Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4dc2c07a-8c7e-47c7-ae90-ccd71487ce10/e8f1a45f63a8648d54d7cf39fb44bea308fb5402.roa
File:                     e8f1a45f63a8648d54d7cf39fb44bea308fb5402.roa (raw, json)
Hash identifier:          WIJshNOlrv/njj01D4LFnpIgGNDy7szvxEb6HRi3ar4=
Subject key identifier:   1A:A4:A4:AD:73:6D:0E:15:91:A8:5B:CB:6E:29:EE:72:F1:B0:CE:24
Certificate issuer:       /CN=aae8cbe9904f103232c002483204f9f2ae04d026
Certificate serial:       1149CA
Authority key identifier: 9E:21:FA:B8:72:9D:E9:86:5D:D4:D6:5F:DF:3F:B0:D3:CD:37:19:34
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/aae8cbe9904f103232c002483204f9f2ae04d026.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4dc2c07a-8c7e-47c7-ae90-ccd71487ce10/e8f1a45f63a8648d54d7cf39fb44bea308fb5402.roa
Signing time:             Fri 13 Aug 2021 15:00:36 +0000
ROA not before:           Fri 13 Aug 2021 15:00:21 +0000
ROA not after:            Thu 13 Aug 2026 15:00:21 +0000
asID:                     28006
IP address blocks:        200.125.136.0/23 maxlen: 24
                          200.125.138.0/23 maxlen: 23
                          200.125.140.0/22 maxlen: 24
                          200.125.144.0/24 maxlen: 24
                          200.125.145.0/24 maxlen: 24
                          200.125.147.0/24 maxlen: 24
                          200.125.149.0/24 maxlen: 24
                          200.125.150.0/24 maxlen: 24
                          200.125.151.0/24 maxlen: 24
                          200.125.152.0/24 maxlen: 24
                          200.125.153.0/24 maxlen: 24
                          200.125.154.0/24 maxlen: 24
                          200.125.155.0/24 maxlen: 24
                          200.125.157.0/24 maxlen: 24
                          200.125.158.0/24 maxlen: 24
                          200.125.159.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1133002 (0x1149ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aae8cbe9904f103232c002483204f9f2ae04d026
        Validity
            Not Before: Aug 13 15:00:21 2021 GMT
            Not After : Aug 13 15:00:21 2026 GMT
        Subject: CN=e8f1a45f63a8648d54d7cf39fb44bea308fb5402
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7e:67:65:e7:dc:fd:9b:3c:03:b5:bc:03:b5:
                    f4:29:9c:05:d1:88:13:39:8b:b5:3c:c3:4b:4e:ca:
                    cb:84:41:dd:b4:85:f3:7c:21:4d:e2:99:97:1d:3b:
                    d0:2f:cb:85:67:c3:aa:c3:45:2b:00:5c:96:1d:a6:
                    25:96:5d:b6:15:3a:26:89:f4:a0:ff:d6:29:b5:f4:
                    90:6e:82:6f:7f:85:4f:23:c2:29:e6:e9:91:94:a0:
                    87:db:18:87:84:b1:89:19:3d:64:03:2f:28:b3:11:
                    d3:c3:b6:c2:66:17:ea:1b:83:e6:77:7c:bc:4d:10:
                    83:e3:d5:36:d3:c0:84:a7:89:41:cf:7d:32:73:d4:
                    ab:1b:9d:3a:58:30:4d:c8:0f:29:6a:71:d8:eb:97:
                    7d:48:1e:88:4a:8e:c1:2e:bf:bd:fc:d3:df:3d:17:
                    11:3b:d5:ca:6f:7b:50:06:c7:1a:67:d4:fa:5b:65:
                    d3:ab:6d:a1:1b:e7:04:43:c6:9e:2f:96:ee:1a:96:
                    aa:ec:14:51:b3:e6:27:bc:ad:71:46:aa:6d:78:36:
                    ad:61:9c:e9:43:9b:b1:8c:73:0e:a1:c3:74:56:75:
                    c0:7f:36:de:4c:7d:f8:87:0c:53:8e:da:20:67:af:
                    cb:a7:25:0b:1a:39:f3:fd:52:94:1e:f5:8c:aa:11:
                    c0:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:A4:A4:AD:73:6D:0E:15:91:A8:5B:CB:6E:29:EE:72:F1:B0:CE:24
            X509v3 Authority Key Identifier:
                keyid:9E:21:FA:B8:72:9D:E9:86:5D:D4:D6:5F:DF:3F:B0:D3:CD:37:19:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/aae8cbe9904f103232c002483204f9f2ae04d026.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4dc2c07a-8c7e-47c7-ae90-ccd71487ce10/e8f1a45f63a8648d54d7cf39fb44bea308fb5402.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4dc2c07a-8c7e-47c7-ae90-ccd71487ce10/aae8cbe9904f103232c002483204f9f2ae04d026.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.125.136.0-200.125.145.255
                  200.125.147.0/24
                  200.125.149.0-200.125.155.255
                  200.125.157.0-200.125.159.255

    Signature Algorithm: sha256WithRSAEncryption
         6b:38:4f:91:5b:bb:20:95:7c:df:46:c3:1e:ee:30:38:31:82:
         ad:43:09:eb:40:d6:18:33:f6:16:ed:52:4d:4c:e1:d6:23:f4:
         9e:80:4e:b4:d3:f8:28:a9:83:d1:84:58:5f:c5:f3:63:42:b3:
         1d:3e:2a:b6:51:cb:b9:d6:56:2f:c3:26:be:19:01:fa:27:5d:
         77:02:cf:35:01:8b:77:d3:35:81:62:dc:f8:ce:eb:63:9c:cb:
         b8:88:7d:09:d1:a6:35:51:df:47:e5:74:51:64:03:47:a6:c6:
         24:c2:d2:ae:e4:04:37:5c:bf:9c:c3:f1:5e:a9:1c:de:06:27:
         fe:35:02:e8:89:5e:7d:9b:a3:8f:dc:1a:b4:4d:aa:e6:79:7a:
         ab:ed:2f:04:f1:43:64:68:60:6a:39:f9:79:b2:87:6c:50:37:
         31:ef:74:24:21:11:c0:27:0c:e9:cb:1d:8c:32:58:5a:00:93:
         31:e9:9c:9a:5f:5b:a4:1f:6d:2b:6b:a0:c5:8f:43:d2:a8:3b:
         e1:b2:99:29:27:2c:ac:fe:6a:4b:37:8b:35:5c:55:10:5e:38:
         c7:29:4a:b2:c8:cf:01:0b:f7:39:07:82:f9:f5:e4:a6:aa:3a:
         14:ea:37:56:28:36:34:55:81:67:7b:42:6c:fe:7e:fc:89:11:
         1e:af:bf:9b
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgIDEUnKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFh
ZThjYmU5OTA0ZjEwMzIzMmMwMDI0ODMyMDRmOWYyYWUwNGQwMjYwHhcNMjEwODEz
MTUwMDIxWhcNMjYwODEzMTUwMDIxWjAzMTEwLwYDVQQDEyhlOGYxYTQ1ZjYzYTg2
NDhkNTRkN2NmMzlmYjQ0YmVhMzA4ZmI1NDAyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqH5nZefc/Zs8A7W8A7X0KZwF0YgTOYu1PMNLTsrLhEHdtIXz
fCFN4pmXHTvQL8uFZ8Oqw0UrAFyWHaYlll22FTomifSg/9YptfSQboJvf4VPI8Ip
5umRlKCH2xiHhLGJGT1kAy8osxHTw7bCZhfqG4Pmd3y8TRCD49U208CEp4lBz30y
c9SrG506WDBNyA8panHY65d9SB6ISo7BLr+9/NPfPRcRO9XKb3tQBscaZ9T6W2XT
q22hG+cEQ8aeL5buGpaq7BRRs+YnvK1xRqpteDatYZzpQ5uxjHMOocN0VnXAfzbe
TH34hwxTjtogZ6/LpyULGjnz/VKUHvWMqhHA3wIDAQABo4IChTCCAoEwHQYDVR0O
BBYEFBqkpK1zbQ4Vkahby24p7nLxsM4kMB8GA1UdIwQYMBaAFJ4h+rhynemGXdTW
X98/sNPNNxk0MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYWFlOGNi
ZTk5MDRmMTAzMjMyYzAwMjQ4MzIwNGY5ZjJhZTA0ZDAyNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGRjMmMwN2EtOGM3ZS00N2M3LWFlOTAtY2NkNzE0
ODdjZTEwL2U4ZjFhNDVmNjNhODY0OGQ1NGQ3Y2YzOWZiNDRiZWEzMDhmYjU0MDIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80ZGMyYzA3YS04YzdlLTQ3YzctYWU5MC1jY2Q3
MTQ4N2NlMTAvYWFlOGNiZTk5MDRmMTAzMjMyYzAwMjQ4MzIwNGY5ZjJhZTA0ZDAy
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJBggrBgEFBQcBBwEB/wQ6
MDgwNgQCAAEwMDAMAwQDyH2IAwQByH2QAwQAyH2TMAwDBADIfZUDBALIfZgwDAME
AMh9nQMEBch9gDANBgkqhkiG9w0BAQsFAAOCAQEAazhPkVu7IJV830bDHu4wODGC
rUMJ60DWGDP2Fu1STUzh1iP0noBOtNP4KKmD0YRYX8XzY0KzHT4qtlHLudZWL8Mm
vhkB+idddwLPNQGLd9M1gWLc+M7rY5zLuIh9CdGmNVHfR+V0UWQDR6bGJMLSruQE
N1y/nMPxXqkc3gYn/jUC6IlefZujj9watE2q5nl6q+0vBPFDZGhgajn5ebKHbFA3
Me90JCERwCcM6csdjDJYWgCTMemcml9bpB9tK2ugxY9D0qg74bKZKScsrP5qSzeL
NVxVEF44xylKssjPAQv3OQeC+fXkpqo6FOo3Vig2NFWBZ3tCbP5+/IkRHq+/mw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:42 2024 by rpki-client on console-fra.rpki-client.org