Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/101d54661ceeb0fa078a80070872e47efea662a4.roa
File:                     101d54661ceeb0fa078a80070872e47efea662a4.roa (raw, json)
Hash identifier:          N2CNEajzwl3+hCmuYMlu/75ZxhIHmJmnhVtmSMdyX4o=
Subject key identifier:   A2:01:A7:DB:8E:03:FB:FB:AA:26:39:9B:83:F2:19:86:D9:6D:7B:0C
Certificate issuer:       /CN=d93a444d061fc4d914dc56d8031a9c4574ca57ad
Certificate serial:       271D15
Authority key identifier: C9:9C:8C:AA:C7:FF:7B:F4:E1:7A:CA:F0:8F:DD:D6:E5:6E:FC:CD:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d93a444d061fc4d914dc56d8031a9c4574ca57ad.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/101d54661ceeb0fa078a80070872e47efea662a4.roa
Signing time:             Mon 17 Apr 2023 13:00:31 +0000
ROA not before:           Sun 16 Apr 2023 13:00:28 +0000
ROA not after:            Thu 17 Apr 2025 13:00:28 +0000
asID:                     7303
IP address blocks:        66.60.0.0/18 maxlen: 19
                          200.73.128.0/18 maxlen: 19
                          200.80.64.0/20 maxlen: 21
                          201.252.0.0/15 maxlen: 24
                          190.228.144.0/24 maxlen: 24
                          200.43.0.0/16 maxlen: 24
                          201.235.0.0/16 maxlen: 17
                          191.97.128.0/17 maxlen: 18
                          200.3.64.0/19 maxlen: 24
                          181.97.169.0/24 maxlen: 24
                          24.232.0.0/16 maxlen: 17
                          200.117.128.0/17 maxlen: 24
                          190.228.174.0/24 maxlen: 24
                          190.30.0.0/15 maxlen: 24
                          200.3.32.0/19 maxlen: 24
                          196.32.64.0/19 maxlen: 20
                          200.89.128.0/18 maxlen: 20
                          201.231.0.0/16 maxlen: 17
                          152.170.128.0/18 maxlen: 19
                          200.42.128.0/19 maxlen: 21
                          200.32.0.0/19 maxlen: 21
                          200.49.128.0/19 maxlen: 20
                          200.63.0.0/19 maxlen: 20
                          200.127.0.0/16 maxlen: 18
                          190.224.198.0/24 maxlen: 24
                          200.126.192.0/18 maxlen: 18
                          200.49.96.0/20 maxlen: 21
                          181.29.48.0/24 maxlen: 24
                          200.61.192.0/19 maxlen: 19
                          200.71.224.0/20 maxlen: 21
                          186.125.204.0/22 maxlen: 24
                          200.82.0.0/17 maxlen: 18
                          200.45.0.0/16 maxlen: 17
                          190.138.254.0/24 maxlen: 24
                          186.125.154.0/24 maxlen: 24
                          181.15.16.0/24 maxlen: 24
                          200.42.0.0/17 maxlen: 21
                          200.55.64.0/18 maxlen: 20
                          186.124.217.0/24 maxlen: 24
                          181.10.26.0/24 maxlen: 24
                          181.10.48.0/21 maxlen: 21
                          181.94.100.0/24 maxlen: 24
                          201.212.91.0/24 maxlen: 24
                          181.13.170.0/24 maxlen: 24
                          181.30.131.0/24 maxlen: 24
                          181.111.206.0/24 maxlen: 24
                          190.138.206.0/24 maxlen: 24
                          200.105.64.0/19 maxlen: 20
                          201.213.0.0/16 maxlen: 16
                          190.226.33.0/24 maxlen: 24
                          186.152.0.0/15 maxlen: 24
                          181.111.167.0/24 maxlen: 24
                          201.212.180.0/24 maxlen: 24
                          190.226.58.0/24 maxlen: 24
                          200.105.0.0/18 maxlen: 20
                          2001:13d0::/29 maxlen: 48
                          2800:2b00::/31 maxlen: 32
                          2800:2505::/42 maxlen: 44
                          2800:2508::/42 maxlen: 44
                          2800:b000::/32 maxlen: 32
                          2800:2550:1::/48 maxlen: 48
                          2800:2b02::/32 maxlen: 32
                          2800:2504::/42 maxlen: 44
                          2800:2507::/42 maxlen: 44
                          2800:2500::/42 maxlen: 44
                          2800:2506::/42 maxlen: 44

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2563349 (0x271d15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93a444d061fc4d914dc56d8031a9c4574ca57ad
        Validity
            Not Before: Apr 16 13:00:28 2023 GMT
            Not After : Apr 17 13:00:28 2025 GMT
        Subject: CN=101d54661ceeb0fa078a80070872e47efea662a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:99:b7:06:15:b4:52:36:aa:b7:2a:32:12:c4:
                    43:00:be:f0:b8:a4:4e:72:40:c2:84:95:7f:f4:17:
                    60:1d:6b:c9:58:aa:ee:08:50:df:f1:da:0c:54:89:
                    cd:85:cf:22:09:6f:20:60:c2:83:f1:1e:af:ad:d0:
                    92:71:e0:f8:de:de:ae:94:ac:b6:9b:54:0c:64:6e:
                    81:22:11:e5:3a:a1:ae:46:b2:f8:dc:93:a6:59:b7:
                    30:18:89:73:44:c1:5d:05:07:b7:84:f7:13:2b:c6:
                    d7:1f:88:0f:65:97:15:d1:36:8c:12:60:5a:c5:b0:
                    c8:e7:56:af:ca:9f:a7:c5:1d:19:4e:34:51:2c:48:
                    ee:78:15:a8:85:38:cd:e4:16:ea:5d:8c:55:f5:14:
                    5f:ef:17:a6:c3:91:d3:cf:9f:c5:14:21:89:6e:0b:
                    f7:8f:b1:3f:db:90:38:dd:fa:cf:d7:56:c1:92:9b:
                    b0:a2:c5:05:27:86:d4:21:32:45:92:5c:03:bd:3f:
                    d4:7e:c4:35:2d:30:e0:b1:2e:00:ed:0e:94:1f:b9:
                    06:47:b3:6a:92:b3:a1:6b:e4:01:89:77:2c:05:57:
                    77:1a:33:01:06:e2:3a:84:7d:a6:bb:86:26:dc:b3:
                    aa:93:a3:62:6c:28:86:a4:d9:13:5a:64:15:af:50:
                    99:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:01:A7:DB:8E:03:FB:FB:AA:26:39:9B:83:F2:19:86:D9:6D:7B:0C
            X509v3 Authority Key Identifier:
                keyid:C9:9C:8C:AA:C7:FF:7B:F4:E1:7A:CA:F0:8F:DD:D6:E5:6E:FC:CD:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d93a444d061fc4d914dc56d8031a9c4574ca57ad.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/101d54661ceeb0fa078a80070872e47efea662a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/d93a444d061fc4d914dc56d8031a9c4574ca57ad.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  24.232.0.0/16
                  66.60.0.0/18
                  152.170.128.0/18
                  181.10.26.0/24
                  181.10.48.0/21
                  181.13.170.0/24
                  181.15.16.0/24
                  181.29.48.0/24
                  181.30.131.0/24
                  181.94.100.0/24
                  181.97.169.0/24
                  181.111.167.0/24
                  181.111.206.0/24
                  186.124.217.0/24
                  186.125.154.0/24
                  186.125.204.0/22
                  186.152.0.0/15
                  190.30.0.0/15
                  190.138.206.0/24
                  190.138.254.0/24
                  190.224.198.0/24
                  190.226.33.0/24
                  190.226.58.0/24
                  190.228.144.0/24
                  190.228.174.0/24
                  191.97.128.0/17
                  196.32.64.0/19
                  200.3.32.0-200.3.95.255
                  200.32.0.0/19
                  200.42.0.0-200.42.159.255
                  200.43.0.0/16
                  200.45.0.0/16
                  200.49.96.0/20
                  200.49.128.0/19
                  200.55.64.0/18
                  200.61.192.0/19
                  200.63.0.0/19
                  200.71.224.0/20
                  200.73.128.0/18
                  200.80.64.0/20
                  200.82.0.0/17
                  200.89.128.0/18
                  200.105.0.0-200.105.95.255
                  200.117.128.0/17
                  200.126.192.0-200.127.255.255
                  201.212.91.0/24
                  201.212.180.0/24
                  201.213.0.0/16
                  201.231.0.0/16
                  201.235.0.0/16
                  201.252.0.0/15
                IPv6:
                  2001:13d0::/29
                  2800:2500::/42
                  2800:2504::/42
                  2800:2505::/42
                  2800:2506::/42
                  2800:2507::/42
                  2800:2508::/42
                  2800:2550:1::/48
                  2800:2b00::-2800:2b02:ffff:ffff:ffff:ffff:ffff:ffff
                  2800:b000::/32

    Signature Algorithm: sha256WithRSAEncryption
         10:e1:7e:34:0d:78:91:23:e9:67:9c:c7:a6:16:26:15:62:d2:
         ba:a0:7e:84:68:05:0b:c6:50:f3:aa:3c:39:e0:50:0d:9a:c8:
         3a:4c:07:0c:5e:ce:35:e3:86:c4:bc:82:89:57:14:01:c3:10:
         7d:1d:00:90:91:fa:c0:11:d7:77:1b:06:cb:83:b3:a0:71:51:
         d5:a1:22:4d:7a:5b:68:70:1b:a2:9a:c6:59:af:84:8f:a3:74:
         5b:b5:8c:45:c5:09:4f:a8:04:93:c1:9b:75:25:61:88:68:69:
         8b:0e:07:08:a0:3c:e6:9e:e9:63:ac:07:2a:42:b9:fe:6c:80:
         22:e6:22:e8:30:9e:da:d0:b2:7b:69:68:ba:63:7e:36:d4:60:
         6c:f3:45:88:5c:bc:da:d1:47:77:c2:69:63:51:ce:fa:67:67:
         4a:4e:49:7b:57:3a:4c:cb:26:47:3a:4f:80:5a:1d:c1:6b:a4:
         c7:28:b9:80:32:3d:37:46:67:40:a4:39:4c:60:33:ec:61:7d:
         fd:33:ba:e5:78:b9:c6:73:d6:ac:82:29:5b:e5:cc:41:a8:13:
         10:44:8e:2e:39:2e:2e:cd:41:54:5f:bf:5f:59:20:fa:2a:75:
         9b:dd:e4:5a:21:66:c7:1d:f5:09:bc:c5:ab:f9:6b:46:05:b5:
         2f:d5:4a:98
-----BEGIN CERTIFICATE-----
MIIG7jCCBdagAwIBAgIDJx0VMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ5
M2E0NDRkMDYxZmM0ZDkxNGRjNTZkODAzMWE5YzQ1NzRjYTU3YWQwHhcNMjMwNDE2
MTMwMDI4WhcNMjUwNDE3MTMwMDI4WjAzMTEwLwYDVQQDEygxMDFkNTQ2NjFjZWVi
MGZhMDc4YTgwMDcwODcyZTQ3ZWZlYTY2MmE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiJm3BhW0UjaqtyoyEsRDAL7wuKROckDChJV/9BdgHWvJWKru
CFDf8doMVInNhc8iCW8gYMKD8R6vrdCSceD43t6ulKy2m1QMZG6BIhHlOqGuRrL4
3JOmWbcwGIlzRMFdBQe3hPcTK8bXH4gPZZcV0TaMEmBaxbDI51avyp+nxR0ZTjRR
LEjueBWohTjN5BbqXYxV9RRf7xemw5HTz5/FFCGJbgv3j7E/25A43frP11bBkpuw
osUFJ4bUITJFklwDvT/UfsQ1LTDgsS4A7Q6UH7kGR7NqkrOha+QBiXcsBVd3GjMB
BuI6hH2mu4Ym3LOqk6NibCiGpNkTWmQVr1CZpQIDAQABo4IECTCCBAUwHQYDVR0O
BBYEFKIBp9uOA/v7qiY5m4PyGYbZbXsMMB8GA1UdIwQYMBaAFMmcjKrH/3v04XrK
8I/d1uVu/M2tMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDkzYTQ0
NGQwNjFmYzRkOTE0ZGM1NmQ4MDMxYTljNDU3NGNhNTdhZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTMyYjIwOTctZWEwOC00NzgwLWI5NGYtMDNjMzM4
YjVhYTU3LzEwMWQ1NDY2MWNlZWIwZmEwNzhhODAwNzA4NzJlNDdlZmVhNjYyYTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MzJiMjA5Ny1lYTA4LTQ3ODAtYjk0Zi0wM2Mz
MzhiNWFhNTcvZDkzYTQ0NGQwNjFmYzRkOTE0ZGM1NmQ4MDMxYTljNDU3NGNhNTdh
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCAcsGCCsGAQUFBwEHAQH/
BIIBujCCAbYwggFOBAIAATCCAUYDAwAY6AMEBkI8AAMEBpiqgAMEALUKGgMEA7UK
MAMEALUNqgMEALUPEAMEALUdMAMEALUegwMEALVeZAMEALVhqQMEALVvpwMEALVv
zgMEALp82QMEALp9mgMEArp9zAMDAbqYAwMBvh4DBAC+is4DBAC+iv4DBAC+4MYD
BAC+4iEDBAC+4joDBAC+5JADBAC+5K4DBAe/YYADBAXEIEAwDAMEBcgDIAMEBcgD
QAMEBcggADALAwMByCoDBAXIKoADAwDIKwMDAMgtAwQEyDFgAwQFyDGAAwQGyDdA
AwQFyD3AAwQFyD8AAwQEyEfgAwQGyEmAAwQEyFBAAwQHyFIAAwQGyFmAMAsDAwDI
aQMEBchpQAMEB8h1gDALAwQGyH7AAwMHyAADBADJ1FsDBADJ1LQDAwDJ1QMDAMnn
AwMAyesDAwHJ/DBiBAIAAjBcAwUDIAET0AMHBigAJQAAAAMHBigAJQQAAAMHBigA
JQUAAAMHBigAJQYAAAMHBigAJQcAAAMHBigAJQgAAAMHACgAJVAAATANAwQAKAAr
AwUAKAArAgMFACgAsAAwDQYJKoZIhvcNAQELBQADggEBABDhfjQNeJEj6Wecx6YW
JhVi0rqgfoRoBQvGUPOqPDngUA2ayDpMBwxezjXjhsS8golXFAHDEH0dAJCR+sAR
13cbBsuDs6BxUdWhIk16W2hwG6KaxlmvhI+jdFu1jEXFCU+oBJPBm3UlYYhoaYsO
BwigPOae6WOsBypCuf5sgCLmIugwntrQsntpaLpjfjbUYGzzRYhcvNrRR3fCaWNR
zvpnZ0pOSXtXOkzLJkc6T4BaHcFrpMcouYAyPTdGZ0CkOUxgM+xhff0zuuV4ucZz
1qyCKVvlzEGoExBEji45Li7NQVRfv19ZIPoqdZvd5FohZscd9Qm8xav5a0YFtS/V
Spg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:42 2024 by rpki-client on console-fra.rpki-client.org