Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/1cd5b440fd9df9a3a95dadcb38db10d09fb37c6f.roa
File:                     1cd5b440fd9df9a3a95dadcb38db10d09fb37c6f.roa (raw, json)
Hash identifier:          oFA+etdZ2qHhYxD/1pCC/OIT2u5zT04gAce7PDaCqqE=
Subject key identifier:   41:42:7E:0E:F0:B5:A9:58:E6:25:83:DE:11:88:9C:5E:E4:B3:92:92
Certificate issuer:       /CN=33b7a43fc33bfc7ff5ea592decadde645288705e
Certificate serial:       1CC721
Authority key identifier: C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/1cd5b440fd9df9a3a95dadcb38db10d09fb37c6f.roa
Signing time:             Fri 14 Oct 2022 02:55:56 +0000
ROA not before:           Tue 23 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     263834
IP address blocks:        190.110.224.0/21 maxlen: 21
                          190.110.224.0/22 maxlen: 22
                          190.110.228.0/22 maxlen: 22
                          190.110.224.0/23 maxlen: 23
                          190.110.226.0/23 maxlen: 23
                          190.110.228.0/23 maxlen: 23
                          190.110.230.0/23 maxlen: 23
                          190.110.224.0/24 maxlen: 24
                          190.110.225.0/24 maxlen: 24
                          190.110.226.0/24 maxlen: 24
                          190.110.227.0/24 maxlen: 24
                          190.110.228.0/24 maxlen: 24
                          190.110.229.0/24 maxlen: 24
                          190.110.230.0/24 maxlen: 24
                          190.110.231.0/24 maxlen: 24
                          190.110.238.0/24 maxlen: 24
                          190.110.253.0/24 maxlen: 24
                          200.123.48.0/24 maxlen: 24
                          200.123.56.0/23 maxlen: 23
                          200.123.56.0/24 maxlen: 24
                          200.123.57.0/24 maxlen: 24
                          200.123.58.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1885985 (0x1cc721)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33b7a43fc33bfc7ff5ea592decadde645288705e
        Validity
            Not Before: Mar 23 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=1cd5b440fd9df9a3a95dadcb38db10d09fb37c6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:bf:03:8c:bf:7e:f8:79:71:7b:6b:1d:7f:31:
                    98:a5:97:e9:e2:93:e1:7f:e8:7b:7b:ce:ab:da:ff:
                    3b:e2:48:99:22:07:83:ba:d7:28:96:e7:09:a6:58:
                    92:60:d8:b5:3a:13:37:7d:ac:24:75:dd:0a:02:ee:
                    3b:35:8f:4a:68:59:e4:88:e5:86:e5:b4:82:a9:5c:
                    c4:40:78:ee:a4:91:2a:2f:97:9e:c4:24:c6:7f:23:
                    ae:47:c4:92:25:6c:6e:12:b7:6e:95:23:7c:7a:1a:
                    01:f6:94:87:82:e5:fd:1d:b6:ac:e0:26:90:e7:de:
                    4c:06:cf:d7:96:8f:1f:9d:da:15:da:7f:83:e6:bd:
                    9a:1c:1e:eb:7f:4c:38:98:67:8b:89:36:64:84:24:
                    57:ff:54:98:42:bd:ab:ab:e9:8a:54:76:de:b1:c3:
                    12:05:77:60:9a:79:a0:fe:9f:c1:98:eb:2b:7f:93:
                    a6:f8:24:e4:42:ed:77:6d:40:85:e3:96:11:77:29:
                    cf:09:29:08:3a:7e:52:79:50:26:63:83:31:13:49:
                    1c:63:fd:08:03:65:e0:38:7c:1a:7f:ce:68:73:0c:
                    8e:f2:46:40:68:a6:32:d3:9a:53:f2:9d:b0:c4:eb:
                    cd:73:83:51:51:3a:a9:4a:18:98:21:e5:88:40:37:
                    80:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:42:7E:0E:F0:B5:A9:58:E6:25:83:DE:11:88:9C:5E:E4:B3:92:92
            X509v3 Authority Key Identifier:
                keyid:C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/1cd5b440fd9df9a3a95dadcb38db10d09fb37c6f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/33b7a43fc33bfc7ff5ea592decadde645288705e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.110.224.0/21
                  190.110.238.0/24
                  190.110.253.0/24
                  200.123.48.0/24
                  200.123.56.0-200.123.58.255

    Signature Algorithm: sha256WithRSAEncryption
         5a:c9:67:11:df:1b:8c:8f:64:88:98:14:8e:52:99:db:3f:46:
         a3:02:af:08:70:38:71:e6:64:77:e9:54:7b:e7:61:4e:cc:39:
         28:56:af:03:0d:a8:89:08:38:cb:b7:50:76:80:4f:96:66:7f:
         38:c0:ce:6e:08:a8:f4:a5:96:22:98:83:3b:48:3e:6c:b9:f9:
         93:85:7f:bc:6e:ea:8f:b6:5d:e1:0a:57:86:ef:b1:ca:cd:4f:
         50:69:dd:49:5f:55:3c:6e:d2:3b:80:7a:9e:99:5e:2f:8f:8c:
         70:d3:59:03:04:da:ae:d2:c2:70:8a:7a:60:21:d9:58:91:99:
         5d:7b:71:54:3a:c1:fd:f4:22:14:c1:38:b8:9a:ef:79:e1:ff:
         4b:bd:06:79:ac:45:f8:23:5e:da:83:c2:90:cd:83:d3:c9:a0:
         0c:99:6e:d1:d8:bb:28:bc:ed:6e:eb:32:8e:d1:0e:d7:b1:d7:
         76:14:f1:20:19:d6:4e:90:d4:80:d2:99:21:08:e7:9f:7d:16:
         52:16:d9:af:db:6e:85:80:3e:76:58:4e:48:65:4a:92:c7:40:
         76:11:ba:33:b0:28:87:f5:c3:ec:89:d4:8d:35:d7:9f:89:bf:
         c1:35:12:a9:e8:54:65:16:95:58:89:bf:f8:61:4d:37:fc:d4:
         b6:4f:b9:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIDHMchMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
YjdhNDNmYzMzYmZjN2ZmNWVhNTkyZGVjYWRkZTY0NTI4ODcwNWUwHhcNMjEwMzIz
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygxY2Q1YjQ0MGZkOWRm
OWEzYTk1ZGFkY2IzOGRiMTBkMDlmYjM3YzZmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgL8DjL9++Hlxe2sdfzGYpZfp4pPhf+h7e86r2v874kiZIgeD
utcolucJpliSYNi1OhM3fawkdd0KAu47NY9KaFnkiOWG5bSCqVzEQHjupJEqL5ee
xCTGfyOuR8SSJWxuErdulSN8ehoB9pSHguX9Hbas4CaQ595MBs/Xlo8fndoV2n+D
5r2aHB7rf0w4mGeLiTZkhCRX/1SYQr2rq+mKVHbescMSBXdgmnmg/p/BmOsrf5Om
+CTkQu13bUCF45YRdynPCSkIOn5SeVAmY4MxE0kcY/0IA2XgOHwaf85ocwyO8kZA
aKYy05pT8p2wxOvNc4NRUTqpShiYIeWIQDeA8QIDAQABo4ICezCCAncwHQYDVR0O
BBYEFEFCfg7wtalY5iWD3hGInF7ks5KSMB8GA1UdIwQYMBaAFMGk+QbXxWt9XjK0
PK4zar0RfTlWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNiN2E0
M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlLzFjZDViNDQwZmQ5ZGY5YTNhOTVkYWRjYjM4ZGIxMGQwOWZiMzdjNmYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvMzNiN2E0M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/BggrBgEFBQcBBwEB/wQw
MC4wLAQCAAEwJgMEA75u4AMEAL5u7gMEAL5u/QMEAMh7MDAMAwQDyHs4AwQAyHs6
MA0GCSqGSIb3DQEBCwUAA4IBAQBayWcR3xuMj2SImBSOUpnbP0ajAq8IcDhx5mR3
6VR752FOzDkoVq8DDaiJCDjLt1B2gE+WZn84wM5uCKj0pZYimIM7SD5sufmThX+8
buqPtl3hCleG77HKzU9Qad1JX1U8btI7gHqemV4vj4xw01kDBNqu0sJwinpgIdlY
kZlde3FUOsH99CIUwTi4mu954f9LvQZ5rEX4I17ag8KQzYPTyaAMmW7R2LsovO1u
6zKO0Q7Xsdd2FPEgGdZOkNSA0pkhCOeffRZSFtmv226FgD52WE5IZUqSx0B2Eboz
sCiH9cPsidSNNdefib/BNRKp6FRlFpVYib/4YU03/NS2T7n+
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:26 2024 by rpki-client on console-fra.rpki-client.org