Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/d3478182492b04f1e59fc0f3f7fe0b9a3c551b71.roa
File:                     d3478182492b04f1e59fc0f3f7fe0b9a3c551b71.roa (raw, json)
Hash identifier:          RwXOSaZ77W5UWU/nIkxcNrzPaYzshQEddinxaLyniTY=
Subject key identifier:   CB:80:AA:DB:90:3D:69:D2:43:5F:B1:B8:12:12:04:5E:CE:1D:EF:AE
Certificate issuer:       /CN=33b7a43fc33bfc7ff5ea592decadde645288705e
Certificate serial:       2124AF
Authority key identifier: C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/d3478182492b04f1e59fc0f3f7fe0b9a3c551b71.roa
Signing time:             Fri 31 Mar 2023 19:04:51 +0000
ROA not before:           Tue 23 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     264797
IP address blocks:        190.110.248.0/23 maxlen: 23
                          190.110.248.0/24 maxlen: 24
                          190.110.249.0/24 maxlen: 24
                          190.110.252.0/24 maxlen: 24
                          200.50.166.0/24 maxlen: 24
                          200.50.169.0/24 maxlen: 24
                          200.50.171.0/24 maxlen: 24
                          200.50.172.0/24 maxlen: 24
                          200.50.174.0/23 maxlen: 23
                          200.50.174.0/24 maxlen: 24
                          200.50.175.0/24 maxlen: 24
                          200.50.176.0/21 maxlen: 24
                          200.50.176.0/24 maxlen: 24
                          200.50.177.0/24 maxlen: 24
                          200.50.178.0/24 maxlen: 24
                          200.50.179.0/24 maxlen: 24
                          200.50.180.0/24 maxlen: 24
                          200.50.181.0/24 maxlen: 24
                          200.50.182.0/24 maxlen: 24
                          200.50.183.0/24 maxlen: 24
                          200.50.184.0/22 maxlen: 24
                          200.50.184.0/24 maxlen: 24
                          200.50.185.0/24 maxlen: 24
                          200.50.186.0/24 maxlen: 24
                          200.50.187.0/24 maxlen: 24
                          200.50.188.0/23 maxlen: 24
                          200.50.188.0/24 maxlen: 24
                          200.50.189.0/24 maxlen: 24
                          200.123.49.0/24 maxlen: 24
                          200.123.51.0/24 maxlen: 24
                          200.123.54.0/24 maxlen: 24
                          200.123.55.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2172079 (0x2124af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33b7a43fc33bfc7ff5ea592decadde645288705e
        Validity
            Not Before: Mar 23 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=d3478182492b04f1e59fc0f3f7fe0b9a3c551b71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:70:9d:de:0c:e6:27:7a:e1:af:0f:66:b9:fc:
                    fe:83:77:88:b2:02:a4:62:23:b9:c0:cf:4f:5e:0a:
                    12:11:3e:67:bc:f2:da:9a:e9:e2:5b:9e:e7:47:5a:
                    3e:74:d4:59:dd:9a:45:bb:13:6a:1b:80:ef:64:f6:
                    00:d8:1d:49:a4:11:02:52:92:2d:d6:fd:5e:72:91:
                    c8:f5:a4:84:d5:55:db:31:9e:65:96:4c:32:70:ea:
                    d6:aa:c0:bc:7a:18:b8:6e:5a:81:ad:d3:cc:40:c8:
                    9a:3f:e6:8f:93:02:6f:1b:5a:74:0f:36:6d:77:4b:
                    c4:d0:50:a4:75:9f:29:ac:6b:6f:41:f8:f2:59:c0:
                    5c:69:9b:c9:aa:3f:c0:f7:c2:43:2b:69:91:a8:58:
                    03:10:a6:4f:ca:99:2d:c8:46:45:3b:a9:e6:1f:37:
                    45:f9:f8:c0:97:db:98:9e:9a:65:54:38:f9:62:97:
                    0f:11:60:5c:ec:2e:2d:1d:5e:ac:bc:96:33:7c:b6:
                    e9:5c:fa:c0:7c:67:46:11:c8:d6:82:2e:00:6f:c8:
                    4f:1c:96:81:2e:38:5e:5c:12:23:15:d7:64:7e:94:
                    d2:96:c3:cc:51:0a:ea:3a:6f:43:7c:fb:95:4c:86:
                    57:91:c8:d3:2c:7d:d2:d2:6f:6c:d0:e4:7d:1d:89:
                    f9:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:80:AA:DB:90:3D:69:D2:43:5F:B1:B8:12:12:04:5E:CE:1D:EF:AE
            X509v3 Authority Key Identifier:
                keyid:C1:A4:F9:06:D7:C5:6B:7D:5E:32:B4:3C:AE:33:6A:BD:11:7D:39:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33b7a43fc33bfc7ff5ea592decadde645288705e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/d3478182492b04f1e59fc0f3f7fe0b9a3c551b71.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/33b7a43fc33bfc7ff5ea592decadde645288705e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.110.248.0/23
                  190.110.252.0/24
                  200.50.166.0/24
                  200.50.169.0/24
                  200.50.171.0-200.50.172.255
                  200.50.174.0-200.50.189.255
                  200.123.49.0/24
                  200.123.51.0/24
                  200.123.54.0/23

    Signature Algorithm: sha256WithRSAEncryption
         37:c5:67:4c:88:4e:b1:f7:2a:c5:59:fa:7c:c9:37:ea:aa:ab:
         c5:9e:78:81:78:b8:82:70:f4:8d:9e:75:4e:75:f4:c9:32:ba:
         e5:05:eb:1c:e5:bb:19:66:dd:ba:1a:a6:4a:10:64:63:f9:3b:
         3c:56:1c:de:9f:2d:cd:c7:5f:be:fd:2e:94:00:eb:ac:ce:77:
         d1:aa:b4:91:db:82:04:f7:11:2a:0c:29:39:3e:23:37:22:a3:
         9c:13:4e:5e:71:a4:4b:04:0a:c2:65:f4:e2:dd:0c:8f:74:d9:
         28:88:05:d5:d5:81:f3:47:36:e8:2b:71:39:00:e8:71:f8:b6:
         6e:ba:bf:f1:db:60:00:04:01:50:09:3e:25:9f:90:3b:9b:72:
         fb:6c:fb:17:0c:f1:7d:37:a4:a9:ce:db:c8:dd:82:89:70:29:
         fe:04:15:e3:fd:8a:0b:80:3a:4a:8f:ea:a7:43:f7:25:04:6a:
         98:65:7c:38:56:a1:d9:03:59:5c:96:4d:47:ff:ee:60:c7:4b:
         94:17:99:13:46:33:a9:21:8b:3c:e5:f7:a7:64:fd:8b:f6:e6:
         b1:39:ba:88:ea:ef:81:0e:33:c2:19:93:24:b5:72:2f:f3:5a:
         04:65:64:ca:1e:60:a8:08:9f:0d:6b:3a:6b:7a:a8:c0:7b:59:
         5a:7c:48:99
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDISSvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
YjdhNDNmYzMzYmZjN2ZmNWVhNTkyZGVjYWRkZTY0NTI4ODcwNWUwHhcNMjEwMzIz
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhkMzQ3ODE4MjQ5MmIw
NGYxZTU5ZmMwZjNmN2ZlMGI5YTNjNTUxYjcxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhXCd3gzmJ3rhrw9mufz+g3eIsgKkYiO5wM9PXgoSET5nvPLa
muniW57nR1o+dNRZ3ZpFuxNqG4DvZPYA2B1JpBECUpIt1v1ecpHI9aSE1VXbMZ5l
lkwycOrWqsC8ehi4blqBrdPMQMiaP+aPkwJvG1p0DzZtd0vE0FCkdZ8prGtvQfjy
WcBcaZvJqj/A98JDK2mRqFgDEKZPypktyEZFO6nmHzdF+fjAl9uYnpplVDj5YpcP
EWBc7C4tHV6svJYzfLbpXPrAfGdGEcjWgi4Ab8hPHJaBLjheXBIjFddkfpTSlsPM
UQrqOm9DfPuVTIZXkcjTLH3S0m9s0OR9HYn5HwIDAQABo4ICmzCCApcwHQYDVR0O
BBYEFMuAqtuQPWnSQ1+xuBISBF7OHe+uMB8GA1UdIwQYMBaAFMGk+QbXxWt9XjK0
PK4zar0RfTlWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNiN2E0
M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlL2QzNDc4MTgyNDkyYjA0ZjFlNTlmYzBmM2Y3ZmUwYjlhM2M1NTFiNzEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvMzNiN2E0M2ZjMzNiZmM3ZmY1ZWE1OTJkZWNhZGRlNjQ1Mjg4NzA1
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBggrBgEFBQcBBwEB/wRQ
ME4wTAQCAAEwRgMEAb5u+AMEAL5u/AMEAMgypgMEAMgyqTAMAwQAyDKrAwQAyDKs
MAwDBAHIMq4DBAHIMrwDBADIezEDBADIezMDBAHIezYwDQYJKoZIhvcNAQELBQAD
ggEBADfFZ0yITrH3KsVZ+nzJN+qqq8WeeIF4uIJw9I2edU519MkyuuUF6xzluxlm
3boapkoQZGP5OzxWHN6fLc3HX779LpQA66zOd9GqtJHbggT3ESoMKTk+Izcio5wT
Tl5xpEsECsJl9OLdDI902SiIBdXVgfNHNugrcTkA6HH4tm66v/HbYAAEAVAJPiWf
kDubcvts+xcM8X03pKnO28jdgolwKf4EFeP9iguAOkqP6qdD9yUEaphlfDhWodkD
WVyWTUf/7mDHS5QXmRNGM6khizzl96dk/Yv25rE5uojq74EOM8IZkyS1ci/zWgRl
ZMoeYKgInw1rOmt6qMB7WVp8SJk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:26 2024 by rpki-client on console-fra.rpki-client.org