Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/41108bac7f4d120cb4597e418caea27557871990.roa
File:                     41108bac7f4d120cb4597e418caea27557871990.roa (raw, json)
Hash identifier:          CsYg8ZuuIb53Q8uMAtnOwVYqbKkEPK3uyMNQ7VOA2eA=
Subject key identifier:   E3:E4:CB:9A:79:A6:39:8F:D1:5A:55:4B:7F:02:E2:24:32:22:2C:D1
Certificate issuer:       /CN=c1f68ecd3896b3288f83c29a2c3da44c821c7684
Certificate serial:       211135
Authority key identifier: A8:73:83:2C:03:09:14:B8:FD:00:F5:3F:AF:46:E4:95:D9:71:1B:3C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1f68ecd3896b3288f83c29a2c3da44c821c7684.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/41108bac7f4d120cb4597e418caea27557871990.roa
Signing time:             Wed 14 Dec 2022 19:33:07 +0000
ROA not before:           Mon 22 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     10620
IP address blocks:        190.143.0.0/18 maxlen: 24
                          200.71.32.0/19 maxlen: 24
                          201.216.0.0/19 maxlen: 24
                          200.118.0.0/16 maxlen: 24
                          201.221.160.0/20 maxlen: 24
                          200.89.224.0/20 maxlen: 24
                          201.216.32.0/19 maxlen: 24
                          190.8.224.0/19 maxlen: 24
                          190.8.192.0/19 maxlen: 24
                          190.84.0.0/16 maxlen: 24
                          190.156.0.0/16 maxlen: 24
                          190.157.0.0/16 maxlen: 24
                          190.158.0.0/16 maxlen: 24
                          190.159.0.0/16 maxlen: 24
                          186.80.0.0/16 maxlen: 24
                          186.81.0.0/16 maxlen: 24
                          186.82.0.0/16 maxlen: 24
                          186.83.0.0/16 maxlen: 24
                          186.84.0.0/16 maxlen: 24
                          186.85.0.0/16 maxlen: 24
                          186.86.0.0/16 maxlen: 24
                          186.87.0.0/16 maxlen: 24
                          186.144.0.0/16 maxlen: 24
                          186.145.0.0/16 maxlen: 24
                          186.146.0.0/16 maxlen: 24
                          186.147.0.0/16 maxlen: 24
                          190.146.0.0/16 maxlen: 24
                          190.147.0.0/16 maxlen: 24
                          181.49.72.0/22 maxlen: 22
                          181.61.245.0/24 maxlen: 24
                          181.61.246.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2167093 (0x211135)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1f68ecd3896b3288f83c29a2c3da44c821c7684
        Validity
            Not Before: Mar 22 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=41108bac7f4d120cb4597e418caea27557871990
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4f:89:65:ba:15:c3:aa:b7:1d:70:25:a2:ba:
                    a5:96:93:1c:72:2e:27:f4:2f:6f:4c:f4:bb:87:cf:
                    ea:13:dd:81:9c:d7:29:a4:34:90:d4:99:52:aa:de:
                    48:60:42:eb:36:11:82:f6:7d:eb:fe:d2:2b:45:29:
                    0e:bb:f0:36:c6:33:28:63:55:e5:d9:07:e3:6c:f8:
                    62:49:d1:84:6c:a3:fe:25:a6:d1:2b:87:44:f3:0c:
                    81:ce:d9:f2:06:f7:3f:89:bf:f2:98:6c:90:10:e4:
                    e5:06:39:49:f3:4e:07:7b:57:86:16:1c:0c:33:b8:
                    d1:31:3e:c9:ef:66:4a:99:3a:35:e9:ee:53:8c:02:
                    b6:24:c9:13:a6:6e:40:df:91:24:ed:32:6c:9d:e6:
                    0c:c2:c8:6b:5a:e4:4c:54:20:97:da:72:8c:f7:eb:
                    04:90:34:b8:8d:ca:76:0b:da:3d:ae:f0:db:a0:b7:
                    30:31:f7:95:02:0a:cc:8b:4c:a3:5f:7d:ef:da:08:
                    d9:51:2a:2b:29:14:74:6c:a1:ab:2f:b7:9c:5d:58:
                    05:5d:22:ee:da:8b:6b:7e:5c:7f:75:10:0b:ac:91:
                    73:91:59:71:1d:4f:99:be:d3:b1:37:b0:61:02:7b:
                    96:ec:3d:e6:bc:3e:54:bb:a4:f4:63:95:ed:c8:ea:
                    0f:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:E4:CB:9A:79:A6:39:8F:D1:5A:55:4B:7F:02:E2:24:32:22:2C:D1
            X509v3 Authority Key Identifier:
                keyid:A8:73:83:2C:03:09:14:B8:FD:00:F5:3F:AF:46:E4:95:D9:71:1B:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1f68ecd3896b3288f83c29a2c3da44c821c7684.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/41108bac7f4d120cb4597e418caea27557871990.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/c1f68ecd3896b3288f83c29a2c3da44c821c7684.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.49.72.0/22
                  181.61.245.0-181.61.246.255
                  186.80.0.0/13
                  186.144.0.0/14
                  190.8.192.0/18
                  190.84.0.0/16
                  190.143.0.0/18
                  190.146.0.0/15
                  190.156.0.0/14
                  200.71.32.0/19
                  200.89.224.0/20
                  200.118.0.0/16
                  201.216.0.0/18
                  201.221.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         68:ac:a1:68:ac:f6:40:b3:a5:af:36:b9:03:d1:3c:60:e0:43:
         be:ea:a6:39:7c:4a:72:90:d4:d2:ea:90:e0:c3:e9:19:d6:76:
         6d:e4:11:aa:78:55:5f:22:9a:87:53:30:6c:79:2f:cb:79:2d:
         f4:7a:55:55:2d:ba:26:a9:38:f9:fe:a8:dd:17:b0:33:74:51:
         21:72:c9:07:f7:29:64:a9:7e:43:18:ef:5c:7c:cb:5a:9b:8a:
         0a:10:71:da:e9:0e:c7:60:10:e7:97:8d:a0:d0:f9:c5:8c:09:
         2b:fa:77:9d:38:55:85:5e:8d:9c:cb:81:e9:7e:dc:28:6f:29:
         2f:31:88:64:b0:49:bf:ce:24:33:98:17:37:3b:43:46:98:46:
         24:75:25:2f:da:68:df:30:18:0a:e6:9d:5d:6b:d9:75:92:df:
         61:2d:0f:62:f9:13:3d:1b:f2:40:6f:1e:ef:68:d7:61:7a:61:
         73:2e:32:d4:59:9e:85:85:b3:e1:7d:a7:cc:22:db:4a:79:4d:
         0c:e6:65:8c:e2:1e:0f:bd:d2:a9:20:af:ee:8a:92:06:18:a2:
         58:1a:a9:76:a2:ba:0a:80:23:ac:31:ce:0f:03:03:39:75:12:
         3c:18:fd:01:fa:c4:c7:4b:52:29:69:69:e2:7e:d5:7d:ac:71:
         e7:f9:83:51
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDIRE1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMx
ZjY4ZWNkMzg5NmIzMjg4ZjgzYzI5YTJjM2RhNDRjODIxYzc2ODQwHhcNMjEwMzIy
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg0MTEwOGJhYzdmNGQx
MjBjYjQ1OTdlNDE4Y2FlYTI3NTU3ODcxOTkwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoU+JZboVw6q3HXAlorqllpMcci4n9C9vTPS7h8/qE92BnNcp
pDSQ1JlSqt5IYELrNhGC9n3r/tIrRSkOu/A2xjMoY1Xl2QfjbPhiSdGEbKP+JabR
K4dE8wyBztnyBvc/ib/ymGyQEOTlBjlJ804He1eGFhwMM7jRMT7J72ZKmTo16e5T
jAK2JMkTpm5A35Ek7TJsneYMwshrWuRMVCCX2nKM9+sEkDS4jcp2C9o9rvDboLcw
MfeVAgrMi0yjX33v2gjZUSorKRR0bKGrL7ecXVgFXSLu2otrflx/dRALrJFzkVlx
HU+ZvtOxN7BhAnuW7D3mvD5Uu6T0Y5XtyOoPpQIDAQABo4ICqzCCAqcwHQYDVR0O
BBYEFOPky5p5pjmP0VpVS38C4iQyIizRMB8GA1UdIwQYMBaAFKhzgywDCRS4/QD1
P69G5JXZcRs8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzFmNjhl
Y2QzODk2YjMyODhmODNjMjlhMmMzZGE0NGM4MjFjNzY4NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDI0MTliOTItZmJiYS00MDRiLWEyMjktZjM4NjVk
NTdhNDZhLzQxMTA4YmFjN2Y0ZDEyMGNiNDU5N2U0MThjYWVhMjc1NTc4NzE5OTAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMjQxOWI5Mi1mYmJhLTQwNGItYTIyOS1mMzg2
NWQ1N2E0NmEvYzFmNjhlY2QzODk2YjMyODhmODNjMjlhMmMzZGE0NGM4MjFjNzY4
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBvBggrBgEFBQcBBwEB/wRg
MF4wXAQCAAEwVgMEArUxSDAMAwQAtT31AwQAtT32AwMDulADAwK6kAMEBr4IwAMD
AL5UAwQGvo8AAwMBvpIDAwK+nAMEBchHIAMEBMhZ4AMDAMh2AwQGydgAAwQEyd2g
MA0GCSqGSIb3DQEBCwUAA4IBAQBorKForPZAs6WvNrkD0Txg4EO+6qY5fEpykNTS
6pDgw+kZ1nZt5BGqeFVfIpqHUzBseS/LeS30elVVLbomqTj5/qjdF7AzdFEhcskH
9ylkqX5DGO9cfMtam4oKEHHa6Q7HYBDnl42g0PnFjAkr+nedOFWFXo2cy4Hpftwo
bykvMYhksEm/ziQzmBc3O0NGmEYkdSUv2mjfMBgK5p1da9l1kt9hLQ9i+RM9G/JA
bx7vaNdhemFzLjLUWZ6FhbPhfafMIttKeU0M5mWM4h4PvdKpIK/uipIGGKJYGql2
oroKgCOsMc4PAwM5dRI8GP0B+sTHS1IpaWniftV9rHHn+YNR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:54 2024 by rpki-client on console-ams.rpki-client.org