    d5:4b:32:f9:d1:d2:7c:16:21:e5:7e:34:7d:88:a6:
                    76:c4:3c:17:93:92:a0:a5:4c:e1:5e:48:2d:0f:a0:
                    2f:86:48:6e:d6:f8:48:58:10:50:43:fd:c3:63:bf:
                    8c:52:1e:6c:eb:fc:ab:f6:31:4e:1f:76:92:b5:28:
                    14:a9:a6:94:8f:e0:8a:e6:22:08:27:d1:ec:c5:ea:
                    41:d1:67:d3:bd:eb:eb:77:08:4f:07:97:84:61:2d:
                    92:92:16:a7:9e:ef:d7:21:89:37:63:bb:36:01:16:
                    d0:d9:fd:ac:95:6c:92:dc:8d:e1:0f:7e:81:ef:f1:
                    c2:0b:12:c3:55:06:19:ee:f4:86:7d:a2:77:1f:b8:
                    f8:51:aa:9c:4d:1a:b2:1f:94:95:a2:e5:d0:ac:e7:
                    1a:71:b8:37:a6:ec:fd:d1:f5:b0:0a:11:50:91:b2:
                    c2:11:22:f2:5d:08:21:4b:ab:d8:4d:21:f1:09:88:
                    8e:1e:be:f8:c8:6c:0e:df:94:b3:52:2a:c7:ac:5c:
                    63:e3:21:d9:33:e1:19:96:20:87:2f:60:47:61:80:
                    e2:1c:61:fe:cd:c2:61:9c:e6:d9:9e:28:85:c9:ca:
                    6a:4f:d3:95:e5:71:94:2e:a5:5b:48:53:c2:8b:6a:
                    f3:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:0F:48:96:9E:5B:9D:AF:23:48:07:77:61:81:C7:EB:65:AD:E2:4B
            X509v3 Authority Key Identifier:
                keyid:76:83:16:F0:88:5D:BF:BD:21:FF:F5:2D:ED:2B:87:BE:D1:53:D7:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c4935075ec435dbda09406df9fa324ff802f1d14.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bef91ee1-4224-4c1c-aee6-5ce138641c48/14989d50dc70f1033735efe558d3b4ae643e23e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bef91ee1-4224-4c1c-aee6-5ce138641c48/c4935075ec435dbda09406df9fa324ff802f1d14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.189.129.0-181.189.131.255
                  181.189.159.0/24
                  190.14.0.0/23
                  190.111.0.0-190.111.16.255
                  190.111.18.0-190.111.23.255
                  190.111.25.0-190.111.28.255
                  200.35.160.0-200.35.164.255
                  200.35.167.0-200.35.182.255
                  200.35.184.0-200.35.190.255

    Signature Algorithm: sha256WithRSAEncryption
         89:f9:1e:7d:86:9e:2e:49:64:84:f4:d8:dc:91:d6:ee:ae:6d:
         2d:8e:25:a0:83:4d:de:14:ef:45:d1:37:ef:6e:3b:e7:e6:6b:
         c7:32:f7:42:9f:08:8a:f5:a4:23:35:f6:3d:08:6f:d5:a0:66:
         02:b9:f4:75:9a:e4:02:46:aa:c3:34:8a:46:40:99:68:8b:a3:
         18:0b:0e:f3:56:4a:27:04:92:10:2b:0c:83:36:d9:fb:f8:6c:
         eb:ab:b4:58:56:57:3f:6a:67:7e:8d:96:8d:ad:a0:46:91:5c:
         e4:a5:2b:be:9f:6f:1b:f9:e0:c7:64:38:d4:8d:86:12:3c:ee:
         a6:6b:dd:bb:84:60:ca:5f:b3:ba:42:8c:39:96:f1:cb:72:58:
         45:17:84:b5:97:c7:9d:9c:f0:65:97:ac:4c:9f:72:3e:2b:a7:
         d8:79:19:8e:12:45:2d:2e:e3:5c:dc:25:af:95:9b:b7:12:06:
         d9:74:84:10:e3:b7:e0:4b:a6:72:10:50:0f:4f:50:ac:51:5f:
         6e:ff:95:5f:c0:1a:7c:16:65:6f:9a:9b:fd:b2:b7:a2:60:7f:
         3a:20:ec:60:3b:4c:23:76:94:ab:83:0e:02:8e:b4:7a:bd:87:
         fe:ad:24:f9:10:0b:03:d0:30:65:94:05:29:5d:8e:70:06:cd:
         a4:e9:04:ca
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgIDIZpOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM0
OTM1MDc1ZWM0MzVkYmRhMDk0MDZkZjlmYTMyNGZmODAyZjFkMTQwHhcNMjMwNjE0
MTY0MjA5WhcNMjUwNjE1MTY0MjA5WjAzMTEwLwYDVQQDEygxNDk4OWQ1MGRjNzBm
MTAzMzczNWVmZTU1OGQzYjRhZTY0M2UyM2UxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl7ZuLtqkRQW+BiOjl4fVSzL50dJ8FiHlfjR9iKZ2xDwXk5Kg
pUzhXkgtD6Avhkhu1vhIWBBQQ/3DY7+MUh5s6/yr9jFOH3aStSgUqaaUj+CK5iII
J9HsxepB0WfTvevrdwhPB5eEYS2Skhannu/XIYk3Y7s2ARbQ2f2slWyS3I3hD36B
7/HCCxLDVQYZ7vSGfaJ3H7j4UaqcTRqyH5SVouXQrOcacbg3puz90fWwChFQkbLC
ESLyXQghS6vYTSHxCYiOHr74yGwO35SzUirHrFxj4yHZM+EZliCHL2BHYYDiHGH+
zcJhnObZniiFycpqT9OV5XGULqVbSFPCi2rzGwIDAQABo4ICwzCCAr8wHQYDVR0O
BBYEFIIPSJaeW52vI0gHd2GBx+tlreJLMB8GA1UdIwQYMBaAFHaDFvCIXb+9If/1
Le0rh77RU9ftMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzQ5MzUw
NzVlYzQzNWRiZGEwOTQwNmRmOWZhMzI0ZmY4MDJmMWQxNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmVmOTFlZTEtNDIyNC00YzFjLWFlZTYtNWNlMTM4
NjQxYzQ4LzE0OTg5ZDUwZGM3MGYxMDMzNzM1ZWZlNTU4ZDNiNGFlNjQzZTIzZTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iZWY5MWVlMS00MjI0LTRjMWMtYWVlNi01Y2Ux
Mzg2NDFjNDgvYzQ5MzUwNzVlYzQzNWRiZGEwOTQwNmRmOWZhMzI0ZmY4MDJmMWQx
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBhgYIKwYBBQUHAQcBAf8E
dzB1MHMEAgABMG0wDAMEALW9gQMEArW9gAMEALW9nwMEAb4OADALAwMAvm8DBAC+
bxAwDAMEAb5vEgMEA75vEDAMAwQAvm8ZAwQAvm8cMAwDBAXII6ADBADII6QwDAME
AMgjpwMEAMgjtjAMAwQDyCO4AwQAyCO+MA0GCSqGSIb3DQEBCwUAA4IBAQCJ+R59
hp4uSWSE9Njckdburm0tjiWgg03eFO9F0Tfvbjvn5mvHMvdCnwiK9aQjNfY9CG/V
oGYCufR1muQCRqrDNIpGQJloi6MYCw7zVkonBJIQKwyDNtn7+Gzrq7RYVlc/amd+
jZaNraBGkVzkpSu+n28b+eDHZDjUjYYSPO6ma927hGDKX7O6Qow5lvHLclhFF4S1
l8ednPBll6xMn3I+K6fYeRmOEkUtLuNc3CWvlZu3EgbZdIQQ47fgS6ZyEFAPT1Cs
UV9u/5VfwBp8FmVvmpv9sreiYH86IOxgO0wjdpSrgw4CjrR6vYf+rST5EAsD0DBl
lAUpXY5wBs2k6QTK
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:03 2024 by rpki-client on console-fra.rpki-client.org