Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/a40dcc03ff46a69e0bdad7efa39a5ebf91e01a3a.roa
File:                     a40dcc03ff46a69e0bdad7efa39a5ebf91e01a3a.roa (raw, json)
Hash identifier:          D7v8CmI+P9Ua1ASVaZ5SOMrrd85vuqSOHtehWlcFdGg=
Subject key identifier:   27:00:7E:BC:64:4B:31:B7:4D:4F:32:4C:BD:25:60:CD:7C:B7:D1:89
Certificate issuer:       /CN=c1f68ecd3896b3288f83c29a2c3da44c821c7684
Certificate serial:       2B41A2
Authority key identifier: A8:73:83:2C:03:09:14:B8:FD:00:F5:3F:AF:46:E4:95:D9:71:1B:3C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1f68ecd3896b3288f83c29a2c3da44c821c7684.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/a40dcc03ff46a69e0bdad7efa39a5ebf91e01a3a.roa
Signing time:             Tue 09 Jan 2024 07:30:00 +0000
ROA not before:           Tue 09 Jan 2024 07:30:00 +0000
ROA not after:            Thu 08 Jan 2026 07:30:00 +0000
asID:                     10620
IP address blocks:        181.54.216.0/22 maxlen: 22
                          181.52.72.0/22 maxlen: 22
                          181.55.128.0/22 maxlen: 22
                          181.55.232.0/22 maxlen: 22
                          181.54.72.0/24 maxlen: 24
                          181.51.17.0/24 maxlen: 24
                          181.51.104.0/22 maxlen: 22
                          181.55.92.0/24 maxlen: 24
                          181.51.40.0/22 maxlen: 22
                          181.54.9.0/24 maxlen: 24
                          181.54.192.0/22 maxlen: 22
                          181.53.30.0/24 maxlen: 24
                          181.51.208.0/22 maxlen: 22
                          181.48.0.0/13 maxlen: 24
                          181.48.176.0/24 maxlen: 24
                          181.49.106.0/24 maxlen: 24
                          190.144.130.0/24 maxlen: 24
                          190.144.174.0/24 maxlen: 24
                          190.145.103.0/24 maxlen: 24
                          200.26.128.0/19 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2834850 (0x2b41a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1f68ecd3896b3288f83c29a2c3da44c821c7684
        Validity
            Not Before: Jan  9 07:30:00 2024 GMT
            Not After : Jan  8 07:30:00 2026 GMT
        Subject: CN=a40dcc03ff46a69e0bdad7efa39a5ebf91e01a3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:85:9c:4f:e8:2f:19:81:e7:b5:9c:45:25:26:
                    c2:ab:a1:3f:28:6b:52:bd:23:fd:b0:66:31:9f:68:
                    ca:2e:08:1f:ad:6b:b1:65:63:07:e1:90:bc:f2:4e:
                    63:14:ea:96:e9:b6:70:de:63:82:c8:25:52:0d:89:
                    07:7b:c2:1f:5c:57:23:8c:38:47:ba:ea:4b:66:47:
                    b2:66:b1:a4:fa:ef:93:c0:a9:b3:86:e8:0b:ee:02:
                    ab:9d:76:b6:a0:aa:0f:8e:d7:e8:5a:63:8a:72:af:
                    ce:d8:05:9f:ca:be:8b:ab:6e:94:63:99:be:1d:36:
                    1e:b7:14:44:7f:3c:86:a9:a7:d3:bf:c5:fe:49:cf:
                    82:cc:f6:cf:29:c8:79:f4:d8:09:f1:c8:7f:c5:e6:
                    38:c1:5a:ad:64:07:a2:79:cb:d8:19:50:de:6c:95:
                    a4:48:9a:61:f7:a0:92:20:1d:3c:4a:06:71:52:09:
                    6d:6f:e2:4e:b9:84:b2:02:96:cf:4d:30:55:43:02:
                    66:cc:57:3e:93:28:c0:ff:43:62:39:34:5c:50:69:
                    e2:10:c1:f1:e1:eb:7d:6d:c1:e4:0e:22:54:d0:7a:
                    97:39:50:e4:c0:6a:bd:e7:fa:19:74:50:e6:d7:cf:
                    36:ed:ef:07:ff:3a:e3:d3:8c:9d:c8:c8:8e:be:cb:
                    7e:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:00:7E:BC:64:4B:31:B7:4D:4F:32:4C:BD:25:60:CD:7C:B7:D1:89
            X509v3 Authority Key Identifier:
                keyid:A8:73:83:2C:03:09:14:B8:FD:00:F5:3F:AF:46:E4:95:D9:71:1B:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1f68ecd3896b3288f83c29a2c3da44c821c7684.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/a40dcc03ff46a69e0bdad7efa39a5ebf91e01a3a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/02419b92-fbba-404b-a229-f3865d57a46a/c1f68ecd3896b3288f83c29a2c3da44c821c7684.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.48.0.0/13
                  190.144.130.0/24
                  190.144.174.0/24
                  190.145.103.0/24
                  200.26.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         1a:b6:c2:6f:21:b6:0a:2b:31:21:00:77:ed:41:36:6c:37:93:
         71:6c:89:e7:d8:64:39:2a:79:8d:40:dd:4d:6b:3d:86:c4:8b:
         94:e0:0c:1e:12:d5:ec:f7:76:48:f6:98:9c:c0:d3:92:7c:cc:
         71:00:c3:a4:ef:2a:68:01:65:49:9c:f2:06:3f:65:0d:c7:8c:
         e6:ca:35:93:70:5e:4d:28:83:e2:8e:bf:d5:c7:60:39:7d:ff:
         23:e8:24:3c:19:92:46:d9:7f:99:11:f6:1e:f8:95:b5:c2:7b:
         d5:d0:e4:c6:12:7b:d6:35:51:b8:65:96:15:3a:06:7f:69:fd:
         d2:1e:44:35:db:2f:ab:1c:9a:9f:a2:f5:75:b5:f7:77:27:70:
         62:2a:09:68:5d:f0:6f:51:16:c9:8b:78:e5:78:27:e8:04:49:
         02:a8:52:aa:0f:5e:8b:ac:d2:e3:f0:c3:c3:03:5e:b3:97:23:
         35:f8:4f:80:9a:1e:d5:c5:93:75:6b:4d:0c:49:c5:05:5c:62:
         1c:58:88:a3:98:a9:ef:e5:ce:5e:1c:16:7c:95:80:98:1a:25:
         b6:e6:1f:4a:1c:6c:98:09:6c:c2:86:b4:f7:53:bd:7b:1e:b5:
         95:1b:c5:26:e8:4f:ed:02:7b:35:dc:8c:49:51:80:84:50:83:
         95:04:c7:3c
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIDK0GiMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMx
ZjY4ZWNkMzg5NmIzMjg4ZjgzYzI5YTJjM2RhNDRjODIxYzc2ODQwHhcNMjQwMTA5
MDczMDAwWhcNMjYwMTA4MDczMDAwWjAzMTEwLwYDVQQDEyhhNDBkY2MwM2ZmNDZh
NjllMGJkYWQ3ZWZhMzlhNWViZjkxZTAxYTNhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAn4WcT+gvGYHntZxFJSbCq6E/KGtSvSP9sGYxn2jKLggfrWux
ZWMH4ZC88k5jFOqW6bZw3mOCyCVSDYkHe8IfXFcjjDhHuupLZkeyZrGk+u+TwKmz
hugL7gKrnXa2oKoPjtfoWmOKcq/O2AWfyr6Lq26UY5m+HTYetxREfzyGqafTv8X+
Sc+CzPbPKch59NgJ8ch/xeY4wVqtZAeiecvYGVDebJWkSJph96CSIB08SgZxUglt
b+JOuYSyApbPTTBVQwJmzFc+kyjA/0NiOTRcUGniEMHx4et9bcHkDiJU0HqXOVDk
wGq95/oZdFDm18827e8H/zrj04ydyMiOvst+twIDAQABo4ICcjCCAm4wHQYDVR0O
BBYEFCcAfrxkSzG3TU8yTL0lYM18t9GJMB8GA1UdIwQYMBaAFKhzgywDCRS4/QD1
P69G5JXZcRs8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzFmNjhl
Y2QzODk2YjMyODhmODNjMjlhMmMzZGE0NGM4MjFjNzY4NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDI0MTliOTItZmJiYS00MDRiLWEyMjktZjM4NjVk
NTdhNDZhL2E0MGRjYzAzZmY0NmE2OWUwYmRhZDdlZmEzOWE1ZWJmOTFlMDFhM2Eu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMjQxOWI5Mi1mYmJhLTQwNGItYTIyOS1mMzg2
NWQ1N2E0NmEvYzFmNjhlY2QzODk2YjMyODhmODNjMjlhMmMzZGE0NGM4MjFjNzY4
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQn
MCUwIwQCAAEwHQMDA7UwAwQAvpCCAwQAvpCuAwQAvpFnAwQFyBqAMA0GCSqGSIb3
DQEBCwUAA4IBAQAatsJvIbYKKzEhAHftQTZsN5NxbInn2GQ5KnmNQN1Naz2GxIuU
4AweEtXs93ZI9picwNOSfMxxAMOk7ypoAWVJnPIGP2UNx4zmyjWTcF5NKIPijr/V
x2A5ff8j6CQ8GZJG2X+ZEfYe+JW1wnvV0OTGEnvWNVG4ZZYVOgZ/af3SHkQ12y+r
HJqfovV1tfd3J3BiKgloXfBvURbJi3jleCfoBEkCqFKqD16LrNLj8MPDA16zlyM1
+E+Amh7VxZN1a00MScUFXGIcWIijmKnv5c5eHBZ8lYCYGiW25h9KHGyYCWzChrT3
U717HrWVG8Um6E/tAns13IxJUYCEUIOVBMc8
-----END CERTIFICATE-----
Generated at Sun Mar 17 19:24:31 2024 by rpki-client on console-ams.rpki-client.org