Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/599d9233-5922-446d-91c2-27acc51ffa1c/d25a209895a36732d2f05782a850333d5f173708.roa
File:                     d25a209895a36732d2f05782a850333d5f173708.roa (raw, json)
Hash identifier:          1sHG+Rm5Ui6afYgxKXv1vQi6NG9tc4r99RNNHRS0sTU=
Subject key identifier:   CB:C4:B9:C1:15:91:D7:F6:B3:AA:0A:25:99:13:7F:0E:73:39:34:66
Certificate issuer:       /CN=b12012502b7ca3b0da125f250315dfe19bfb18d5
Certificate serial:       161AFD
Authority key identifier: A0:AA:33:C0:E5:EA:9C:31:8A:E1:96:B6:D8:72:02:35:9C:67:12:9A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b12012502b7ca3b0da125f250315dfe19bfb18d5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/599d9233-5922-446d-91c2-27acc51ffa1c/d25a209895a36732d2f05782a850333d5f173708.roa
Signing time:             Wed 02 Mar 2022 14:57:31 +0000
ROA not before:           Thu 12 Aug 2021 03:00:00 +0000
ROA not after:            Sat 12 Aug 2023 03:00:00 +0000
asID:                     23243
IP address blocks:        181.174.64.0/20 maxlen: 24
                          181.174.80.0/23 maxlen: 24
                          181.174.83.0/24 maxlen: 24
                          181.174.84.0/22 maxlen: 24
                          181.174.88.0/22 maxlen: 24
                          181.174.92.0/24 maxlen: 24
                          181.174.94.0/23 maxlen: 24
                          181.174.96.0/22 maxlen: 24
                          181.174.100.0/24 maxlen: 24
                          181.174.102.0/23 maxlen: 24
                          181.174.108.0/23 maxlen: 24
                          181.174.111.0/24 maxlen: 24
                          181.174.112.0/21 maxlen: 24
                          181.174.120.0/22 maxlen: 24
                          181.174.125.0/24 maxlen: 24
                          181.174.126.0/23 maxlen: 24
                          181.189.133.0/24 maxlen: 24
                          181.189.134.0/24 maxlen: 24
                          181.189.135.0/24 maxlen: 24
                          181.189.136.0/21 maxlen: 24
                          186.189.192.0/20 maxlen: 24
                          186.189.208.0/22 maxlen: 24
                          186.189.213.0/24 maxlen: 24
                          186.189.214.0/24 maxlen: 24
                          186.189.216.0/24 maxlen: 24
                          186.189.218.0/23 maxlen: 24
                          186.189.220.0/22 maxlen: 24
                          190.106.193.0/24 maxlen: 24
                          190.106.194.0/23 maxlen: 24
                          190.106.196.0/22 maxlen: 24
                          190.106.200.0/21 maxlen: 24
                          190.106.208.0/24 maxlen: 24
                          190.106.211.0/24 maxlen: 24
                          190.106.212.0/22 maxlen: 24
                          190.106.216.0/23 maxlen: 24
                          200.49.160.0/19 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1448701 (0x161afd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b12012502b7ca3b0da125f250315dfe19bfb18d5
        Validity
            Not Before: Aug 12 03:00:00 2021 GMT
            Not After : Aug 12 03:00:00 2023 GMT
        Subject: CN=d25a209895a36732d2f05782a850333d5f173708
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:be:07:b7:d9:61:87:d4:12:74:38:d3:fc:4d:
                    37:24:07:7d:23:8a:cb:73:59:97:4b:12:aa:43:a3:
                    80:2d:c1:d5:c5:9b:24:79:80:76:e0:48:37:35:4d:
                    f7:5f:99:d6:a2:35:36:74:62:d6:2b:d7:a9:de:02:
                    b5:23:4a:6d:4f:f1:01:0a:ea:ab:6b:52:eb:e9:72:
                    5f:1c:eb:fa:16:f8:36:7d:fd:d6:6c:ce:7f:6b:1e:
                    82:dd:6d:49:31:6c:ab:00:7a:22:bc:8f:7b:ed:4b:
                    4d:48:5a:13:41:a8:73:99:45:e5:6c:d3:80:d3:59:
                    07:92:bd:63:5f:67:9e:c0:00:02:d7:72:8b:d8:c9:
                    b6:71:91:33:c6:08:d7:d8:f5:2c:46:1a:c6:3b:05:
                    a5:0f:6e:bd:c9:a9:dd:82:ac:13:c8:a9:2c:8f:cb:
                    bc:aa:e9:07:42:7e:cf:5a:59:17:c9:55:76:78:fe:
                    0c:4b:0e:ed:99:87:7d:cc:4e:78:6c:8f:3a:16:0d:
                    ef:69:f7:16:d8:4a:35:a3:f1:b1:9c:e4:7e:c6:e9:
                    5d:df:be:bd:f4:c7:7e:2c:63:9a:4b:0d:63:6e:d9:
                    b0:49:4f:38:f3:49:29:cf:60:3e:62:39:27:a6:5f:
                    15:bb:26:2e:fa:33:e2:e5:14:91:f8:d0:3a:e4:e0:
                    30:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:C4:B9:C1:15:91:D7:F6:B3:AA:0A:25:99:13:7F:0E:73:39:34:66
            X509v3 Authority Key Identifier:
                keyid:A0:AA:33:C0:E5:EA:9C:31:8A:E1:96:B6:D8:72:02:35:9C:67:12:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b12012502b7ca3b0da125f250315dfe19bfb18d5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/599d9233-5922-446d-91c2-27acc51ffa1c/d25a209895a36732d2f05782a850333d5f173708.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/599d9233-5922-446d-91c2-27acc51ffa1c/b12012502b7ca3b0da125f250315dfe19bfb18d5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.174.64.0-181.174.81.255
                  181.174.83.0-181.174.92.255
                  181.174.94.0-181.174.100.255
                  181.174.102.0/23
                  181.174.108.0/23
                  181.174.111.0-181.174.123.255
                  181.174.125.0-181.174.127.255
                  181.189.133.0-181.189.143.255
                  186.189.192.0-186.189.211.255
                  186.189.213.0-186.189.214.255
                  186.189.216.0/24
                  186.189.218.0-186.189.223.255
                  190.106.193.0-190.106.208.255
                  190.106.211.0-190.106.217.255
                  200.49.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         ac:a2:e6:3f:b9:89:7c:c2:b3:f1:2b:8c:43:c3:cd:ca:f5:88:
         ed:42:67:ab:bd:71:f3:7f:4f:e4:8e:be:da:a6:0c:e2:23:cc:
         f3:40:70:8c:df:9e:55:ea:a2:b1:c9:74:da:a6:ce:98:dc:4f:
         18:ba:48:c6:94:e7:ab:87:80:4d:c8:93:eb:67:6f:52:be:ea:
         d9:7d:a2:11:09:ff:26:08:dc:42:94:63:1e:0f:77:83:50:ae:
         fd:3a:a8:cd:dc:76:e3:fe:d8:fa:b0:80:07:87:5a:dd:0b:fc:
         ec:27:d8:6f:bd:01:4e:32:32:09:1b:f5:9a:ea:97:30:a6:35:
         b2:30:80:16:3a:67:6c:95:96:a7:31:98:7d:15:44:7f:6e:43:
         5c:82:4c:b6:5e:08:b5:89:ae:1e:a0:82:88:61:9e:cb:7c:3c:
         a7:f7:6f:1d:4b:60:98:01:9e:17:ef:e5:11:56:06:3a:3f:77:
         a7:cf:07:90:af:02:c3:3b:ae:fa:df:3e:51:82:11:69:3c:47:
         26:4b:71:e2:92:75:c7:7c:47:1a:36:69:df:9b:83:6e:ee:a2:
         02:74:d2:61:af:d5:15:0d:ed:ef:04:a4:08:4d:d3:48:f3:24:
         83:c5:fb:42:40:ef:35:02:86:c3:5e:4b:27:8b:9c:81:a8:cd:
         c3:20:3a:5d
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgIDFhr9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIx
MjAxMjUwMmI3Y2EzYjBkYTEyNWYyNTAzMTVkZmUxOWJmYjE4ZDUwHhcNMjEwODEy
MDMwMDAwWhcNMjMwODEyMDMwMDAwWjAzMTEwLwYDVQQDEyhkMjVhMjA5ODk1YTM2
NzMyZDJmMDU3ODJhODUwMzMzZDVmMTczNzA4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAir4Ht9lhh9QSdDjT/E03JAd9I4rLc1mXSxKqQ6OALcHVxZsk
eYB24Eg3NU33X5nWojU2dGLWK9ep3gK1I0ptT/EBCuqra1Lr6XJfHOv6Fvg2ff3W
bM5/ax6C3W1JMWyrAHoivI977UtNSFoTQahzmUXlbNOA01kHkr1jX2eewAAC13KL
2Mm2cZEzxgjX2PUsRhrGOwWlD269yandgqwTyKksj8u8qukHQn7PWlkXyVV2eP4M
Sw7tmYd9zE54bI86Fg3vafcW2Eo1o/GxnOR+xuld37699Md+LGOaSw1jbtmwSU84
80kpz2A+Yjknpl8VuyYu+jPi5RSR+NA65OAwTwIDAQABo4IDDDCCAwgwHQYDVR0O
BBYEFMvEucEVkdf2s6oKJZkTfw5zOTRmMB8GA1UdIwQYMBaAFKCqM8Dl6pwxiuGW
tthyAjWcZxKaMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjEyMDEy
NTAyYjdjYTNiMGRhMTI1ZjI1MDMxNWRmZTE5YmZiMThkNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTk5ZDkyMzMtNTkyMi00NDZkLTkxYzItMjdhY2M1
MWZmYTFjL2QyNWEyMDk4OTVhMzY3MzJkMmYwNTc4MmE4NTAzMzNkNWYxNzM3MDgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81OTlkOTIzMy01OTIyLTQ0NmQtOTFjMi0yN2Fj
YzUxZmZhMWMvYjEyMDEyNTAyYjdjYTNiMGRhMTI1ZjI1MDMxNWRmZTE5YmZiMThk
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBzwYIKwYBBQUHAQcBAf8E
gb8wgbwwgbkEAgABMIGyMAwDBAa1rkADBAG1rlAwDAMEALWuUwMEALWuXDAMAwQB
ta5eAwQAta5kAwQBta5mAwQBta5sMAwDBAC1rm8DBAK1rngwDAMEALWufQMEB7Wu
ADAMAwQAtb2FAwQEtb2AMAwDBAa6vcADBAK6vdAwDAMEALq91QMEALq91gMEALq9
2DAMAwQBur3aAwQFur3AMAwDBAC+asEDBAC+atAwDAMEAL5q0wMEAb5q2AMEBcgx
oDANBgkqhkiG9w0BAQsFAAOCAQEArKLmP7mJfMKz8SuMQ8PNyvWI7UJnq71x839P
5I6+2qYM4iPM80BwjN+eVeqiscl02qbOmNxPGLpIxpTnq4eATciT62dvUr7q2X2i
EQn/JgjcQpRjHg93g1Cu/Tqozdx24/7Y+rCAB4da3Qv87CfYb70BTjIyCRv1muqX
MKY1sjCAFjpnbJWWpzGYfRVEf25DXIJMtl4ItYmuHqCCiGGey3w8p/dvHUtgmAGe
F+/lEVYGOj93p88HkK8Cwzuu+t8+UYIRaTxHJktx4pJ1x3xHGjZp35uDbu6iAnTS
Ya/VFQ3t7wSkCE3TSPMkg8X7QkDvNQKGw15LJ4ucgajNwyA6XQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:44 2024 by rpki-client on console-fra.rpki-client.org