Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/133e3507-7055-4d3f-bb90-b9a5e1ee4f5e/2182800777d0c63f16f08cb639286c21c1a42333.roa
File:                     2182800777d0c63f16f08cb639286c21c1a42333.roa (raw, json)
Hash identifier:          IBbFHXu49o0ZdBbi/VJYu/5nDW1StqwNGQwms/g3q8M=
Subject key identifier:   03:12:D0:B3:B4:98:9F:B2:5C:CA:DD:20:74:06:95:3E:C3:64:99:F5
Certificate issuer:       /CN=93e1045f9f659b040e2833d32618d562a29ac1fd
Certificate serial:       0D98F0
Authority key identifier: 35:E8:10:82:8A:1C:42:6C:F7:05:78:05:76:89:34:30:47:56:00:6F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/93e1045f9f659b040e2833d32618d562a29ac1fd.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/133e3507-7055-4d3f-bb90-b9a5e1ee4f5e/2182800777d0c63f16f08cb639286c21c1a42333.roa
Signing time:             Wed 24 Mar 2021 14:43:30 +0000
ROA not before:           Wed 24 Mar 2021 14:43:30 +0000
ROA not after:            Tue 24 Mar 2026 14:43:30 +0000
asID:                     22122
IP address blocks:        148.209.72.0/24 maxlen: 24
                          148.209.90.0/23 maxlen: 23
                          148.209.92.0/24 maxlen: 24
                          148.209.95.0/24 maxlen: 24
                          148.209.96.0/21 maxlen: 21
                          148.209.106.0/23 maxlen: 23
                          148.209.124.0/23 maxlen: 23
                          148.209.126.0/23 maxlen: 23
                          148.209.135.0/24 maxlen: 24
                          148.209.137.0/24 maxlen: 24
                          148.209.139.0/24 maxlen: 24
                          148.209.141.0/24 maxlen: 24
                          148.209.142.0/23 maxlen: 23
                          148.209.209.0/24 maxlen: 24
                          148.209.216.0/23 maxlen: 23
                          148.209.221.0/24 maxlen: 24
                          148.209.222.0/23 maxlen: 23
                          148.209.224.0/22 maxlen: 22
                          148.209.237.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 891120 (0xd98f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93e1045f9f659b040e2833d32618d562a29ac1fd
        Validity
            Not Before: Mar 24 14:43:30 2021 GMT
            Not After : Mar 24 14:43:30 2026 GMT
        Subject: CN=2182800777d0c63f16f08cb639286c21c1a42333
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ae:2c:7e:17:36:60:ab:7a:fb:f3:6b:6c:7e:
                    e3:82:d3:84:19:f0:49:83:8e:89:22:4f:31:c4:0a:
                    0c:d4:54:be:f5:09:e9:23:2e:65:2a:60:f6:5d:0d:
                    84:97:55:a7:61:52:31:48:39:6e:64:23:8a:95:51:
                    42:99:68:c0:44:70:b8:00:cf:9d:27:6f:3c:d2:ec:
                    10:77:80:34:69:e4:7d:b3:f2:21:14:75:b8:3c:68:
                    e7:22:c3:38:7e:54:22:60:25:7e:2e:76:14:5e:ba:
                    46:b9:3e:90:98:a8:8a:c0:b1:69:63:40:bc:f1:58:
                    2c:9f:a5:74:5b:2d:71:94:19:f7:27:06:ee:6a:7a:
                    ea:b4:19:ba:a3:4f:1f:4c:7d:52:49:48:f7:f8:2c:
                    73:79:a0:08:c6:52:be:c4:cb:3f:45:bd:c5:58:71:
                    20:51:9f:0e:d0:79:a8:9f:6b:a7:e1:48:8a:da:bf:
                    e0:08:4b:62:87:36:2c:66:af:63:82:f8:ed:2b:b9:
                    f0:0b:f6:bd:ee:8a:f1:28:35:9c:88:b2:50:0b:97:
                    8e:cd:f9:0d:56:a2:6d:8b:12:00:9c:9d:1c:14:f7:
                    58:90:50:a0:5e:ea:6d:37:1f:78:b2:fc:51:33:e8:
                    b2:61:9e:83:d6:1a:d6:0f:e8:7c:b9:05:ee:e1:31:
                    c9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:12:D0:B3:B4:98:9F:B2:5C:CA:DD:20:74:06:95:3E:C3:64:99:F5
            X509v3 Authority Key Identifier:
                keyid:35:E8:10:82:8A:1C:42:6C:F7:05:78:05:76:89:34:30:47:56:00:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/93e1045f9f659b040e2833d32618d562a29ac1fd.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/133e3507-7055-4d3f-bb90-b9a5e1ee4f5e/2182800777d0c63f16f08cb639286c21c1a42333.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/133e3507-7055-4d3f-bb90-b9a5e1ee4f5e/93e1045f9f659b040e2833d32618d562a29ac1fd.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.209.72.0/24
                  148.209.90.0-148.209.92.255
                  148.209.95.0-148.209.103.255
                  148.209.106.0/23
                  148.209.124.0/22
                  148.209.135.0/24
                  148.209.137.0/24
                  148.209.139.0/24
                  148.209.141.0-148.209.143.255
                  148.209.209.0/24
                  148.209.216.0/23
                  148.209.221.0-148.209.227.255
                  148.209.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:33:15:53:d8:55:67:a6:b4:1d:55:17:7b:15:a4:9e:93:89:
         b9:dc:f1:36:40:70:1d:53:8d:2d:54:ff:0a:9d:06:73:36:e6:
         50:b3:6d:22:e0:49:eb:63:cd:db:ad:43:0a:cc:32:a6:71:39:
         ef:85:17:f9:7d:0d:dd:b3:10:7a:99:3b:31:5e:13:ae:f6:bc:
         f8:5f:16:72:74:4c:8c:be:76:c3:e7:f6:75:17:a1:01:46:95:
         b9:68:5f:e5:1e:b9:0b:d9:0e:1d:65:e4:34:06:11:fc:d0:c2:
         79:fe:ca:73:c3:1e:a7:89:03:27:bb:e2:8c:34:52:46:31:bc:
         76:10:94:5e:36:9f:94:0d:1a:df:fc:73:54:13:e3:48:05:d3:
         fd:78:a5:19:46:e0:41:5b:55:01:12:1d:c0:74:70:a3:c3:86:
         df:ae:4a:c5:27:73:7c:6d:5c:5c:b9:78:8f:bf:23:37:84:49:
         01:e2:d3:c3:97:23:f3:fe:07:32:88:bf:ff:3c:3e:f8:0d:c3:
         0f:df:e7:9b:73:cd:55:35:7f:3b:4a:98:25:aa:cc:c9:f6:b5:
         a5:f2:5c:e2:cc:d5:f3:87:d5:69:02:af:8b:bd:f0:71:af:0e:
         50:02:42:ee:62:44:56:47:a5:6f:bb:b7:98:14:97:09:99:40:
         b1:45:da:cc
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIDDZjwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkz
ZTEwNDVmOWY2NTliMDQwZTI4MzNkMzI2MThkNTYyYTI5YWMxZmQwHhcNMjEwMzI0
MTQ0MzMwWhcNMjYwMzI0MTQ0MzMwWjAzMTEwLwYDVQQDEygyMTgyODAwNzc3ZDBj
NjNmMTZmMDhjYjYzOTI4NmMyMWMxYTQyMzMzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApa4sfhc2YKt6+/NrbH7jgtOEGfBJg46JIk8xxAoM1FS+9Qnp
Iy5lKmD2XQ2El1WnYVIxSDluZCOKlVFCmWjARHC4AM+dJ2880uwQd4A0aeR9s/Ih
FHW4PGjnIsM4flQiYCV+LnYUXrpGuT6QmKiKwLFpY0C88Vgsn6V0Wy1xlBn3Jwbu
anrqtBm6o08fTH1SSUj3+CxzeaAIxlK+xMs/Rb3FWHEgUZ8O0Hmon2un4UiK2r/g
CEtihzYsZq9jgvjtK7nwC/a97orxKDWciLJQC5eOzfkNVqJtixIAnJ0cFPdYkFCg
XuptNx94svxRM+iyYZ6D1hrWD+h8uQXu4THJNQIDAQABo4ICxDCCAsAwHQYDVR0O
BBYEFAMS0LO0mJ+yXMrdIHQGlT7DZJn1MB8GA1UdIwQYMBaAFDXoEIKKHEJs9wV4
BXaJNDBHVgBvMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTNlMTA0
NWY5ZjY1OWIwNDBlMjgzM2QzMjYxOGQ1NjJhMjlhYzFmZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTMzZTM1MDctNzA1NS00ZDNmLWJiOTAtYjlhNWUx
ZWU0ZjVlLzIxODI4MDA3NzdkMGM2M2YxNmYwOGNiNjM5Mjg2YzIxYzFhNDIzMzMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xMzNlMzUwNy03MDU1LTRkM2YtYmI5MC1iOWE1
ZTFlZTRmNWUvOTNlMTA0NWY5ZjY1OWIwNDBlMjgzM2QzMjYxOGQ1NjJhMjlhYzFm
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBhwYIKwYBBQUHAQcBAf8E
eDB2MHQEAgABMG4DBACU0UgwDAMEAZTRWgMEAJTRXDAMAwQAlNFfAwQDlNFgAwQB
lNFqAwQClNF8AwQAlNGHAwQAlNGJAwQAlNGLMAwDBACU0Y0DBASU0YADBACU0dED
BAGU0dgwDAMEAJTR3QMEApTR4AMEAJTR7TANBgkqhkiG9w0BAQsFAAOCAQEAAzMV
U9hVZ6a0HVUXexWknpOJudzxNkBwHVONLVT/Cp0GczbmULNtIuBJ62PN261DCswy
pnE574UX+X0N3bMQepk7MV4Trva8+F8WcnRMjL52w+f2dRehAUaVuWhf5R65C9kO
HWXkNAYR/NDCef7Kc8Mep4kDJ7vijDRSRjG8dhCUXjaflA0a3/xzVBPjSAXT/Xil
GUbgQVtVARIdwHRwo8OG365KxSdzfG1cXLl4j78jN4RJAeLTw5cj8/4HMoi//zw+
+A3DD9/nm3PNVTV/O0qYJarMyfa1pfJc4szV84fVaQKvi73wca8OUAJC7mJEVkel
b7u3mBSXCZlAsUXazA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:22 2024 by rpki-client on console-fra.rpki-client.org