Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1fffbf97-8a9a-4261-8e1d-53b5264f45de/82dfbf70cb36f788c25446754c22fdf8ba51c211.roa
File:                     82dfbf70cb36f788c25446754c22fdf8ba51c211.roa (raw, json)
Hash identifier:          t1jEMpEkytCW2yYTF9MsVoGll6FRvN2bMNartXOYtEw=
Subject key identifier:   FD:E1:0F:2B:43:E1:B0:CB:67:8B:D5:EC:8D:66:EF:E4:9A:70:97:09
Certificate issuer:       /CN=e1129399c2c45f18c2b3360cd94263772f9d4bca
Certificate serial:       200EBB
Authority key identifier: 68:72:6E:76:C4:05:6B:64:82:2B:65:F9:D8:76:91:0B:87:40:52:03
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e1129399c2c45f18c2b3360cd94263772f9d4bca.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1fffbf97-8a9a-4261-8e1d-53b5264f45de/82dfbf70cb36f788c25446754c22fdf8ba51c211.roa
Signing time:             Wed 12 Apr 2023 18:06:38 +0000
ROA not before:           Mon 22 Mar 2021 14:32:07 +0000
ROA not after:            Tue 24 Mar 2026 14:32:07 +0000
asID:                     28038
IP address blocks:        190.0.96.0/20 maxlen: 24
                          190.0.112.0/20 maxlen: 24
                          190.93.48.0/20 maxlen: 24
                          190.114.64.0/20 maxlen: 24
                          190.114.80.0/20 maxlen: 24
                          190.115.112.0/20 maxlen: 24
                          2803:5480::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2100923 (0x200ebb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1129399c2c45f18c2b3360cd94263772f9d4bca
        Validity
            Not Before: Mar 22 14:32:07 2021 GMT
            Not After : Mar 24 14:32:07 2026 GMT
        Subject: CN=82dfbf70cb36f788c25446754c22fdf8ba51c211
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:5e:84:02:b9:a4:46:86:86:9e:86:78:63:d0:
                    b0:1e:82:fe:66:e0:9f:a1:4c:4b:ef:8a:3d:26:71:
                    27:a8:de:bf:c6:27:c5:29:10:d7:62:e3:d7:72:db:
                    63:9b:40:c1:89:81:6d:c4:d5:12:14:80:a2:e3:72:
                    72:01:fe:25:ed:32:e1:e3:5b:24:97:f7:24:c2:05:
                    d5:35:82:fd:ee:93:54:3b:03:2e:df:8c:7c:7f:90:
                    1c:3d:d0:e5:52:a8:18:5b:9d:8e:1a:fb:5c:56:8c:
                    49:24:1c:50:be:58:f9:e6:be:b8:c7:7b:0e:4f:df:
                    1b:5a:36:ed:11:2f:c3:a8:e3:3e:73:51:bd:73:ea:
                    4a:b5:09:51:f6:93:b5:8d:6e:9a:34:2e:7f:e6:59:
                    62:d6:96:d1:e6:ee:88:ea:67:f8:bc:f8:44:a5:dc:
                    83:c2:14:de:00:17:32:ca:b4:68:f4:37:3c:59:5a:
                    b4:2c:77:c5:20:e5:37:bc:6b:38:8a:9e:f2:81:85:
                    6a:8c:e7:87:2f:71:4e:a2:47:83:4d:54:f5:8a:34:
                    98:31:e6:f1:4e:d2:c8:fc:af:ff:f3:f5:f0:c0:61:
                    00:85:eb:b1:d8:ec:3d:0b:78:e0:87:21:23:5c:fc:
                    85:be:c9:32:98:2e:df:8c:c6:65:9c:92:1d:92:73:
                    30:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:E1:0F:2B:43:E1:B0:CB:67:8B:D5:EC:8D:66:EF:E4:9A:70:97:09
            X509v3 Authority Key Identifier:
                keyid:68:72:6E:76:C4:05:6B:64:82:2B:65:F9:D8:76:91:0B:87:40:52:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e1129399c2c45f18c2b3360cd94263772f9d4bca.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1fffbf97-8a9a-4261-8e1d-53b5264f45de/82dfbf70cb36f788c25446754c22fdf8ba51c211.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1fffbf97-8a9a-4261-8e1d-53b5264f45de/e1129399c2c45f18c2b3360cd94263772f9d4bca.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.0.96.0/19
                  190.93.48.0/20
                  190.114.64.0/19
                  190.115.112.0/20
                IPv6:
                  2803:5480::/32

    Signature Algorithm: sha256WithRSAEncryption
         8b:ca:e5:56:51:a3:42:02:dd:56:00:d4:2a:df:03:d4:d2:64:
         97:49:9c:67:ba:11:c1:5a:be:28:39:23:96:d6:22:cf:72:ab:
         b8:25:cc:46:05:41:82:d7:39:37:7d:25:5c:94:6c:8f:e0:86:
         ae:bb:68:a5:fc:63:d9:56:31:9d:21:eb:10:d9:ad:f3:10:f0:
         52:de:f1:16:20:84:a8:c8:f5:cd:33:bf:c1:21:37:06:64:76:
         03:6a:7b:9c:b4:74:f1:66:e8:23:f2:17:74:44:18:83:87:32:
         48:fc:7b:07:e5:9f:bb:8e:c9:3b:72:94:d9:ab:02:df:39:9f:
         2e:27:59:5b:81:fe:11:a5:43:f3:59:6b:59:d8:59:4f:67:1e:
         46:d9:5e:a8:95:37:1b:b4:b2:9e:94:6f:b7:3f:92:46:7b:ba:
         04:6d:56:de:be:17:8c:d7:48:6b:cc:7f:0f:4c:87:c8:fc:03:
         dc:af:42:fb:aa:45:2a:ad:07:9e:8b:ed:18:32:28:f8:2d:0a:
         e6:b5:56:0e:1d:0d:91:4a:ef:d6:dd:90:5f:ad:af:3c:cd:eb:
         e5:eb:9d:8c:ab:91:ea:af:6d:64:da:20:7c:40:7a:83:ec:8c:
         98:03:9c:c0:a5:d2:b6:49:6f:00:da:da:da:49:76:34:14:69:
         af:ff:0e:50
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIDIA67MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGUx
MTI5Mzk5YzJjNDVmMThjMmIzMzYwY2Q5NDI2Mzc3MmY5ZDRiY2EwHhcNMjEwMzIy
MTQzMjA3WhcNMjYwMzI0MTQzMjA3WjAzMTEwLwYDVQQDEyg4MmRmYmY3MGNiMzZm
Nzg4YzI1NDQ2NzU0YzIyZmRmOGJhNTFjMjExMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlV6EArmkRoaGnoZ4Y9CwHoL+ZuCfoUxL74o9JnEnqN6/xifF
KRDXYuPXcttjm0DBiYFtxNUSFICi43JyAf4l7TLh41skl/ckwgXVNYL97pNUOwMu
34x8f5AcPdDlUqgYW52OGvtcVoxJJBxQvlj55r64x3sOT98bWjbtES/DqOM+c1G9
c+pKtQlR9pO1jW6aNC5/5lli1pbR5u6I6mf4vPhEpdyDwhTeABcyyrRo9Dc8WVq0
LHfFIOU3vGs4ip7ygYVqjOeHL3FOokeDTVT1ijSYMebxTtLI/K//8/XwwGEAheux
2Ow9C3jghyEjXPyFvskymC7fjMZlnJIdknMw8QIDAQABo4ICfDCCAngwHQYDVR0O
BBYEFP3hDytD4bDLZ4vV7I1m7+SacJcJMB8GA1UdIwQYMBaAFGhybnbEBWtkgitl
+dh2kQuHQFIDMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZTExMjkz
OTljMmM0NWYxOGMyYjMzNjBjZDk0MjYzNzcyZjlkNGJjYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWZmZmJmOTctOGE5YS00MjYxLThlMWQtNTNiNTI2
NGY0NWRlLzgyZGZiZjcwY2IzNmY3ODhjMjU0NDY3NTRjMjJmZGY4YmE1MWMyMTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZmZmYmY5Ny04YTlhLTQyNjEtOGUxZC01M2I1
MjY0ZjQ1ZGUvZTExMjkzOTljMmM0NWYxOGMyYjMzNjBjZDk0MjYzNzcyZjlkNGJj
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEBb4AYAMEBL5dMAMEBb5yQAMEBL5zcDANBAIAAjAHAwUAKANU
gDANBgkqhkiG9w0BAQsFAAOCAQEAi8rlVlGjQgLdVgDUKt8D1NJkl0mcZ7oRwVq+
KDkjltYiz3KruCXMRgVBgtc5N30lXJRsj+CGrrtopfxj2VYxnSHrENmt8xDwUt7x
FiCEqMj1zTO/wSE3BmR2A2p7nLR08WboI/IXdEQYg4cySPx7B+Wfu47JO3KU2asC
3zmfLidZW4H+EaVD81lrWdhZT2ceRtleqJU3G7SynpRvtz+SRnu6BG1W3r4XjNdI
a8x/D0yHyPwD3K9C+6pFKq0HnovtGDIo+C0K5rVWDh0NkUrv1t2QX62vPM3r5eud
jKuR6q9tZNogfEB6g+yMmAOcwKXStklvANra2kl2NBRpr/8OUA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:04 2024 by rpki-client on console-ams.rpki-client.org