Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/365438ca7201d1e9e59e4336f5ebeab04c9fea57.roa
File:                     365438ca7201d1e9e59e4336f5ebeab04c9fea57.roa (raw, json)
Hash identifier:          onq7s+8H2LMKtnZbAm6pf3JH1UHQJR4XvhvVz6oHlLo=
Subject key identifier:   BC:03:64:36:7E:8F:60:4C:37:6F:6C:68:95:D5:B2:7C:28:EE:91:17
Certificate issuer:       /CN=33b7a43fc33bfc7ff5ea592decadde645288705e
Certificate serial:       142DA2
Authority key identifier: C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/365438ca7201d1e9e59e4336f5ebeab04c9fea57.roa
Signing time:             Tue 16 Nov 2021 17:41:26 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     264797
IP address blocks:        190.110.248.0/23 maxlen: 23
                          190.110.248.0/24 maxlen: 24
                          190.110.249.0/24 maxlen: 24
                          190.110.251.0/24 maxlen: 24
                          200.50.166.0/24 maxlen: 24
                          200.50.169.0/24 maxlen: 24
                          200.50.171.0/24 maxlen: 24
                          200.50.172.0/24 maxlen: 24
                          200.50.174.0/23 maxlen: 23
                          200.50.174.0/24 maxlen: 24
                          200.50.175.0/24 maxlen: 24
                          200.50.176.0/21 maxlen: 24
                          200.50.176.0/24 maxlen: 24
                          200.50.177.0/24 maxlen: 24
                          200.50.178.0/24 maxlen: 24
                          200.50.179.0/24 maxlen: 24
                          200.50.180.0/24 maxlen: 24
                          200.50.181.0/24 maxlen: 24
                          200.50.182.0/24 maxlen: 24
                          200.50.183.0/24 maxlen: 24
                          200.50.184.0/22 maxlen: 24
                          200.50.184.0/24 maxlen: 24
                          200.50.185.0/24 maxlen: 24
                          200.50.186.0/24 maxlen: 24
                          200.50.187.0/24 maxlen: 24
                          200.50.188.0/23 maxlen: 24
                          200.50.188.0/24 maxlen: 24
                          200.50.189.0/24 maxlen: 24
                          200.123.49.0/24 maxlen: 24
                          200.123.51.0/24 maxlen: 24
                          200.123.52.0/22 maxlen: 24
                          200.123.52.0/24 maxlen: 24
                          200.123.53.0/24 maxlen: 24
                          200.123.54.0/24 maxlen: 24
                          200.123.55.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1322402 (0x142da2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33b7a43fc33bfc7ff5ea592decadde645288705e
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=365438ca7201d1e9e59e4336f5ebeab04c9fea57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c4:77:89:b4:f5:84:be:4c:e7:69:b0:a3:cf:
                    f7:a0:40:70:02:94:9b:b1:5a:40:f5:72:ea:19:56:
                    18:7b:10:2b:6d:09:0b:9f:6a:9c:03:2a:ed:4f:6e:
                    4c:38:aa:18:f4:00:b6:e7:6c:44:71:90:a1:e9:aa:
                    c3:e0:88:51:c7:29:9d:e4:08:da:34:b7:bc:2e:13:
                    05:5e:37:00:5a:1b:55:c0:ff:6d:d1:4d:fa:66:89:
                    df:80:11:38:d0:73:92:77:d2:2e:c4:e5:11:4f:d5:
                    24:3d:7a:f3:d3:0d:d8:70:7b:85:65:98:02:eb:08:
                    c2:a2:e1:9c:33:af:55:a8:07:05:0b:ef:9d:68:2d:
                    4c:12:18:3f:28:69:42:2f:ec:b6:d9:b2:e1:8d:cb:
                    af:a2:fd:ff:aa:28:00:aa:33:ff:c3:ce:1c:6f:6b:
                    8e:ea:fa:10:65:24:78:95:ba:48:d5:16:72:9d:3c:
                    55:45:f3:1f:b4:02:b9:80:ec:50:fc:56:1d:f5:0b:
                    64:ec:7f:78:9c:3d:5d:ee:40:8d:08:f0:4d:99:22:
                    dc:7a:39:6a:92:e5:96:04:e6:5a:38:3a:88:8f:15:
                    3c:14:be:ef:8f:3d:72:dc:d6:46:9d:f3:96:97:ef:
                    59:ce:80:f8:54:6c:b7:25:ff:82:94:3e:9a:73:3b:
                    28:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:03:64:36:7E:8F:60:4C:37:6F:6C:68:95:D5:B2:7C:28:EE:91:17
            X509v3 Authority Key Identifier:
                keyid:C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/365438ca7201d1e9e59e4336f5ebeab04c9fea57.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/33b7a43fc33bfc7ff5ea592decadde645288705e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.110.248.0/23
                  190.110.251.0/24
                  200.50.166.0/24
                  200.50.169.0/24
                  200.50.171.0-200.50.172.255
                  200.50.174.0-200.50.189.255
                  200.123.49.0/24
                  200.123.51.0-200.123.55.255

    Signature Algorithm: sha256WithRSAEncryption
         05:f3:47:8d:fb:f5:41:54:93:d6:74:76:b6:af:3b:30:dc:e9:
         04:ce:1c:21:ea:98:0f:7f:9b:73:2c:06:18:c8:5e:4f:cb:17:
         ae:c0:88:27:9b:21:31:cc:c4:3f:15:ad:c1:a3:8c:ae:c4:0f:
         41:76:85:12:c0:c0:65:e9:4a:e8:54:e0:f6:a8:e1:cc:ff:4c:
         36:d3:27:f6:c6:f8:8d:f3:1f:83:9c:a7:67:4a:56:81:8c:f4:
         44:62:c3:e3:78:68:e5:4b:c1:be:f4:72:15:be:50:74:e5:af:
         0a:c1:9d:af:6f:b2:ff:1b:12:27:9c:fa:b0:e1:a9:42:62:26:
         be:c8:03:db:f1:2e:32:7c:29:7b:95:a0:9d:83:b0:96:ef:b6:
         c5:38:4d:f4:3b:a8:70:81:38:e4:ac:ee:95:38:c3:c6:fa:06:
         f7:f7:d1:34:80:3a:5f:b1:c9:96:45:2b:7f:10:9a:c2:dc:dc:
         5a:ef:dc:93:d2:0b:f2:05:c4:0b:78:5a:a1:5b:87:85:8b:5f:
         ea:06:20:4d:cd:7d:5b:cc:05:d7:30:17:35:9f:04:2b:b0:38:
         c2:36:00:22:5e:14:f5:dd:59:ce:0e:35:7a:ec:2e:07:f6:eb:
         64:80:a0:14:a2:66:93:6e:ad:f4:b8:32:c1:a5:1b:e6:28:bd:
         c0:44:f5:f3
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIDFC2iMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
YjdhNDNmYzMzYmZjN2ZmNWVhNTkyZGVjYWRkZTY0NTI4ODcwNWUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygzNjU0MzhjYTcyMDFk
MWU5ZTU5ZTQzMzZmNWViZWFiMDRjOWZlYTU3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0MR3ibT1hL5M52mwo8/3oEBwApSbsVpA9XLqGVYYexArbQkL
n2qcAyrtT25MOKoY9AC252xEcZCh6arD4IhRxymd5AjaNLe8LhMFXjcAWhtVwP9t
0U36ZonfgBE40HOSd9IuxOURT9UkPXrz0w3YcHuFZZgC6wjCouGcM69VqAcFC++d
aC1MEhg/KGlCL+y22bLhjcuvov3/qigAqjP/w84cb2uO6voQZSR4lbpI1RZynTxV
RfMftAK5gOxQ/FYd9Qtk7H94nD1d7kCNCPBNmSLcejlqkuWWBOZaODqIjxU8FL7v
jz1y3NZGnfOWl+9ZzoD4VGy3Jf+ClD6aczsobQIDAQABo4ICnTCCApkwHQYDVR0O
BBYEFLwDZDZ+j2BMN29saJXVsnwo7pEXMB8GA1UdIwQYMBaAFMGk+QbXxWt9XjK0
PK4zar0RfTlWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNiN2E0
M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlLzM2NTQzOGNhNzIwMWQxZTllNTllNDMzNmY1ZWJlYWIwNGM5ZmVhNTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvMzNiN2E0M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBhBggrBgEFBQcBBwEB/wRS
MFAwTgQCAAEwSAMEAb5u+AMEAL5u+wMEAMgypgMEAMgyqTAMAwQAyDKrAwQAyDKs
MAwDBAHIMq4DBAHIMrwDBADIezEwDAMEAMh7MwMEA8h7MDANBgkqhkiG9w0BAQsF
AAOCAQEABfNHjfv1QVST1nR2tq87MNzpBM4cIeqYD3+bcywGGMheT8sXrsCIJ5sh
MczEPxWtwaOMrsQPQXaFEsDAZelK6FTg9qjhzP9MNtMn9sb4jfMfg5ynZ0pWgYz0
RGLD43ho5UvBvvRyFb5QdOWvCsGdr2+y/xsSJ5z6sOGpQmImvsgD2/EuMnwpe5Wg
nYOwlu+2xThN9DuocIE45KzulTjDxvoG9/fRNIA6X7HJlkUrfxCawtzcWu/ck9IL
8gXEC3haoVuHhYtf6gYgTc19W8wF1zAXNZ8EK7A4wjYAIl4U9d1Zzg41euwuB/br
ZICgFKJmk26t9LgywaUb5ii9wET18w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:10 2024 by rpki-client on console-ams.rpki-client.org