Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/97271d60cadf8e07bf306d3a9488235796b58ff4.roa
File:                     97271d60cadf8e07bf306d3a9488235796b58ff4.roa (raw, json)
Hash identifier:          9IDYDNnvmJ7qPB07KiPLbKoh39viFP8ebh9ziLOO2w0=
Subject key identifier:   69:4A:63:33:E0:F7:73:E0:B3:19:0B:88:11:0A:57:03:3E:7C:57:75
Certificate issuer:       /CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
Certificate serial:       2E3993
Authority key identifier: FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/97271d60cadf8e07bf306d3a9488235796b58ff4.roa
Signing time:             Thu 07 Dec 2023 13:00:57 +0000
ROA not before:           Thu 07 Dec 2023 13:00:46 +0000
ROA not after:            Thu 07 Dec 2028 13:00:46 +0000
asID:                     264642
IP address blocks:        190.228.115.0/24 maxlen: 24
                          190.228.116.0/23 maxlen: 24
                          186.125.199.0/24 maxlen: 24
                          186.125.200.0/23 maxlen: 24
                          190.137.162.0/23 maxlen: 23
                          190.228.64.0/23 maxlen: 24
                          190.228.88.0/22 maxlen: 24
                          190.228.93.0/24 maxlen: 24
                          190.228.94.0/24 maxlen: 24
                          181.105.228.0/22 maxlen: 22
                          190.30.254.0/24 maxlen: 24
                          190.228.42.0/23 maxlen: 24
                          190.228.165.0/24 maxlen: 24
                          190.228.166.0/23 maxlen: 24
                          200.73.188.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3029395 (0x2e3993)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
        Validity
            Not Before: Dec  7 13:00:46 2023 GMT
            Not After : Dec  7 13:00:46 2028 GMT
        Subject: CN=97271d60cadf8e07bf306d3a9488235796b58ff4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:86:7a:14:68:70:10:11:06:00:72:66:4c:b7:
                    8e:37:ec:a9:ac:62:8f:cf:07:53:f8:dd:fb:fd:a7:
                    d6:8f:dc:a9:c1:a6:35:47:dd:30:50:a6:f2:1d:ad:
                    98:81:0c:fe:49:b4:fe:45:0b:a3:49:a8:bb:96:0e:
                    f1:0e:9c:c1:61:e6:cc:0a:ab:7a:37:cb:0b:85:69:
                    c4:0a:3a:35:a5:25:b6:eb:1d:45:62:8c:f1:8c:31:
                    13:0b:26:70:e6:54:6c:f8:46:36:93:bd:7e:82:b3:
                    f6:6d:3a:1d:dd:5e:cf:28:ca:5c:80:29:53:64:3b:
                    0f:23:a3:c5:f0:21:75:a4:f6:46:b3:35:5d:71:f0:
                    48:56:1f:48:a6:04:7b:be:8f:1c:24:d9:38:27:14:
                    b1:a2:b9:90:5d:c4:34:ea:38:20:e8:72:f7:d6:87:
                    64:74:dc:90:df:cb:5f:9e:61:77:3b:16:3e:fe:fa:
                    d7:c5:22:ff:6c:cb:d1:4a:7e:a1:b1:ab:c3:90:75:
                    22:a7:12:02:9a:63:d4:a8:55:60:11:be:32:45:34:
                    a7:13:4e:ce:9e:fa:ec:5f:02:07:28:05:d7:2e:ff:
                    27:e1:68:30:a2:1c:bb:26:a3:c5:81:58:dc:a4:02:
                    f4:bf:83:34:f0:00:1d:e6:a0:d6:46:ad:3b:bf:08:
                    a5:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:4A:63:33:E0:F7:73:E0:B3:19:0B:88:11:0A:57:03:3E:7C:57:75
            X509v3 Authority Key Identifier:
                keyid:FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/97271d60cadf8e07bf306d3a9488235796b58ff4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/c974409d0c2a70c921dd685e863e9f00cb1e262a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.105.228.0/22
                  186.125.199.0-186.125.201.255
                  190.30.254.0/24
                  190.137.162.0/23
                  190.228.42.0/23
                  190.228.64.0/23
                  190.228.88.0/22
                  190.228.93.0-190.228.94.255
                  190.228.115.0-190.228.117.255
                  190.228.165.0-190.228.167.255
                  200.73.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:a6:2e:44:5f:5e:f4:64:62:0c:ae:b1:ed:f8:f3:21:90:6e:
         20:75:7e:cc:22:9b:3b:19:fd:fb:ca:73:ef:74:5d:d6:91:ed:
         6d:0a:86:cb:1d:40:ab:8a:b1:bc:b5:07:1d:05:e6:ae:5f:61:
         b4:51:8a:0d:d2:f4:4c:32:7e:70:08:24:30:44:a4:e8:d5:3c:
         c7:3f:47:a6:a1:e8:3b:a4:73:78:a6:88:75:c1:91:9b:eb:65:
         96:c0:89:6c:10:b5:72:52:51:2d:6a:af:d2:66:6f:40:a5:5f:
         83:c9:0f:13:2f:d9:9a:a5:e2:52:d1:b0:9d:c9:5b:49:17:68:
         01:3f:29:87:3f:c5:b9:d3:62:30:04:e7:41:15:93:3f:5e:9f:
         66:7e:97:03:c4:9c:d9:47:8b:8c:36:e2:eb:c8:15:0a:b3:25:
         c0:d2:3d:a3:fe:85:a2:55:57:22:97:1b:32:c1:1b:0d:1c:15:
         f1:ed:45:c7:df:d9:c2:2f:53:68:0b:bd:73:74:5f:c1:fc:6a:
         47:d1:2c:36:b5:f6:ba:2d:88:13:10:1e:74:44:86:a7:13:a0:
         43:1a:be:e1:87:69:a2:7b:c3:03:c1:c1:ce:7f:e8:df:c9:d1:
         38:d7:db:9c:20:30:a0:b6:48:cd:85:5d:07:ae:d4:3e:50:5f:
         c7:8a:23:4c
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIDLjmTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM5
NzQ0MDlkMGMyYTcwYzkyMWRkNjg1ZTg2M2U5ZjAwY2IxZTI2MmEwHhcNMjMxMjA3
MTMwMDQ2WhcNMjgxMjA3MTMwMDQ2WjAzMTEwLwYDVQQDEyg5NzI3MWQ2MGNhZGY4
ZTA3YmYzMDZkM2E5NDg4MjM1Nzk2YjU4ZmY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlYZ6FGhwEBEGAHJmTLeON+yprGKPzwdT+N37/afWj9ypwaY1
R90wUKbyHa2YgQz+SbT+RQujSai7lg7xDpzBYebMCqt6N8sLhWnECjo1pSW26x1F
YozxjDETCyZw5lRs+EY2k71+grP2bTod3V7PKMpcgClTZDsPI6PF8CF1pPZGszVd
cfBIVh9IpgR7vo8cJNk4JxSxormQXcQ06jgg6HL31odkdNyQ38tfnmF3OxY+/vrX
xSL/bMvRSn6hsavDkHUipxICmmPUqFVgEb4yRTSnE07OnvrsXwIHKAXXLv8n4Wgw
ohy7JqPFgVjcpAL0v4M08AAd5qDWRq07vwilLwIDAQABo4ICtzCCArMwHQYDVR0O
BBYEFGlKYzPg93PgsxkLiBEKVwM+fFd1MB8GA1UdIwQYMBaAFPuO/GhWAKtj6gJP
ow0fFdW1sMGxMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzk3NDQw
OWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYyYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTMyYjIwOTctZWEwOC00NzgwLWI5NGYtMDNjMzM4
YjVhYTU3Lzk3MjcxZDYwY2FkZjhlMDdiZjMwNmQzYTk0ODgyMzU3OTZiNThmZjQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MzJiMjA5Ny1lYTA4LTQ3ODAtYjk0Zi0wM2Mz
MzhiNWFhNTcvYzk3NDQwOWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYy
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB7BggrBgEFBQcBBwEB/wRs
MGowaAQCAAEwYgMEArVp5DAMAwQAun3HAwQBun3IAwQAvh7+AwQBvomiAwQBvuQq
AwQBvuRAAwQCvuRYMAwDBAC+5F0DBAC+5F4wDAMEAL7kcwMEAb7kdDAMAwQAvuSl
AwQDvuSgAwQCyEm8MA0GCSqGSIb3DQEBCwUAA4IBAQBqpi5EX170ZGIMrrHt+PMh
kG4gdX7MIps7Gf37ynPvdF3Wke1tCobLHUCrirG8tQcdBeauX2G0UYoN0vRMMn5w
CCQwRKTo1TzHP0emoeg7pHN4poh1wZGb62WWwIlsELVyUlEtaq/SZm9ApV+DyQ8T
L9mapeJS0bCdyVtJF2gBPymHP8W502IwBOdBFZM/Xp9mfpcDxJzZR4uMNuLryBUK
syXA0j2j/oWiVVcilxsywRsNHBXx7UXH39nCL1NoC71zdF/B/GpH0Sw2tfa6LYgT
EB50RIanE6BDGr7hh2mie8MDwcHOf+jfydE419ucIDCgtkjNhV0HrtQ+UF/HiiNM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:42 2024 by rpki-client on console-ams.rpki-client.org