Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/4564a3e78ac3d144182eea0840b042c0f0a22dcc.roa
File:                     4564a3e78ac3d144182eea0840b042c0f0a22dcc.roa (raw, json)
Hash identifier:          GsKTWL6xQe6DAkP6Pu4xxNy+7HcxzG0x8l0BO+bx90c=
Subject key identifier:   87:B7:A7:0F:83:37:EF:6F:65:8A:5D:4E:BC:04:DD:E7:31:16:CB:AE
Certificate issuer:       /CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
Certificate serial:       2EB713
Authority key identifier: FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/4564a3e78ac3d144182eea0840b042c0f0a22dcc.roa
Signing time:             Thu 07 Dec 2023 14:26:58 +0000
ROA not before:           Thu 07 Dec 2023 14:26:58 +0000
ROA not after:            Sun 07 Dec 2025 14:26:58 +0000
asID:                     7303
IP address blocks:        181.96.0.0/12 maxlen: 24
                          190.224.0.0/13 maxlen: 24
                          181.28.0.0/14 maxlen: 24
                          181.164.0.0/14 maxlen: 24
                          181.168.0.0/14 maxlen: 24
                          181.228.0.0/14 maxlen: 24
                          186.136.0.0/14 maxlen: 24
                          190.16.0.0/14 maxlen: 24
                          190.188.0.0/14 maxlen: 24
                          190.192.0.0/14 maxlen: 24
                          190.244.0.0/14 maxlen: 24
                          152.168.0.0/14 maxlen: 24
                          186.108.0.0/14 maxlen: 24
                          186.124.0.0/14 maxlen: 24
                          190.136.0.0/14 maxlen: 24
                          201.212.0.0/15 maxlen: 24
                          186.152.0.0/15 maxlen: 24
                          190.30.0.0/15 maxlen: 24
                          201.252.0.0/15 maxlen: 24
                          24.232.0.0/16 maxlen: 24
                          200.127.0.0/16 maxlen: 24
                          201.231.0.0/16 maxlen: 24
                          201.235.0.0/16 maxlen: 24
                          200.43.0.0/16 maxlen: 24
                          200.45.0.0/16 maxlen: 24
                          200.117.0.0/16 maxlen: 24
                          200.42.0.0/17 maxlen: 24
                          200.114.128.0/17 maxlen: 24
                          200.122.0.0/17 maxlen: 24
                          200.126.128.0/17 maxlen: 24
                          200.82.0.0/17 maxlen: 24
                          191.97.128.0/17 maxlen: 24
                          200.55.64.0/18 maxlen: 24
                          200.89.128.0/18 maxlen: 24
                          66.60.0.0/18 maxlen: 24
                          200.73.128.0/18 maxlen: 24
                          200.105.0.0/18 maxlen: 24
                          200.32.0.0/19 maxlen: 24
                          200.42.128.0/19 maxlen: 24
                          200.49.128.0/19 maxlen: 24
                          200.3.32.0/19 maxlen: 24
                          200.3.64.0/19 maxlen: 24
                          200.61.192.0/19 maxlen: 24
                          196.32.64.0/19 maxlen: 24
                          200.63.0.0/19 maxlen: 24
                          200.105.64.0/19 maxlen: 24
                          200.71.224.0/20 maxlen: 24
                          200.49.96.0/20 maxlen: 24
                          200.80.64.0/20 maxlen: 24
                          200.110.224.0/21 maxlen: 24
                          170.150.196.0/22 maxlen: 24
                          170.231.136.0/22 maxlen: 24
                          2001:13d0::/29 maxlen: 48
                          2800:2000::/20 maxlen: 48
                          2800:b000::/32 maxlen: 48
                          2803:da80::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3061523 (0x2eb713)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
        Validity
            Not Before: Dec  7 14:26:58 2023 GMT
            Not After : Dec  7 14:26:58 2025 GMT
        Subject: CN=4564a3e78ac3d144182eea0840b042c0f0a22dcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:a7:96:d9:ff:a1:c0:81:46:87:a0:13:88:8b:
                    38:51:41:74:61:a8:a6:ac:e4:12:c2:35:ef:31:ce:
                    34:5b:6b:cc:66:b9:35:91:c1:71:66:3a:76:b5:be:
                    6e:75:7a:06:75:3f:a3:79:ac:13:30:88:10:ac:8a:
                    06:bc:5a:73:57:b9:65:c3:75:c3:25:af:3c:96:04:
                    9f:53:a9:e9:e8:48:31:e7:bd:0f:af:7a:fc:74:18:
                    28:4a:f7:fe:71:8c:38:6c:0d:8a:46:87:e7:7f:f7:
                    12:b8:99:d7:c4:ab:45:27:8e:7d:75:03:11:5a:5e:
                    d9:ef:53:e9:cb:77:3b:00:28:94:90:bb:40:67:d1:
                    7b:07:e8:cd:2f:a1:bb:df:52:fd:cd:54:26:99:a5:
                    58:31:70:f9:09:47:b8:7f:85:64:bf:0f:70:74:b6:
                    e4:95:8f:12:61:fb:5e:fe:f0:0d:9a:a6:00:3f:15:
                    95:78:65:64:6f:9d:62:13:8b:de:1b:a7:7a:bf:aa:
                    0d:14:05:bf:7a:78:cc:76:63:91:ce:31:2b:ea:f0:
                    20:eb:c1:c5:4f:17:ac:6f:39:5f:f6:db:15:0f:ac:
                    88:48:59:30:08:f6:e2:67:df:a9:af:bb:f2:0a:37:
                    4c:f4:6c:17:12:a8:32:85:2e:de:ee:14:1a:0a:26:
                    b4:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:B7:A7:0F:83:37:EF:6F:65:8A:5D:4E:BC:04:DD:E7:31:16:CB:AE
            X509v3 Authority Key Identifier:
                keyid:FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/4564a3e78ac3d144182eea0840b042c0f0a22dcc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/c974409d0c2a70c921dd685e863e9f00cb1e262a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  24.232.0.0/16
                  66.60.0.0/18
                  152.168.0.0/14
                  170.150.196.0/22
                  170.231.136.0/22
                  181.28.0.0/14
                  181.96.0.0/12
                  181.164.0.0-181.171.255.255
                  181.228.0.0/14
                  186.108.0.0/14
                  186.124.0.0/14
                  186.136.0.0/14
                  186.152.0.0/15
                  190.16.0.0/14
                  190.30.0.0/15
                  190.136.0.0/14
                  190.188.0.0-190.195.255.255
                  190.224.0.0/13
                  190.244.0.0/14
                  191.97.128.0/17
                  196.32.64.0/19
                  200.3.32.0-200.3.95.255
                  200.32.0.0/19
                  200.42.0.0-200.42.159.255
                  200.43.0.0/16
                  200.45.0.0/16
                  200.49.96.0/20
                  200.49.128.0/19
                  200.55.64.0/18
                  200.61.192.0/19
                  200.63.0.0/19
                  200.71.224.0/20
                  200.73.128.0/18
                  200.80.64.0/20
                  200.82.0.0/17
                  200.89.128.0/18
                  200.105.0.0-200.105.95.255
                  200.110.224.0/21
                  200.114.128.0/17
                  200.117.0.0/16
                  200.122.0.0/17
                  200.126.128.0-200.127.255.255
                  201.212.0.0/15
                  201.231.0.0/16
                  201.235.0.0/16
                  201.252.0.0/15
                IPv6:
                  2001:13d0::/29
                  2800:2000::/20
                  2800:b000::/32
                  2803:da80::/32

    Signature Algorithm: sha256WithRSAEncryption
         23:80:fd:f5:61:bc:16:d4:b1:94:83:05:4f:48:ce:72:26:68:
         d5:ca:27:7c:7e:7b:13:87:48:ba:02:d5:6c:f7:f2:5e:ae:0d:
         4a:cf:90:9e:17:50:21:cb:f6:58:44:2d:54:99:7b:ed:dc:94:
         9d:cf:39:c4:46:09:8a:4e:d1:32:ca:ca:20:31:c1:33:c8:57:
         b9:f6:87:bf:08:4d:90:6a:62:0e:28:fb:61:f3:d7:62:70:eb:
         06:67:ee:11:15:fe:64:1f:32:ea:a8:15:c6:ca:e7:de:6c:29:
         14:a5:f0:93:ec:15:47:a0:e6:38:72:8f:d9:19:a4:79:58:3a:
         3a:ea:8a:04:30:a5:c7:63:90:34:e1:b6:2c:55:6b:ec:53:0b:
         33:4a:2f:0f:34:32:77:b0:08:9c:e4:a7:60:9f:1a:c2:0d:7b:
         44:10:4f:4e:51:88:e4:3e:4c:9e:15:2c:64:c0:dc:b3:b2:53:
         86:41:48:ae:a5:7f:a7:8f:b5:57:a6:48:2c:a8:90:01:ef:fb:
         4c:0f:5d:c0:e3:1a:d0:51:7c:82:36:0f:a2:16:c3:c8:f7:55:
         d2:8d:78:c3:f7:51:f7:7e:09:6f:37:97:4a:15:c6:fc:c0:26:
         09:cd:bf:ae:74:2e:ae:ff:7a:6f:6a:2d:b0:45:1a:c1:92:0d:
         36:ec:52:a4
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgIDLrcTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM5
NzQ0MDlkMGMyYTcwYzkyMWRkNjg1ZTg2M2U5ZjAwY2IxZTI2MmEwHhcNMjMxMjA3
MTQyNjU4WhcNMjUxMjA3MTQyNjU4WjAzMTEwLwYDVQQDEyg0NTY0YTNlNzhhYzNk
MTQ0MTgyZWVhMDg0MGIwNDJjMGYwYTIyZGNjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAh6eW2f+hwIFGh6ATiIs4UUF0YaimrOQSwjXvMc40W2vMZrk1
kcFxZjp2tb5udXoGdT+jeawTMIgQrIoGvFpzV7llw3XDJa88lgSfU6np6Egx570P
r3r8dBgoSvf+cYw4bA2KRofnf/cSuJnXxKtFJ459dQMRWl7Z71Ppy3c7ACiUkLtA
Z9F7B+jNL6G731L9zVQmmaVYMXD5CUe4f4Vkvw9wdLbklY8SYfte/vANmqYAPxWV
eGVkb51iE4veG6d6v6oNFAW/enjMdmORzjEr6vAg68HFTxesbzlf9tsVD6yISFkw
CPbiZ9+pr7vyCjdM9GwXEqgyhS7e7hQaCia0jwIDAQABo4IDqjCCA6YwHQYDVR0O
BBYEFIe3pw+DN+9vZYpdTrwE3ecxFsuuMB8GA1UdIwQYMBaAFPuO/GhWAKtj6gJP
ow0fFdW1sMGxMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzk3NDQw
OWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYyYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTMyYjIwOTctZWEwOC00NzgwLWI5NGYtMDNjMzM4
YjVhYTU3LzQ1NjRhM2U3OGFjM2QxNDQxODJlZWEwODQwYjA0MmMwZjBhMjJkY2Mu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MzJiMjA5Ny1lYTA4LTQ3ODAtYjk0Zi0wM2Mz
MzhiNWFhNTcvYzk3NDQwOWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYy
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCAWwGCCsGAQUFBwEHAQH/
BIIBWzCCAVcwggEwBAIAATCCASgDAwAY6AMEBkI8AAMDApioAwQCqpbEAwQCqueI
AwMCtRwDAwS1YDAKAwMCtaQDAwK1qAMDArXkAwMCumwDAwK6fAMDArqIAwMBupgD
AwK+EAMDAb4eAwMCvogwCgMDAr68AwMCvsADAwO+4AMDAr70AwQHv2GAAwQFxCBA
MAwDBAXIAyADBAXIA0ADBAXIIAAwCwMDAcgqAwQFyCqAAwMAyCsDAwDILQMEBMgx
YAMEBcgxgAMEBsg3QAMEBcg9wAMEBcg/AAMEBMhH4AMEBshJgAMEBMhQQAMEB8hS
AAMEBshZgDALAwMAyGkDBAXIaUADBAPIbuADBAfIcoADAwDIdQMEB8h6ADALAwQH
yH6AAwMHyAADAwHJ1AMDAMnnAwMAyesDAwHJ/DAhBAIAAjAbAwUDIAET0AMEBCgA
IAMFACgAsAADBQAoA9qAMA0GCSqGSIb3DQEBCwUAA4IBAQAjgP31YbwW1LGUgwVP
SM5yJmjVyid8fnsTh0i6AtVs9/Jerg1Kz5CeF1Ahy/ZYRC1UmXvt3JSdzznERgmK
TtEyysogMcEzyFe59oe/CE2QamIOKPth89dicOsGZ+4RFf5kHzLqqBXGyufebCkU
pfCT7BVHoOY4co/ZGaR5WDo66ooEMKXHY5A04bYsVWvsUwszSi8PNDJ3sAic5Kdg
nxrCDXtEEE9OUYjkPkyeFSxkwNyzslOGQUiupX+nj7VXpkgsqJAB7/tMD13A4xrQ
UXyCNg+iFsPI91XSjXjD91H3fglvN5dKFcb8wCYJzb+udC6u/3pvai2wRRrBkg02
7FKk
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:43 2024 by rpki-client on console-fra.rpki-client.org