Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/dfbbd31463a8978954977e0a88bacfe8755c3418.roa
File:                     dfbbd31463a8978954977e0a88bacfe8755c3418.roa (raw, json)
Hash identifier:          ER9xQU5m26yek9pjaFIluTch22M5P05CNPZ/9ijdaNI=
Subject key identifier:   65:06:CB:3B:21:BD:04:68:04:4F:29:D0:C1:F0:9D:36:8D:5D:9D:DD
Certificate issuer:       /CN=29bfc63c4d2e222df3a099e222567deb9e88bb27
Certificate serial:       0E176A
Authority key identifier: A6:C1:FF:61:8D:96:22:B7:89:0F:A0:98:36:A6:5C:D2:3C:EF:C4:62
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/29bfc63c4d2e222df3a099e222567deb9e88bb27.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/dfbbd31463a8978954977e0a88bacfe8755c3418.roa
Signing time:             Wed 24 Mar 2021 14:31:36 +0000
ROA not before:           Wed 24 Mar 2021 14:31:34 +0000
ROA not after:            Tue 24 Mar 2026 14:31:34 +0000
asID:                     16814
IP address blocks:        186.189.224.0/20 maxlen: 24
                          186.189.248.0/22 maxlen: 24
                          190.2.0.0/19 maxlen: 24
                          190.2.32.0/19 maxlen: 24
                          190.210.0.0/18 maxlen: 24
                          190.210.64.0/18 maxlen: 24
                          190.210.128.0/18 maxlen: 24
                          190.210.192.0/18 maxlen: 24
                          200.61.160.0/19 maxlen: 24
                          200.68.64.0/20 maxlen: 24
                          200.68.80.0/20 maxlen: 24
                          200.68.96.0/20 maxlen: 24
                          200.68.112.0/20 maxlen: 24
                          200.69.192.0/18 maxlen: 24
                          200.123.128.0/20 maxlen: 24
                          200.123.144.0/20 maxlen: 24
                          200.123.160.0/20 maxlen: 24
                          200.123.176.0/20 maxlen: 24
                          201.216.192.0/19 maxlen: 24
                          201.216.224.0/19 maxlen: 24
                          2800:40::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 923498 (0xe176a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29bfc63c4d2e222df3a099e222567deb9e88bb27
        Validity
            Not Before: Mar 24 14:31:34 2021 GMT
            Not After : Mar 24 14:31:34 2026 GMT
        Subject: CN=dfbbd31463a8978954977e0a88bacfe8755c3418
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:95:17:5d:ad:dd:a4:2c:63:d0:b2:ed:d1:78:
                    5a:65:d3:82:29:62:fe:c9:b2:12:2a:0e:90:81:af:
                    49:42:ad:48:15:5a:b4:8d:8b:1c:e5:14:e9:71:d0:
                    48:a9:87:eb:fa:dd:34:45:11:f8:e9:7b:a7:d7:3a:
                    25:1b:0f:64:bf:ac:4e:68:4d:03:74:04:56:79:15:
                    12:e2:68:b6:63:69:25:93:bb:97:a2:f6:2b:cb:de:
                    7e:8b:c9:d0:54:42:be:b5:22:27:a3:0b:25:49:0c:
                    0b:66:1d:9f:b8:61:9b:05:32:f0:ad:d0:fc:e3:14:
                    4b:e4:ca:74:0f:4b:5c:d0:52:34:a6:8e:f8:1c:74:
                    21:7a:53:46:db:40:ab:21:51:c3:93:5f:b3:2c:26:
                    cc:be:56:7f:a7:f3:96:cd:35:21:bb:64:f1:63:94:
                    f1:56:65:cb:54:ca:d8:56:3d:2b:dc:94:09:9e:a2:
                    76:9b:c8:63:24:df:06:b5:c0:51:8e:3f:05:54:d5:
                    43:c6:98:d4:a3:d0:72:68:34:ab:43:24:b1:3b:36:
                    56:2e:99:66:43:49:89:e4:e6:8a:74:03:a6:a2:25:
                    c0:ef:7e:22:0e:84:3d:b7:97:22:80:49:e7:2f:da:
                    57:7d:0e:d6:68:f0:ff:56:50:13:a5:65:c6:ce:b7:
                    fb:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:06:CB:3B:21:BD:04:68:04:4F:29:D0:C1:F0:9D:36:8D:5D:9D:DD
            X509v3 Authority Key Identifier:
                keyid:A6:C1:FF:61:8D:96:22:B7:89:0F:A0:98:36:A6:5C:D2:3C:EF:C4:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/29bfc63c4d2e222df3a099e222567deb9e88bb27.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/dfbbd31463a8978954977e0a88bacfe8755c3418.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/626f4f28-880c-4bb5-9442-9eef9325d7eb/29bfc63c4d2e222df3a099e222567deb9e88bb27.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.189.224.0/20
                  186.189.248.0/22
                  190.2.0.0/18
                  190.210.0.0/16
                  200.61.160.0/19
                  200.68.64.0/18
                  200.69.192.0/18
                  200.123.128.0/18
                  201.216.192.0/18
                IPv6:
                  2800:40::/32

    Signature Algorithm: sha256WithRSAEncryption
         48:b4:98:47:09:31:91:15:f8:9b:1b:7c:d6:95:81:c5:dc:f6:
         3b:35:91:22:34:2a:b8:61:55:0a:72:d9:6e:47:36:a4:b5:d6:
         a5:b6:e9:8c:67:55:57:eb:e4:52:59:4a:95:91:91:b7:51:ab:
         5f:7f:d5:8f:04:8e:2e:75:8b:f3:1a:26:98:21:ab:13:24:d4:
         45:12:26:a4:2a:b9:1f:ab:7b:6b:a9:6c:3f:74:5a:91:d9:29:
         16:45:14:4d:e1:96:be:12:50:a6:67:97:79:6b:d0:ed:7b:04:
         85:aa:4c:3b:e7:23:70:30:9f:b3:72:34:a9:97:e5:f7:f9:95:
         21:73:79:89:49:a8:9d:7f:12:e9:2f:b6:f0:3e:8f:21:4a:58:
         ea:a5:bd:20:9f:c9:f4:2a:6f:70:cd:d5:65:05:91:cc:c4:52:
         b7:fa:a6:38:57:1c:2d:e3:4e:29:ad:14:0f:11:67:e5:79:0a:
         b9:6e:d4:86:29:0f:e3:39:0a:5b:a9:58:f2:3a:52:77:8b:6f:
         70:d3:d9:31:68:89:92:49:e1:7c:e7:ae:d0:16:9d:b9:bd:44:
         ef:b3:b9:a2:35:60:d5:07:e1:54:ce:e1:dc:4d:45:25:7a:2b:
         f0:74:e9:a7:b2:10:57:33:cb:2a:21:9a:e0:f0:63:4b:c1:b1:
         07:55:a7:9b
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIDDhdqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI5
YmZjNjNjNGQyZTIyMmRmM2EwOTllMjIyNTY3ZGViOWU4OGJiMjcwHhcNMjEwMzI0
MTQzMTM0WhcNMjYwMzI0MTQzMTM0WjAzMTEwLwYDVQQDEyhkZmJiZDMxNDYzYTg5
Nzg5NTQ5NzdlMGE4OGJhY2ZlODc1NWMzNDE4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkZUXXa3dpCxj0LLt0XhaZdOCKWL+ybISKg6Qga9JQq1IFVq0
jYsc5RTpcdBIqYfr+t00RRH46Xun1zolGw9kv6xOaE0DdARWeRUS4mi2Y2klk7uX
ovYry95+i8nQVEK+tSInowslSQwLZh2fuGGbBTLwrdD84xRL5Mp0D0tc0FI0po74
HHQhelNG20CrIVHDk1+zLCbMvlZ/p/OWzTUhu2TxY5TxVmXLVMrYVj0r3JQJnqJ2
m8hjJN8GtcBRjj8FVNVDxpjUo9ByaDSrQySxOzZWLplmQ0mJ5OaKdAOmoiXA734i
DoQ9t5cigEnnL9pXfQ7WaPD/VlATpWXGzrf7CwIDAQABo4ICmTCCApUwHQYDVR0O
BBYEFGUGyzshvQRoBE8p0MHwnTaNXZ3dMB8GA1UdIwQYMBaAFKbB/2GNliK3iQ+g
mDamXNI878RiMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjliZmM2
M2M0ZDJlMjIyZGYzYTA5OWUyMjI1NjdkZWI5ZTg4YmIyNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjI2ZjRmMjgtODgwYy00YmI1LTk0NDItOWVlZjkz
MjVkN2ViL2RmYmJkMzE0NjNhODk3ODk1NDk3N2UwYTg4YmFjZmU4NzU1YzM0MTgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82MjZmNGYyOC04ODBjLTRiYjUtOTQ0Mi05ZWVm
OTMyNWQ3ZWIvMjliZmM2M2M0ZDJlMjIyZGYzYTA5OWUyMjI1NjdkZWI5ZTg4YmIy
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBggrBgEFBQcBBwEB/wRO
MEwwOwQCAAEwNQMEBLq94AMEArq9+AMEBr4CAAMDAL7SAwQFyD2gAwQGyERAAwQG
yEXAAwQGyHuAAwQGydjAMA0EAgACMAcDBQAoAABAMA0GCSqGSIb3DQEBCwUAA4IB
AQBItJhHCTGRFfibG3zWlYHF3PY7NZEiNCq4YVUKctluRzaktdaltumMZ1VX6+RS
WUqVkZG3Uatff9WPBI4udYvzGiaYIasTJNRFEiakKrkfq3trqWw/dFqR2SkWRRRN
4Za+ElCmZ5d5a9DtewSFqkw75yNwMJ+zcjSpl+X3+ZUhc3mJSaidfxLpL7bwPo8h
Sljqpb0gn8n0Km9wzdVlBZHMxFK3+qY4Vxwt404prRQPEWfleQq5btSGKQ/jOQpb
qVjyOlJ3i29w09kxaImSSeF8567QFp25vUTvs7miNWDVB+FUzuHcTUUleivwdOmn
shBXM8sqIZrg8GNLwbEHVaeb
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:46 2024 by rpki-client on console-fra.rpki-client.org