Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/97e6408a4914ea6ab2a80947645c3c24d495264b.roa
File:                     97e6408a4914ea6ab2a80947645c3c24d495264b.roa (raw, json)
Hash identifier:          VuqdBTqOUBVdBPEgM66hIv6ZMtGKLKZ5Oz+F6WYFBeg=
Subject key identifier:   00:BF:70:6C:2D:4C:0D:5F:65:C4:16:A5:2A:1E:55:02:8E:90:EB:FD
Certificate issuer:       /CN=29bfc63c4d2e222df3a099e222567deb9e88bb27
Certificate serial:       1935FE
Authority key identifier: A6:C1:FF:61:8D:96:22:B7:89:0F:A0:98:36:A6:5C:D2:3C:EF:C4:62
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/29bfc63c4d2e222df3a099e222567deb9e88bb27.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/97e6408a4914ea6ab2a80947645c3c24d495264b.roa
Signing time:             Thu 23 Jun 2022 18:42:59 +0000
ROA not before:           Thu 23 Jun 2022 03:00:00 +0000
ROA not after:            Sun 23 Jun 2024 03:00:00 +0000
asID:                     16814
IP address blocks:        186.189.224.0/21 maxlen: 24
                          186.189.232.0/21 maxlen: 24
                          186.189.224.0/22 maxlen: 24
                          186.189.228.0/22 maxlen: 24
                          186.189.232.0/22 maxlen: 24
                          186.189.236.0/22 maxlen: 24
                          186.189.224.0/23 maxlen: 24
                          186.189.226.0/23 maxlen: 24
                          186.189.228.0/23 maxlen: 24
                          186.189.230.0/23 maxlen: 24
                          186.189.232.0/23 maxlen: 24
                          186.189.234.0/23 maxlen: 24
                          186.189.236.0/23 maxlen: 24
                          186.189.238.0/23 maxlen: 24
                          186.189.224.0/24 maxlen: 24
                          186.189.225.0/24 maxlen: 24
                          186.189.226.0/24 maxlen: 24
                          186.189.227.0/24 maxlen: 24
                          186.189.228.0/24 maxlen: 24
                          186.189.229.0/24 maxlen: 24
                          186.189.230.0/24 maxlen: 24
                          186.189.231.0/24 maxlen: 24
                          186.189.232.0/24 maxlen: 24
                          186.189.233.0/24 maxlen: 24
                          186.189.234.0/24 maxlen: 24
                          186.189.235.0/24 maxlen: 24
                          186.189.236.0/24 maxlen: 24
                          186.189.237.0/24 maxlen: 24
                          186.189.238.0/24 maxlen: 24
                          186.189.239.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1652222 (0x1935fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29bfc63c4d2e222df3a099e222567deb9e88bb27
        Validity
            Not Before: Jun 23 03:00:00 2022 GMT
            Not After : Jun 23 03:00:00 2024 GMT
        Subject: CN=97e6408a4914ea6ab2a80947645c3c24d495264b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:1b:3a:3f:54:c9:c9:31:e7:cc:c6:43:b5:17:
                    4d:b9:38:3a:95:9d:1f:e7:17:0f:50:0d:3a:b6:8c:
                    de:f5:f6:d8:81:c6:97:d3:99:38:7f:1e:f0:74:99:
                    dc:17:ef:e0:18:42:24:fe:65:83:11:ec:f8:70:6b:
                    21:97:d6:6e:68:a1:cb:09:ef:30:31:34:d1:11:47:
                    a2:ab:04:2d:6b:5b:bb:47:d9:4d:a2:cf:ab:2c:4d:
                    29:c4:79:f9:13:77:7f:5f:6c:b0:c9:77:0d:c4:7a:
                    31:14:85:18:7a:cf:e5:f7:d9:04:4a:d7:43:e1:18:
                    9f:d4:e1:6d:56:66:f6:9c:7e:5d:61:fe:8f:45:0c:
                    fc:67:75:1b:e1:0b:29:9b:e0:f3:6d:eb:0c:df:f2:
                    c0:6b:1d:80:dd:a0:45:44:8f:d8:46:1d:91:ff:18:
                    ab:35:28:f9:8d:d4:76:06:a4:b1:91:e7:0c:f8:09:
                    dc:d4:04:f8:d3:64:30:a4:58:07:77:12:66:6d:3b:
                    6f:28:44:56:86:54:15:80:a2:e6:1c:4c:1a:27:67:
                    b0:e1:97:bb:cf:23:17:01:02:ef:47:54:03:fd:32:
                    8a:ce:e7:59:97:ec:38:cf:89:56:e4:f0:18:50:b6:
                    e0:63:b3:80:b7:cb:97:0f:e3:7e:7c:20:85:0d:5c:
                    49:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:BF:70:6C:2D:4C:0D:5F:65:C4:16:A5:2A:1E:55:02:8E:90:EB:FD
            X509v3 Authority Key Identifier:
                keyid:A6:C1:FF:61:8D:96:22:B7:89:0F:A0:98:36:A6:5C:D2:3C:EF:C4:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/29bfc63c4d2e222df3a099e222567deb9e88bb27.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/97e6408a4914ea6ab2a80947645c3c24d495264b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/29bfc63c4d2e222df3a099e222567deb9e88bb27.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.189.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         3f:4e:88:53:71:aa:e6:48:6d:b1:a0:c8:bf:ea:ab:f1:3c:54:
         e8:41:a4:4c:8d:25:d0:4b:20:f5:29:74:30:97:d7:93:d0:fd:
         72:ca:42:58:ed:47:f6:cc:db:2d:4e:0a:eb:d0:79:09:7f:cf:
         89:77:c0:ad:27:80:88:b1:f2:97:9f:8d:67:ee:eb:6a:bf:1a:
         1d:6f:d5:6c:30:ee:c6:8b:29:28:30:38:ea:70:34:0e:84:35:
         4f:a9:aa:3c:2e:86:e3:30:b0:30:f2:ab:0a:4d:0e:a9:bc:a8:
         db:be:c0:46:5f:1f:5a:0f:2a:18:8b:81:6f:74:ce:42:fb:5b:
         ce:cd:0f:8d:5e:52:3e:a3:85:6f:50:c5:64:c1:7e:ff:a4:44:
         a1:0b:0c:94:48:23:44:76:e7:21:fa:a6:a9:3e:e1:3b:2a:72:
         99:02:c0:aa:87:6c:51:05:ee:e4:30:3d:98:c1:cc:bd:1a:fc:
         59:99:62:f8:c5:71:49:1c:ce:94:a9:d6:cf:8f:46:c1:29:fc:
         25:37:a6:a8:48:2c:8b:56:ca:cb:9a:ce:a8:3a:bc:ea:f6:19:
         1e:3f:8e:86:c5:05:53:e9:86:59:e0:cd:8c:2e:42:3a:8f:2c:
         ec:f7:9e:11:97:c9:9c:ab:ce:8d:dc:05:b8:c2:62:c4:5b:ff:
         ef:28:0b:7d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGTX+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI5
YmZjNjNjNGQyZTIyMmRmM2EwOTllMjIyNTY3ZGViOWU4OGJiMjcwHhcNMjIwNjIz
MDMwMDAwWhcNMjQwNjIzMDMwMDAwWjAzMTEwLwYDVQQDEyg5N2U2NDA4YTQ5MTRl
YTZhYjJhODA5NDc2NDVjM2MyNGQ0OTUyNjRiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjBs6P1TJyTHnzMZDtRdNuTg6lZ0f5xcPUA06toze9fbYgcaX
05k4fx7wdJncF+/gGEIk/mWDEez4cGshl9ZuaKHLCe8wMTTREUeiqwQta1u7R9lN
os+rLE0pxHn5E3d/X2ywyXcNxHoxFIUYes/l99kEStdD4Rif1OFtVmb2nH5dYf6P
RQz8Z3Ub4Qspm+DzbesM3/LAax2A3aBFRI/YRh2R/xirNSj5jdR2BqSxkecM+Anc
1AT402QwpFgHdxJmbTtvKERWhlQVgKLmHEwaJ2ew4Ze7zyMXAQLvR1QD/TKKzudZ
l+w4z4lW5PAYULbgY7OAt8uXD+N+fCCFDVxJ6QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFAC/cGwtTA1fZcQWpSoeVQKOkOv9MB8GA1UdIwQYMBaAFKbB/2GNliK3iQ+g
mDamXNI878RiMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjliZmM2
M2M0ZDJlMjIyZGYzYTA5OWUyMjI1NjdkZWI5ZTg4YmIyNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjI2ZjRmMjgtODgwYy00YmI1LTk0NDItOWVlZjkz
MjVkN2ViLzk3ZTY0MDhhNDkxNGVhNmFiMmE4MDk0NzY0NWMzYzI0ZDQ5NTI2NGIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82MjZmNGYyOC04ODBjLTRiYjUtOTQ0Mi05ZWVm
OTMyNWQ3ZWIvMjliZmM2M2M0ZDJlMjIyZGYzYTA5OWUyMjI1NjdkZWI5ZTg4YmIy
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBLq94DANBgkqhkiG9w0BAQsFAAOCAQEAP06IU3Gq5khtsaDI
v+qr8TxU6EGkTI0l0Esg9Sl0MJfXk9D9cspCWO1H9szbLU4K69B5CX/PiXfArSeA
iLHyl5+NZ+7rar8aHW/VbDDuxospKDA46nA0DoQ1T6mqPC6G4zCwMPKrCk0Oqbyo
277ARl8fWg8qGIuBb3TOQvtbzs0PjV5SPqOFb1DFZMF+/6REoQsMlEgjRHbnIfqm
qT7hOypymQLAqodsUQXu5DA9mMHMvRr8WZli+MVxSRzOlKnWz49GwSn8JTemqEgs
i1bKy5rOqDq86vYZHj+OhsUFU+mGWeDNjC5COo8s7PeeEZfJnKvOjdwFuMJixFv/
7ygLfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:46 2024 by rpki-client on console-fra.rpki-client.org