Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/ca7a5a0f6c544cba822d0273ad42101ea119e15b.roa
File:                     ca7a5a0f6c544cba822d0273ad42101ea119e15b.roa (raw, json)
Hash identifier:          UOnxfjO2oX/Vv447tFeIsNMEgF0si8zZSia/tc75XHg=
Subject key identifier:   5F:CD:E2:CD:F6:53:D5:1C:A5:53:EB:6C:21:03:99:4D:60:C4:71:02
Certificate issuer:       /CN=5494bd71484d106b75c5bedf4263f48281a4e409
Certificate serial:       1A160B
Authority key identifier: 4C:B6:BE:C7:78:41:99:EC:CA:F0:31:13:8A:C9:9A:2E:66:AB:83:DD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5494bd71484d106b75c5bedf4263f48281a4e409.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/ca7a5a0f6c544cba822d0273ad42101ea119e15b.roa
Signing time:             Fri 26 Aug 2022 17:18:55 +0000
ROA not before:           Wed 24 Mar 2021 14:46:11 +0000
ROA not after:            Tue 24 Mar 2026 14:46:11 +0000
asID:                     6147
IP address blocks:        181.64.0.0/15 maxlen: 24
                          181.66.0.0/15 maxlen: 24
                          190.40.0.0/14 maxlen: 24
                          190.232.0.0/13 maxlen: 24
                          200.4.192.0/18 maxlen: 24
                          200.10.64.0/19 maxlen: 24
                          200.37.0.0/16 maxlen: 24
                          200.48.0.0/16 maxlen: 24
                          200.60.0.0/16 maxlen: 24
                          200.106.0.0/18 maxlen: 24
                          200.106.64.0/18 maxlen: 24
                          200.107.128.0/18 maxlen: 24
                          200.121.0.0/17 maxlen: 24
                          200.121.128.0/17 maxlen: 24
                          201.230.0.0/17 maxlen: 24
                          201.230.128.0/17 maxlen: 24
                          201.240.0.0/17 maxlen: 24
                          201.240.128.0/17 maxlen: 24
                          170.79.36.0/22 maxlen: 24
                          201.131.220.0/22 maxlen: 24
                          2001:1388::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1709579 (0x1a160b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5494bd71484d106b75c5bedf4263f48281a4e409
        Validity
            Not Before: Mar 24 14:46:11 2021 GMT
            Not After : Mar 24 14:46:11 2026 GMT
        Subject: CN=ca7a5a0f6c544cba822d0273ad42101ea119e15b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:bc:11:cb:d7:f1:c7:68:b6:10:b4:e7:0a:14:
                    46:49:fa:2b:57:04:8c:de:3b:45:a2:c3:ca:77:0d:
                    ad:1b:99:8e:62:46:f4:73:b9:66:fe:41:27:fb:d0:
                    71:8b:5f:90:70:44:0c:73:f7:a4:83:8c:a0:c8:5b:
                    5b:ea:96:01:c3:f8:d4:59:1b:2a:fe:fc:1d:28:1a:
                    b6:4e:3a:d9:54:97:24:cc:85:6a:78:8a:77:e8:ac:
                    b7:c1:bf:2f:fa:3a:3c:9e:51:9a:6e:e3:77:5f:6a:
                    ce:05:cb:4a:9d:2e:42:da:6d:e8:bd:48:ff:d7:89:
                    d5:22:bb:a2:31:d8:d6:57:c6:58:e8:22:be:cd:f0:
                    1d:79:6a:b6:3f:56:07:11:94:58:2a:96:31:2b:5f:
                    f9:a1:21:fc:14:9f:87:d9:a3:5e:e5:c4:8f:8a:b7:
                    e1:d6:0b:23:98:db:b4:68:3d:7a:4d:df:33:9a:53:
                    f9:d7:1a:62:f3:18:55:47:1b:bb:9f:ad:bd:e9:02:
                    be:08:9e:92:e4:c8:33:9d:33:bc:f6:b0:af:12:f6:
                    c0:bf:13:97:e1:9d:e5:8f:c0:77:0f:de:6e:c7:2c:
                    0f:76:b1:c8:e8:cb:ce:06:63:77:18:83:1d:1b:f3:
                    21:c0:42:fc:3e:24:fb:10:31:64:9d:50:96:07:f6:
                    5a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:CD:E2:CD:F6:53:D5:1C:A5:53:EB:6C:21:03:99:4D:60:C4:71:02
            X509v3 Authority Key Identifier:
                keyid:4C:B6:BE:C7:78:41:99:EC:CA:F0:31:13:8A:C9:9A:2E:66:AB:83:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5494bd71484d106b75c5bedf4263f48281a4e409.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/ca7a5a0f6c544cba822d0273ad42101ea119e15b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2797b2f0-e5da-416c-a8d6-a61dc102a441/5494bd71484d106b75c5bedf4263f48281a4e409.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.79.36.0/22
                  181.64.0.0/14
                  190.40.0.0/14
                  190.232.0.0/13
                  200.4.192.0/18
                  200.10.64.0/19
                  200.37.0.0/16
                  200.48.0.0/16
                  200.60.0.0/16
                  200.106.0.0/17
                  200.107.128.0/18
                  200.121.0.0/16
                  201.131.220.0/22
                  201.230.0.0/16
                  201.240.0.0/16
                IPv6:
                  2001:1388::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:e5:55:67:d8:74:0f:a0:30:10:e9:c0:3a:a0:66:60:c2:46:
         36:74:a4:11:5e:a0:39:2a:2d:99:72:b7:7f:c4:0c:93:f0:0b:
         84:a8:43:91:38:1b:67:b2:7d:e5:e5:29:52:74:75:1c:34:cb:
         c5:0d:48:e5:93:f4:1d:de:37:17:4e:9c:e8:ab:1f:9f:92:b0:
         24:5b:3d:58:b3:db:7e:ee:1e:a2:00:6c:30:2d:4a:5b:9b:c3:
         83:d9:86:40:d1:5a:8d:57:28:fd:a9:a1:47:f6:d9:2b:f7:f3:
         00:7a:1a:39:cd:13:76:54:64:4c:f5:f8:83:85:98:94:b1:3a:
         8d:ae:0b:a7:c5:e8:30:02:9d:af:62:d9:78:86:b7:c3:ee:09:
         2c:d0:20:d6:52:ea:f6:8a:b3:88:c1:cc:57:46:8a:3b:da:67:
         a6:86:14:d9:65:db:a3:d4:99:3e:37:99:d5:51:38:89:78:0a:
         5e:2e:90:73:8a:af:27:5c:80:e1:99:42:b0:b6:ee:48:84:08:
         e3:8c:6e:c6:b1:dc:fc:b1:79:8c:87:dc:bf:45:64:c0:e9:e7:
         0e:e5:66:e9:8e:88:4b:ec:5f:b4:22:19:bd:48:ef:21:73:57:
         eb:2e:85:2e:b2:f9:01:6c:54:3d:64:25:30:7c:94:cc:c6:8c:
         90:17:13:3d
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDGhYLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU0
OTRiZDcxNDg0ZDEwNmI3NWM1YmVkZjQyNjNmNDgyODFhNGU0MDkwHhcNMjEwMzI0
MTQ0NjExWhcNMjYwMzI0MTQ0NjExWjAzMTEwLwYDVQQDEyhjYTdhNWEwZjZjNTQ0
Y2JhODIyZDAyNzNhZDQyMTAxZWExMTllMTViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjrwRy9fxx2i2ELTnChRGSforVwSM3jtFosPKdw2tG5mOYkb0
c7lm/kEn+9Bxi1+QcEQMc/ekg4ygyFtb6pYBw/jUWRsq/vwdKBq2TjrZVJckzIVq
eIp36Ky3wb8v+jo8nlGabuN3X2rOBctKnS5C2m3ovUj/14nVIruiMdjWV8ZY6CK+
zfAdeWq2P1YHEZRYKpYxK1/5oSH8FJ+H2aNe5cSPirfh1gsjmNu0aD16Td8zmlP5
1xpi8xhVRxu7n6296QK+CJ6S5MgznTO89rCvEvbAvxOX4Z3lj8B3D95uxywPdrHI
6MvOBmN3GIMdG/MhwEL8PiT7EDFknVCWB/ZacQIDAQABo4ICtTCCArEwHQYDVR0O
BBYEFF/N4s32U9UcpVPrbCEDmU1gxHECMB8GA1UdIwQYMBaAFEy2vsd4QZnsyvAx
E4rJmi5mq4PdMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTQ5NGJk
NzE0ODRkMTA2Yjc1YzViZWRmNDI2M2Y0ODI4MWE0ZTQwOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjc5N2IyZjAtZTVkYS00MTZjLWE4ZDYtYTYxZGMx
MDJhNDQxL2NhN2E1YTBmNmM1NDRjYmE4MjJkMDI3M2FkNDIxMDFlYTExOWUxNWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNzk3YjJmMC1lNWRhLTQxNmMtYThkNi1hNjFk
YzEwMmE0NDEvNTQ5NGJkNzE0ODRkMTA2Yjc1YzViZWRmNDI2M2Y0ODI4MWE0ZTQw
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5BggrBgEFBQcBBwEB/wRq
MGgwVwQCAAEwUQMEAqpPJAMDArVAAwMCvigDAwO+6AMEBsgEwAMEBcgKQAMDAMgl
AwMAyDADAwDIPAMEB8hqAAMEBshrgAMDAMh5AwQCyYPcAwMAyeYDAwDJ8DANBAIA
AjAHAwUAIAETiDANBgkqhkiG9w0BAQsFAAOCAQEAS+VVZ9h0D6AwEOnAOqBmYMJG
NnSkEV6gOSotmXK3f8QMk/ALhKhDkTgbZ7J95eUpUnR1HDTLxQ1I5ZP0Hd43F06c
6Ksfn5KwJFs9WLPbfu4eogBsMC1KW5vDg9mGQNFajVco/amhR/bZK/fzAHoaOc0T
dlRkTPX4g4WYlLE6ja4Lp8XoMAKdr2LZeIa3w+4JLNAg1lLq9oqziMHMV0aKO9pn
poYU2WXbo9SZPjeZ1VE4iXgKXi6Qc4qvJ1yA4ZlCsLbuSIQI44xuxrHc/LF5jIfc
v0VkwOnnDuVm6Y6IS+xftCIZvUjvIXNX6y6FLrL5AWxUPWQlMHyUzMaMkBcTPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:25 2024 by rpki-client on console-fra.rpki-client.org