Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/4c60666d2594984990e6db2f86de147ee1d66695.roa
File:                     4c60666d2594984990e6db2f86de147ee1d66695.roa (raw, json)
Hash identifier:          vM/1NIBIZz5LgICMARVcjU7X7LV4skYcIM4htne1L4s=
Subject key identifier:   14:E8:DE:80:23:2D:2E:54:55:CD:23:A3:FE:D1:9D:FB:38:F3:7E:08
Certificate issuer:       /CN=ce24136a35f10502f080a99eec6f12882d2f04fa
Certificate serial:       10AD7E
Authority key identifier: 2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/4c60666d2594984990e6db2f86de147ee1d66695.roa
Signing time:             Wed 03 Nov 2021 16:43:41 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     397373
IP address blocks:        181.214.217.0/24 maxlen: 24
                          181.215.249.0/24 maxlen: 24
                          181.215.5.0/24 maxlen: 24
                          191.96.194.0/24 maxlen: 24
                          191.96.221.0/24 maxlen: 24
                          191.96.131.0/24 maxlen: 24
                          191.101.16.0/24 maxlen: 24
                          191.96.32.0/24 maxlen: 24
                          191.96.101.0/24 maxlen: 24
                          179.61.252.0/24 maxlen: 24
                          181.214.47.0/24 maxlen: 24
                          191.96.177.0/24 maxlen: 24
                          191.96.246.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1092990 (0x10ad7e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce24136a35f10502f080a99eec6f12882d2f04fa
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=4c60666d2594984990e6db2f86de147ee1d66695
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:7e:81:06:06:e1:64:d5:95:b7:4b:92:94:35:
                    e2:98:7c:a1:2a:57:b3:d3:6e:20:07:f9:4e:72:be:
                    4d:9e:0d:61:fc:f9:86:17:ff:c1:85:d2:c2:a8:df:
                    24:04:d3:5d:a4:43:b8:50:46:cd:ff:ba:92:0f:a2:
                    91:d0:f0:f7:a0:05:57:bb:d0:80:f5:42:5a:ff:a1:
                    b6:86:ff:67:4a:14:7c:f3:e2:5c:11:b0:8d:dd:03:
                    17:d0:29:c9:8d:e9:c8:7e:46:75:1c:71:ff:fc:25:
                    24:08:ae:6a:8a:a8:a3:b4:f4:3f:cf:9f:24:d4:34:
                    ed:84:26:af:97:b8:75:ad:94:9b:92:cb:2a:9a:e6:
                    fc:80:f7:2e:3b:05:a8:33:e6:d9:9e:7e:2c:95:ef:
                    e2:aa:da:a5:59:df:ab:2a:e6:f4:b8:25:36:42:65:
                    52:d9:1c:c3:ab:0e:78:b0:88:fd:62:cf:2a:bb:ac:
                    3f:31:ec:91:d0:e2:9a:94:9c:b3:8b:08:cd:9d:56:
                    3e:5e:71:bb:79:e1:7c:a2:a5:30:3a:1b:d2:27:5b:
                    89:ce:41:53:49:d7:78:f4:f3:93:68:2d:b8:14:23:
                    18:8d:ea:c3:d6:42:26:64:d9:b6:fc:cd:cb:cb:53:
                    a5:c4:f7:11:a7:0c:7f:ed:66:b5:81:66:62:05:7e:
                    40:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:E8:DE:80:23:2D:2E:54:55:CD:23:A3:FE:D1:9D:FB:38:F3:7E:08
            X509v3 Authority Key Identifier:
                keyid:2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/4c60666d2594984990e6db2f86de147ee1d66695.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/ce24136a35f10502f080a99eec6f12882d2f04fa.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.252.0/24
                  181.214.47.0/24
                  181.214.217.0/24
                  181.215.5.0/24
                  181.215.249.0/24
                  191.96.32.0/24
                  191.96.101.0/24
                  191.96.131.0/24
                  191.96.177.0/24
                  191.96.194.0/24
                  191.96.221.0/24
                  191.96.246.0/24
                  191.101.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:34:83:a9:8e:e0:3d:bb:be:7d:fd:5d:07:48:1e:69:68:82:
         52:d2:df:b8:b2:01:34:d1:7d:3b:85:db:e1:2c:70:d2:18:4a:
         5a:99:61:6f:df:0b:1b:16:47:a2:60:9c:29:17:80:c4:4b:06:
         a8:bd:a0:bf:a8:36:f2:f1:ec:cc:ff:ae:af:6f:fa:5b:b8:7c:
         ab:f2:f3:7e:d1:0a:96:d8:08:73:0c:41:63:51:2d:07:8b:1c:
         62:06:ab:ea:71:19:85:ca:b0:2a:e3:3f:25:0c:9a:52:e7:93:
         7c:52:81:7e:42:9d:ad:3a:c5:22:01:76:a4:a1:f1:1f:e1:9d:
         61:23:7d:b4:01:d9:de:6c:62:d7:05:9f:0b:eb:be:56:12:19:
         63:1b:53:a6:31:a9:43:ef:71:f3:a8:1a:6b:ba:29:0e:99:17:
         0f:ee:56:e1:c9:c5:3a:c7:09:a9:7f:52:1b:d6:a5:ab:aa:25:
         8c:b0:ac:48:ae:44:0e:f9:47:8d:bd:c8:ff:f5:6e:b6:0a:64:
         43:5e:59:2a:05:0e:6b:53:ff:82:01:22:11:4c:4f:00:0e:b9:
         75:54:c9:4f:56:e0:ea:b1:15:fd:b6:00:e3:40:6c:91:60:b8:
         ce:40:06:31:9f:d4:66:3e:99:17:4b:44:fa:38:22:eb:6c:5b:
         6c:d1:85:6b
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIDEK1+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
MjQxMzZhMzVmMTA1MDJmMDgwYTk5ZWVjNmYxMjg4MmQyZjA0ZmEwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg0YzYwNjY2ZDI1OTQ5
ODQ5OTBlNmRiMmY4NmRlMTQ3ZWUxZDY2Njk1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmn6BBgbhZNWVt0uSlDXimHyhKlez024gB/lOcr5Nng1h/PmG
F//BhdLCqN8kBNNdpEO4UEbN/7qSD6KR0PD3oAVXu9CA9UJa/6G2hv9nShR88+Jc
EbCN3QMX0CnJjenIfkZ1HHH//CUkCK5qiqijtPQ/z58k1DTthCavl7h1rZSbkssq
mub8gPcuOwWoM+bZnn4sle/iqtqlWd+rKub0uCU2QmVS2RzDqw54sIj9Ys8qu6w/
MeyR0OKalJyziwjNnVY+XnG7eeF8oqUwOhvSJ1uJzkFTSdd49POTaC24FCMYjerD
1kImZNm2/M3Ly1OlxPcRpwx/7Wa1gWZiBX5APQIDAQABo4ICozCCAp8wHQYDVR0O
BBYEFBTo3oAjLS5UVc0jo/7Rnfs4834IMB8GA1UdIwQYMBaAFCu/7xlfe0CD3zd7
L/vHe1DdEArjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2UyNDEz
NmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRmYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWVmNGIwNjYtZTRkMi00ZTUzLTgzOWUtOGJkZmZi
MTdhNTJiLzRjNjA2NjZkMjU5NDk4NDk5MGU2ZGIyZjg2ZGUxNDdlZTFkNjY2OTUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZWY0YjA2Ni1lNGQyLTRlNTMtODM5ZS04YmRm
ZmIxN2E1MmIvY2UyNDEzNmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRm
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRY
MFYwVAQCAAEwTgMEALM9/AMEALXWLwMEALXW2QMEALXXBQMEALXX+QMEAL9gIAME
AL9gZQMEAL9ggwMEAL9gsQMEAL9gwgMEAL9g3QMEAL9g9gMEAL9lEDANBgkqhkiG
9w0BAQsFAAOCAQEAaTSDqY7gPbu+ff1dB0geaWiCUtLfuLIBNNF9O4Xb4Sxw0hhK
Wplhb98LGxZHomCcKReAxEsGqL2gv6g28vHszP+ur2/6W7h8q/LzftEKltgIcwxB
Y1EtB4scYgar6nEZhcqwKuM/JQyaUueTfFKBfkKdrTrFIgF2pKHxH+GdYSN9tAHZ
3mxi1wWfC+u+VhIZYxtTpjGpQ+9x86gaa7opDpkXD+5W4cnFOscJqX9SG9alq6ol
jLCsSK5EDvlHjb3I//VutgpkQ15ZKgUOa1P/ggEiEUxPAA65dVTJT1bg6rEV/bYA
40BskWC4zkAGMZ/UZj6ZF0tE+jgi62xbbNGFaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:23 2024 by rpki-client on console-fra.rpki-client.org