Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/128a52bdd09b577357e402aa20fbd49d9c2732f9.roa
File:                     128a52bdd09b577357e402aa20fbd49d9c2732f9.roa (raw, json)
Hash identifier:          XDM0CHR5eXGcHi0gl4eqzQmhdOST4/pZo6ZwSiFu5lI=
Subject key identifier:   90:99:70:56:40:F0:A0:F4:16:9A:EC:5B:4D:49:CC:F0:C1:7B:AA:DB
Certificate issuer:       /CN=c1f68ecd3896b3288f83c29a2c3da44c821c7684
Certificate serial:       244979
Authority key identifier: A8:73:83:2C:03:09:14:B8:FD:00:F5:3F:AF:46:E4:95:D9:71:1B:3C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1f68ecd3896b3288f83c29a2c3da44c821c7684.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/128a52bdd09b577357e402aa20fbd49d9c2732f9.roa
Signing time:             Thu 20 Apr 2023 03:32:26 +0000
ROA not before:           Wed 19 Apr 2023 03:32:26 +0000
ROA not after:            Sun 20 Apr 2025 03:32:26 +0000
asID:                     14080
IP address blocks:        190.158.136.0/24 maxlen: 24
                          190.158.137.0/24 maxlen: 24
                          190.158.138.0/24 maxlen: 24
                          190.158.139.0/24 maxlen: 24
                          190.158.188.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2378105 (0x244979)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1f68ecd3896b3288f83c29a2c3da44c821c7684
        Validity
            Not Before: Apr 19 03:32:26 2023 GMT
            Not After : Apr 20 03:32:26 2025 GMT
        Subject: CN=128a52bdd09b577357e402aa20fbd49d9c2732f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:36:92:b7:05:d4:34:9f:d8:7f:8c:2d:2e:de:
                    65:3b:be:14:34:48:33:be:dd:0b:7a:61:90:10:8b:
                    66:df:07:5f:c8:ec:f7:a5:c3:14:cb:78:b0:20:f4:
                    80:5b:00:85:d5:c3:ba:43:93:60:27:1c:00:0f:09:
                    c9:2d:9b:9a:79:d3:8d:aa:0d:e9:c4:6e:09:e5:0f:
                    ce:ca:86:b6:9d:0e:54:f9:b8:a1:5c:09:dd:3d:e0:
                    70:53:ad:ef:18:e7:52:81:ca:74:2b:c8:f4:89:f6:
                    6a:b8:f3:f2:91:0a:03:d5:91:19:42:eb:ab:b3:a6:
                    08:e5:28:9e:73:59:46:53:a1:56:6b:1c:5d:48:59:
                    eb:f8:29:37:73:10:e4:2f:67:41:0e:8b:9a:5d:99:
                    32:a5:18:7d:0f:1f:c8:e5:c3:a0:8c:f0:c9:70:b5:
                    72:90:ed:53:54:05:94:2e:66:28:85:c7:68:07:cf:
                    11:59:f9:b3:98:91:ef:3e:1d:b6:22:03:5f:23:f2:
                    c9:90:1e:56:64:e8:32:55:1d:c2:97:ad:10:14:e7:
                    45:77:5f:2f:f4:df:c5:e7:d9:b1:e8:85:78:f5:b8:
                    bc:1a:a4:79:37:39:f8:a4:99:1c:21:4d:c2:ad:5b:
                    1f:93:f4:f9:9e:3c:e9:8e:d1:07:2f:32:3c:ae:81:
                    21:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:99:70:56:40:F0:A0:F4:16:9A:EC:5B:4D:49:CC:F0:C1:7B:AA:DB
            X509v3 Authority Key Identifier:
                keyid:A8:73:83:2C:03:09:14:B8:FD:00:F5:3F:AF:46:E4:95:D9:71:1B:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1f68ecd3896b3288f83c29a2c3da44c821c7684.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/128a52bdd09b577357e402aa20fbd49d9c2732f9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/c1f68ecd3896b3288f83c29a2c3da44c821c7684.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.158.136.0/22
                  190.158.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:f8:14:ea:e8:d3:2c:09:25:85:de:4f:fb:9c:9f:fd:47:4e:
         c7:9e:ac:1e:f3:cf:bd:d3:f1:70:e5:6f:50:8d:7b:50:a7:b7:
         c2:9a:11:8c:d2:a2:1b:c6:8a:68:72:1e:6c:65:a7:1c:2f:80:
         c8:05:f2:2b:f4:48:a4:a3:54:6d:de:88:24:c3:76:0a:7f:a4:
         d7:a4:1c:e8:53:a3:59:bd:ce:b2:a2:d5:2e:73:39:aa:d7:bf:
         d4:f7:e3:01:5e:42:c5:64:05:bf:a0:21:cf:b5:41:e1:8f:bb:
         80:70:92:b5:1a:5c:b9:50:fd:2b:08:b9:5d:20:6f:93:4b:4a:
         f0:db:76:58:9a:e0:5f:8c:27:77:52:1a:10:24:eb:44:4a:13:
         2f:ac:f2:82:c7:ab:9e:bf:18:74:39:26:4a:4c:a3:5a:89:59:
         8a:17:b9:1d:0d:ea:0c:48:11:1f:a2:b5:21:47:24:ac:26:f9:
         92:9e:19:2f:4c:87:6c:b2:95:75:0c:f4:a9:45:ce:4d:ca:e1:
         0e:52:2e:c6:84:fd:53:0e:d6:0a:df:a2:d6:f4:bc:11:b3:84:
         ed:b9:5a:a6:79:32:39:16:cf:94:16:fc:ca:3a:be:79:5a:37:
         d6:b2:77:d5:a1:e0:d6:e3:c7:90:6e:69:47:bb:a9:8c:88:ee:
         8a:cf:78:d1
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDJEl5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMx
ZjY4ZWNkMzg5NmIzMjg4ZjgzYzI5YTJjM2RhNDRjODIxYzc2ODQwHhcNMjMwNDE5
MDMzMjI2WhcNMjUwNDIwMDMzMjI2WjAzMTEwLwYDVQQDEygxMjhhNTJiZGQwOWI1
NzczNTdlNDAyYWEyMGZiZDQ5ZDljMjczMmY5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApTaStwXUNJ/Yf4wtLt5lO74UNEgzvt0LemGQEItm3wdfyOz3
pcMUy3iwIPSAWwCF1cO6Q5NgJxwADwnJLZuaedONqg3pxG4J5Q/Oyoa2nQ5U+bih
XAndPeBwU63vGOdSgcp0K8j0ifZquPPykQoD1ZEZQuurs6YI5Siec1lGU6FWaxxd
SFnr+Ck3cxDkL2dBDouaXZkypRh9Dx/I5cOgjPDJcLVykO1TVAWULmYohcdoB88R
WfmzmJHvPh22IgNfI/LJkB5WZOgyVR3Cl60QFOdFd18v9N/F59mx6IV49bi8GqR5
Nzn4pJkcIU3CrVsfk/T5njzpjtEHLzI8roEh3QIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFJCZcFZA8KD0FprsW01JzPDBe6rbMB8GA1UdIwQYMBaAFKhzgywDCRS4/QD1
P69G5JXZcRs8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzFmNjhl
Y2QzODk2YjMyODhmODNjMjlhMmMzZGE0NGM4MjFjNzY4NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDI0MTliOTItZmJiYS00MDRiLWEyMjktZjM4NjVk
NTdhNDZhLzEyOGE1MmJkZDA5YjU3NzM1N2U0MDJhYTIwZmJkNDlkOWMyNzMyZjku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMjQxOWI5Mi1mYmJhLTQwNGItYTIyOS1mMzg2
NWQ1N2E0NmEvYzFmNjhlY2QzODk2YjMyODhmODNjMjlhMmMzZGE0NGM4MjFjNzY4
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAr6eiAMEAL6evDANBgkqhkiG9w0BAQsFAAOCAQEAC/gU6ujT
LAklhd5P+5yf/UdOx56sHvPPvdPxcOVvUI17UKe3wpoRjNKiG8aKaHIebGWnHC+A
yAXyK/RIpKNUbd6IJMN2Cn+k16Qc6FOjWb3OsqLVLnM5qte/1PfjAV5CxWQFv6Ah
z7VB4Y+7gHCStRpcuVD9Kwi5XSBvk0tK8Nt2WJrgX4wnd1IaECTrREoTL6zygser
nr8YdDkmSkyjWolZihe5HQ3qDEgRH6K1IUckrCb5kp4ZL0yHbLKVdQz0qUXOTcrh
DlIuxoT9Uw7WCt+i1vS8EbOE7blapnkyORbPlBb8yjq+eVo31rJ31aHg1uPHkG5p
R7upjIjuis940Q==
-----END CERTIFICATE-----
Generated at Sun Mar 17 19:15:18 2024 by rpki-client on console-fra.rpki-client.org