Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/191bf1b607d650bfdff5d6e7cf24e40193280dd2.roa
File:                     191bf1b607d650bfdff5d6e7cf24e40193280dd2.roa (raw, json)
Hash identifier:          ArzowgzuXIv2xx2ZuHyHnWlNi9kyJ0qQoX4PDsnbWZI=
Subject key identifier:   E9:DD:0C:D0:8E:09:30:8E:D7:73:D8:75:BD:6B:A4:DC:81:AA:68:B0
Certificate issuer:       /CN=d93a444d061fc4d914dc56d8031a9c4574ca57ad
Certificate serial:       271059
Authority key identifier: C9:9C:8C:AA:C7:FF:7B:F4:E1:7A:CA:F0:8F:DD:D6:E5:6E:FC:CD:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d93a444d061fc4d914dc56d8031a9c4574ca57ad.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/191bf1b607d650bfdff5d6e7cf24e40193280dd2.roa
Signing time:             Mon 17 Apr 2023 13:00:28 +0000
ROA not before:           Sun 16 Apr 2023 13:00:28 +0000
ROA not after:            Thu 17 Apr 2025 13:00:28 +0000
asID:                     19905
IP address blocks:        200.73.128.0/18 maxlen: 24
                          200.127.144.0/20 maxlen: 24
                          200.43.32.0/23 maxlen: 24
                          201.212.0.0/20 maxlen: 24
                          181.30.64.0/19 maxlen: 24
                          200.43.192.0/23 maxlen: 24
                          200.127.160.0/21 maxlen: 24
                          181.30.0.0/18 maxlen: 24
                          181.94.4.0/23 maxlen: 24
                          201.235.124.0/22 maxlen: 24
                          181.166.246.0/23 maxlen: 24
                          200.42.80.0/20 maxlen: 24
                          181.166.248.0/23 maxlen: 24
                          200.89.128.0/21 maxlen: 24
                          181.15.110.0/23 maxlen: 24
                          200.42.98.0/23 maxlen: 24
                          200.45.190.0/23 maxlen: 24
                          200.89.138.0/23 maxlen: 24
                          200.42.100.0/23 maxlen: 24
                          200.89.140.0/22 maxlen: 24
                          200.42.106.0/23 maxlen: 24
                          200.42.110.0/23 maxlen: 24
                          200.89.146.0/23 maxlen: 24
                          200.89.148.0/22 maxlen: 24
                          200.89.152.0/21 maxlen: 24
                          200.42.116.0/22 maxlen: 24
                          200.42.126.0/23 maxlen: 24
                          200.42.130.0/23 maxlen: 24
                          200.42.132.0/22 maxlen: 24
                          200.32.2.0/23 maxlen: 24
                          200.32.4.0/22 maxlen: 24
                          200.42.30.0/23 maxlen: 24
                          200.32.8.0/22 maxlen: 24
                          200.32.12.0/23 maxlen: 24
                          200.32.18.0/23 maxlen: 24
                          200.42.48.0/23 maxlen: 24
                          200.32.30.0/23 maxlen: 24
                          200.42.56.0/21 maxlen: 24
                          200.42.68.0/22 maxlen: 24
                          181.166.240.0/22 maxlen: 24
                          200.42.72.0/21 maxlen: 24
                          190.224.160.0/22 maxlen: 24
                          200.49.140.0/22 maxlen: 24
                          200.49.150.0/23 maxlen: 24
                          200.49.154.0/23 maxlen: 24
                          200.49.156.0/22 maxlen: 24
                          200.42.136.0/22 maxlen: 24
                          200.89.174.0/23 maxlen: 24
                          200.89.176.0/21 maxlen: 24
                          200.42.142.0/23 maxlen: 24
                          200.42.144.0/22 maxlen: 24
                          200.42.150.0/23 maxlen: 24
                          200.89.188.0/23 maxlen: 24
                          200.42.154.0/23 maxlen: 24
                          200.61.204.0/22 maxlen: 24
                          200.61.208.0/20 maxlen: 24
                          181.105.160.0/19 maxlen: 24
                          200.45.0.0/22 maxlen: 24
                          200.45.4.0/23 maxlen: 24
                          181.14.80.0/20 maxlen: 24
                          181.14.96.0/20 maxlen: 24
                          181.11.32.0/20 maxlen: 24
                          200.82.80.0/22 maxlen: 24
                          200.42.0.0/23 maxlen: 24
                          200.42.8.0/21 maxlen: 24
                          200.42.16.0/23 maxlen: 24
                          200.42.22.0/23 maxlen: 24
                          190.136.28.0/23 maxlen: 24
                          200.45.48.0/23 maxlen: 24
                          200.45.64.0/23 maxlen: 24
                          190.225.246.0/23 maxlen: 24
                          181.30.160.0/19 maxlen: 24
                          200.3.94.0/23 maxlen: 24
                          181.30.96.0/20 maxlen: 24
                          181.30.112.0/21 maxlen: 24
                          181.30.120.0/22 maxlen: 24
                          181.30.124.0/23 maxlen: 24
                          181.14.72.0/21 maxlen: 24
                          190.226.40.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2560089 (0x271059)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93a444d061fc4d914dc56d8031a9c4574ca57ad
        Validity
            Not Before: Apr 16 13:00:28 2023 GMT
            Not After : Apr 17 13:00:28 2025 GMT
        Subject: CN=191bf1b607d650bfdff5d6e7cf24e40193280dd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:f8:5c:72:a0:bc:79:e1:55:f0:15:9d:08:25:
                    66:c4:e0:a4:27:bb:01:21:f1:f2:9c:a2:a1:8b:06:
                    76:9b:37:e9:ea:95:9e:37:1f:ec:15:1c:bd:bb:f6:
                    75:50:2f:a1:cb:3f:5a:cd:b5:05:c8:92:45:15:a0:
                    54:41:29:94:fc:e1:76:29:d8:d7:db:09:23:04:b3:
                    63:68:74:dc:da:03:08:56:b4:70:16:0a:f9:2b:26:
                    2d:38:71:23:1b:b0:29:84:78:67:6f:f1:75:c8:cd:
                    34:93:4d:87:e9:ae:4c:c9:a8:a0:09:7b:d9:82:4d:
                    2d:97:91:08:b6:90:ac:05:a9:66:6d:9c:c8:7a:e7:
                    a0:15:8c:48:d6:17:35:2e:95:bb:ee:62:21:3d:22:
                    7d:f0:85:86:f6:5d:0a:af:7b:a5:9e:08:f4:a0:b5:
                    6a:ce:c8:fb:fa:e9:83:39:9b:ac:bf:b4:00:b6:3c:
                    84:76:47:13:b6:cf:47:db:b5:ea:87:62:15:bf:81:
                    a6:55:bd:7b:68:bf:82:76:e3:aa:a0:5d:b6:3c:3a:
                    0f:b7:c0:e0:6e:1d:7f:6d:e9:34:9a:78:6c:59:01:
                    f8:1e:7b:c1:01:1b:d9:a4:c7:02:90:d3:12:74:f6:
                    55:21:6d:93:5f:a1:ef:95:5b:a3:f4:f2:93:77:e6:
                    26:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:DD:0C:D0:8E:09:30:8E:D7:73:D8:75:BD:6B:A4:DC:81:AA:68:B0
            X509v3 Authority Key Identifier:
                keyid:C9:9C:8C:AA:C7:FF:7B:F4:E1:7A:CA:F0:8F:DD:D6:E5:6E:FC:CD:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d93a444d061fc4d914dc56d8031a9c4574ca57ad.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/191bf1b607d650bfdff5d6e7cf24e40193280dd2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/d93a444d061fc4d914dc56d8031a9c4574ca57ad.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.11.32.0/20
                  181.14.72.0-181.14.111.255
                  181.15.110.0/23
                  181.30.0.0-181.30.125.255
                  181.30.160.0/19
                  181.94.4.0/23
                  181.105.160.0/19
                  181.166.240.0/22
                  181.166.246.0-181.166.249.255
                  190.136.28.0/23
                  190.224.160.0/22
                  190.225.246.0/23
                  190.226.40.0/23
                  200.3.94.0/23
                  200.32.2.0-200.32.13.255
                  200.32.18.0/23
                  200.32.30.0/23
                  200.42.0.0/23
                  200.42.8.0-200.42.17.255
                  200.42.22.0/23
                  200.42.30.0/23
                  200.42.48.0/23
                  200.42.56.0/21
                  200.42.68.0-200.42.95.255
                  200.42.98.0-200.42.101.255
                  200.42.106.0/23
                  200.42.110.0/23
                  200.42.116.0/22
                  200.42.126.0/23
                  200.42.130.0-200.42.139.255
                  200.42.142.0-200.42.147.255
                  200.42.150.0/23
                  200.42.154.0/23
                  200.43.32.0/23
                  200.43.192.0/23
                  200.45.0.0-200.45.5.255
                  200.45.48.0/23
                  200.45.64.0/23
                  200.45.190.0/23
                  200.49.140.0/22
                  200.49.150.0/23
                  200.49.154.0-200.49.159.255
                  200.61.204.0-200.61.223.255
                  200.73.128.0/18
                  200.82.80.0/22
                  200.89.128.0/21
                  200.89.138.0-200.89.143.255
                  200.89.146.0-200.89.159.255
                  200.89.174.0-200.89.183.255
                  200.89.188.0/23
                  200.127.144.0-200.127.167.255
                  201.212.0.0/20
                  201.235.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a5:55:74:9a:d0:6f:6e:21:dc:99:14:14:59:3f:35:84:8d:df:
         b4:1b:d6:31:c5:f2:20:81:fc:50:9a:4b:27:7f:6a:02:5d:df:
         6e:1c:fc:3a:09:ae:d5:b5:4c:38:b7:78:98:8b:a9:57:07:9e:
         00:c4:21:ea:dd:50:4e:28:90:d8:06:8b:33:db:18:ec:f3:63:
         3d:f7:ab:17:f4:77:e2:ac:61:98:5e:57:3b:e1:57:b4:b9:25:
         d5:db:02:74:3b:11:81:86:ed:c8:75:2e:4a:18:86:94:f4:89:
         f6:9b:29:86:55:d8:93:e4:7b:cf:0f:18:2c:49:1f:d6:6d:87:
         06:2f:39:13:92:14:93:c9:04:e4:1c:3f:38:68:97:69:c6:ec:
         ab:3b:88:a5:06:bd:47:b2:ed:6a:8b:93:8f:31:6c:cf:e0:41:
         67:86:87:80:dd:57:ea:f2:43:df:31:8c:48:06:28:86:a5:20:
         6a:86:cd:be:43:bf:bb:71:01:69:5c:8b:85:41:19:e7:27:15:
         71:10:9c:69:7f:60:e1:36:60:25:bd:fe:f2:df:22:cc:3d:fd:
         30:5b:16:7b:0e:8a:d8:f5:1c:3c:91:bd:6c:ba:09:89:32:94:
         7e:4c:e2:2c:38:5c:ea:e6:00:27:e8:7f:bc:e8:87:bc:89:8c:
         db:c1:cb:55
-----BEGIN CERTIFICATE-----
MIIHADCCBeigAwIBAgIDJxBZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ5
M2E0NDRkMDYxZmM0ZDkxNGRjNTZkODAzMWE5YzQ1NzRjYTU3YWQwHhcNMjMwNDE2
MTMwMDI4WhcNMjUwNDE3MTMwMDI4WjAzMTEwLwYDVQQDEygxOTFiZjFiNjA3ZDY1
MGJmZGZmNWQ2ZTdjZjI0ZTQwMTkzMjgwZGQyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAivhccqC8eeFV8BWdCCVmxOCkJ7sBIfHynKKhiwZ2mzfp6pWe
Nx/sFRy9u/Z1UC+hyz9azbUFyJJFFaBUQSmU/OF2KdjX2wkjBLNjaHTc2gMIVrRw
Fgr5KyYtOHEjG7AphHhnb/F1yM00k02H6a5MyaigCXvZgk0tl5EItpCsBalmbZzI
euegFYxI1hc1LpW77mIhPSJ98IWG9l0Kr3ulngj0oLVqzsj7+umDOZusv7QAtjyE
dkcTts9H27Xqh2IVv4GmVb17aL+CduOqoF22PDoPt8Dgbh1/bek0mnhsWQH4HnvB
ARvZpMcCkNMSdPZVIW2TX6HvlVuj9PKTd+Ym0QIDAQABo4IEGzCCBBcwHQYDVR0O
BBYEFOndDNCOCTCO13PYdb1rpNyBqmiwMB8GA1UdIwQYMBaAFMmcjKrH/3v04XrK
8I/d1uVu/M2tMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDkzYTQ0
NGQwNjFmYzRkOTE0ZGM1NmQ4MDMxYTljNDU3NGNhNTdhZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTMyYjIwOTctZWEwOC00NzgwLWI5NGYtMDNjMzM4
YjVhYTU3LzE5MWJmMWI2MDdkNjUwYmZkZmY1ZDZlN2NmMjRlNDAxOTMyODBkZDIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MzJiMjA5Ny1lYTA4LTQ3ODAtYjk0Zi0wM2Mz
MzhiNWFhNTcvZDkzYTQ0NGQwNjFmYzRkOTE0ZGM1NmQ4MDMxYTljNDU3NGNhNTdh
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCAd0GCCsGAQUFBwEHAQH/
BIIBzDCCAcgwggHEBAIAATCCAbwDBAS1CyAwDAMEA7UOSAMEBLUOYAMEAbUPbjAL
AwMBtR4DBAG1HnwDBAW1HqADBAG1XgQDBAW1aaADBAK1pvAwDAMEAbWm9gMEAbWm
+AMEAb6IHAMEAr7goAMEAb7h9gMEAb7iKAMEAcgDXjAMAwQByCACAwQByCAMAwQB
yCASAwQByCAeAwQByCoAMAwDBAPIKggDBAHIKhADBAHIKhYDBAHIKh4DBAHIKjAD
BAPIKjgwDAMEAsgqRAMEBcgqQDAMAwQByCpiAwQByCpkAwQByCpqAwQByCpuAwQC
yCp0AwQByCp+MAwDBAHIKoIDBALIKogwDAMEAcgqjgMEAsgqkAMEAcgqlgMEAcgq
mgMEAcgrIAMEAcgrwDALAwMAyC0DBAHILQQDBAHILTADBAHILUADBAHILb4DBALI
MYwDBAHIMZYwDAMEAcgxmgMEBcgxgDAMAwQCyD3MAwQFyD3AAwQGyEmAAwQCyFJQ
AwQDyFmAMAwDBAHIWYoDBATIWYAwDAMEAchZkgMEBchZgDAMAwQByFmuAwQDyFmw
AwQByFm8MAwDBATIf5ADBAPIf6ADBATJ1AADBALJ63wwDQYJKoZIhvcNAQELBQAD
ggEBAKVVdJrQb24h3JkUFFk/NYSN37Qb1jHF8iCB/FCaSyd/agJd324c/DoJrtW1
TDi3eJiLqVcHngDEIerdUE4okNgGizPbGOzzYz33qxf0d+KsYZheVzvhV7S5JdXb
AnQ7EYGG7ch1LkoYhpT0ifabKYZV2JPke88PGCxJH9ZthwYvOROSFJPJBOQcPzho
l2nG7Ks7iKUGvUey7WqLk48xbM/gQWeGh4DdV+ryQ98xjEgGKIalIGqGzb5Dv7tx
AWlci4VBGecnFXEQnGl/YOE2YCW9/vLfIsw9/TBbFnsOitj1HDyRvWy6CYkylH5M
4iw4XOrmACfof7zoh7yJjNvBy1U=
-----END CERTIFICATE-----
Generated at Thu Dec 7 13:10:27 2023 by rpki-client on console-fra.rpki-client.org