Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/fd0d6dccab6097e1882e27ba292d6cf94528b649.roa
File:                     fd0d6dccab6097e1882e27ba292d6cf94528b649.roa (raw, json)
Hash identifier:          bxg52YNZawLykLpJL93QxPl13+JeW5FNxA0k2Js6VKM=
Subject key identifier:   6D:2E:93:6D:DD:A5:4E:9C:9C:4E:C3:DD:57:85:81:A6:0B:A3:67:F2
Certificate issuer:       /CN=657d9dd95ecfd67113ddcd4cff4ced5d8177cf65
Certificate serial:       9663
Authority key identifier: 58:8B:D2:7A:78:D9:8D:63:93:83:95:E9:E1:80:7D:75:C6:13:D1:1D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/657d9dd95ecfd67113ddcd4cff4ced5d8177cf65.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/fd0d6dccab6097e1882e27ba292d6cf94528b649.roa
Signing time:             Mon 24 Jan 2022 12:38:07 +0000
ROA not before:           Tue 18 Jan 2022 03:00:00 +0000
ROA not after:            Thu 18 Jan 2024 03:00:00 +0000
asID:                     22927
IP address blocks:        186.60.0.0/14 maxlen: 24
                          190.172.0.0/15 maxlen: 24
                          190.174.0.0/15 maxlen: 24
                          190.176.0.0/15 maxlen: 24
                          190.178.0.0/15 maxlen: 24
                          191.80.0.0/14 maxlen: 24
                          191.84.0.0/15 maxlen: 24
                          201.176.0.0/14 maxlen: 24
                          201.180.0.0/15 maxlen: 24
                          201.250.0.0/17 maxlen: 24
                          201.250.128.0/17 maxlen: 24
                          201.255.0.0/17 maxlen: 24
                          201.255.128.0/17 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38499 (0x9663)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=657d9dd95ecfd67113ddcd4cff4ced5d8177cf65
        Validity
            Not Before: Jan 18 03:00:00 2022 GMT
            Not After : Jan 18 03:00:00 2024 GMT
        Subject: CN=fd0d6dccab6097e1882e27ba292d6cf94528b649
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e9:57:b7:a7:bb:06:20:18:8c:15:eb:f1:2f:
                    3b:cf:15:b8:9c:2c:55:78:b0:48:09:58:b6:7e:4a:
                    59:c3:dc:f3:cd:b6:c5:95:0f:e2:88:84:b0:de:b4:
                    77:f0:b7:5d:09:0c:c1:83:cc:ed:01:b4:53:88:cc:
                    47:85:b8:a6:3b:00:75:b0:d3:f9:c4:26:8c:78:b6:
                    6a:6e:0c:3b:b5:bd:0e:72:9b:7f:60:fb:ff:e7:4a:
                    a5:bd:4b:27:e9:14:2c:6d:9e:30:0b:b9:af:5d:26:
                    b6:ab:ee:a9:39:2b:83:38:a6:9e:44:e9:ed:4a:2b:
                    83:70:1d:ec:e3:d5:c9:aa:87:5b:de:f4:52:63:1c:
                    14:b8:57:f7:04:ca:42:1b:dd:5e:8e:c3:ac:42:cd:
                    2b:6d:3b:01:96:3f:e9:ad:87:78:1b:6b:b2:81:27:
                    5a:7c:07:2e:8d:dd:92:aa:71:51:d8:fe:3d:61:ae:
                    a8:4b:c9:77:0b:5e:00:7b:33:fc:28:6b:6b:ca:24:
                    a3:cc:d2:b6:df:84:32:e6:17:f8:61:40:27:bd:40:
                    fd:32:fe:c9:99:85:61:af:1c:f8:32:9a:a4:d2:bd:
                    c0:14:44:71:30:f9:e1:93:eb:12:95:e6:c9:bf:bc:
                    03:52:c6:82:31:29:6c:1c:d6:95:c5:20:50:91:ae:
                    bb:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:2E:93:6D:DD:A5:4E:9C:9C:4E:C3:DD:57:85:81:A6:0B:A3:67:F2
            X509v3 Authority Key Identifier:
                keyid:58:8B:D2:7A:78:D9:8D:63:93:83:95:E9:E1:80:7D:75:C6:13:D1:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/657d9dd95ecfd67113ddcd4cff4ced5d8177cf65.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/fd0d6dccab6097e1882e27ba292d6cf94528b649.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/657d9dd95ecfd67113ddcd4cff4ced5d8177cf65.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.60.0.0/14
                  190.172.0.0-190.179.255.255
                  191.80.0.0-191.85.255.255
                  201.176.0.0-201.181.255.255
                  201.250.0.0/16
                  201.255.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         28:69:63:a5:6b:01:be:71:64:ab:0c:b3:48:ea:2d:f5:7f:df:
         94:87:cc:1d:7b:34:b7:88:47:8c:bb:97:57:66:0f:72:a7:3e:
         c2:67:a2:61:84:f2:08:61:fc:06:37:6d:6a:28:df:5d:20:b6:
         3a:39:bd:dd:ee:5c:bc:22:47:3b:e6:5b:7c:da:e5:9f:2d:51:
         89:ae:d4:22:15:60:b2:79:21:b8:78:80:67:fe:9e:82:c3:cf:
         aa:42:11:ab:b8:2d:c7:2b:84:3d:e8:3a:d0:43:ff:d4:f6:b9:
         2a:0e:cc:9e:93:b9:b4:cf:d8:38:e2:73:0e:4e:25:be:9e:1d:
         b9:a8:24:7c:90:2e:55:03:96:f2:55:cf:23:78:86:87:03:37:
         3b:4a:a0:05:44:5c:04:f5:a7:ac:72:0b:7d:3b:ab:f9:37:13:
         73:9c:bc:1f:45:25:e5:fa:03:17:22:ca:ad:12:b0:b7:d7:8d:
         7a:ec:60:f8:e1:4c:87:45:21:ba:65:bd:eb:5c:a8:ba:d4:fe:
         d0:b3:a3:a1:be:ad:ba:ac:35:60:fc:28:fa:86:3e:b5:db:02:
         2f:0b:57:7b:67:5b:39:ee:27:ca:e1:04:3e:24:1e:22:fa:28:
         b7:ea:67:83:6e:a2:df:a9:a0:a3:79:94:11:61:9b:66:0d:aa:
         f4:8d:e5:4f
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIDAJZjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY1
N2Q5ZGQ5NWVjZmQ2NzExM2RkY2Q0Y2ZmNGNlZDVkODE3N2NmNjUwHhcNMjIwMTE4
MDMwMDAwWhcNMjQwMTE4MDMwMDAwWjAzMTEwLwYDVQQDEyhmZDBkNmRjY2FiNjA5
N2UxODgyZTI3YmEyOTJkNmNmOTQ1MjhiNjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxelXt6e7BiAYjBXr8S87zxW4nCxVeLBICVi2fkpZw9zzzbbF
lQ/iiISw3rR38LddCQzBg8ztAbRTiMxHhbimOwB1sNP5xCaMeLZqbgw7tb0Ocpt/
YPv/50qlvUsn6RQsbZ4wC7mvXSa2q+6pOSuDOKaeROntSiuDcB3s49XJqodb3vRS
YxwUuFf3BMpCG91ejsOsQs0rbTsBlj/prYd4G2uygSdafAcujd2SqnFR2P49Ya6o
S8l3C14AezP8KGtryiSjzNK234Qy5hf4YUAnvUD9Mv7JmYVhrxz4Mpqk0r3AFERx
MPnhk+sSlebJv7wDUsaCMSlsHNaVxSBQka673QIDAQABo4ICiDCCAoQwHQYDVR0O
BBYEFG0uk23dpU6cnE7D3VeFgaYLo2fyMB8GA1UdIwQYMBaAFFiL0np42Y1jk4OV
6eGAfXXGE9EdMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjU3ZDlk
ZDk1ZWNmZDY3MTEzZGRjZDRjZmY0Y2VkNWQ4MTc3Y2Y2NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2ZkMGQ2ZGNjYWI2MDk3ZTE4ODJlMjdiYTI5MmQ2Y2Y5NDUyOGI2NDku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvNjU3ZDlkZDk1ZWNmZDY3MTEzZGRjZDRjZmY0Y2VkNWQ4MTc3Y2Y2
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9
MDswOQQCAAEwMwMDAro8MAoDAwK+rAMDAr6wMAoDAwS/UAMDAb9UMAoDAwTJsAMD
Acm0AwMAyfoDAwDJ/zANBgkqhkiG9w0BAQsFAAOCAQEAKGljpWsBvnFkqwyzSOot
9X/flIfMHXs0t4hHjLuXV2YPcqc+wmeiYYTyCGH8BjdtaijfXSC2Ojm93e5cvCJH
O+ZbfNrlny1Ria7UIhVgsnkhuHiAZ/6egsPPqkIRq7gtxyuEPeg60EP/1Pa5Kg7M
npO5tM/YOOJzDk4lvp4duagkfJAuVQOW8lXPI3iGhwM3O0qgBURcBPWnrHILfTur
+TcTc5y8H0Ul5foDFyLKrRKwt9eNeuxg+OFMh0UhumW961youtT+0LOjob6tuqw1
YPwo+oY+tdsCLwtXe2dbOe4nyuEEPiQeIvoot+png26i36mgo3mUEWGbZg2q9I3l
Tw==
-----END CERTIFICATE-----
Generated at Tue Oct 24 16:47:53 2023 by rpki-client on console-fra.rpki-client.org