Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/abc91ec67e3b74bd1d2df054d6e7294f0ee2a530.roa
File:                     abc91ec67e3b74bd1d2df054d6e7294f0ee2a530.roa (raw, json)
Hash identifier:          yD/nnO80+E5qqBtgzYEDa1vA/HJ19BOip69jlq6FA64=
Subject key identifier:   13:75:41:27:0C:81:82:29:1F:65:8F:52:9E:1D:8E:09:8B:DD:1A:D8
Certificate issuer:       /CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
Certificate serial:       2E3562
Authority key identifier: FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/abc91ec67e3b74bd1d2df054d6e7294f0ee2a530.roa
Signing time:             Thu 07 Dec 2023 13:00:55 +0000
ROA not before:           Thu 07 Dec 2023 13:00:46 +0000
ROA not after:            Thu 07 Dec 2028 13:00:46 +0000
asID:                     19905
IP address blocks:        200.73.128.0/18 maxlen: 24
                          200.127.144.0/20 maxlen: 24
                          200.43.32.0/23 maxlen: 24
                          201.212.0.0/20 maxlen: 24
                          181.30.64.0/19 maxlen: 24
                          200.43.192.0/23 maxlen: 24
                          200.127.160.0/21 maxlen: 24
                          181.30.0.0/18 maxlen: 24
                          181.94.4.0/23 maxlen: 24
                          201.235.124.0/22 maxlen: 24
                          181.166.246.0/23 maxlen: 24
                          200.42.80.0/20 maxlen: 24
                          181.166.248.0/23 maxlen: 24
                          200.89.128.0/21 maxlen: 24
                          181.15.110.0/23 maxlen: 24
                          200.42.98.0/23 maxlen: 24
                          200.45.190.0/23 maxlen: 24
                          200.89.138.0/23 maxlen: 24
                          200.42.100.0/23 maxlen: 24
                          200.89.140.0/22 maxlen: 24
                          200.42.106.0/23 maxlen: 24
                          200.42.110.0/23 maxlen: 24
                          200.89.146.0/23 maxlen: 24
                          200.89.148.0/22 maxlen: 24
                          200.89.152.0/21 maxlen: 24
                          200.42.116.0/22 maxlen: 24
                          200.42.126.0/23 maxlen: 24
                          200.42.130.0/23 maxlen: 24
                          200.42.132.0/22 maxlen: 24
                          200.32.2.0/23 maxlen: 24
                          200.32.4.0/22 maxlen: 24
                          200.42.30.0/23 maxlen: 24
                          200.32.8.0/22 maxlen: 24
                          200.32.12.0/23 maxlen: 24
                          200.32.18.0/23 maxlen: 24
                          200.42.48.0/23 maxlen: 24
                          200.32.30.0/23 maxlen: 24
                          200.42.56.0/21 maxlen: 24
                          200.42.68.0/22 maxlen: 24
                          181.166.240.0/22 maxlen: 24
                          200.42.72.0/21 maxlen: 24
                          190.224.160.0/22 maxlen: 24
                          200.49.140.0/22 maxlen: 24
                          200.49.150.0/23 maxlen: 24
                          200.49.154.0/23 maxlen: 24
                          200.49.156.0/22 maxlen: 24
                          200.42.136.0/22 maxlen: 24
                          200.89.174.0/23 maxlen: 24
                          200.89.176.0/21 maxlen: 24
                          200.42.142.0/23 maxlen: 24
                          200.42.144.0/22 maxlen: 24
                          200.42.150.0/23 maxlen: 24
                          200.89.188.0/23 maxlen: 24
                          200.42.154.0/23 maxlen: 24
                          200.61.204.0/22 maxlen: 24
                          200.61.208.0/20 maxlen: 24
                          181.105.160.0/19 maxlen: 24
                          200.45.0.0/22 maxlen: 24
                          200.45.4.0/23 maxlen: 24
                          181.14.80.0/20 maxlen: 24
                          181.14.96.0/20 maxlen: 24
                          181.11.32.0/20 maxlen: 24
                          200.82.80.0/22 maxlen: 24
                          200.42.0.0/23 maxlen: 24
                          200.42.8.0/21 maxlen: 24
                          200.42.16.0/23 maxlen: 24
                          200.42.22.0/23 maxlen: 24
                          190.136.28.0/23 maxlen: 24
                          200.45.48.0/23 maxlen: 24
                          200.45.64.0/23 maxlen: 24
                          190.225.246.0/23 maxlen: 24
                          181.30.160.0/19 maxlen: 24
                          200.3.94.0/23 maxlen: 24
                          181.30.96.0/20 maxlen: 24
                          181.30.112.0/21 maxlen: 24
                          181.30.120.0/22 maxlen: 24
                          181.30.124.0/23 maxlen: 24
                          181.14.72.0/21 maxlen: 24
                          190.226.40.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3028322 (0x2e3562)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
        Validity
            Not Before: Dec  7 13:00:46 2023 GMT
            Not After : Dec  7 13:00:46 2028 GMT
        Subject: CN=abc91ec67e3b74bd1d2df054d6e7294f0ee2a530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:ab:5e:b7:c8:08:1b:45:86:9b:07:f7:5f:1e:
                    49:ed:0d:8d:f1:f6:20:4f:6b:e2:b7:b8:bb:94:2d:
                    e2:5c:42:86:8f:75:20:3d:54:09:03:68:60:83:fd:
                    87:a2:8b:12:e6:06:34:46:06:82:fc:b2:71:ee:7b:
                    9a:f3:d8:11:6c:5c:e4:2a:88:f7:39:05:e6:e3:31:
                    70:57:94:37:49:7b:19:a0:7a:5f:94:eb:df:6a:07:
                    75:36:07:de:4a:91:1f:ca:5f:1e:04:ce:ed:7d:38:
                    19:55:8d:6b:c5:fa:bf:37:d2:62:3c:54:2c:00:59:
                    bf:0d:4d:dd:37:10:eb:c2:96:2e:96:3a:92:92:dd:
                    5e:4c:0c:71:4d:14:ab:d7:74:97:f7:f5:34:2b:51:
                    b0:9b:88:21:fe:64:0e:b8:8f:3c:ac:00:0d:48:0d:
                    1c:4b:16:cb:74:12:23:69:f4:70:3c:c3:f5:ca:25:
                    67:46:8c:a5:40:9c:4a:2c:a6:06:f0:60:a6:a8:d3:
                    04:55:b1:b1:d9:18:09:17:46:15:50:34:d9:2d:97:
                    ae:5a:12:cc:92:b9:fd:02:fd:33:9f:e7:47:1d:ea:
                    90:a3:01:6c:8b:81:1e:b6:71:a2:9c:3a:74:e2:86:
                    ef:78:11:7c:af:1e:70:3b:8f:66:28:cd:a1:bc:ef:
                    57:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:75:41:27:0C:81:82:29:1F:65:8F:52:9E:1D:8E:09:8B:DD:1A:D8
            X509v3 Authority Key Identifier:
                keyid:FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/abc91ec67e3b74bd1d2df054d6e7294f0ee2a530.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/c974409d0c2a70c921dd685e863e9f00cb1e262a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.11.32.0/20
                  181.14.72.0-181.14.111.255
                  181.15.110.0/23
                  181.30.0.0-181.30.125.255
                  181.30.160.0/19
                  181.94.4.0/23
                  181.105.160.0/19
                  181.166.240.0/22
                  181.166.246.0-181.166.249.255
                  190.136.28.0/23
                  190.224.160.0/22
                  190.225.246.0/23
                  190.226.40.0/23
                  200.3.94.0/23
                  200.32.2.0-200.32.13.255
                  200.32.18.0/23
                  200.32.30.0/23
                  200.42.0.0/23
                  200.42.8.0-200.42.17.255
                  200.42.22.0/23
                  200.42.30.0/23
                  200.42.48.0/23
                  200.42.56.0/21
                  200.42.68.0-200.42.95.255
                  200.42.98.0-200.42.101.255
                  200.42.106.0/23
                  200.42.110.0/23
                  200.42.116.0/22
                  200.42.126.0/23
                  200.42.130.0-200.42.139.255
                  200.42.142.0-200.42.147.255
                  200.42.150.0/23
                  200.42.154.0/23
                  200.43.32.0/23
                  200.43.192.0/23
                  200.45.0.0-200.45.5.255
                  200.45.48.0/23
                  200.45.64.0/23
                  200.45.190.0/23
                  200.49.140.0/22
                  200.49.150.0/23
                  200.49.154.0-200.49.159.255
                  200.61.204.0-200.61.223.255
                  200.73.128.0/18
                  200.82.80.0/22
                  200.89.128.0/21
                  200.89.138.0-200.89.143.255
                  200.89.146.0-200.89.159.255
                  200.89.174.0-200.89.183.255
                  200.89.188.0/23
                  200.127.144.0-200.127.167.255
                  201.212.0.0/20
                  201.235.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         35:85:0c:2b:db:8f:0b:cd:02:9d:4d:9e:ce:33:6b:e9:23:fd:
         7a:09:5a:e5:39:03:24:1f:ee:ce:a4:c5:f7:aa:19:80:08:db:
         7e:e8:af:b3:1e:1d:75:4b:58:5b:48:a1:3f:ad:3f:29:39:c5:
         3a:d4:49:11:0c:3b:10:bc:06:24:57:0a:83:87:85:cd:3f:22:
         13:f6:3c:c7:18:37:18:fc:9d:64:f9:75:98:a1:a2:1f:72:b5:
         4a:67:ec:66:d6:6c:d0:e7:97:42:c8:b7:8d:ed:8d:19:41:15:
         84:4e:c5:85:66:60:ca:a4:d8:93:13:46:93:49:72:84:c5:8e:
         6a:6a:48:97:1b:7b:44:e1:57:68:d0:4f:b7:ab:50:14:81:2b:
         92:7e:9a:de:5b:84:c5:36:56:72:78:4d:ef:97:b1:c9:8b:ab:
         4f:9a:cd:78:55:ae:47:ff:b8:e1:a0:6a:76:ba:fe:c6:8a:fc:
         f4:fe:73:48:dc:a7:d8:4e:81:18:3d:b6:37:87:40:55:6f:11:
         7d:a1:07:1d:99:73:af:2d:fd:6e:bb:cf:fd:6e:ec:08:5a:81:
         34:2b:fd:a4:80:76:34:eb:25:c5:9f:62:20:3f:69:bd:f3:93:
         47:c8:9c:13:fa:c0:22:30:41:1d:f8:bb:86:17:6b:0d:0c:27:
         0b:34:cc:0d
-----BEGIN CERTIFICATE-----
MIIHADCCBeigAwIBAgIDLjViMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM5
NzQ0MDlkMGMyYTcwYzkyMWRkNjg1ZTg2M2U5ZjAwY2IxZTI2MmEwHhcNMjMxMjA3
MTMwMDQ2WhcNMjgxMjA3MTMwMDQ2WjAzMTEwLwYDVQQDEyhhYmM5MWVjNjdlM2I3
NGJkMWQyZGYwNTRkNmU3Mjk0ZjBlZTJhNTMwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlatet8gIG0WGmwf3Xx5J7Q2N8fYgT2vit7i7lC3iXEKGj3Ug
PVQJA2hgg/2HoosS5gY0RgaC/LJx7nua89gRbFzkKoj3OQXm4zFwV5Q3SXsZoHpf
lOvfagd1NgfeSpEfyl8eBM7tfTgZVY1rxfq/N9JiPFQsAFm/DU3dNxDrwpYuljqS
kt1eTAxxTRSr13SX9/U0K1Gwm4gh/mQOuI88rAANSA0cSxbLdBIjafRwPMP1yiVn
RoylQJxKLKYG8GCmqNMEVbGx2RgJF0YVUDTZLZeuWhLMkrn9Av0zn+dHHeqQowFs
i4EetnGinDp04obveBF8rx5wO49mKM2hvO9XfwIDAQABo4IEGzCCBBcwHQYDVR0O
BBYEFBN1QScMgYIpH2WPUp4djgmL3RrYMB8GA1UdIwQYMBaAFPuO/GhWAKtj6gJP
ow0fFdW1sMGxMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzk3NDQw
OWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYyYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTMyYjIwOTctZWEwOC00NzgwLWI5NGYtMDNjMzM4
YjVhYTU3L2FiYzkxZWM2N2UzYjc0YmQxZDJkZjA1NGQ2ZTcyOTRmMGVlMmE1MzAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MzJiMjA5Ny1lYTA4LTQ3ODAtYjk0Zi0wM2Mz
MzhiNWFhNTcvYzk3NDQwOWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYy
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCAd0GCCsGAQUFBwEHAQH/
BIIBzDCCAcgwggHEBAIAATCCAbwDBAS1CyAwDAMEA7UOSAMEBLUOYAMEAbUPbjAL
AwMBtR4DBAG1HnwDBAW1HqADBAG1XgQDBAW1aaADBAK1pvAwDAMEAbWm9gMEAbWm
+AMEAb6IHAMEAr7goAMEAb7h9gMEAb7iKAMEAcgDXjAMAwQByCACAwQByCAMAwQB
yCASAwQByCAeAwQByCoAMAwDBAPIKggDBAHIKhADBAHIKhYDBAHIKh4DBAHIKjAD
BAPIKjgwDAMEAsgqRAMEBcgqQDAMAwQByCpiAwQByCpkAwQByCpqAwQByCpuAwQC
yCp0AwQByCp+MAwDBAHIKoIDBALIKogwDAMEAcgqjgMEAsgqkAMEAcgqlgMEAcgq
mgMEAcgrIAMEAcgrwDALAwMAyC0DBAHILQQDBAHILTADBAHILUADBAHILb4DBALI
MYwDBAHIMZYwDAMEAcgxmgMEBcgxgDAMAwQCyD3MAwQFyD3AAwQGyEmAAwQCyFJQ
AwQDyFmAMAwDBAHIWYoDBATIWYAwDAMEAchZkgMEBchZgDAMAwQByFmuAwQDyFmw
AwQByFm8MAwDBATIf5ADBAPIf6ADBATJ1AADBALJ63wwDQYJKoZIhvcNAQELBQAD
ggEBADWFDCvbjwvNAp1Nns4za+kj/XoJWuU5AyQf7s6kxfeqGYAI237or7MeHXVL
WFtIoT+tPyk5xTrUSREMOxC8BiRXCoOHhc0/IhP2PMcYNxj8nWT5dZihoh9ytUpn
7GbWbNDnl0LIt43tjRlBFYROxYVmYMqk2JMTRpNJcoTFjmpqSJcbe0ThV2jQT7er
UBSBK5J+mt5bhMU2VnJ4Te+XscmLq0+azXhVrkf/uOGgana6/saK/PT+c0jcp9hO
gRg9tjeHQFVvEX2hBx2Zc68t/W67z/1u7AhagTQr/aSAdjTrJcWfYiA/ab3zk0fI
nBP6wCIwQR34u4YXaw0MJws0zA0=
-----END CERTIFICATE-----
Generated at Mon Apr 15 17:25:33 2024 by rpki-client on console-ams.rpki-client.org