Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/cd119afe15b4a0ec8a13f4a1c78340e665891919.roa
File:                     cd119afe15b4a0ec8a13f4a1c78340e665891919.roa (raw, json)
Hash identifier:          fHx0mBlSt9AqRgVKYAlA2lOixFRMHXsYEeZ0LmeONYU=
Subject key identifier:   8B:62:AD:AD:5C:95:27:D6:D1:F5:FE:B5:41:BB:6C:46:CB:12:38:F9
Certificate issuer:       /CN=d93a444d061fc4d914dc56d8031a9c4574ca57ad
Certificate serial:       13687A
Authority key identifier: C9:9C:8C:AA:C7:FF:7B:F4:E1:7A:CA:F0:8F:DD:D6:E5:6E:FC:CD:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d93a444d061fc4d914dc56d8031a9c4574ca57ad.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/cd119afe15b4a0ec8a13f4a1c78340e665891919.roa
Signing time:             Thu 29 Apr 2021 19:09:07 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     10318
IP address blocks:        152.168.0.0/14 maxlen: 24
                          186.138.0.0/15 maxlen: 24
                          200.89.128.0/18 maxlen: 24
                          200.126.128.0/17 maxlen: 24
                          170.231.136.0/22 maxlen: 24
                          201.212.0.0/15 maxlen: 24
                          201.212.128.0/17 maxlen: 24
                          181.164.0.0/14 maxlen: 24
                          181.168.0.0/14 maxlen: 24
                          181.28.0.0/14 maxlen: 24
                          186.136.0.0/14 maxlen: 24
                          190.16.0.0/14 maxlen: 24
                          190.244.0.0/14 maxlen: 24
                          200.114.128.0/17 maxlen: 24
                          200.49.128.0/19 maxlen: 24
                          201.231.0.0/16 maxlen: 24
                          201.235.0.0/16 maxlen: 24
                          24.232.0.0/16 maxlen: 24
                          200.126.160.0/19 maxlen: 24
                          200.126.192.0/19 maxlen: 24
                          200.126.224.0/19 maxlen: 24
                          2800:2000::/20 maxlen: 20

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1271930 (0x13687a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93a444d061fc4d914dc56d8031a9c4574ca57ad
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=cd119afe15b4a0ec8a13f4a1c78340e665891919
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:07:21:3d:3d:4d:4d:4d:9b:9a:f3:49:ad:4e:
                    21:ea:83:9e:27:2d:aa:ab:26:36:87:9c:34:b3:2c:
                    b3:a9:e1:49:fc:c3:80:d3:14:b8:7c:ec:3a:e0:6d:
                    c4:2f:c1:ee:39:d4:82:95:be:01:a3:47:9f:60:42:
                    d7:a3:cc:37:dc:6d:c0:12:e1:13:08:29:6b:5c:c7:
                    2b:5e:01:bd:87:db:d3:e7:4f:6b:bc:e4:bc:3a:53:
                    22:8d:2a:b1:fa:89:d6:21:a3:47:46:77:47:8d:92:
                    ef:40:ed:30:82:64:c5:27:5c:5b:e7:67:c1:c3:69:
                    b2:a6:1a:a7:ce:49:ff:58:4a:ac:50:e8:d5:a4:46:
                    7e:7f:9f:24:6b:2a:9d:8d:da:a8:c1:4b:40:4f:21:
                    bb:33:4f:68:56:0a:fe:93:c9:06:1d:9f:03:d3:04:
                    49:a8:ae:9e:e6:87:d4:9b:c7:4d:d0:ef:ae:49:e6:
                    ee:c3:eb:01:43:6a:24:db:76:d9:fd:26:87:78:72:
                    6e:fe:57:d9:c7:80:2f:83:71:01:6d:cb:64:b2:fd:
                    10:e4:4f:98:b8:b8:70:d7:9c:e8:7b:c4:45:e1:b4:
                    88:37:2f:bc:1f:e5:99:f8:db:33:be:f4:e3:23:6c:
                    73:d8:52:d6:86:f0:3a:34:3b:fa:da:72:ff:a2:f6:
                    ad:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:62:AD:AD:5C:95:27:D6:D1:F5:FE:B5:41:BB:6C:46:CB:12:38:F9
            X509v3 Authority Key Identifier:
                keyid:C9:9C:8C:AA:C7:FF:7B:F4:E1:7A:CA:F0:8F:DD:D6:E5:6E:FC:CD:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d93a444d061fc4d914dc56d8031a9c4574ca57ad.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/cd119afe15b4a0ec8a13f4a1c78340e665891919.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/d93a444d061fc4d914dc56d8031a9c4574ca57ad.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  24.232.0.0/16
                  152.168.0.0/14
                  170.231.136.0/22
                  181.28.0.0/14
                  181.164.0.0-181.171.255.255
                  186.136.0.0/14
                  190.16.0.0/14
                  190.244.0.0/14
                  200.49.128.0/19
                  200.89.128.0/18
                  200.114.128.0/17
                  200.126.128.0/17
                  201.212.0.0/15
                  201.231.0.0/16
                  201.235.0.0/16
                IPv6:
                  2800:2000::/20

    Signature Algorithm: sha256WithRSAEncryption
         5f:2c:c5:20:8b:58:11:47:13:09:84:93:14:0d:4a:cc:58:37:
         01:f3:e3:c9:77:8c:0d:60:00:80:11:54:ba:fe:9b:76:34:5b:
         96:10:8d:9a:bd:29:01:9d:1c:27:b7:13:79:43:03:e8:f8:80:
         54:88:49:83:3a:b3:03:22:f3:e5:00:24:2b:51:b7:a4:04:a7:
         aa:e1:20:6d:dc:9a:f1:cd:ed:b5:97:70:69:a1:10:41:ba:c1:
         8b:33:bf:66:06:63:ae:1e:c2:36:63:df:a1:b2:19:43:cd:50:
         5f:61:df:a4:9f:e4:88:7e:99:30:74:41:16:a4:38:0a:4b:33:
         88:8b:17:89:ee:38:e3:24:21:46:1f:d7:88:43:94:39:c8:69:
         a7:d9:b8:bd:de:f8:b3:73:4d:4c:a6:df:34:96:15:60:b1:66:
         f2:1c:9a:a7:20:99:8b:d4:67:aa:ef:92:02:87:b2:20:d6:62:
         83:8d:f6:03:9d:ca:9d:5f:6f:f7:20:cd:a5:e6:35:92:76:02:
         43:ac:f9:a0:9e:28:f1:c1:57:75:47:d5:4d:af:55:db:21:b5:
         43:21:0d:1f:e9:24:28:d6:6b:92:bb:b4:8b:55:32:1d:0b:09:
         4b:a6:b9:2e:6d:66:d9:62:0c:cd:28:80:89:3c:c1:c6:4f:d3:
         4d:bf:2c:68
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIDE2h6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ5
M2E0NDRkMDYxZmM0ZDkxNGRjNTZkODAzMWE5YzQ1NzRjYTU3YWQwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhjZDExOWFmZTE1YjRh
MGVjOGExM2Y0YTFjNzgzNDBlNjY1ODkxOTE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxwchPT1NTU2bmvNJrU4h6oOeJy2qqyY2h5w0syyzqeFJ/MOA
0xS4fOw64G3EL8HuOdSClb4Bo0efYELXo8w33G3AEuETCClrXMcrXgG9h9vT509r
vOS8OlMijSqx+onWIaNHRndHjZLvQO0wgmTFJ1xb52fBw2myphqnzkn/WEqsUOjV
pEZ+f58kayqdjdqowUtATyG7M09oVgr+k8kGHZ8D0wRJqK6e5ofUm8dN0O+uSebu
w+sBQ2ok23bZ/SaHeHJu/lfZx4Avg3EBbctksv0Q5E+YuLhw15zoe8RF4bSINy+8
H+WZ+NszvvTjI2xz2FLWhvA6NDv62nL/ovatGQIDAQABo4ICujCCArYwHQYDVR0O
BBYEFItira1clSfW0fX+tUG7bEbLEjj5MB8GA1UdIwQYMBaAFMmcjKrH/3v04XrK
8I/d1uVu/M2tMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDkzYTQ0
NGQwNjFmYzRkOTE0ZGM1NmQ4MDMxYTljNDU3NGNhNTdhZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTMyYjIwOTctZWEwOC00NzgwLWI5NGYtMDNjMzM4
YjVhYTU3L2NkMTE5YWZlMTViNGEwZWM4YTEzZjRhMWM3ODM0MGU2NjU4OTE5MTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MzJiMjA5Ny1lYTA4LTQ3ODAtYjk0Zi0wM2Mz
MzhiNWFhNTcvZDkzYTQ0NGQwNjFmYzRkOTE0ZGM1NmQ4MDMxYTljNDU3NGNhNTdh
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB+BggrBgEFBQcBBwEB/wRv
MG0wXQQCAAEwVwMDABjoAwMCmKgDBAKq54gDAwK1HDAKAwMCtaQDAwK1qAMDArqI
AwMCvhADAwK+9AMEBcgxgAMEBshZgAMEB8hygAMEB8h+gAMDAcnUAwMAyecDAwDJ
6zAMBAIAAjAGAwQEKAAgMA0GCSqGSIb3DQEBCwUAA4IBAQBfLMUgi1gRRxMJhJMU
DUrMWDcB8+PJd4wNYACAEVS6/pt2NFuWEI2avSkBnRwntxN5QwPo+IBUiEmDOrMD
IvPlACQrUbekBKeq4SBt3Jrxze21l3BpoRBBusGLM79mBmOuHsI2Y9+hshlDzVBf
Yd+kn+SIfpkwdEEWpDgKSzOIixeJ7jjjJCFGH9eIQ5Q5yGmn2bi93vizc01Mpt80
lhVgsWbyHJqnIJmL1Geq75ICh7Ig1mKDjfYDncqdX2/3IM2l5jWSdgJDrPmgnijx
wVd1R9VNr1XbIbVDIQ0f6SQo1muSu7SLVTIdCwlLprkubWbZYgzNKICJPMHGT9NN
vyxo
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:43 2024 by rpki-client on console-fra.rpki-client.org