Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/60fa41a55320557665e5a8ff295f1b56a7d0b8e1.roa
File:                     60fa41a55320557665e5a8ff295f1b56a7d0b8e1.roa (raw, json)
Hash identifier:          E/uiVnj4iyavixUOZzw7326DWGJgGQ++gLZe3G39qx8=
Subject key identifier:   7F:49:8E:FB:95:5C:17:1D:78:CA:24:64:B4:50:A1:AC:66:DC:33:0C
Certificate issuer:       /CN=d93a444d061fc4d914dc56d8031a9c4574ca57ad
Certificate serial:       27B970
Authority key identifier: C9:9C:8C:AA:C7:FF:7B:F4:E1:7A:CA:F0:8F:DD:D6:E5:6E:FC:CD:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d93a444d061fc4d914dc56d8031a9c4574ca57ad.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/60fa41a55320557665e5a8ff295f1b56a7d0b8e1.roa
Signing time:             Mon 17 Apr 2023 13:02:32 +0000
ROA not before:           Sun 16 Apr 2023 13:00:28 +0000
ROA not after:            Thu 17 Apr 2025 13:00:28 +0000
asID:                     264767
IP address blocks:        181.13.185.0/24 maxlen: 24
                          181.13.186.0/24 maxlen: 24
                          190.228.126.0/24 maxlen: 24
                          190.228.132.0/24 maxlen: 24
                          190.228.73.0/24 maxlen: 24
                          190.228.74.0/24 maxlen: 24
                          181.13.151.0/24 maxlen: 24
                          181.13.153.0/24 maxlen: 24
                          186.125.160.0/24 maxlen: 24
                          190.228.99.0/24 maxlen: 24
                          190.228.100.0/24 maxlen: 24
                          181.13.239.0/24 maxlen: 24
                          190.136.18.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2603376 (0x27b970)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93a444d061fc4d914dc56d8031a9c4574ca57ad
        Validity
            Not Before: Apr 16 13:00:28 2023 GMT
            Not After : Apr 17 13:00:28 2025 GMT
        Subject: CN=60fa41a55320557665e5a8ff295f1b56a7d0b8e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:66:5d:c7:2d:78:8d:45:92:db:46:b2:f9:57:
                    a9:e3:60:03:68:0f:1d:79:67:ab:a3:13:a1:89:0a:
                    29:64:b8:59:5d:61:24:e5:18:1e:79:51:a3:07:6d:
                    15:a3:45:f0:cd:72:3a:f8:68:5b:ab:91:e6:86:b9:
                    fb:cc:73:28:1e:ee:d1:f9:fd:97:c6:ae:b2:75:2b:
                    28:72:5d:b1:01:01:c3:61:d5:1a:c8:3c:93:e1:05:
                    4f:e1:e5:1c:86:72:70:d6:e0:9b:55:a6:62:c8:88:
                    a8:4c:5f:5a:7f:b2:3b:c3:43:d0:f5:56:db:41:c2:
                    59:6a:98:8a:7d:f9:0b:91:3c:b4:7a:db:c0:93:02:
                    fe:6b:8e:ec:90:af:da:9d:33:df:6e:33:2e:04:25:
                    19:b2:56:ab:54:5e:f9:2c:c6:04:fb:ca:71:ec:11:
                    13:ca:91:5c:18:08:36:6d:f2:0e:de:11:b1:df:c8:
                    0c:cb:ee:7c:d1:aa:f4:25:a2:92:3b:3f:b4:0a:e8:
                    e4:5d:fd:12:97:21:3d:7d:6d:3e:42:73:d9:ed:88:
                    be:99:9c:9a:dc:78:79:a4:cc:2c:c6:34:01:b9:b4:
                    3c:ab:95:6b:60:52:2d:ae:a5:f0:61:a2:d1:b3:52:
                    1e:8e:03:66:22:5b:c0:49:03:af:64:90:58:8e:4f:
                    f3:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:49:8E:FB:95:5C:17:1D:78:CA:24:64:B4:50:A1:AC:66:DC:33:0C
            X509v3 Authority Key Identifier:
                keyid:C9:9C:8C:AA:C7:FF:7B:F4:E1:7A:CA:F0:8F:DD:D6:E5:6E:FC:CD:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d93a444d061fc4d914dc56d8031a9c4574ca57ad.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/60fa41a55320557665e5a8ff295f1b56a7d0b8e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/d93a444d061fc4d914dc56d8031a9c4574ca57ad.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.13.151.0/24
                  181.13.153.0/24
                  181.13.185.0-181.13.186.255
                  181.13.239.0/24
                  186.125.160.0/24
                  190.136.18.0/24
                  190.228.73.0-190.228.74.255
                  190.228.99.0-190.228.100.255
                  190.228.126.0/24
                  190.228.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:69:e4:38:1f:19:c0:7c:eb:bb:ff:88:b6:1c:8d:fe:b6:8c:
         c4:03:f4:51:4d:0e:72:76:ea:f8:ce:60:81:3b:c6:85:10:f6:
         72:38:f1:93:00:6a:02:81:aa:92:22:61:75:85:01:81:db:cc:
         f5:c2:94:c8:3c:b1:80:02:c2:51:58:17:f1:17:54:69:11:f7:
         42:69:d5:49:45:63:19:80:70:ac:9c:c4:a0:59:a8:9d:c6:ca:
         92:53:56:7a:bb:39:68:ea:c7:fc:4c:3d:f3:39:8b:d7:69:8b:
         d7:c6:82:a7:c1:89:ce:e3:99:0b:81:27:bb:c3:7b:8f:dc:4c:
         40:3e:7f:1c:1a:e0:e7:44:b2:d6:95:7b:37:77:d8:c0:0f:7e:
         b7:c7:b5:9c:bb:51:0c:0a:78:85:11:a0:c4:18:30:9f:b4:2c:
         32:c0:f5:16:aa:e7:57:92:a1:e2:15:ff:95:c5:16:59:c6:4e:
         40:2f:b0:c8:78:30:e5:97:7e:7f:2e:b4:03:7b:a9:3a:08:98:
         f6:3f:e4:56:ae:32:96:75:0e:ac:92:9a:1c:10:29:e1:91:c8:
         9e:c4:ee:7f:76:39:fe:20:60:bd:58:b0:57:3a:31:b1:99:4c:
         c9:4c:d9:dc:ee:4d:17:c1:e0:3e:87:85:7e:c0:70:19:57:a9:
         fc:15:07:0a
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIDJ7lwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ5
M2E0NDRkMDYxZmM0ZDkxNGRjNTZkODAzMWE5YzQ1NzRjYTU3YWQwHhcNMjMwNDE2
MTMwMDI4WhcNMjUwNDE3MTMwMDI4WjAzMTEwLwYDVQQDEyg2MGZhNDFhNTUzMjA1
NTc2NjVlNWE4ZmYyOTVmMWI1NmE3ZDBiOGUxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzGZdxy14jUWS20ay+Vep42ADaA8deWeroxOhiQopZLhZXWEk
5RgeeVGjB20Vo0XwzXI6+Ghbq5Hmhrn7zHMoHu7R+f2Xxq6ydSsocl2xAQHDYdUa
yDyT4QVP4eUchnJw1uCbVaZiyIioTF9af7I7w0PQ9VbbQcJZapiKffkLkTy0etvA
kwL+a47skK/anTPfbjMuBCUZslarVF75LMYE+8px7BETypFcGAg2bfIO3hGx38gM
y+580ar0JaKSOz+0CujkXf0SlyE9fW0+QnPZ7Yi+mZya3Hh5pMwsxjQBubQ8q5Vr
YFItrqXwYaLRs1IejgNmIlvASQOvZJBYjk/zAQIDAQABo4ICqTCCAqUwHQYDVR0O
BBYEFH9JjvuVXBcdeMokZLRQoaxm3DMMMB8GA1UdIwQYMBaAFMmcjKrH/3v04XrK
8I/d1uVu/M2tMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDkzYTQ0
NGQwNjFmYzRkOTE0ZGM1NmQ4MDMxYTljNDU3NGNhNTdhZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTMyYjIwOTctZWEwOC00NzgwLWI5NGYtMDNjMzM4
YjVhYTU3LzYwZmE0MWE1NTMyMDU1NzY2NWU1YThmZjI5NWYxYjU2YTdkMGI4ZTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MzJiMjA5Ny1lYTA4LTQ3ODAtYjk0Zi0wM2Mz
MzhiNWFhNTcvZDkzYTQ0NGQwNjFmYzRkOTE0ZGM1NmQ4MDMxYTljNDU3NGNhNTdh
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBtBggrBgEFBQcBBwEB/wRe
MFwwWgQCAAEwVAMEALUNlwMEALUNmTAMAwQAtQ25AwQAtQ26AwQAtQ3vAwQAun2g
AwQAvogSMAwDBAC+5EkDBAC+5EowDAMEAL7kYwMEAL7kZAMEAL7kfgMEAL7khDAN
BgkqhkiG9w0BAQsFAAOCAQEABWnkOB8ZwHzru/+IthyN/raMxAP0UU0Ocnbq+M5g
gTvGhRD2cjjxkwBqAoGqkiJhdYUBgdvM9cKUyDyxgALCUVgX8RdUaRH3QmnVSUVj
GYBwrJzEoFmoncbKklNWers5aOrH/Ew98zmL12mL18aCp8GJzuOZC4Enu8N7j9xM
QD5/HBrg50Sy1pV7N3fYwA9+t8e1nLtRDAp4hRGgxBgwn7QsMsD1FqrnV5Kh4hX/
lcUWWcZOQC+wyHgw5Zd+fy60A3upOgiY9j/kVq4ylnUOrJKaHBAp4ZHInsTuf3Y5
/iBgvViwVzoxsZlMyUzZ3O5NF8HgPoeFfsBwGVep/BUHCg==
-----END CERTIFICATE-----
Generated at Thu Dec 7 13:10:27 2023 by rpki-client on console-fra.rpki-client.org