Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/04d727f25667d8e4a5dd3f6ec04d04423a3aec5a.roa
File:                     04d727f25667d8e4a5dd3f6ec04d04423a3aec5a.roa (raw, json)
Hash identifier:          V1/yNyL06WamXupjtdCnMpW2pmRtQQNdoewRaOZ4cko=
Subject key identifier:   E6:11:CD:E6:7A:2F:02:11:BE:EE:C4:5B:54:27:7F:F0:8D:B2:C9:08
Certificate issuer:       /CN=1866c45b21787e12af4deafc085303e786f50b2f
Certificate serial:       2D985C
Authority key identifier: C2:D2:73:A6:7C:06:1F:63:0B:31:28:A0:40:4C:BE:EC:ED:22:31:88
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1866c45b21787e12af4deafc085303e786f50b2f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/04d727f25667d8e4a5dd3f6ec04d04423a3aec5a.roa
Signing time:             Sun 17 Mar 2024 18:43:44 +0000
ROA not before:           Sun 17 Mar 2024 18:42:19 +0000
ROA not after:            Sat 17 Mar 2029 18:42:19 +0000
asID:                     14080
IP address blocks:        190.144.192.0/19 maxlen: 19
                          181.49.224.0/19 maxlen: 29
                          186.85.72.0/22 maxlen: 24
                          200.118.0.0/16 maxlen: 24
                          186.145.4.0/22 maxlen: 24
                          190.84.213.0/24 maxlen: 24
                          190.84.214.0/24 maxlen: 24
                          190.158.6.0/24 maxlen: 24
                          190.158.7.0/24 maxlen: 24
                          190.158.10.0/24 maxlen: 24
                          190.158.11.0/24 maxlen: 24
                          190.159.0.0/16 maxlen: 24
                          190.157.216.0/22 maxlen: 24
                          186.84.72.0/22 maxlen: 24
                          181.61.232.0/22 maxlen: 24
                          186.84.152.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2988124 (0x2d985c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1866c45b21787e12af4deafc085303e786f50b2f
        Validity
            Not Before: Mar 17 18:42:19 2024 GMT
            Not After : Mar 17 18:42:19 2029 GMT
        Subject: CN=04d727f25667d8e4a5dd3f6ec04d04423a3aec5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:52:a8:b3:3b:93:28:95:6d:3c:77:2d:0f:28:
                    26:6a:1a:b2:e4:57:ca:7a:81:33:a8:b2:04:c9:69:
                    7f:5f:49:73:c9:d6:cd:35:09:19:69:9a:17:07:17:
                    99:17:ac:ae:ac:1f:24:b0:44:d3:98:0b:29:ad:67:
                    b7:60:5e:4d:02:99:a5:c2:0b:38:d8:30:84:1e:85:
                    85:eb:44:67:e0:4c:8a:bc:2c:cc:8f:01:48:f5:02:
                    fc:b7:91:0a:a9:60:88:0d:9b:47:9d:fd:35:f7:50:
                    b0:52:5b:10:d0:9c:5f:2e:60:21:15:f1:38:dd:f6:
                    2d:e9:e2:67:20:cd:f8:63:12:34:68:5c:5f:8a:8b:
                    63:0f:8e:fb:7c:a3:d9:ee:2c:c6:87:c3:62:68:62:
                    35:76:c2:f9:36:7c:74:e0:bc:cf:df:5c:ee:24:2e:
                    db:59:a1:47:c9:e1:bd:bb:87:64:46:d9:3d:2d:78:
                    a7:7e:e7:49:52:a6:fc:19:88:32:90:fe:7b:ce:60:
                    64:94:66:ec:78:5a:37:bf:86:c7:ec:68:c0:8d:be:
                    7c:71:83:eb:bc:01:d0:f4:e1:d7:39:83:6f:bd:d7:
                    51:af:c9:2a:88:3e:fa:81:ca:8b:5f:0e:b6:f1:da:
                    90:b6:d7:72:1f:bf:79:00:bf:2e:98:54:c7:06:8e:
                    94:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:11:CD:E6:7A:2F:02:11:BE:EE:C4:5B:54:27:7F:F0:8D:B2:C9:08
            X509v3 Authority Key Identifier:
                keyid:C2:D2:73:A6:7C:06:1F:63:0B:31:28:A0:40:4C:BE:EC:ED:22:31:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1866c45b21787e12af4deafc085303e786f50b2f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/04d727f25667d8e4a5dd3f6ec04d04423a3aec5a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/1866c45b21787e12af4deafc085303e786f50b2f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.49.224.0/19
                  181.61.232.0/22
                  186.84.72.0/22
                  186.84.152.0/22
                  186.85.72.0/22
                  186.145.4.0/22
                  190.84.213.0-190.84.214.255
                  190.144.192.0/19
                  190.157.216.0/22
                  190.158.6.0/23
                  190.158.10.0/23
                  190.159.0.0/16
                  200.118.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         62:96:02:a4:3e:46:a2:61:24:a3:12:c0:e6:76:67:f2:59:06:
         c5:9d:88:0b:a1:ba:d1:b2:ad:fb:6a:37:8e:59:12:8c:37:5a:
         9a:46:9a:bc:80:aa:06:b3:9e:cd:9f:6e:d9:04:47:09:92:fd:
         37:72:56:32:8f:3d:87:62:2c:d0:f3:d2:15:cf:f1:60:25:01:
         8c:6d:70:f7:40:50:3d:06:c3:05:d5:4b:51:ce:98:38:a7:73:
         cb:bf:a5:da:21:b5:bd:49:48:cc:32:1e:40:a8:72:2d:4c:46:
         f9:b9:de:68:50:08:4f:63:32:01:0c:ba:d3:f2:0b:a6:8f:58:
         ed:bc:3f:ed:22:b7:ba:20:92:c9:37:18:27:dc:9d:45:40:e2:
         1a:3b:55:82:27:50:28:1e:e5:fc:51:9f:aa:22:b3:4f:39:79:
         e5:aa:3a:64:97:d5:be:8e:03:bf:1d:ec:32:92:a5:e0:5e:68:
         39:41:1f:df:28:dd:7c:c9:b4:33:a5:66:83:1e:2c:5b:ab:3e:
         1a:7b:1b:7f:19:44:56:e6:92:f0:d2:30:15:56:f9:94:31:45:
         2b:58:a9:62:3d:d9:49:55:68:4b:c8:fc:b9:9a:be:b8:df:8e:
         b4:1a:b9:be:17:7e:38:1e:34:ff:89:1a:c5:e1:1d:74:f1:27:
         06:7a:f7:bf
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIDLZhcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE4
NjZjNDViMjE3ODdlMTJhZjRkZWFmYzA4NTMwM2U3ODZmNTBiMmYwHhcNMjQwMzE3
MTg0MjE5WhcNMjkwMzE3MTg0MjE5WjAzMTEwLwYDVQQDEygwNGQ3MjdmMjU2Njdk
OGU0YTVkZDNmNmVjMDRkMDQ0MjNhM2FlYzVhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoVKoszuTKJVtPHctDygmahqy5FfKeoEzqLIEyWl/X0lzydbN
NQkZaZoXBxeZF6yurB8ksETTmAsprWe3YF5NApmlwgs42DCEHoWF60Rn4EyKvCzM
jwFI9QL8t5EKqWCIDZtHnf0191CwUlsQ0JxfLmAhFfE43fYt6eJnIM34YxI0aFxf
iotjD477fKPZ7izGh8NiaGI1dsL5Nnx04LzP31zuJC7bWaFHyeG9u4dkRtk9LXin
fudJUqb8GYgykP57zmBklGbseFo3v4bH7GjAjb58cYPrvAHQ9OHXOYNvvddRr8kq
iD76gcqLXw628dqQttdyH795AL8umFTHBo6U8QIDAQABo4ICqTCCAqUwHQYDVR0O
BBYEFOYRzeZ6LwIRvu7EW1Qnf/CNsskIMB8GA1UdIwQYMBaAFMLSc6Z8Bh9jCzEo
oEBMvuztIjGIMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTg2NmM0
NWIyMTc4N2UxMmFmNGRlYWZjMDg1MzAzZTc4NmY1MGIyZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDI0MTliOTItZmJiYS00MDRiLWEyMjktZjM4NjVk
NTdhNDZhLzA0ZDcyN2YyNTY2N2Q4ZTRhNWRkM2Y2ZWMwNGQwNDQyM2EzYWVjNWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMjQxOWI5Mi1mYmJhLTQwNGItYTIyOS1mMzg2
NWQ1N2E0NmEvMTg2NmM0NWIyMTc4N2UxMmFmNGRlYWZjMDg1MzAzZTc4NmY1MGIy
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBtBggrBgEFBQcBBwEB/wRe
MFwwWgQCAAEwVAMEBbUx4AMEArU96AMEArpUSAMEArpUmAMEArpVSAMEArqRBDAM
AwQAvlTVAwQAvlTWAwQFvpDAAwQCvp3YAwQBvp4GAwQBvp4KAwMAvp8DAwDIdjAN
BgkqhkiG9w0BAQsFAAOCAQEAYpYCpD5GomEkoxLA5nZn8lkGxZ2IC6G60bKt+2o3
jlkSjDdamkaavICqBrOezZ9u2QRHCZL9N3JWMo89h2Is0PPSFc/xYCUBjG1w90BQ
PQbDBdVLUc6YOKdzy7+l2iG1vUlIzDIeQKhyLUxG+bneaFAIT2MyAQy60/ILpo9Y
7bw/7SK3uiCSyTcYJ9ydRUDiGjtVgidQKB7l/FGfqiKzTzl55ao6ZJfVvo4Dvx3s
MpKl4F5oOUEf3yjdfMm0M6Vmgx4sW6s+GnsbfxlEVuaS8NIwFVb5lDFFK1ipYj3Z
SVVoS8j8uZq+uN+OtBq5vhd+OB40/4kaxeEddPEnBnr3vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:53 2024 by rpki-client on console-ams.rpki-client.org