Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/6040d5748edf26f9e9c58ba74f5e30167588ca8b.roa
File:                     6040d5748edf26f9e9c58ba74f5e30167588ca8b.roa (raw, json)
Hash identifier:          zP7j6ufcHdmaKz4BFl3I4jGy0ojHgjv24BxmD0QHgpI=
Subject key identifier:   1E:97:09:D6:62:7A:AE:43:3A:5E:52:66:BF:96:33:E8:AA:9D:C3:B5
Certificate issuer:       /CN=5494bd71484d106b75c5bedf4263f48281a4e409
Certificate serial:       1BB502
Authority key identifier: 4C:B6:BE:C7:78:41:99:EC:CA:F0:31:13:8A:C9:9A:2E:66:AB:83:DD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5494bd71484d106b75c5bedf4263f48281a4e409.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/6040d5748edf26f9e9c58ba74f5e30167588ca8b.roa
Signing time:             Wed 26 Oct 2022 00:19:58 +0000
ROA not before:           Fri 19 Mar 2021 14:46:11 +0000
ROA not after:            Tue 24 Mar 2026 14:46:11 +0000
asID:                     6147
IP address blocks:        181.64.0.0/15 maxlen: 24
                          181.66.0.0/15 maxlen: 24
                          190.40.0.0/14 maxlen: 24
                          190.232.0.0/13 maxlen: 24
                          200.4.192.0/18 maxlen: 18
                          200.4.192.0/19 maxlen: 24
                          200.4.224.0/19 maxlen: 24
                          200.10.64.0/19 maxlen: 24
                          200.37.0.0/16 maxlen: 16
                          200.37.0.0/19 maxlen: 24
                          200.37.32.0/19 maxlen: 24
                          200.37.64.0/19 maxlen: 24
                          200.37.96.0/19 maxlen: 24
                          200.37.128.0/19 maxlen: 24
                          200.37.160.0/19 maxlen: 24
                          200.37.192.0/19 maxlen: 24
                          200.37.224.0/19 maxlen: 24
                          200.48.0.0/16 maxlen: 24
                          200.60.0.0/16 maxlen: 24
                          200.106.0.0/18 maxlen: 24
                          200.106.64.0/18 maxlen: 24
                          200.107.128.0/18 maxlen: 24
                          200.121.0.0/17 maxlen: 24
                          200.121.128.0/17 maxlen: 24
                          201.230.0.0/17 maxlen: 24
                          201.230.128.0/17 maxlen: 24
                          201.240.0.0/17 maxlen: 24
                          201.240.128.0/17 maxlen: 24
                          170.79.36.0/22 maxlen: 24
                          201.131.220.0/22 maxlen: 24
                          2001:1388::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1815810 (0x1bb502)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5494bd71484d106b75c5bedf4263f48281a4e409
        Validity
            Not Before: Mar 19 14:46:11 2021 GMT
            Not After : Mar 24 14:46:11 2026 GMT
        Subject: CN=6040d5748edf26f9e9c58ba74f5e30167588ca8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:03:43:a4:aa:e7:61:9a:b1:bd:8e:64:28:2f:
                    1f:ac:56:4d:8e:e8:0b:b9:a8:0d:5b:8f:c3:f4:f2:
                    1e:de:85:1f:e4:49:ca:57:d4:e5:7a:68:25:4a:b8:
                    61:14:81:24:e8:5f:94:fb:d9:98:d5:70:b6:d9:65:
                    fe:09:45:04:3d:d1:52:c0:d3:b0:aa:64:c0:69:21:
                    9e:55:94:6e:9c:2c:5d:7d:2c:2b:be:5e:58:24:57:
                    c6:cd:db:e9:60:aa:27:fa:6d:c1:2f:b2:2c:e1:6a:
                    6a:6f:8b:ca:e1:42:43:ac:c8:6e:dc:a4:13:9a:65:
                    41:df:96:10:aa:0c:aa:70:a9:3b:f8:1c:3a:5f:9d:
                    52:1e:e6:45:1a:a4:6f:ba:ae:4a:cb:57:d6:6a:e4:
                    18:2b:4a:cd:73:74:a4:7e:0e:ad:59:2b:7d:a3:d9:
                    2b:aa:3a:09:32:7f:47:cc:dd:21:d8:df:fd:dc:a4:
                    da:00:5e:62:d0:c9:90:4f:2b:b7:af:c7:48:2b:86:
                    d1:b6:8f:21:96:84:00:bc:a0:5a:f3:9b:06:a6:de:
                    f9:86:a2:1d:70:7d:da:2e:13:86:24:66:4e:6c:9e:
                    a4:1e:5e:d5:1b:4d:fd:11:cb:5b:d8:1d:62:de:68:
                    33:cb:c5:89:eb:2a:ed:51:10:61:53:35:25:72:98:
                    49:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:97:09:D6:62:7A:AE:43:3A:5E:52:66:BF:96:33:E8:AA:9D:C3:B5
            X509v3 Authority Key Identifier:
                keyid:4C:B6:BE:C7:78:41:99:EC:CA:F0:31:13:8A:C9:9A:2E:66:AB:83:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5494bd71484d106b75c5bedf4263f48281a4e409.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/6040d5748edf26f9e9c58ba74f5e30167588ca8b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/5494bd71484d106b75c5bedf4263f48281a4e409.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.79.36.0/22
                  181.64.0.0/14
                  190.40.0.0/14
                  190.232.0.0/13
                  200.4.192.0/18
                  200.10.64.0/19
                  200.37.0.0/16
                  200.48.0.0/16
                  200.60.0.0/16
                  200.106.0.0/17
                  200.107.128.0/18
                  200.121.0.0/16
                  201.131.220.0/22
                  201.230.0.0/16
                  201.240.0.0/16
                IPv6:
                  2001:1388::/32

    Signature Algorithm: sha256WithRSAEncryption
         86:3a:ed:35:b2:2e:47:6d:e0:dd:83:6d:b5:a0:8d:70:e7:57:
         30:b4:70:d0:6c:c9:d6:08:32:1a:bc:f1:c3:70:74:97:4b:16:
         11:8a:fc:54:83:10:49:e5:34:97:8a:75:50:4c:52:28:2c:2e:
         67:c1:9e:3e:dd:3e:0e:31:b0:27:3f:fc:0f:59:2d:ce:07:89:
         44:63:c9:6c:b0:ce:24:94:17:12:87:97:47:ac:b5:7d:2d:b2:
         e1:ac:24:26:a0:00:5e:ac:6d:6d:b8:80:b8:d0:c5:ec:ed:bd:
         36:6e:2e:81:e7:6d:7c:03:cb:54:bf:4e:86:ce:3d:9e:5f:37:
         ff:1a:12:19:a5:78:a5:ee:af:2d:e4:b9:71:b0:99:46:f2:b8:
         51:16:2a:32:7f:58:6b:3c:7e:f8:fc:25:8f:4f:ad:7f:6f:5a:
         7b:db:56:76:4b:d3:25:e6:3a:98:c2:f7:2d:19:fd:4f:09:15:
         2e:07:c7:bb:a7:41:10:f0:dc:30:ab:05:23:42:9c:2a:6c:e2:
         01:1c:79:74:fd:49:4f:0c:48:7a:aa:20:d4:0d:94:54:57:21:
         4c:81:ec:e9:52:94:84:ff:1a:62:8a:2c:af:8a:66:72:4a:89:
         5c:6f:1f:e7:b7:67:14:38:5d:7e:c9:fb:74:ce:65:58:8c:01:
         ca:24:98:84
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDG7UCMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU0
OTRiZDcxNDg0ZDEwNmI3NWM1YmVkZjQyNjNmNDgyODFhNGU0MDkwHhcNMjEwMzE5
MTQ0NjExWhcNMjYwMzI0MTQ0NjExWjAzMTEwLwYDVQQDEyg2MDQwZDU3NDhlZGYy
NmY5ZTljNThiYTc0ZjVlMzAxNjc1ODhjYThiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmQNDpKrnYZqxvY5kKC8frFZNjugLuagNW4/D9PIe3oUf5EnK
V9TlemglSrhhFIEk6F+U+9mY1XC22WX+CUUEPdFSwNOwqmTAaSGeVZRunCxdfSwr
vl5YJFfGzdvpYKon+m3BL7Is4Wpqb4vK4UJDrMhu3KQTmmVB35YQqgyqcKk7+Bw6
X51SHuZFGqRvuq5Ky1fWauQYK0rNc3Skfg6tWSt9o9krqjoJMn9HzN0h2N/93KTa
AF5i0MmQTyu3r8dIK4bRto8hloQAvKBa85sGpt75hqIdcH3aLhOGJGZObJ6kHl7V
G039Ectb2B1i3mgzy8WJ6yrtURBhUzUlcphJ4QIDAQABo4ICtTCCArEwHQYDVR0O
BBYEFB6XCdZieq5DOl5SZr+WM+iqncO1MB8GA1UdIwQYMBaAFEy2vsd4QZnsyvAx
E4rJmi5mq4PdMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTQ5NGJk
NzE0ODRkMTA2Yjc1YzViZWRmNDI2M2Y0ODI4MWE0ZTQwOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjc5N2IyZjAtZTVkYS00MTZjLWE4ZDYtYTYxZGMx
MDJhNDQxLzYwNDBkNTc0OGVkZjI2ZjllOWM1OGJhNzRmNWUzMDE2NzU4OGNhOGIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNzk3YjJmMC1lNWRhLTQxNmMtYThkNi1hNjFk
YzEwMmE0NDEvNTQ5NGJkNzE0ODRkMTA2Yjc1YzViZWRmNDI2M2Y0ODI4MWE0ZTQw
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5BggrBgEFBQcBBwEB/wRq
MGgwVwQCAAEwUQMEAqpPJAMDArVAAwMCvigDAwO+6AMEBsgEwAMEBcgKQAMDAMgl
AwMAyDADAwDIPAMEB8hqAAMEBshrgAMDAMh5AwQCyYPcAwMAyeYDAwDJ8DANBAIA
AjAHAwUAIAETiDANBgkqhkiG9w0BAQsFAAOCAQEAhjrtNbIuR23g3YNttaCNcOdX
MLRw0GzJ1ggyGrzxw3B0l0sWEYr8VIMQSeU0l4p1UExSKCwuZ8GePt0+DjGwJz/8
D1ktzgeJRGPJbLDOJJQXEoeXR6y1fS2y4awkJqAAXqxtbbiAuNDF7O29Nm4ugedt
fAPLVL9Ohs49nl83/xoSGaV4pe6vLeS5cbCZRvK4URYqMn9Yazx++Pwlj0+tf29a
e9tWdkvTJeY6mML3LRn9TwkVLgfHu6dBEPDcMKsFI0KcKmziARx5dP1JTwxIeqog
1A2UVFchTIHs6VKUhP8aYoosr4pmckqJXG8f57dnFDhdfsn7dM5lWIwByiSYhA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:05 2024 by rpki-client on console-ams.rpki-client.org