Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6a17cb29-660f-49bf-909a-28ce4bd7356c/64bc2471e1a6203bf48fadfa3b50ede34a4cfc55.roa
File:                     64bc2471e1a6203bf48fadfa3b50ede34a4cfc55.roa (raw, json)
Hash identifier:          wBgKPJL5MRUToWkRLlxsdOlT2dUdu0UJ5hjDnLnkls8=
Subject key identifier:   F4:A0:E2:9D:42:CB:FB:33:3A:30:34:72:9E:06:E1:18:2B:9A:40:A7
Certificate issuer:       /CN=03db7f368709412d68f18d6190ed8997e247550a
Certificate serial:       21CDCD
Authority key identifier: C8:9F:AB:1F:EB:EE:C7:35:7C:DC:80:17:DA:98:8E:81:B6:40:65:19
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/03db7f368709412d68f18d6190ed8997e247550a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6a17cb29-660f-49bf-909a-28ce4bd7356c/64bc2471e1a6203bf48fadfa3b50ede34a4cfc55.roa
Signing time:             Wed 14 Jun 2023 02:38:43 +0000
ROA not before:           Tue 13 Jun 2023 02:38:43 +0000
ROA not after:            Sat 14 Jun 2025 02:38:43 +0000
asID:                     19905
IP address blocks:        204.87.205.0/24 maxlen: 24
                          132.191.0.0/16 maxlen: 24
                          132.157.0.0/16 maxlen: 24
                          200.192.105.0/24 maxlen: 24
                          132.184.0.0/16 maxlen: 24
                          207.248.121.0/24 maxlen: 24
                          207.248.123.0/24 maxlen: 24
                          132.251.0.0/17 maxlen: 24
                          132.251.128.0/18 maxlen: 24
                          132.251.192.0/19 maxlen: 24
                          186.160.0.0/14 maxlen: 24
                          200.110.0.0/19 maxlen: 24
                          200.110.32.0/20 maxlen: 24
                          201.131.121.0/24 maxlen: 24
                          2803:7180::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2215373 (0x21cdcd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03db7f368709412d68f18d6190ed8997e247550a
        Validity
            Not Before: Jun 13 02:38:43 2023 GMT
            Not After : Jun 14 02:38:43 2025 GMT
        Subject: CN=64bc2471e1a6203bf48fadfa3b50ede34a4cfc55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:64:cd:d0:57:a5:93:55:64:1d:88:98:b9:57:
                    20:f3:09:86:39:59:17:c4:df:58:cd:2d:22:4d:4d:
                    bd:73:74:1a:8f:19:24:ed:7b:c6:d8:19:20:f9:d2:
                    a7:50:80:17:6b:70:a6:6c:61:76:ed:02:c5:b4:da:
                    ee:b5:44:34:4a:7c:6e:1c:6a:9a:10:b1:c0:4d:8b:
                    24:05:cf:5b:8c:d7:46:12:52:17:5e:16:1c:08:95:
                    9b:39:85:fa:13:72:fc:a2:62:8c:0c:c9:20:2e:fd:
                    dd:17:26:f2:7e:db:2a:b7:9d:72:32:8e:76:02:63:
                    9c:dd:84:c8:57:11:e1:b8:05:97:81:56:88:5c:0c:
                    be:3f:ac:1d:a1:4e:0f:6b:d0:17:4e:1e:87:50:91:
                    78:e3:31:8a:d9:fc:ae:0d:21:57:84:5c:c3:8e:1c:
                    18:33:6b:bc:42:8b:14:73:6b:89:63:af:80:8e:9d:
                    32:15:1e:b0:46:23:52:b8:7a:e1:5a:fb:8b:b4:f4:
                    90:37:d1:da:fb:fc:77:11:5b:f7:2e:f4:e8:b3:d6:
                    46:1e:dc:d3:b1:42:0f:47:28:49:da:66:53:94:de:
                    13:89:8f:ba:cf:db:e0:5a:64:44:bb:24:1b:50:6a:
                    6a:73:35:62:a3:e3:52:89:8b:a2:0a:93:08:8b:5a:
                    ef:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:A0:E2:9D:42:CB:FB:33:3A:30:34:72:9E:06:E1:18:2B:9A:40:A7
            X509v3 Authority Key Identifier:
                keyid:C8:9F:AB:1F:EB:EE:C7:35:7C:DC:80:17:DA:98:8E:81:B6:40:65:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/03db7f368709412d68f18d6190ed8997e247550a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6a17cb29-660f-49bf-909a-28ce4bd7356c/64bc2471e1a6203bf48fadfa3b50ede34a4cfc55.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6a17cb29-660f-49bf-909a-28ce4bd7356c/03db7f368709412d68f18d6190ed8997e247550a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.157.0.0/16
                  132.184.0.0/16
                  132.191.0.0/16
                  132.251.0.0-132.251.223.255
                  186.160.0.0/14
                  200.110.0.0-200.110.47.255
                  200.192.105.0/24
                  201.131.121.0/24
                  204.87.205.0/24
                  207.248.121.0/24
                  207.248.123.0/24
                IPv6:
                  2803:7180::/32

    Signature Algorithm: sha256WithRSAEncryption
         5b:9b:53:53:bc:e6:c2:07:d0:8e:25:44:80:d5:9f:30:df:ee:
         44:e9:c8:a4:74:c8:1f:29:50:68:77:d1:46:1d:db:7d:f2:a4:
         16:81:cb:4f:27:d0:67:42:ee:d2:71:ba:48:1b:d5:04:f3:9f:
         a2:6e:3b:3a:a2:09:c5:f8:74:ce:da:7e:03:05:ac:68:5e:06:
         74:5e:a0:1c:52:e5:e1:13:c4:ff:09:ca:0c:3c:58:54:ae:b4:
         26:1f:fd:a5:54:8a:2e:53:70:5c:bc:b1:2c:23:00:78:26:40:
         09:58:75:8d:e9:d6:ca:aa:14:88:44:2c:fb:30:2e:c0:71:11:
         50:a0:c9:d9:f9:d8:c8:40:e7:0a:7c:7c:08:5a:c5:8d:33:a0:
         e5:c4:89:79:fe:5a:56:d4:11:1c:3a:34:48:6f:d7:82:61:ed:
         94:7c:2c:42:ab:05:4a:2c:70:5a:11:b8:e6:52:e3:cf:30:1c:
         88:f4:96:1b:3a:b3:21:bf:4b:7f:03:6f:03:19:f7:c4:22:e9:
         8a:59:d5:3f:b2:e6:3d:ca:80:cc:5d:0c:64:45:3f:c7:9f:34:
         66:ca:a6:75:ff:f0:6c:8c:95:61:1b:85:fc:6f:46:b1:69:ba:
         ca:47:a7:8e:b7:a2:3b:ba:71:02:cc:ce:34:16:ee:fb:3d:6d:
         25:d9:07:90
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDIc3NMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAz
ZGI3ZjM2ODcwOTQxMmQ2OGYxOGQ2MTkwZWQ4OTk3ZTI0NzU1MGEwHhcNMjMwNjEz
MDIzODQzWhcNMjUwNjE0MDIzODQzWjAzMTEwLwYDVQQDEyg2NGJjMjQ3MWUxYTYy
MDNiZjQ4ZmFkZmEzYjUwZWRlMzRhNGNmYzU1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlGTN0Felk1VkHYiYuVcg8wmGOVkXxN9YzS0iTU29c3Qajxkk
7XvG2Bkg+dKnUIAXa3CmbGF27QLFtNrutUQ0SnxuHGqaELHATYskBc9bjNdGElIX
XhYcCJWbOYX6E3L8omKMDMkgLv3dFybyftsqt51yMo52AmOc3YTIVxHhuAWXgVaI
XAy+P6wdoU4Pa9AXTh6HUJF44zGK2fyuDSFXhFzDjhwYM2u8QosUc2uJY6+Ajp0y
FR6wRiNSuHrhWvuLtPSQN9Ha+/x3EVv3LvTos9ZGHtzTsUIPRyhJ2mZTlN4TiY+6
z9vgWmREuyQbUGpqczVio+NSiYuiCpMIi1rvTwIDAQABo4ICsDCCAqwwHQYDVR0O
BBYEFPSg4p1Cy/szOjA0cp4G4RgrmkCnMB8GA1UdIwQYMBaAFMifqx/r7sc1fNyA
F9qYjoG2QGUZMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDNkYjdm
MzY4NzA5NDEyZDY4ZjE4ZDYxOTBlZDg5OTdlMjQ3NTUwYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmExN2NiMjktNjYwZi00OWJmLTkwOWEtMjhjZTRi
ZDczNTZjLzY0YmMyNDcxZTFhNjIwM2JmNDhmYWRmYTNiNTBlZGUzNGE0Y2ZjNTUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82YTE3Y2IyOS02NjBmLTQ5YmYtOTA5YS0yOGNl
NGJkNzM1NmMvMDNkYjdmMzY4NzA5NDEyZDY4ZjE4ZDYxOTBlZDg5OTdlMjQ3NTUw
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB0BggrBgEFBQcBBwEB/wRl
MGMwUgQCAAEwTAMDAISdAwMAhLgDAwCEvzALAwMAhPsDBAWE+8ADAwK6oDALAwMB
yG4DBATIbiADBADIwGkDBADJg3kDBADMV80DBADP+HkDBADP+HswDQQCAAIwBwMF
ACgDcYAwDQYJKoZIhvcNAQELBQADggEBAFubU1O85sIH0I4lRIDVnzDf7kTpyKR0
yB8pUGh30UYd233ypBaBy08n0GdC7tJxukgb1QTzn6JuOzqiCcX4dM7afgMFrGhe
BnReoBxS5eETxP8Jygw8WFSutCYf/aVUii5TcFy8sSwjAHgmQAlYdY3p1sqqFIhE
LPswLsBxEVCgydn52MhA5wp8fAhaxY0zoOXEiXn+WlbUERw6NEhv14Jh7ZR8LEKr
BUoscFoRuOZS488wHIj0lhs6syG/S38DbwMZ98Qi6YpZ1T+y5j3KgMxdDGRFP8ef
NGbKpnX/8GyMlWEbhfxvRrFpuspHp463oju6cQLMzjQW7vs9bSXZB5A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:49 2024 by rpki-client on console-fra.rpki-client.org