Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/0b156d35f54d3cceea572624cc708d09df094f4c.roa
File:                     0b156d35f54d3cceea572624cc708d09df094f4c.roa (raw, json)
Hash identifier:          Ov/HJbdLQEYJf6lubSejvk7Oi6k3RI2Qikjht+GqeYo=
Subject key identifier:   02:74:ED:E4:F7:EC:FA:5E:C1:22:15:D4:21:8F:36:91:0C:5E:93:61
Certificate issuer:       /CN=1866c45b21787e12af4deafc085303e786f50b2f
Certificate serial:       2D6013
Authority key identifier: C2:D2:73:A6:7C:06:1F:63:0B:31:28:A0:40:4C:BE:EC:ED:22:31:88
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1866c45b21787e12af4deafc085303e786f50b2f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/0b156d35f54d3cceea572624cc708d09df094f4c.roa
Signing time:             Sun 17 Mar 2024 18:43:02 +0000
ROA not before:           Sun 17 Mar 2024 18:42:19 +0000
ROA not after:            Sat 17 Mar 2029 18:42:19 +0000
asID:                     14080
IP address blocks:        186.86.28.0/22 maxlen: 24
                          186.144.124.0/22 maxlen: 24
                          190.147.138.0/23 maxlen: 24
                          186.144.32.0/22 maxlen: 24
                          190.156.206.0/23 maxlen: 24
                          181.51.20.0/22 maxlen: 24
                          186.87.108.0/22 maxlen: 24
                          186.145.0.0/16 maxlen: 24
                          186.81.102.0/23 maxlen: 24
                          186.81.196.0/22 maxlen: 22
                          190.84.28.0/22 maxlen: 22
                          190.156.48.0/22 maxlen: 22
                          190.159.136.0/22 maxlen: 22
                          200.118.236.0/22 maxlen: 22
                          190.144.224.0/19 maxlen: 19
                          181.56.28.0/22 maxlen: 22
                          186.83.68.0/22 maxlen: 22
                          186.85.83.0/24 maxlen: 24
                          186.87.228.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2973715 (0x2d6013)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1866c45b21787e12af4deafc085303e786f50b2f
        Validity
            Not Before: Mar 17 18:42:19 2024 GMT
            Not After : Mar 17 18:42:19 2029 GMT
        Subject: CN=0b156d35f54d3cceea572624cc708d09df094f4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:cc:55:f7:fe:68:5a:da:a1:fa:ff:1f:d7:7e:
                    ef:17:2f:06:41:6c:49:a8:87:41:61:86:da:1e:0b:
                    6f:5b:a9:01:2e:a6:55:a0:d5:69:1a:de:ed:4c:13:
                    89:38:54:8f:05:cf:02:c2:bd:58:33:a8:73:db:cb:
                    d4:a7:4f:aa:2c:c0:6a:17:d8:f7:d7:d2:46:83:c6:
                    a2:63:5f:81:f5:9b:75:32:75:23:50:87:3d:0a:ff:
                    c6:5c:3c:48:d3:b0:85:5b:ec:6d:c1:cf:36:71:93:
                    83:b6:0d:95:b8:31:18:0f:69:8a:29:63:51:57:f0:
                    ba:3b:66:1b:4e:2b:d5:4e:12:72:a4:3b:53:3e:c1:
                    03:03:51:0e:e3:5d:f0:06:5e:0f:96:35:d2:c4:cc:
                    b2:e5:8d:72:95:a6:91:ea:6d:c1:d0:4e:6b:8a:f7:
                    67:24:b7:57:05:46:97:fd:78:d3:5d:9c:a9:12:b1:
                    cb:ae:18:64:76:b1:67:71:2a:20:76:c0:67:a9:85:
                    09:b1:f5:3a:48:90:07:58:dc:a0:13:a2:dc:39:40:
                    2f:f2:8c:87:3e:5b:b5:71:72:64:b8:dc:89:95:e7:
                    ef:11:73:f9:da:e3:84:54:7a:86:ea:98:f5:67:bf:
                    36:bf:1e:31:b2:3d:76:3e:c1:f0:0d:64:11:5b:dd:
                    3f:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:74:ED:E4:F7:EC:FA:5E:C1:22:15:D4:21:8F:36:91:0C:5E:93:61
            X509v3 Authority Key Identifier:
                keyid:C2:D2:73:A6:7C:06:1F:63:0B:31:28:A0:40:4C:BE:EC:ED:22:31:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1866c45b21787e12af4deafc085303e786f50b2f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/0b156d35f54d3cceea572624cc708d09df094f4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/1866c45b21787e12af4deafc085303e786f50b2f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.51.20.0/22
                  181.56.28.0/22
                  186.81.102.0/23
                  186.81.196.0/22
                  186.83.68.0/22
                  186.85.83.0/24
                  186.86.28.0/22
                  186.87.108.0/22
                  186.87.228.0/22
                  186.144.32.0/22
                  186.144.124.0/22
                  186.145.0.0/16
                  190.84.28.0/22
                  190.144.224.0/19
                  190.147.138.0/23
                  190.156.48.0/22
                  190.156.206.0/23
                  190.159.136.0/22
                  200.118.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:21:7a:a5:70:b5:f6:fc:01:61:91:22:d5:d7:a6:3b:cc:c6:
         15:04:44:00:46:35:8e:26:cf:f1:d5:af:fd:ec:e7:4b:02:67:
         54:00:7d:0b:44:26:f3:d8:f8:31:a8:34:dc:ef:47:d0:74:0f:
         ed:18:a5:0c:b5:dc:af:8d:74:3a:b6:ce:9d:d6:7a:f5:1e:f2:
         2f:8d:26:c2:0c:49:a5:33:87:50:c8:0b:c2:bc:36:2a:16:d6:
         16:d2:89:b0:c2:0f:40:b9:70:9b:1d:51:17:ee:f9:58:e4:db:
         00:3e:cc:2d:ee:ff:95:14:9f:e7:a2:90:6d:34:66:45:3f:ac:
         d9:af:a3:15:61:83:80:f9:72:fb:f6:d1:78:4f:3d:0a:37:b2:
         86:5c:e7:0c:ac:31:2b:41:be:7a:40:4a:db:cd:e7:49:6e:1c:
         43:cb:48:cd:51:31:b8:a8:8d:91:47:11:b1:e7:e2:1b:b4:60:
         6f:00:f8:d8:4c:60:c1:09:78:16:24:dd:ca:34:c5:84:29:5f:
         2e:a1:4f:5e:27:8f:f5:7c:02:c7:37:7b:73:82:ca:97:04:bc:
         f4:af:fa:da:6e:68:ad:a7:4b:bc:2f:21:68:4d:a1:f5:22:51:
         96:db:29:a7:07:3b:77:76:82:6f:15:98:49:cc:8e:b4:ab:bf:
         c4:bc:ed:86
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDLWATMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE4
NjZjNDViMjE3ODdlMTJhZjRkZWFmYzA4NTMwM2U3ODZmNTBiMmYwHhcNMjQwMzE3
MTg0MjE5WhcNMjkwMzE3MTg0MjE5WjAzMTEwLwYDVQQDEygwYjE1NmQzNWY1NGQz
Y2NlZWE1NzI2MjRjYzcwOGQwOWRmMDk0ZjRjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhsxV9/5oWtqh+v8f137vFy8GQWxJqIdBYYbaHgtvW6kBLqZV
oNVpGt7tTBOJOFSPBc8Cwr1YM6hz28vUp0+qLMBqF9j319JGg8aiY1+B9Zt1MnUj
UIc9Cv/GXDxI07CFW+xtwc82cZODtg2VuDEYD2mKKWNRV/C6O2YbTivVThJypDtT
PsEDA1EO413wBl4PljXSxMyy5Y1ylaaR6m3B0E5rivdnJLdXBUaX/XjTXZypErHL
rhhkdrFncSogdsBnqYUJsfU6SJAHWNygE6LcOUAv8oyHPlu1cXJkuNyJlefvEXP5
2uOEVHqG6pj1Z782vx4xsj12PsHwDWQRW90/xwIDAQABo4ICxzCCAsMwHQYDVR0O
BBYEFAJ07eT37PpewSIV1CGPNpEMXpNhMB8GA1UdIwQYMBaAFMLSc6Z8Bh9jCzEo
oEBMvuztIjGIMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTg2NmM0
NWIyMTc4N2UxMmFmNGRlYWZjMDg1MzAzZTc4NmY1MGIyZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDI0MTliOTItZmJiYS00MDRiLWEyMjktZjM4NjVk
NTdhNDZhLzBiMTU2ZDM1ZjU0ZDNjY2VlYTU3MjYyNGNjNzA4ZDA5ZGYwOTRmNGMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMjQxOWI5Mi1mYmJhLTQwNGItYTIyOS1mMzg2
NWQ1N2E0NmEvMTg2NmM0NWIyMTc4N2UxMmFmNGRlYWZjMDg1MzAzZTc4NmY1MGIy
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBigYIKwYBBQUHAQcBAf8E
ezB5MHcEAgABMHEDBAK1MxQDBAK1OBwDBAG6UWYDBAK6UcQDBAK6U0QDBAC6VVMD
BAK6VhwDBAK6V2wDBAK6V+QDBAK6kCADBAK6kHwDAwC6kQMEAr5UHAMEBb6Q4AME
Ab6TigMEAr6cMAMEAb6czgMEAr6fiAMEAsh27DANBgkqhkiG9w0BAQsFAAOCAQEA
ICF6pXC19vwBYZEi1demO8zGFQREAEY1jibP8dWv/eznSwJnVAB9C0Qm89j4Mag0
3O9H0HQP7RilDLXcr410OrbOndZ69R7yL40mwgxJpTOHUMgLwrw2KhbWFtKJsMIP
QLlwmx1RF+75WOTbAD7MLe7/lRSf56KQbTRmRT+s2a+jFWGDgPly+/bReE89Cjey
hlznDKwxK0G+ekBK283nSW4cQ8tIzVExuKiNkUcRsefiG7RgbwD42ExgwQl4FiTd
yjTFhClfLqFPXieP9XwCxzd7c4LKlwS89K/62m5oradLvC8haE2h9SJRltsppwc7
d3aCbxWYScyOtKu/xLzthg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:17 2024 by rpki-client on console-fra.rpki-client.org