Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/6edc81726908bf3180e92c34ac3c7ef13e709d4c.roa
File:                     6edc81726908bf3180e92c34ac3c7ef13e709d4c.roa (raw, json)
Hash identifier:          qCkQMHI/5haxWRKBz+32ARC+9nK5cPpRpOmbF4UDU8s=
Subject key identifier:   E7:6D:AF:AB:C2:1B:B1:9F:2F:A9:8C:8F:EE:D4:D2:11:8E:D3:32:FB
Certificate issuer:       /CN=3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1
Certificate serial:       0D2E92
Authority key identifier: AC:7D:7D:7E:A0:9E:88:51:25:89:0B:4F:D1:63:23:CE:9F:36:81:E7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/6edc81726908bf3180e92c34ac3c7ef13e709d4c.roa
Signing time:             Wed 24 Mar 2021 14:43:09 +0000
ROA not before:           Wed 24 Mar 2021 14:43:08 +0000
ROA not after:            Tue 24 Mar 2026 14:43:08 +0000
asID:                     32098
IP address blocks:        201.174.0.0/24 maxlen: 24
                          201.174.10.0/24 maxlen: 24
                          201.174.101.0/24 maxlen: 24
                          201.174.102.0/24 maxlen: 24
                          201.174.103.0/24 maxlen: 24
                          201.174.104.0/24 maxlen: 24
                          201.174.11.0/24 maxlen: 24
                          201.174.110.0/24 maxlen: 24
                          201.174.112.0/24 maxlen: 24
                          201.174.115.0/24 maxlen: 24
                          201.174.117.0/24 maxlen: 24
                          201.174.118.0/24 maxlen: 24
                          201.174.12.0/24 maxlen: 24
                          201.174.120.0/24 maxlen: 24
                          201.174.123.0/24 maxlen: 24
                          201.174.124.0/24 maxlen: 24
                          201.174.125.0/24 maxlen: 24
                          201.174.126.0/24 maxlen: 24
                          201.174.127.0/24 maxlen: 24
                          201.174.16.0/24 maxlen: 24
                          201.174.17.0/24 maxlen: 24
                          201.174.18.0/24 maxlen: 24
                          201.174.19.0/24 maxlen: 24
                          201.174.192.0/22 maxlen: 24
                          201.174.196.0/22 maxlen: 24
                          201.174.20.0/24 maxlen: 24
                          201.174.208.0/20 maxlen: 24
                          201.174.21.0/24 maxlen: 24
                          201.174.22.0/24 maxlen: 24
                          201.174.226.0/24 maxlen: 24
                          201.174.227.0/24 maxlen: 24
                          201.174.23.0/24 maxlen: 24
                          201.174.232.0/24 maxlen: 24
                          201.174.233.0/24 maxlen: 24
                          201.174.234.0/24 maxlen: 24
                          201.174.237.0/24 maxlen: 24
                          201.174.238.0/24 maxlen: 24
                          201.174.239.0/24 maxlen: 24
                          201.174.24.0/24 maxlen: 24
                          201.174.25.0/24 maxlen: 24
                          201.174.251.0/24 maxlen: 24
                          201.174.255.0/24 maxlen: 24
                          201.174.26.0/24 maxlen: 24
                          201.174.28.0/24 maxlen: 24
                          201.174.29.0/24 maxlen: 24
                          201.174.3.0/24 maxlen: 24
                          201.174.32.0/24 maxlen: 24
                          201.174.33.0/24 maxlen: 24
                          201.174.35.0/24 maxlen: 24
                          201.174.36.0/23 maxlen: 24
                          201.174.38.0/24 maxlen: 24
                          201.174.39.0/24 maxlen: 24
                          201.174.4.0/24 maxlen: 24
                          201.174.40.0/24 maxlen: 24
                          201.174.41.0/24 maxlen: 24
                          201.174.44.0/24 maxlen: 24
                          201.174.45.0/24 maxlen: 24
                          201.174.46.0/24 maxlen: 24
                          201.174.47.0/24 maxlen: 24
                          201.174.48.0/24 maxlen: 24
                          201.174.49.0/24 maxlen: 24
                          201.174.5.0/24 maxlen: 24
                          201.174.51.0/24 maxlen: 24
                          201.174.52.0/24 maxlen: 24
                          201.174.57.0/24 maxlen: 24
                          201.174.58.0/24 maxlen: 24
                          201.174.61.0/24 maxlen: 24
                          201.174.64.0/24 maxlen: 24
                          201.174.65.0/24 maxlen: 24
                          201.174.66.0/24 maxlen: 24
                          201.174.67.0/24 maxlen: 24
                          201.174.68.0/24 maxlen: 24
                          201.174.7.0/24 maxlen: 24
                          201.174.73.0/24 maxlen: 24
                          201.174.74.0/24 maxlen: 24
                          201.174.80.0/24 maxlen: 24
                          201.174.81.0/24 maxlen: 24
                          201.174.83.0/24 maxlen: 24
                          201.174.87.0/24 maxlen: 24
                          201.174.9.0/24 maxlen: 24
                          201.174.96.0/24 maxlen: 24
                          201.174.97.0/24 maxlen: 24
                          201.174.98.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 863890 (0xd2e92)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1
        Validity
            Not Before: Mar 24 14:43:08 2021 GMT
            Not After : Mar 24 14:43:08 2026 GMT
        Subject: CN=6edc81726908bf3180e92c34ac3c7ef13e709d4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:6f:ad:0d:f3:bf:b4:b1:6c:2d:92:bf:dc:13:
                    0b:88:7d:e5:23:66:3a:80:a7:18:09:55:b9:78:56:
                    a1:6a:7f:94:c6:64:f9:3c:7b:88:6a:37:4a:34:26:
                    51:cc:10:92:e5:e2:23:64:1c:a5:cd:75:4a:27:20:
                    bf:4a:26:4a:18:0b:dc:61:16:05:0b:fc:b2:88:e9:
                    7b:74:0f:c2:ce:93:35:61:ec:71:bb:92:ee:d6:af:
                    b0:0b:c0:65:a8:53:2b:9f:c5:9d:3d:2c:4f:39:a9:
                    7c:2f:2c:cd:c5:81:46:21:a3:f8:85:bf:ab:f3:4f:
                    56:24:23:d8:f4:55:44:1a:c9:96:f4:0f:31:a2:5b:
                    45:a3:86:cc:63:1c:9f:6d:a7:bd:6b:70:59:75:a4:
                    57:29:52:dd:f7:f9:5a:be:57:25:a5:1e:d1:83:af:
                    0f:e9:f2:61:6e:e2:16:90:ef:e5:8b:05:f4:6d:ff:
                    b6:b6:8a:3f:b1:ce:15:81:ac:f8:ea:64:a1:b9:02:
                    76:10:56:14:36:81:0d:84:d2:42:f6:50:ae:2e:d0:
                    78:22:14:89:5b:e5:cf:57:d9:ee:dc:91:f2:85:76:
                    4a:2d:64:87:26:4c:71:a9:31:db:3a:43:86:e0:58:
                    0c:e0:5a:30:3b:7e:98:f1:58:d6:06:f7:46:f8:c6:
                    39:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:6D:AF:AB:C2:1B:B1:9F:2F:A9:8C:8F:EE:D4:D2:11:8E:D3:32:FB
            X509v3 Authority Key Identifier:
                keyid:AC:7D:7D:7E:A0:9E:88:51:25:89:0B:4F:D1:63:23:CE:9F:36:81:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/6edc81726908bf3180e92c34ac3c7ef13e709d4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.174.0.0/24
                  201.174.3.0-201.174.5.255
                  201.174.7.0/24
                  201.174.9.0-201.174.12.255
                  201.174.16.0-201.174.26.255
                  201.174.28.0/23
                  201.174.32.0/23
                  201.174.35.0-201.174.41.255
                  201.174.44.0-201.174.49.255
                  201.174.51.0-201.174.52.255
                  201.174.57.0-201.174.58.255
                  201.174.61.0/24
                  201.174.64.0-201.174.68.255
                  201.174.73.0-201.174.74.255
                  201.174.80.0/23
                  201.174.83.0/24
                  201.174.87.0/24
                  201.174.96.0-201.174.98.255
                  201.174.101.0-201.174.104.255
                  201.174.110.0/24
                  201.174.112.0/24
                  201.174.115.0/24
                  201.174.117.0-201.174.118.255
                  201.174.120.0/24
                  201.174.123.0-201.174.127.255
                  201.174.192.0/21
                  201.174.208.0/20
                  201.174.226.0/23
                  201.174.232.0-201.174.234.255
                  201.174.237.0-201.174.239.255
                  201.174.251.0/24
                  201.174.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:97:93:06:8a:3a:af:c4:53:ba:e5:e0:c2:73:ce:6b:0b:f3:
         82:0e:cf:f8:8e:f4:52:c5:af:38:47:65:29:cc:95:0f:ef:3b:
         aa:3a:3b:9a:da:be:46:a7:c7:dc:38:0a:1a:29:60:0c:94:e0:
         e9:a2:cd:de:5c:88:97:79:03:1f:d7:45:bb:08:e6:a9:09:93:
         92:9c:6a:20:c7:e6:45:3d:75:49:59:ce:25:86:e6:0e:65:2f:
         27:15:ae:25:f8:2d:ec:b9:44:c3:47:2f:18:ba:3f:8c:ed:2c:
         f3:13:7c:ef:02:73:3c:33:6f:c7:09:e8:35:08:5f:57:ea:70:
         3f:16:5f:9c:8e:9d:55:e2:d4:b5:9e:e6:7d:55:74:ea:e4:61:
         d6:5a:4d:9e:0b:54:ab:7c:dd:23:4f:63:a6:47:ce:50:16:2e:
         f6:c0:23:3e:62:72:da:f5:a0:73:6a:97:1f:c6:7e:6a:92:04:
         c7:46:10:00:4e:48:7e:5e:29:51:8f:38:95:f3:c0:10:0c:80:
         91:22:f5:e5:9d:c0:bf:7d:ab:6f:55:dd:3f:b6:39:ef:05:af:
         ce:10:a8:a4:f2:28:73:df:6d:3e:7c:da:1b:d0:e1:48:6c:b0:
         30:78:89:94:1f:12:94:50:68:62:8a:8b:a1:ec:83:a8:eb:eb:
         9f:b6:d6:ce
-----BEGIN CERTIFICATE-----
MIIGfDCCBWSgAwIBAgIDDS6SMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNj
ZGI5ZTdhODdkNzJjOTBiYTc1OGEwZGM3MGYwOWIzMjgxY2IwZjEwHhcNMjEwMzI0
MTQ0MzA4WhcNMjYwMzI0MTQ0MzA4WjAzMTEwLwYDVQQDEyg2ZWRjODE3MjY5MDhi
ZjMxODBlOTJjMzRhYzNjN2VmMTNlNzA5ZDRjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApG+tDfO/tLFsLZK/3BMLiH3lI2Y6gKcYCVW5eFahan+UxmT5
PHuIajdKNCZRzBCS5eIjZBylzXVKJyC/SiZKGAvcYRYFC/yyiOl7dA/CzpM1Yexx
u5Lu1q+wC8BlqFMrn8WdPSxPOal8LyzNxYFGIaP4hb+r809WJCPY9FVEGsmW9A8x
oltFo4bMYxyfbae9a3BZdaRXKVLd9/lavlclpR7Rg68P6fJhbuIWkO/liwX0bf+2
too/sc4Vgaz46mShuQJ2EFYUNoENhNJC9lCuLtB4IhSJW+XPV9nu3JHyhXZKLWSH
JkxxqTHbOkOG4FgM4FowO36Y8VjWBvdG+MY5nQIDAQABo4IDlzCCA5MwHQYDVR0O
BBYEFOdtr6vCG7GfL6mMj+7U0hGO0zL7MB8GA1UdIwQYMBaAFKx9fX6gnohRJYkL
T9FjI86fNoHnMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2NkYjll
N2E4N2Q3MmM5MGJhNzU4YTBkYzcwZjA5YjMyODFjYjBmMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmRlYjM5YjItZWU0OS00NjE5LTk5OGYtNzM2ODg2
MTY5Njk0LzZlZGM4MTcyNjkwOGJmMzE4MGU5MmMzNGFjM2M3ZWYxM2U3MDlkNGMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82ZGViMzliMi1lZTQ5LTQ2MTktOTk4Zi03MzY4
ODYxNjk2OTQvM2NkYjllN2E4N2Q3MmM5MGJhNzU4YTBkYzcwZjA5YjMyODFjYjBm
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCAVkGCCsGAQUFBwEHAQH/
BIIBSDCCAUQwggFABAIAATCCATgDBADJrgAwDAMEAMmuAwMEAcmuBAMEAMmuBzAM
AwQAya4JAwQAya4MMAwDBATJrhADBADJrhoDBAHJrhwDBAHJriAwDAMEAMmuIwME
AcmuKDAMAwQCya4sAwQBya4wMAwDBADJrjMDBADJrjQwDAMEAMmuOQMEAMmuOgME
AMmuPTAMAwQGya5AAwQAya5EMAwDBADJrkkDBADJrkoDBAHJrlADBADJrlMDBADJ
rlcwDAMEBcmuYAMEAMmuYjAMAwQAya5lAwQAya5oAwQAya5uAwQAya5wAwQAya5z
MAwDBADJrnUDBADJrnYDBADJrngwDAMEAMmuewMEB8muAAMEA8muwAMEBMmu0AME
Acmu4jAMAwQDya7oAwQAya7qMAwDBADJru0DBATJruADBADJrvsDBADJrv8wDQYJ
KoZIhvcNAQELBQADggEBAHSXkwaKOq/EU7rl4MJzzmsL84IOz/iO9FLFrzhHZSnM
lQ/vO6o6O5ravkanx9w4ChopYAyU4Omizd5ciJd5Ax/XRbsI5qkJk5KcaiDH5kU9
dUlZziWG5g5lLycVriX4Ley5RMNHLxi6P4ztLPMTfO8Cczwzb8cJ6DUIX1fqcD8W
X5yOnVXi1LWe5n1VdOrkYdZaTZ4LVKt83SNPY6ZHzlAWLvbAIz5ictr1oHNqlx/G
fmqSBMdGEABOSH5eKVGPOJXzwBAMgJEi9eWdwL99q29V3T+2Oe8Fr84QqKTyKHPf
bT582hvQ4UhssDB4iZQfEpRQaGKKi6Hsg6jr65+21s4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:50 2024 by rpki-client on console-fra.rpki-client.org