Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0ef5686d-fc66-4c8e-be4f-da69fbc2bfb5/af16a05fdd27bd31837e7a85664dc5c81c528914.roa
File:                     af16a05fdd27bd31837e7a85664dc5c81c528914.roa (raw, json)
Hash identifier:          8WwmEGadM1DCLUtLPRmRlQX4fSqEDKa4Y4y20hPhCVY=
Subject key identifier:   15:AB:B0:6D:7D:EE:32:08:EF:77:B2:74:53:C5:95:BF:AE:EA:C5:3E
Certificate issuer:       /CN=c2cfc3212455464cd8f856a348b2d5caf73dcd73
Certificate serial:       128648
Authority key identifier: ED:97:60:23:07:66:80:76:63:22:9F:6D:41:28:05:07:EF:9D:C2:29
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c2cfc3212455464cd8f856a348b2d5caf73dcd73.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0ef5686d-fc66-4c8e-be4f-da69fbc2bfb5/af16a05fdd27bd31837e7a85664dc5c81c528914.roa
Signing time:             Fri 17 Dec 2021 19:51:44 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52468
IP address blocks:        181.119.87.0/24 maxlen: 24
                          181.78.0.0/19 maxlen: 24
                          181.119.64.0/24 maxlen: 24
                          181.119.66.0/24 maxlen: 24
                          181.119.67.0/24 maxlen: 24
                          181.119.68.0/24 maxlen: 24
                          181.119.69.0/24 maxlen: 24
                          181.119.70.0/24 maxlen: 24
                          181.119.82.0/24 maxlen: 24
                          181.119.83.0/24 maxlen: 24
                          181.119.84.0/24 maxlen: 24
                          181.119.85.0/24 maxlen: 24
                          181.119.86.0/24 maxlen: 24
                          181.119.88.0/24 maxlen: 24
                          181.119.89.0/24 maxlen: 24
                          181.119.90.0/24 maxlen: 24
                          181.119.91.0/24 maxlen: 24
                          181.119.92.0/24 maxlen: 24
                          181.119.93.0/24 maxlen: 24
                          181.119.94.0/24 maxlen: 24
                          181.119.95.0/24 maxlen: 24
                          181.119.96.0/24 maxlen: 24
                          181.119.97.0/24 maxlen: 24
                          181.119.98.0/24 maxlen: 24
                          181.119.99.0/24 maxlen: 24
                          181.119.100.0/24 maxlen: 24
                          181.119.101.0/24 maxlen: 24
                          181.119.102.0/24 maxlen: 24
                          181.119.103.0/24 maxlen: 24
                          181.119.104.0/24 maxlen: 24
                          181.119.105.0/24 maxlen: 24
                          181.119.106.0/24 maxlen: 24
                          181.119.107.0/24 maxlen: 24
                          181.119.108.0/24 maxlen: 24
                          181.119.109.0/24 maxlen: 24
                          181.119.110.0/24 maxlen: 24
                          181.119.111.0/24 maxlen: 24
                          181.119.113.0/24 maxlen: 24
                          181.119.114.0/24 maxlen: 24
                          181.119.115.0/24 maxlen: 24
                          181.119.122.0/24 maxlen: 24
                          181.119.124.0/24 maxlen: 24
                          181.119.125.0/24 maxlen: 24
                          181.119.126.0/24 maxlen: 24
                          181.78.120.0/24 maxlen: 24
                          181.78.121.0/24 maxlen: 24
                          181.78.122.0/24 maxlen: 24
                          181.78.123.0/24 maxlen: 24
                          181.78.124.0/24 maxlen: 24
                          181.78.125.0/24 maxlen: 24
                          181.78.126.0/24 maxlen: 24
                          181.78.127.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1214024 (0x128648)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2cfc3212455464cd8f856a348b2d5caf73dcd73
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=af16a05fdd27bd31837e7a85664dc5c81c528914
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:db:41:c2:6b:32:c6:ab:27:27:cd:3f:4c:58:
                    36:8a:a9:3f:b4:63:4f:3b:a7:a8:df:2f:09:b8:9e:
                    98:1a:8b:79:bf:fd:ec:03:d9:7c:03:ec:bf:ce:15:
                    a1:56:fa:e6:fb:f5:74:97:1a:3b:70:e4:5b:4d:00:
                    74:e9:fb:b8:a0:b8:8f:7c:ba:81:89:2c:13:4f:c1:
                    7e:9b:93:fb:69:05:c9:12:46:7c:73:f3:2d:b0:08:
                    30:ed:75:f1:53:0e:a7:28:24:93:4b:1b:57:10:56:
                    1a:51:2a:10:9f:c3:e7:32:7f:a3:50:08:a5:3b:22:
                    8d:4d:a1:b7:d9:fc:95:5f:2c:98:37:56:40:f4:9d:
                    53:60:2c:50:64:c1:8d:6f:fc:f2:2c:02:76:86:e6:
                    eb:25:c9:5b:76:b4:3b:53:52:4d:3c:3b:95:6c:c0:
                    57:aa:53:97:b2:ec:fb:22:c8:66:06:fb:ad:c5:40:
                    94:e9:41:57:60:4e:e7:f4:da:e4:4e:0c:9a:63:40:
                    63:c6:ec:7d:d2:a6:2a:b4:6c:fe:0b:37:2c:ea:e5:
                    a6:a1:7d:ba:ad:61:c5:cf:9c:ec:e4:e8:d3:96:5c:
                    8e:21:b1:8a:9e:a2:c7:13:00:ff:26:e4:e1:72:5d:
                    53:19:c2:4e:47:64:6c:8d:73:f0:35:aa:f0:41:7c:
                    10:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:AB:B0:6D:7D:EE:32:08:EF:77:B2:74:53:C5:95:BF:AE:EA:C5:3E
            X509v3 Authority Key Identifier:
                keyid:ED:97:60:23:07:66:80:76:63:22:9F:6D:41:28:05:07:EF:9D:C2:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c2cfc3212455464cd8f856a348b2d5caf73dcd73.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0ef5686d-fc66-4c8e-be4f-da69fbc2bfb5/af16a05fdd27bd31837e7a85664dc5c81c528914.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0ef5686d-fc66-4c8e-be4f-da69fbc2bfb5/c2cfc3212455464cd8f856a348b2d5caf73dcd73.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.78.0.0/19
                  181.78.120.0/21
                  181.119.64.0/24
                  181.119.66.0-181.119.70.255
                  181.119.82.0-181.119.111.255
                  181.119.113.0-181.119.115.255
                  181.119.122.0/24
                  181.119.124.0-181.119.126.255

    Signature Algorithm: sha256WithRSAEncryption
         85:a4:9a:67:4f:81:c7:f1:54:07:df:be:72:0d:fb:0b:7d:9a:
         00:63:de:dd:2d:5c:ea:02:70:27:65:aa:8e:f2:3c:79:02:e7:
         d0:53:74:f4:70:82:21:45:d7:ab:46:13:85:2e:7b:7a:98:4c:
         70:33:0e:07:27:28:b6:f9:4a:63:66:dc:fa:fc:72:63:f3:2d:
         e5:b1:27:7b:b9:2a:74:c9:be:91:69:48:a0:5d:79:af:ee:d3:
         5f:66:9e:1d:7f:22:ee:1e:70:9e:7a:a1:f9:8a:a3:4d:4a:47:
         86:4e:20:1e:15:15:b9:e6:be:14:b8:cf:0d:f3:1e:8a:80:77:
         7e:19:ae:33:58:21:da:e1:3d:2c:7f:12:ba:0c:15:05:eb:0f:
         79:59:f5:d6:0c:1f:94:1a:a7:c8:7a:61:f4:86:e5:9e:18:47:
         0c:36:d5:d2:c1:37:3e:a0:4a:6f:00:5c:bc:68:7a:14:bb:cc:
         83:ec:53:fb:f5:b8:14:05:25:29:6c:c5:93:49:75:bf:b8:e3:
         dc:f0:f4:42:d6:9d:c6:c5:b7:85:b0:b8:65:81:f3:e5:4c:3e:
         32:5f:3f:75:9a:ad:41:a9:b4:80:6e:20:29:fc:30:40:18:71:
         10:ad:6b:37:b1:10:f8:81:ce:f9:41:4c:c3:b8:97:21:c3:5a:
         d8:e4:58:33
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDEoZIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMy
Y2ZjMzIxMjQ1NTQ2NGNkOGY4NTZhMzQ4YjJkNWNhZjczZGNkNzMwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhhZjE2YTA1ZmRkMjdi
ZDMxODM3ZTdhODU2NjRkYzVjODFjNTI4OTE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAu9tBwmsyxqsnJ80/TFg2iqk/tGNPO6eo3y8JuJ6YGot5v/3s
A9l8A+y/zhWhVvrm+/V0lxo7cORbTQB06fu4oLiPfLqBiSwTT8F+m5P7aQXJEkZ8
c/MtsAgw7XXxUw6nKCSTSxtXEFYaUSoQn8PnMn+jUAilOyKNTaG32fyVXyyYN1ZA
9J1TYCxQZMGNb/zyLAJ2hubrJclbdrQ7U1JNPDuVbMBXqlOXsuz7IshmBvutxUCU
6UFXYE7n9NrkTgyaY0Bjxux90qYqtGz+Czcs6uWmoX26rWHFz5zs5OjTllyOIbGK
nqLHEwD/JuThcl1TGcJOR2RsjXPwNarwQXwQrwIDAQABo4ICpTCCAqEwHQYDVR0O
BBYEFBWrsG197jII73eydFPFlb+u6sU+MB8GA1UdIwQYMBaAFO2XYCMHZoB2YyKf
bUEoBQfvncIpMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzJjZmMz
MjEyNDU1NDY0Y2Q4Zjg1NmEzNDhiMmQ1Y2FmNzNkY2Q3My5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGVmNTY4NmQtZmM2Ni00YzhlLWJlNGYtZGE2OWZi
YzJiZmI1L2FmMTZhMDVmZGQyN2JkMzE4MzdlN2E4NTY2NGRjNWM4MWM1Mjg5MTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wZWY1Njg2ZC1mYzY2LTRjOGUtYmU0Zi1kYTY5
ZmJjMmJmYjUvYzJjZmMzMjEyNDU1NDY0Y2Q4Zjg1NmEzNDhiMmQ1Y2FmNzNkY2Q3
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRa
MFgwVgQCAAEwUAMEBbVOAAMEA7VOeAMEALV3QDAMAwQBtXdCAwQAtXdGMAwDBAG1
d1IDBAS1d2AwDAMEALV3cQMEArV3cAMEALV3ejAMAwQCtXd8AwQAtXd+MA0GCSqG
SIb3DQEBCwUAA4IBAQCFpJpnT4HH8VQH375yDfsLfZoAY97dLVzqAnAnZaqO8jx5
AufQU3T0cIIhRderRhOFLnt6mExwMw4HJyi2+UpjZtz6/HJj8y3lsSd7uSp0yb6R
aUigXXmv7tNfZp4dfyLuHnCeeqH5iqNNSkeGTiAeFRW55r4UuM8N8x6KgHd+Ga4z
WCHa4T0sfxK6DBUF6w95WfXWDB+UGqfIemH0huWeGEcMNtXSwTc+oEpvAFy8aHoU
u8yD7FP79bgUBSUpbMWTSXW/uOPc8PRC1p3GxbeFsLhlgfPlTD4yXz91mq1BqbSA
biAp/DBAGHEQrWs3sRD4gc75QUzDuJchw1rY5Fgz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-ams.rpki-client.org