Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/3fbf5a2c7146e265997d90c6f1090101a75b1bf4.roa
File:                     3fbf5a2c7146e265997d90c6f1090101a75b1bf4.roa (raw, json)
Hash identifier:          K9IbuB5btbfavrLhkcYJsCKGlowNx+lCz/Nb+5rtyR8=
Subject key identifier:   78:D4:63:8F:E8:C3:F3:AD:AF:D7:93:7D:48:D7:61:0F:D1:7A:08:C7
Certificate issuer:       /CN=ce24136a35f10502f080a99eec6f12882d2f04fa
Certificate serial:       150B61
Authority key identifier: 2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/3fbf5a2c7146e265997d90c6f1090101a75b1bf4.roa
Signing time:             Thu 27 Jan 2022 13:33:14 +0000
ROA not before:           Sun 02 May 2021 03:00:00 +0000
ROA not after:            Tue 02 May 2023 03:00:00 +0000
asID:                     1239
IP address blocks:        191.96.122.0/24 maxlen: 24
                          191.96.129.0/24 maxlen: 24
                          191.96.134.0/24 maxlen: 24
                          191.96.62.0/24 maxlen: 24
                          191.96.167.0/24 maxlen: 24
                          191.96.31.0/24 maxlen: 24
                          191.96.38.0/24 maxlen: 24
                          191.96.154.0/24 maxlen: 24
                          191.96.193.0/24 maxlen: 24
                          181.215.21.0/24 maxlen: 24
                          181.214.146.0/24 maxlen: 24
                          181.214.245.0/24 maxlen: 24
                          181.215.31.0/24 maxlen: 24
                          181.215.35.0/24 maxlen: 24
                          191.96.29.0/24 maxlen: 24
                          191.96.34.0/24 maxlen: 24
                          191.96.61.0/24 maxlen: 24
                          191.96.94.0/24 maxlen: 24
                          191.96.96.0/24 maxlen: 24
                          181.214.78.0/23 maxlen: 24
                          181.215.252.0/23 maxlen: 24
                          181.214.84.0/23 maxlen: 24
                          191.101.202.0/23 maxlen: 24
                          181.214.197.0/24 maxlen: 24
                          181.214.198.0/24 maxlen: 24
                          191.101.187.0/24 maxlen: 24
                          181.214.219.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1379169 (0x150b61)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce24136a35f10502f080a99eec6f12882d2f04fa
        Validity
            Not Before: May  2 03:00:00 2021 GMT
            Not After : May  2 03:00:00 2023 GMT
        Subject: CN=3fbf5a2c7146e265997d90c6f1090101a75b1bf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:5f:68:cc:a9:64:8e:23:a8:1a:27:93:b0:8f:
                    3f:d3:7a:f2:42:df:41:ec:21:f0:67:67:d0:d0:1b:
                    4c:f3:8b:cd:4b:f6:b0:28:f9:1d:ad:8d:56:c5:09:
                    c7:d1:40:8b:80:59:c9:3e:34:cb:a7:63:2f:9a:84:
                    60:e4:89:91:67:29:4d:e2:2a:d9:ba:49:33:8a:41:
                    4e:a0:f8:db:94:41:ea:ec:3d:ba:ec:3b:1c:93:86:
                    72:a5:de:53:08:32:ed:5b:b8:35:16:8b:08:94:15:
                    5d:b1:a8:44:ec:66:88:83:65:81:87:65:63:c7:93:
                    f2:4e:cb:42:4f:85:75:4d:12:76:81:b6:a0:98:ee:
                    92:8a:04:96:7a:3e:b0:ed:82:40:ca:01:fa:2e:ba:
                    e8:2d:73:24:94:ba:ae:d5:99:10:7c:d7:15:50:47:
                    c3:a7:d1:fe:8b:7e:30:f0:2d:5c:68:e7:7e:2e:8b:
                    cc:0f:06:e8:40:33:bd:d1:ff:4f:b9:a0:aa:57:0d:
                    cd:f3:11:7a:c8:2d:b3:8b:61:00:6c:62:0e:a2:2b:
                    e1:b5:dc:fa:0c:81:33:73:09:14:41:5e:6f:ab:c5:
                    07:ae:88:8a:6e:8c:c7:1f:c4:36:c4:e5:5b:b2:28:
                    09:b1:b5:3a:8f:53:de:9b:a4:81:cf:40:9d:23:b4:
                    62:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:D4:63:8F:E8:C3:F3:AD:AF:D7:93:7D:48:D7:61:0F:D1:7A:08:C7
            X509v3 Authority Key Identifier:
                keyid:2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/3fbf5a2c7146e265997d90c6f1090101a75b1bf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/ce24136a35f10502f080a99eec6f12882d2f04fa.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.214.78.0/23
                  181.214.84.0/23
                  181.214.146.0/24
                  181.214.197.0-181.214.198.255
                  181.214.219.0/24
                  181.214.245.0/24
                  181.215.21.0/24
                  181.215.31.0/24
                  181.215.35.0/24
                  181.215.252.0/23
                  191.96.29.0/24
                  191.96.31.0/24
                  191.96.34.0/24
                  191.96.38.0/24
                  191.96.61.0-191.96.62.255
                  191.96.94.0/24
                  191.96.96.0/24
                  191.96.122.0/24
                  191.96.129.0/24
                  191.96.134.0/24
                  191.96.154.0/24
                  191.96.167.0/24
                  191.96.193.0/24
                  191.101.187.0/24
                  191.101.202.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2a:6c:a6:b7:b4:e1:9a:13:cb:d2:8e:4a:bb:07:ba:2b:58:7e:
         7b:f3:34:47:cc:80:a8:ad:37:18:c0:c3:7d:d0:30:63:b6:ed:
         d3:70:09:a5:a0:92:89:31:4e:d0:06:b9:0a:9a:30:d7:f8:35:
         42:a4:52:ab:eb:ee:8b:8d:a8:ea:54:0d:1a:0a:72:ff:ad:4c:
         f0:3b:8e:46:88:d9:c7:15:60:8a:cc:11:e7:0b:d9:ac:0e:71:
         d5:04:89:c4:a7:11:ec:59:b6:13:5e:4b:90:e0:2c:3d:e4:9a:
         bc:c8:1a:9a:c3:33:da:92:38:d7:54:5c:e2:37:fb:a3:d2:86:
         ef:6a:44:cc:26:27:9e:0d:7e:53:cd:51:fb:1c:9c:73:65:88:
         3d:31:15:54:00:65:bc:e7:db:81:89:a1:f5:f5:ea:05:8d:48:
         77:b5:af:0c:27:d6:e3:23:7d:f0:7d:a7:55:3e:9f:09:82:47:
         2e:55:3a:00:a5:8f:5c:da:82:b2:01:86:6f:84:61:47:96:62:
         cf:c3:df:41:05:34:ec:4e:f5:d6:0b:37:b6:a0:40:9a:bf:d3:
         8e:bb:28:e9:fb:3e:ac:ab:2b:6a:88:d4:9c:b4:0f:8c:68:f4:
         22:cb:42:0a:4f:65:8e:16:bc:dd:c3:8b:41:cb:76:9a:c1:94:
         43:ff:49:d0
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgIDFQthMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
MjQxMzZhMzVmMTA1MDJmMDgwYTk5ZWVjNmYxMjg4MmQyZjA0ZmEwHhcNMjEwNTAy
MDMwMDAwWhcNMjMwNTAyMDMwMDAwWjAzMTEwLwYDVQQDEygzZmJmNWEyYzcxNDZl
MjY1OTk3ZDkwYzZmMTA5MDEwMWE3NWIxYmY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkl9ozKlkjiOoGieTsI8/03ryQt9B7CHwZ2fQ0BtM84vNS/aw
KPkdrY1WxQnH0UCLgFnJPjTLp2MvmoRg5ImRZylN4irZukkzikFOoPjblEHq7D26
7Dsck4Zypd5TCDLtW7g1FosIlBVdsahE7GaIg2WBh2Vjx5PyTstCT4V1TRJ2gbag
mO6SigSWej6w7YJAygH6LrroLXMklLqu1ZkQfNcVUEfDp9H+i34w8C1caOd+LovM
DwboQDO90f9PuaCqVw3N8xF6yC2zi2EAbGIOoivhtdz6DIEzcwkUQV5vq8UHroiK
bozHH8Q2xOVbsigJsbU6j1Pem6SBz0CdI7RiKQIDAQABo4IDADCCAvwwHQYDVR0O
BBYEFHjUY4/ow/Otr9eTfUjXYQ/RegjHMB8GA1UdIwQYMBaAFCu/7xlfe0CD3zd7
L/vHe1DdEArjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2UyNDEz
NmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRmYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWVmNGIwNjYtZTRkMi00ZTUzLTgzOWUtOGJkZmZi
MTdhNTJiLzNmYmY1YTJjNzE0NmUyNjU5OTdkOTBjNmYxMDkwMTAxYTc1YjFiZjQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZWY0YjA2Ni1lNGQyLTRlNTMtODM5ZS04YmRm
ZmIxN2E1MmIvY2UyNDEzNmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRm
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBwwYIKwYBBQUHAQcBAf8E
gbMwgbAwga0EAgABMIGmAwQBtdZOAwQBtdZUAwQAtdaSMAwDBAC11sUDBAC11sYD
BAC11tsDBAC11vUDBAC11xUDBAC11x8DBAC11yMDBAG11/wDBAC/YB0DBAC/YB8D
BAC/YCIDBAC/YCYwDAMEAL9gPQMEAL9gPgMEAL9gXgMEAL9gYAMEAL9gegMEAL9g
gQMEAL9ghgMEAL9gmgMEAL9gpwMEAL9gwQMEAL9luwMEAb9lyjANBgkqhkiG9w0B
AQsFAAOCAQEAKmymt7ThmhPL0o5Kuwe6K1h+e/M0R8yAqK03GMDDfdAwY7bt03AJ
paCSiTFO0Aa5Cpow1/g1QqRSq+vui42o6lQNGgpy/61M8DuORojZxxVgiswR5wvZ
rA5x1QSJxKcR7Fm2E15LkOAsPeSavMgamsMz2pI411Rc4jf7o9KG72pEzCYnng1+
U81R+xycc2WIPTEVVABlvOfbgYmh9fXqBY1Id7WvDCfW4yN98H2nVT6fCYJHLlU6
AKWPXNqCsgGGb4RhR5Ziz8PfQQU07E711gs3tqBAmr/Tjrso6fs+rKsraojUnLQP
jGj0IstCCk9ljha83cOLQct2msGUQ/9J0A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:26 2023 by rpki-client on console-ams.rpki-client.org