Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/385520e6-1f98-496b-8d9e-15df9e0772ce/2ba9a0e89575b7ca0f54d4274a2325f5ac41f09b.roa
File:                     2ba9a0e89575b7ca0f54d4274a2325f5ac41f09b.roa (raw, json)
Hash identifier:          YtEV9mVMSx1k3ac8KYRAn3XWsIFO4ZxcgrGuIosn6/s=
Subject key identifier:   73:91:C6:C3:F7:85:8B:A6:7A:38:B1:B7:95:94:87:76:39:AA:26:A1
Certificate issuer:       /CN=9e6663fb5d62a6c45845d461b066de1127b3e069
Certificate serial:       10A09B
Authority key identifier: 4E:FA:DB:FA:CC:09:64:7A:58:D7:3A:CA:34:48:93:52:53:CC:0B:52
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e6663fb5d62a6c45845d461b066de1127b3e069.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/385520e6-1f98-496b-8d9e-15df9e0772ce/2ba9a0e89575b7ca0f54d4274a2325f5ac41f09b.roa
Signing time:             Mon 27 Sep 2021 11:17:06 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52436
IP address blocks:        132.255.112.0/22 maxlen: 22
                          138.97.176.0/22 maxlen: 24
                          168.181.208.0/22 maxlen: 24
                          168.196.32.0/23 maxlen: 23
                          168.196.35.0/24 maxlen: 24
                          179.42.168.0/22 maxlen: 24
                          190.120.244.0/22 maxlen: 22
                          190.122.180.0/22 maxlen: 24
                          207.248.124.0/22 maxlen: 24
                          2803:b900::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1089691 (0x10a09b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e6663fb5d62a6c45845d461b066de1127b3e069
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=2ba9a0e89575b7ca0f54d4274a2325f5ac41f09b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:b2:8a:f7:76:39:cb:23:49:cb:5f:f7:d1:4e:
                    9b:11:1c:0c:7f:8d:b7:5c:5f:31:b8:4d:f3:f4:29:
                    c3:31:a3:89:7e:c4:d7:07:f1:de:92:18:9b:92:17:
                    53:8e:36:d6:e8:8d:41:7c:3f:04:64:29:c4:ad:c8:
                    ae:f1:2d:1e:fe:3c:8f:e7:b5:5c:de:5e:a8:1d:fb:
                    1a:0c:df:18:cf:11:a1:34:20:8d:00:b7:a8:37:33:
                    85:f5:c7:8c:d2:53:be:9e:1d:f9:dd:0e:c6:79:85:
                    d0:10:7b:a6:58:ec:66:20:a8:64:40:88:97:65:cb:
                    5a:89:96:91:41:ca:58:e4:c5:31:45:3d:aa:a3:c3:
                    13:53:18:99:ff:31:2b:74:60:6d:83:59:4f:4f:b9:
                    e1:62:fe:15:c0:35:d8:f7:23:46:36:58:ed:16:58:
                    8d:2c:94:df:9b:1c:1f:d7:9c:19:29:4a:b8:70:57:
                    c2:1a:64:33:05:65:d0:1b:ab:98:06:d3:eb:e4:9a:
                    f1:be:56:da:92:08:56:aa:d1:17:08:2e:2e:a5:65:
                    02:71:b0:06:0e:6a:05:56:38:5e:14:dd:63:d2:91:
                    11:4c:ee:57:71:97:b5:a3:35:a0:40:db:8d:5e:b7:
                    f0:cb:27:e3:db:1b:e8:f0:4a:4d:2c:a5:c5:d0:6a:
                    11:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:91:C6:C3:F7:85:8B:A6:7A:38:B1:B7:95:94:87:76:39:AA:26:A1
            X509v3 Authority Key Identifier:
                keyid:4E:FA:DB:FA:CC:09:64:7A:58:D7:3A:CA:34:48:93:52:53:CC:0B:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e6663fb5d62a6c45845d461b066de1127b3e069.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/385520e6-1f98-496b-8d9e-15df9e0772ce/2ba9a0e89575b7ca0f54d4274a2325f5ac41f09b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/385520e6-1f98-496b-8d9e-15df9e0772ce/9e6663fb5d62a6c45845d461b066de1127b3e069.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.255.112.0/22
                  138.97.176.0/22
                  168.181.208.0/22
                  168.196.32.0/23
                  168.196.35.0/24
                  179.42.168.0/22
                  190.120.244.0/22
                  190.122.180.0/22
                  207.248.124.0/22
                IPv6:
                  2803:b900::/32

    Signature Algorithm: sha256WithRSAEncryption
         56:30:49:37:0d:23:68:76:ed:37:92:22:0b:71:3a:8b:e8:b0:
         20:d3:ea:fc:8f:d9:0b:be:f7:d6:e9:29:84:82:e4:d0:4a:ea:
         83:b2:c5:34:5a:66:0f:c8:db:6e:71:11:2e:ee:9d:79:94:ce:
         07:46:d8:97:b3:a9:aa:41:02:6a:e5:d3:1b:6a:cc:e9:c9:83:
         4f:57:f9:91:4f:e9:ca:e9:63:f9:c7:5d:a1:b5:17:f6:39:84:
         39:5f:c3:a4:31:e2:ad:c8:33:88:6e:52:29:ec:f7:b8:7b:67:
         db:18:29:0b:24:0e:a9:85:11:44:66:82:d1:4c:e0:e4:73:ff:
         40:ee:24:da:47:ff:87:5f:9e:ea:a5:3d:76:57:a8:47:a8:bc:
         31:ac:ce:f3:8a:c0:a8:01:07:e5:7e:d0:67:3e:fc:0f:10:96:
         d8:30:9c:ae:48:59:61:69:bf:23:12:fc:46:52:6d:b9:3a:b4:
         36:a6:22:e4:5a:f4:4f:dc:97:e9:21:5e:60:2b:62:aa:50:8a:
         d9:20:57:57:b1:44:32:a0:19:8a:3e:9e:c5:db:90:1d:c3:80:
         8f:44:f3:28:32:07:04:8b:3a:05:f8:4d:02:31:c2:73:b6:6f:
         4a:c1:12:d8:78:49:73:c3:ac:90:45:3d:38:30:b4:89:88:8a:
         43:a8:52:2f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIDEKCbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDll
NjY2M2ZiNWQ2MmE2YzQ1ODQ1ZDQ2MWIwNjZkZTExMjdiM2UwNjkwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygyYmE5YTBlODk1NzVi
N2NhMGY1NGQ0Mjc0YTIzMjVmNWFjNDFmMDliMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkLKK93Y5yyNJy1/30U6bERwMf423XF8xuE3z9CnDMaOJfsTX
B/HekhibkhdTjjbW6I1BfD8EZCnErciu8S0e/jyP57Vc3l6oHfsaDN8YzxGhNCCN
ALeoNzOF9ceM0lO+nh353Q7GeYXQEHumWOxmIKhkQIiXZctaiZaRQcpY5MUxRT2q
o8MTUxiZ/zErdGBtg1lPT7nhYv4VwDXY9yNGNljtFliNLJTfmxwf15wZKUq4cFfC
GmQzBWXQG6uYBtPr5JrxvlbakghWqtEXCC4upWUCcbAGDmoFVjheFN1j0pERTO5X
cZe1ozWgQNuNXrfwyyfj2xvo8EpNLKXF0GoRHwIDAQABo4ICmjCCApYwHQYDVR0O
BBYEFHORxsP3hYumejixt5WUh3Y5qiahMB8GA1UdIwQYMBaAFE762/rMCWR6WNc6
yjRIk1JTzAtSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWU2NjYz
ZmI1ZDYyYTZjNDU4NDVkNDYxYjA2NmRlMTEyN2IzZTA2OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzg1NTIwZTYtMWY5OC00OTZiLThkOWUtMTVkZjll
MDc3MmNlLzJiYTlhMGU4OTU3NWI3Y2EwZjU0ZDQyNzRhMjMyNWY1YWM0MWYwOWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODU1MjBlNi0xZjk4LTQ5NmItOGQ5ZS0xNWRm
OWUwNzcyY2UvOWU2NjYzZmI1ZDYyYTZjNDU4NDVkNDYxYjA2NmRlMTEyN2IzZTA2
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBggrBgEFBQcBBwEB/wRP
ME0wPAQCAAEwNgMEAoT/cAMEAophsAMEAqi10AMEAajEIAMEAKjEIwMEArMqqAME
Ar549AMEAr56tAMEAs/4fDANBAIAAjAHAwUAKAO5ADANBgkqhkiG9w0BAQsFAAOC
AQEAVjBJNw0jaHbtN5IiC3E6i+iwINPq/I/ZC7731ukphILk0Erqg7LFNFpmD8jb
bnERLu6deZTOB0bYl7OpqkECauXTG2rM6cmDT1f5kU/pyulj+cddobUX9jmEOV/D
pDHircgziG5SKez3uHtn2xgpCyQOqYURRGaC0Uzg5HP/QO4k2kf/h1+e6qU9dleo
R6i8MazO84rAqAEH5X7QZz78DxCW2DCcrkhZYWm/IxL8RlJtuTq0NqYi5Fr0T9yX
6SFeYCtiqlCK2SBXV7FEMqAZij6exduQHcOAj0TzKDIHBIs6BfhNAjHCc7ZvSsES
2HhJc8OskEU9ODC0iYiKQ6hSLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:10 2024 by rpki-client on console-ams.rpki-client.org