Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/9817de0557c164a9677a14975cca3e232e438634.roa
File:                     9817de0557c164a9677a14975cca3e232e438634.roa (raw, json)
Hash identifier:          II+Mio9wUeY3uypR6ZK34jzoE1P15F95XQRriyzEFLc=
Subject key identifier:   00:A6:2C:C5:B2:32:25:7E:DD:18:02:BC:46:2C:FA:C9:A6:D3:4A:58
Certificate issuer:       /CN=ce24136a35f10502f080a99eec6f12882d2f04fa
Certificate serial:       15027B
Authority key identifier: 2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/9817de0557c164a9677a14975cca3e232e438634.roa
Signing time:             Thu 27 Jan 2022 12:08:02 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     212238
IP address blocks:        191.101.34.0/24 maxlen: 24
                          191.101.183.0/24 maxlen: 24
                          191.101.254.0/24 maxlen: 24
                          191.101.35.0/24 maxlen: 24
                          179.61.202.0/24 maxlen: 24
                          181.214.235.0/24 maxlen: 24
                          179.61.193.0/24 maxlen: 24
                          191.101.128.0/24 maxlen: 24
                          191.96.212.0/24 maxlen: 24
                          181.214.139.0/24 maxlen: 24
                          191.101.196.0/24 maxlen: 24
                          191.101.197.0/24 maxlen: 24
                          181.214.9.0/24 maxlen: 24
                          181.215.177.0/24 maxlen: 24
                          181.215.179.0/24 maxlen: 24
                          181.214.82.0/24 maxlen: 24
                          181.215.1.0/24 maxlen: 24
                          181.215.175.0/24 maxlen: 24
                          181.215.188.0/24 maxlen: 24
                          181.214.138.0/24 maxlen: 24
                          191.96.77.0/24 maxlen: 24
                          191.96.74.0/24 maxlen: 24
                          191.96.138.0/24 maxlen: 24
                          181.215.214.0/24 maxlen: 24
                          181.214.143.0/24 maxlen: 24
                          191.96.67.0/24 maxlen: 24
                          181.214.227.0/24 maxlen: 24
                          191.96.227.0/24 maxlen: 24
                          191.101.30.0/24 maxlen: 24
                          191.101.216.0/24 maxlen: 24
                          181.214.86.0/24 maxlen: 24
                          181.214.255.0/24 maxlen: 24
                          191.101.133.0/24 maxlen: 24
                          181.214.88.0/24 maxlen: 24
                          179.61.224.0/24 maxlen: 24
                          191.96.205.0/24 maxlen: 24
                          181.214.144.0/24 maxlen: 24
                          181.214.222.0/24 maxlen: 24
                          181.215.160.0/24 maxlen: 24
                          181.214.145.0/24 maxlen: 24
                          181.215.161.0/24 maxlen: 24
                          181.214.78.0/24 maxlen: 24
                          181.214.228.0/24 maxlen: 24
                          179.61.220.0/24 maxlen: 24
                          181.215.224.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1376891 (0x15027b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce24136a35f10502f080a99eec6f12882d2f04fa
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=9817de0557c164a9677a14975cca3e232e438634
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:10:84:ce:43:63:fd:85:28:b7:00:3f:70:d3:
                    e9:28:6f:3b:5d:50:7b:73:71:ef:af:b7:3c:2b:4a:
                    b1:6b:34:56:7e:81:21:ac:f2:6e:9d:3f:f5:ee:35:
                    83:1e:60:1c:c0:1d:70:68:0d:27:da:21:46:a7:5d:
                    e5:35:50:87:ea:55:7a:91:ec:25:49:99:c8:7d:ae:
                    7f:7d:16:6f:22:35:04:ea:06:2e:78:db:42:38:52:
                    bb:e8:b2:06:74:5b:df:4f:af:44:c4:0f:ae:91:6c:
                    d8:06:66:d4:95:c4:e3:08:9f:ff:63:54:49:61:85:
                    b6:2f:bb:be:c2:46:75:3e:ae:42:df:3c:78:2c:95:
                    69:a8:e5:ca:af:14:2b:7c:50:f7:00:15:6f:14:2d:
                    58:c2:77:c4:14:3b:28:43:b2:18:8a:cf:8d:3e:2f:
                    aa:cd:e9:0c:e3:2e:b5:30:81:8f:43:ee:d9:57:c9:
                    8e:0c:44:c9:cc:67:5d:73:0c:c5:75:73:8a:10:ca:
                    49:47:13:e9:31:b9:36:bb:b6:f9:67:e4:8e:fe:5d:
                    61:07:f7:34:29:60:45:e7:1c:5c:fe:34:ad:34:9d:
                    15:25:a6:8b:ca:e0:f8:86:ed:46:bf:98:c9:18:58:
                    e2:2d:3f:ba:e5:85:0b:f6:0a:fe:17:bb:f2:6d:7d:
                    20:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:A6:2C:C5:B2:32:25:7E:DD:18:02:BC:46:2C:FA:C9:A6:D3:4A:58
            X509v3 Authority Key Identifier:
                keyid:2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/9817de0557c164a9677a14975cca3e232e438634.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/ce24136a35f10502f080a99eec6f12882d2f04fa.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.193.0/24
                  179.61.202.0/24
                  179.61.220.0/24
                  179.61.224.0/24
                  181.214.9.0/24
                  181.214.78.0/24
                  181.214.82.0/24
                  181.214.86.0/24
                  181.214.88.0/24
                  181.214.138.0/23
                  181.214.143.0-181.214.145.255
                  181.214.222.0/24
                  181.214.227.0-181.214.228.255
                  181.214.235.0/24
                  181.214.255.0/24
                  181.215.1.0/24
                  181.215.160.0/23
                  181.215.175.0/24
                  181.215.177.0/24
                  181.215.179.0/24
                  181.215.188.0/24
                  181.215.214.0/24
                  181.215.224.0/24
                  191.96.67.0/24
                  191.96.74.0/24
                  191.96.77.0/24
                  191.96.138.0/24
                  191.96.205.0/24
                  191.96.212.0/24
                  191.96.227.0/24
                  191.101.30.0/24
                  191.101.34.0/23
                  191.101.128.0/24
                  191.101.133.0/24
                  191.101.183.0/24
                  191.101.196.0/23
                  191.101.216.0/24
                  191.101.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:ce:6a:f1:87:70:42:c8:ad:4f:fa:24:37:8e:2d:6b:ce:56:
         1c:bd:72:ae:1a:13:71:d1:ba:07:a1:b5:eb:30:22:db:54:68:
         ab:48:13:3f:bf:44:05:6d:8f:70:19:19:5e:d3:c3:b1:ba:3d:
         34:0f:28:81:fc:e3:01:c9:20:cc:3a:19:83:31:aa:78:61:56:
         ce:b9:af:e6:78:9c:92:b0:f5:4d:7b:b2:82:e5:cd:0f:3f:e8:
         ed:9a:f4:2a:b6:b0:4a:85:8b:8e:5e:d8:a6:f6:ea:2a:f4:fa:
         4a:f1:88:07:85:56:bb:68:94:72:91:63:92:ab:ea:35:52:d2:
         54:73:7e:5b:68:4e:6d:7a:96:55:a2:3b:f3:0b:01:5b:01:98:
         91:7c:30:df:89:2b:3e:8f:a0:b4:c4:65:12:ab:bc:a0:22:b3:
         e4:bc:93:6d:93:87:c9:f1:c6:9b:9b:e5:2f:c5:b0:3a:1f:fd:
         68:55:44:06:83:35:b7:64:9d:79:83:8e:32:f8:48:b3:41:a4:
         8d:41:d4:06:45:a6:e4:f0:f4:7d:a1:4d:77:91:91:3e:6b:64:
         a4:cc:32:ea:03:b3:d3:a9:0c:f3:22:15:25:77:c5:8d:b3:2b:
         f9:50:a0:e5:22:65:ad:45:29:fa:9c:90:96:44:be:59:0c:e8:
         b8:54:b4:10
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIDFQJ7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
MjQxMzZhMzVmMTA1MDJmMDgwYTk5ZWVjNmYxMjg4MmQyZjA0ZmEwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg5ODE3ZGUwNTU3YzE2
NGE5Njc3YTE0OTc1Y2NhM2UyMzJlNDM4NjM0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvxCEzkNj/YUotwA/cNPpKG87XVB7c3Hvr7c8K0qxazRWfoEh
rPJunT/17jWDHmAcwB1waA0n2iFGp13lNVCH6lV6kewlSZnIfa5/fRZvIjUE6gYu
eNtCOFK76LIGdFvfT69ExA+ukWzYBmbUlcTjCJ//Y1RJYYW2L7u+wkZ1Pq5C3zx4
LJVpqOXKrxQrfFD3ABVvFC1YwnfEFDsoQ7IYis+NPi+qzekM4y61MIGPQ+7ZV8mO
DETJzGddcwzFdXOKEMpJRxPpMbk2u7b5Z+SO/l1hB/c0KWBF5xxc/jStNJ0VJaaL
yuD4hu1Gv5jJGFjiLT+65YUL9gr+F7vybX0gSQIDAQABo4IDUDCCA0wwHQYDVR0O
BBYEFACmLMWyMiV+3RgCvEYs+smm00pYMB8GA1UdIwQYMBaAFCu/7xlfe0CD3zd7
L/vHe1DdEArjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2UyNDEz
NmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRmYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWVmNGIwNjYtZTRkMi00ZTUzLTgzOWUtOGJkZmZi
MTdhNTJiLzk4MTdkZTA1NTdjMTY0YTk2NzdhMTQ5NzVjY2EzZTIzMmU0Mzg2MzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZWY0YjA2Ni1lNGQyLTRlNTMtODM5ZS04YmRm
ZmIxN2E1MmIvY2UyNDEzNmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRm
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCARIGCCsGAQUFBwEHAQH/
BIIBATCB/jCB+wQCAAEwgfQDBACzPcEDBACzPcoDBACzPdwDBACzPeADBAC11gkD
BAC11k4DBAC11lIDBAC11lYDBAC11lgDBAG11oowDAMEALXWjwMEAbXWkAMEALXW
3jAMAwQAtdbjAwQAtdbkAwQAtdbrAwQAtdb/AwQAtdcBAwQBtdegAwQAtdevAwQA
tdexAwQAtdezAwQAtde8AwQAtdfWAwQAtdfgAwQAv2BDAwQAv2BKAwQAv2BNAwQA
v2CKAwQAv2DNAwQAv2DUAwQAv2DjAwQAv2UeAwQBv2UiAwQAv2WAAwQAv2WFAwQA
v2W3AwQBv2XEAwQAv2XYAwQAv2X+MA0GCSqGSIb3DQEBCwUAA4IBAQCRzmrxh3BC
yK1P+iQ3ji1rzlYcvXKuGhNx0boHobXrMCLbVGirSBM/v0QFbY9wGRle08Oxuj00
DyiB/OMBySDMOhmDMap4YVbOua/meJySsPVNe7KC5c0PP+jtmvQqtrBKhYuOXtim
9uoq9PpK8YgHhVa7aJRykWOSq+o1UtJUc35baE5tepZVojvzCwFbAZiRfDDfiSs+
j6C0xGUSq7ygIrPkvJNtk4fJ8cabm+UvxbA6H/1oVUQGgzW3ZJ15g44y+EizQaSN
QdQGRabk8PR9oU13kZE+a2SkzDLqA7PTqQzzIhUld8WNsyv5UKDlImWtRSn6nJCW
RL5ZDOi4VLQQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:11 2023 by rpki-client on console-fra.rpki-client.org