Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6a17cb29-660f-49bf-909a-28ce4bd7356c/d4bbec7fbe98a71c371ef1daf6e7aaf64e928980.roa
File:                     d4bbec7fbe98a71c371ef1daf6e7aaf64e928980.roa (raw, json)
Hash identifier:          4eoKQeyiSt0msETUy3MfbXM/QswXE/Kj6XuvIKCzn5E=
Subject key identifier:   94:E5:AB:83:2F:C5:4C:AA:A3:2A:BA:7B:66:CC:CA:F8:B4:D6:CF:05
Certificate issuer:       /CN=03db7f368709412d68f18d6190ed8997e247550a
Certificate serial:       0D8D30
Authority key identifier: C8:9F:AB:1F:EB:EE:C7:35:7C:DC:80:17:DA:98:8E:81:B6:40:65:19
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/03db7f368709412d68f18d6190ed8997e247550a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6a17cb29-660f-49bf-909a-28ce4bd7356c/d4bbec7fbe98a71c371ef1daf6e7aaf64e928980.roa
Signing time:             Wed 24 Mar 2021 14:46:04 +0000
ROA not before:           Wed 24 Mar 2021 14:46:03 +0000
ROA not after:            Tue 24 Mar 2026 14:46:03 +0000
asID:                     21575
IP address blocks:        201.131.121.0/24 maxlen: 24
                          132.157.0.0/16 maxlen: 24
                          132.184.0.0/16 maxlen: 24
                          132.191.0.0/16 maxlen: 24
                          132.251.0.0/17 maxlen: 24
                          132.251.128.0/18 maxlen: 24
                          132.251.192.0/19 maxlen: 24
                          186.160.0.0/14 maxlen: 24
                          200.110.0.0/19 maxlen: 24
                          200.110.32.0/20 maxlen: 24
                          200.192.105.0/24 maxlen: 24
                          204.87.205.0/24 maxlen: 24
                          207.248.121.0/24 maxlen: 24
                          207.248.123.0/24 maxlen: 24
                          2803:7180::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 888112 (0xd8d30)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03db7f368709412d68f18d6190ed8997e247550a
        Validity
            Not Before: Mar 24 14:46:03 2021 GMT
            Not After : Mar 24 14:46:03 2026 GMT
        Subject: CN=d4bbec7fbe98a71c371ef1daf6e7aaf64e928980
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:2b:12:8e:0b:a2:e5:e0:93:98:45:9d:b1:79:
                    d8:c9:78:9c:b8:32:d3:b7:0f:8c:8e:fe:2c:23:63:
                    9c:8a:99:a9:82:66:b8:d9:bc:3f:e8:3d:ee:c9:10:
                    c3:0d:e5:4b:65:4a:2f:ed:3c:0f:88:cd:a5:9d:13:
                    ef:29:d3:18:78:a0:c9:27:a1:11:0c:01:7e:4c:7c:
                    76:aa:94:04:dd:a1:88:15:91:dc:dc:33:81:82:a4:
                    c2:18:63:a4:01:61:c3:71:04:d8:f7:04:63:2c:5f:
                    1a:a4:f5:1e:c8:51:d0:70:12:bc:e2:d7:d7:7d:5a:
                    f3:b0:9f:90:32:0b:d2:26:11:fb:f6:46:8a:78:eb:
                    64:65:fc:51:35:96:be:a3:a3:81:25:1e:a2:7a:0a:
                    95:76:39:9a:fc:7a:a3:a8:e7:9c:a8:6a:ce:be:83:
                    3d:79:c4:0a:a8:e2:48:42:d1:64:ac:36:89:84:5c:
                    fc:19:f8:01:26:af:8c:a5:a0:11:f8:df:62:a0:21:
                    de:cb:0f:16:ce:93:72:ed:15:ae:7e:c4:16:94:0b:
                    2c:da:69:6f:69:04:d3:fa:44:77:70:39:60:a0:08:
                    82:13:8e:92:53:30:2b:5e:5d:da:38:4f:68:c9:b7:
                    01:c8:ab:76:a5:39:d4:4a:27:06:cc:33:ea:0d:21:
                    4a:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:E5:AB:83:2F:C5:4C:AA:A3:2A:BA:7B:66:CC:CA:F8:B4:D6:CF:05
            X509v3 Authority Key Identifier:
                keyid:C8:9F:AB:1F:EB:EE:C7:35:7C:DC:80:17:DA:98:8E:81:B6:40:65:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/03db7f368709412d68f18d6190ed8997e247550a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6a17cb29-660f-49bf-909a-28ce4bd7356c/d4bbec7fbe98a71c371ef1daf6e7aaf64e928980.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6a17cb29-660f-49bf-909a-28ce4bd7356c/03db7f368709412d68f18d6190ed8997e247550a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.157.0.0/16
                  132.184.0.0/16
                  132.191.0.0/16
                  132.251.0.0-132.251.223.255
                  186.160.0.0/14
                  200.110.0.0-200.110.47.255
                  200.192.105.0/24
                  201.131.121.0/24
                  204.87.205.0/24
                  207.248.121.0/24
                  207.248.123.0/24
                IPv6:
                  2803:7180::/32

    Signature Algorithm: sha256WithRSAEncryption
         06:20:55:cd:85:ca:68:ec:03:7b:9f:67:1f:46:f4:e5:18:36:
         e2:c8:73:72:91:00:bf:c7:d0:c1:a3:5e:f7:40:3b:ab:f1:b3:
         19:f2:18:6f:85:31:37:35:90:90:ae:2b:91:90:29:1c:76:b9:
         37:74:0e:aa:e1:01:54:a9:76:16:0d:c7:1d:2e:20:ac:c4:60:
         4d:b7:45:b5:11:a6:aa:20:9f:bb:12:fe:8d:c4:73:cf:ad:7f:
         0f:92:ee:83:e0:8f:ad:fb:63:5d:70:93:f1:ca:2e:85:25:d2:
         d7:7f:df:bf:d8:2b:b8:d0:d4:1c:33:d1:28:f9:67:2b:fb:36:
         04:41:e4:06:7e:83:6a:9a:e8:98:f3:fc:10:0e:16:0a:db:7d:
         a5:2f:d2:91:03:d2:03:a6:b5:ec:50:7e:e3:b2:3d:c6:fe:3b:
         ca:51:ff:af:dd:fe:0a:60:1c:a0:41:e2:0f:75:d4:8b:11:29:
         75:4a:8d:d9:c6:a8:56:a5:d6:63:7e:62:b1:0b:3b:48:b4:fa:
         e9:8b:30:51:b2:89:76:67:40:1b:a3:eb:cd:8a:b7:5a:7d:b7:
         3e:54:ac:4a:2f:9f:62:27:28:a9:81:88:af:3b:cf:7e:be:06:
         51:d5:ba:bb:79:5c:8a:15:5f:d8:64:68:8f:60:95:9e:a2:8f:
         f6:ce:88:9f
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDDY0wMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAz
ZGI3ZjM2ODcwOTQxMmQ2OGYxOGQ2MTkwZWQ4OTk3ZTI0NzU1MGEwHhcNMjEwMzI0
MTQ0NjAzWhcNMjYwMzI0MTQ0NjAzWjAzMTEwLwYDVQQDEyhkNGJiZWM3ZmJlOThh
NzFjMzcxZWYxZGFmNmU3YWFmNjRlOTI4OTgwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA6ysSjgui5eCTmEWdsXnYyXicuDLTtw+Mjv4sI2Ocipmpgma4
2bw/6D3uyRDDDeVLZUov7TwPiM2lnRPvKdMYeKDJJ6ERDAF+THx2qpQE3aGIFZHc
3DOBgqTCGGOkAWHDcQTY9wRjLF8apPUeyFHQcBK84tfXfVrzsJ+QMgvSJhH79kaK
eOtkZfxRNZa+o6OBJR6iegqVdjma/HqjqOecqGrOvoM9ecQKqOJIQtFkrDaJhFz8
GfgBJq+MpaAR+N9ioCHeyw8WzpNy7RWufsQWlAss2mlvaQTT+kR3cDlgoAiCE46S
UzArXl3aOE9oybcByKt2pTnUSicGzDPqDSFK2QIDAQABo4ICsDCCAqwwHQYDVR0O
BBYEFJTlq4MvxUyqoyq6e2bMyvi01s8FMB8GA1UdIwQYMBaAFMifqx/r7sc1fNyA
F9qYjoG2QGUZMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDNkYjdm
MzY4NzA5NDEyZDY4ZjE4ZDYxOTBlZDg5OTdlMjQ3NTUwYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmExN2NiMjktNjYwZi00OWJmLTkwOWEtMjhjZTRi
ZDczNTZjL2Q0YmJlYzdmYmU5OGE3MWMzNzFlZjFkYWY2ZTdhYWY2NGU5Mjg5ODAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82YTE3Y2IyOS02NjBmLTQ5YmYtOTA5YS0yOGNl
NGJkNzM1NmMvMDNkYjdmMzY4NzA5NDEyZDY4ZjE4ZDYxOTBlZDg5OTdlMjQ3NTUw
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB0BggrBgEFBQcBBwEB/wRl
MGMwUgQCAAEwTAMDAISdAwMAhLgDAwCEvzALAwMAhPsDBAWE+8ADAwK6oDALAwMB
yG4DBATIbiADBADIwGkDBADJg3kDBADMV80DBADP+HkDBADP+HswDQQCAAIwBwMF
ACgDcYAwDQYJKoZIhvcNAQELBQADggEBAAYgVc2FymjsA3ufZx9G9OUYNuLIc3KR
AL/H0MGjXvdAO6vxsxnyGG+FMTc1kJCuK5GQKRx2uTd0DqrhAVSpdhYNxx0uIKzE
YE23RbURpqogn7sS/o3Ec8+tfw+S7oPgj637Y11wk/HKLoUl0td/37/YK7jQ1Bwz
0Sj5Zyv7NgRB5AZ+g2qa6Jjz/BAOFgrbfaUv0pED0gOmtexQfuOyPcb+O8pR/6/d
/gpgHKBB4g911IsRKXVKjdnGqFal1mN+YrELO0i0+umLMFGyiXZnQBuj682Kt1p9
tz5UrEovn2InKKmBiK87z36+BlHVurt5XIoVX9hkaI9glZ6ij/bOiJ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:59 2024 by rpki-client on console-ams.rpki-client.org