Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/f3b4e766940ec70c3d4692eb798337a1041a2569.roa
File:                     f3b4e766940ec70c3d4692eb798337a1041a2569.roa (raw, json)
Hash identifier:          2YS3iDJ7tvcfhqNFAQEpbyJhhB+KYjHRj1/PO0wxfik=
Subject key identifier:   E8:59:A2:2C:D2:01:F1:70:E6:8F:C6:03:66:F2:C5:35:FF:1D:A6:9F
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       11BE2F
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/f3b4e766940ec70c3d4692eb798337a1041a2569.roa
Signing time:             Mon 27 Nov 2023 20:27:36 +0000
ROA not before:           Mon 27 Nov 2023 20:27:36 +0000
ROA not after:            Thu 27 Nov 2025 20:27:36 +0000
asID:                     22927
IP address blocks:        186.128.0.0/14 maxlen: 24
                          186.132.0.0/14 maxlen: 24
                          201.255.0.0/17 maxlen: 24
                          201.255.128.0/17 maxlen: 24
                          201.250.0.0/17 maxlen: 24
                          201.250.128.0/17 maxlen: 24
                          190.172.0.0/15 maxlen: 24
                          190.174.0.0/15 maxlen: 24
                          190.176.0.0/15 maxlen: 24
                          190.178.0.0/15 maxlen: 24
                          190.48.0.0/16 maxlen: 24
                          190.49.0.0/16 maxlen: 24
                          190.50.0.0/16 maxlen: 24
                          190.51.0.0/16 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1162799 (0x11be2f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 27 20:27:36 2023 GMT
            Not After : Nov 27 20:27:36 2025 GMT
        Subject: CN=f3b4e766940ec70c3d4692eb798337a1041a2569
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:8b:fa:b2:6c:59:47:e9:e2:ea:73:1a:59:34:
                    e8:c2:dd:7c:22:a9:76:ab:df:77:25:61:7e:25:58:
                    bb:47:c8:cf:cd:56:1d:fb:2d:0e:a4:9f:e4:d5:9e:
                    ac:52:bf:5a:f8:cc:38:94:ac:99:7a:de:12:bc:45:
                    88:40:be:1b:77:24:1e:11:9f:c4:93:08:0f:93:76:
                    3a:91:c6:82:18:a5:e2:8c:f3:28:c1:ab:b6:30:ce:
                    d9:b2:49:18:96:9e:46:82:2f:15:d9:fa:45:06:cd:
                    06:95:c8:61:0a:14:d6:1f:30:79:1d:56:ea:3d:76:
                    74:eb:53:72:18:87:09:68:e6:59:2c:da:7e:23:e6:
                    77:04:d6:c9:7d:8b:6a:47:fc:be:c8:e0:d2:af:52:
                    cf:98:32:5c:8a:e0:fb:d3:d3:b7:05:7b:79:09:98:
                    6d:d8:d4:5a:55:c1:a0:16:72:ff:19:8d:4c:47:5f:
                    7c:9a:90:7f:d4:c6:37:53:a0:80:f6:41:c7:c6:95:
                    08:de:55:44:92:1a:72:f2:28:fa:14:e1:74:50:33:
                    32:36:57:eb:fb:8b:85:97:7c:0c:26:93:82:1e:8b:
                    1b:b1:4c:8b:ff:c7:b3:95:ab:7c:d5:e5:a5:ae:49:
                    2a:ac:f4:5c:7e:de:d0:a9:6e:ad:a3:f5:0b:8a:50:
                    e4:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:59:A2:2C:D2:01:F1:70:E6:8F:C6:03:66:F2:C5:35:FF:1D:A6:9F
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/f3b4e766940ec70c3d4692eb798337a1041a2569.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.128.0.0/13
                  190.48.0.0/14
                  190.172.0.0-190.179.255.255
                  201.250.0.0/16
                  201.255.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         44:f7:21:d1:8e:2e:37:b6:98:0d:f2:61:fb:15:56:9f:18:f5:
         3a:39:9b:61:68:d2:6e:2f:bf:22:5d:73:2d:5c:8e:cc:53:35:
         02:aa:3c:5a:e7:cb:eb:dd:82:af:dd:6c:69:dc:13:c8:32:ca:
         fa:30:63:d4:03:b8:08:6d:88:35:ba:14:32:b9:bc:84:fb:36:
         78:21:d1:49:66:2c:68:be:0e:ba:00:d8:4d:a3:68:60:36:c3:
         d8:d2:de:a6:a7:08:6b:53:6b:45:f1:94:19:4d:d0:78:7a:c9:
         f7:d6:d6:5f:f2:5b:aa:d4:6b:e3:50:46:c6:d6:a7:fd:31:93:
         84:73:6a:14:c4:82:06:00:c6:0a:ca:ec:a8:e9:b3:67:54:e0:
         31:57:d8:af:d2:df:a5:72:e7:df:60:82:08:f1:04:cc:10:86:
         e3:c8:87:d4:43:f8:75:2a:40:c6:0c:d2:e0:f3:e4:7a:66:bd:
         26:c5:a6:2c:8f:85:01:96:40:0d:0c:81:d6:8b:3c:31:16:cd:
         88:c9:39:5b:a3:fc:3f:29:64:c9:ab:2c:4d:d6:d1:49:d1:a2:
         6f:4b:23:9e:f7:9e:b0:0c:06:a6:74:c7:65:19:6f:0b:70:a6:
         fa:d3:8c:88:85:1a:ac:1d:e1:b3:fa:78:3e:1c:1c:3c:91:a2:
         6e:63:90:a7
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIDEb4vMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI3
MjAyNzM2WhcNMjUxMTI3MjAyNzM2WjAzMTEwLwYDVQQDEyhmM2I0ZTc2Njk0MGVj
NzBjM2Q0NjkyZWI3OTgzMzdhMTA0MWEyNTY5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsYv6smxZR+ni6nMaWTTowt18Iql2q993JWF+JVi7R8jPzVYd
+y0OpJ/k1Z6sUr9a+Mw4lKyZet4SvEWIQL4bdyQeEZ/EkwgPk3Y6kcaCGKXijPMo
wau2MM7ZskkYlp5Ggi8V2fpFBs0GlchhChTWHzB5HVbqPXZ061NyGIcJaOZZLNp+
I+Z3BNbJfYtqR/y+yODSr1LPmDJciuD709O3BXt5CZht2NRaVcGgFnL/GY1MR198
mpB/1MY3U6CA9kHHxpUI3lVEkhpy8ij6FOF0UDMyNlfr+4uFl3wMJpOCHosbsUyL
/8ezlat81eWlrkkqrPRcft7QqW6to/ULilDk8wIDAQABo4ICdTCCAnEwHQYDVR0O
BBYEFOhZoizSAfFw5o/GA2byxTX/HaafMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2YzYjRlNzY2OTQwZWM3MGMzZDQ2OTJlYjc5ODMzN2ExMDQxYTI1Njku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIAMDA7qAAwMCvjAwCgMDAr6sAwMCvrADAwDJ+gMDAMn/MA0GCSqG
SIb3DQEBCwUAA4IBAQBE9yHRji43tpgN8mH7FVafGPU6OZthaNJuL78iXXMtXI7M
UzUCqjxa58vr3YKv3Wxp3BPIMsr6MGPUA7gIbYg1uhQyubyE+zZ4IdFJZixovg66
ANhNo2hgNsPY0t6mpwhrU2tF8ZQZTdB4esn31tZf8luq1GvjUEbG1qf9MZOEc2oU
xIIGAMYKyuyo6bNnVOAxV9iv0t+lcuffYIII8QTMEIbjyIfUQ/h1KkDGDNLg8+R6
Zr0mxaYsj4UBlkANDIHWizwxFs2IyTlbo/w/KWTJqyxN1tFJ0aJvSyOe956wDAam
dMdlGW8LcKb604yIhRqsHeGz+ng+HBw8kaJuY5Cn
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:43 2024 by rpki-client on console-fra.rpki-client.org