Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/b1f8d2bd8d7ab7dcd97a3ec24d7b50a4d4ad62cb.roa
File:                     b1f8d2bd8d7ab7dcd97a3ec24d7b50a4d4ad62cb.roa (raw, json)
Hash identifier:          vGN6FSUg3NICElzsEsrUMszaNqfH/6sNMMedZNNUbgM=
Subject key identifier:   51:5B:93:46:58:CC:34:DC:B8:B7:69:89:3E:82:7E:99:FB:EA:BC:FF
Certificate issuer:       /CN=3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1
Certificate serial:       1ED8A6
Authority key identifier: AC:7D:7D:7E:A0:9E:88:51:25:89:0B:4F:D1:63:23:CE:9F:36:81:E7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/b1f8d2bd8d7ab7dcd97a3ec24d7b50a4d4ad62cb.roa
Signing time:             Fri 24 Mar 2023 08:30:09 +0000
ROA not before:           Thu 23 Mar 2023 08:30:09 +0000
ROA not after:            Sat 22 Mar 2025 08:30:09 +0000
asID:                     32098
IP address blocks:        201.174.0.0/17 maxlen: 18
                          201.174.135.0/24 maxlen: 24
                          201.174.136.0/24 maxlen: 24
                          201.174.139.0/24 maxlen: 24
                          201.174.141.0/24 maxlen: 24
                          201.174.142.0/23 maxlen: 24
                          201.174.144.0/21 maxlen: 24
                          201.174.152.0/23 maxlen: 24
                          201.174.154.0/24 maxlen: 24
                          201.174.157.0/24 maxlen: 24
                          201.174.163.0/24 maxlen: 24
                          201.174.167.0/24 maxlen: 24
                          201.174.169.0/24 maxlen: 24
                          201.174.173.0/24 maxlen: 24
                          201.174.174.0/24 maxlen: 24
                          201.174.176.0/22 maxlen: 22
                          201.174.186.0/23 maxlen: 24
                          201.174.189.0/24 maxlen: 24
                          201.174.247.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2021542 (0x1ed8a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1
        Validity
            Not Before: Mar 23 08:30:09 2023 GMT
            Not After : Mar 22 08:30:09 2025 GMT
        Subject: CN=b1f8d2bd8d7ab7dcd97a3ec24d7b50a4d4ad62cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:f1:f4:61:eb:b7:32:df:c6:1e:22:b9:81:e1:
                    a3:3d:e7:1d:92:7b:40:34:dc:be:37:45:45:f5:ac:
                    9b:80:bc:cb:66:10:62:f8:96:7a:d5:b1:ca:b7:70:
                    d3:ed:44:14:3e:b5:d0:8f:a8:50:f6:9e:8f:65:4e:
                    66:c0:71:13:f2:0a:5a:96:17:eb:1d:3a:1a:14:47:
                    65:86:6a:1d:d3:4b:48:4a:c1:f0:1c:53:1d:00:99:
                    84:18:46:0b:50:f5:16:bd:88:1d:05:b6:d8:a8:0b:
                    62:00:66:4a:e9:4b:62:1c:39:8a:23:a6:88:40:e0:
                    4d:12:5e:ea:9c:50:9a:f1:67:80:74:9d:c1:77:08:
                    82:e9:ac:99:73:77:13:85:cc:16:96:21:bb:cf:64:
                    44:98:54:fa:5b:d3:52:63:4e:0a:76:fd:e0:c7:5d:
                    7f:64:f0:88:48:41:ba:c8:c3:92:04:2c:d4:69:51:
                    a4:0a:04:d4:f4:e0:87:cc:0b:12:a0:72:10:c5:cb:
                    65:97:77:f7:b0:2e:c4:74:a6:ff:45:6c:bc:77:83:
                    14:05:ec:9f:76:1e:bc:51:7d:5d:2b:4c:25:fa:67:
                    e7:12:03:a2:41:e8:a7:42:2a:df:69:07:2d:53:d7:
                    cc:7b:74:3c:e5:cf:0b:34:54:8d:07:d0:b0:75:cd:
                    ad:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:5B:93:46:58:CC:34:DC:B8:B7:69:89:3E:82:7E:99:FB:EA:BC:FF
            X509v3 Authority Key Identifier:
                keyid:AC:7D:7D:7E:A0:9E:88:51:25:89:0B:4F:D1:63:23:CE:9F:36:81:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/b1f8d2bd8d7ab7dcd97a3ec24d7b50a4d4ad62cb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.174.0.0/17
                  201.174.135.0-201.174.136.255
                  201.174.139.0/24
                  201.174.141.0-201.174.154.255
                  201.174.157.0/24
                  201.174.163.0/24
                  201.174.167.0/24
                  201.174.169.0/24
                  201.174.173.0-201.174.174.255
                  201.174.176.0/22
                  201.174.186.0/23
                  201.174.189.0/24
                  201.174.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:70:ef:f6:ef:fe:e9:40:2a:ed:db:2d:bf:51:ae:1e:af:b7:
         1f:07:e3:e9:a3:14:09:81:ae:6d:f8:26:31:05:38:ca:3e:e0:
         79:99:7c:56:06:18:80:3f:b7:1b:d7:74:12:69:02:b8:0d:8c:
         1f:18:6f:dc:bd:0a:c8:fa:2f:b2:ec:c3:ed:09:8f:89:d3:82:
         82:78:3c:ec:86:59:86:94:8a:6d:2b:66:ee:ea:e8:0b:e5:89:
         62:9c:1a:a4:75:35:d1:3d:06:5b:8e:cd:e6:73:30:5d:51:e6:
         c5:c4:d7:39:67:93:e7:12:e2:e5:a6:8a:cb:47:eb:05:bb:dd:
         45:e2:14:d6:ac:b6:48:20:a5:e1:2b:a3:37:91:06:f2:c9:82:
         dc:93:47:18:61:04:02:d8:d2:ae:6d:f4:5d:7d:64:a9:d1:32:
         16:50:66:71:32:59:45:b4:87:fb:6b:af:cf:c3:cd:41:11:a9:
         c0:c5:4e:5e:6a:a7:fd:e3:b4:8e:7c:f2:96:2e:b3:f7:7e:43:
         a8:18:fe:96:26:bc:47:dd:4c:05:a9:6b:bd:17:75:94:f1:86:
         b2:a1:4f:82:a4:a9:34:f6:26:bd:33:f8:09:9f:cd:f2:d6:fa:
         57:02:3b:33:6d:c3:50:7a:40:68:ab:2b:51:d2:4a:da:69:8b:
         2b:9a:2c:7f
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDHtimMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNj
ZGI5ZTdhODdkNzJjOTBiYTc1OGEwZGM3MGYwOWIzMjgxY2IwZjEwHhcNMjMwMzIz
MDgzMDA5WhcNMjUwMzIyMDgzMDA5WjAzMTEwLwYDVQQDEyhiMWY4ZDJiZDhkN2Fi
N2RjZDk3YTNlYzI0ZDdiNTBhNGQ0YWQ2MmNiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3vH0Yeu3Mt/GHiK5geGjPecdkntANNy+N0VF9aybgLzLZhBi
+JZ61bHKt3DT7UQUPrXQj6hQ9p6PZU5mwHET8gpalhfrHToaFEdlhmod00tISsHw
HFMdAJmEGEYLUPUWvYgdBbbYqAtiAGZK6UtiHDmKI6aIQOBNEl7qnFCa8WeAdJ3B
dwiC6ayZc3cThcwWliG7z2REmFT6W9NSY04Kdv3gx11/ZPCISEG6yMOSBCzUaVGk
CgTU9OCHzAsSoHIQxctll3f3sC7EdKb/RWy8d4MUBeyfdh68UX1dK0wl+mfnEgOi
QeinQirfaQctU9fMe3Q85c8LNFSNB9Cwdc2ttQIDAQABo4ICuzCCArcwHQYDVR0O
BBYEFFFbk0ZYzDTcuLdpiT6Cfpn76rz/MB8GA1UdIwQYMBaAFKx9fX6gnohRJYkL
T9FjI86fNoHnMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2NkYjll
N2E4N2Q3MmM5MGJhNzU4YTBkYzcwZjA5YjMyODFjYjBmMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmRlYjM5YjItZWU0OS00NjE5LTk5OGYtNzM2ODg2
MTY5Njk0L2IxZjhkMmJkOGQ3YWI3ZGNkOTdhM2VjMjRkN2I1MGE0ZDRhZDYyY2Iu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82ZGViMzliMi1lZTQ5LTQ2MTktOTk4Zi03MzY4
ODYxNjk2OTQvM2NkYjllN2E4N2Q3MmM5MGJhNzU4YTBkYzcwZjA5YjMyODFjYjBm
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/BggrBgEFBQcBBwEB/wRw
MG4wbAQCAAEwZgMEB8muADAMAwQAya6HAwQAya6IAwQAya6LMAwDBADJro0DBADJ
rpoDBADJrp0DBADJrqMDBADJrqcDBADJrqkwDAMEAMmurQMEAMmurgMEAsmusAME
AcmuugMEAMmuvQMEAMmu9zANBgkqhkiG9w0BAQsFAAOCAQEAnnDv9u/+6UAq7dst
v1GuHq+3Hwfj6aMUCYGubfgmMQU4yj7geZl8VgYYgD+3G9d0EmkCuA2MHxhv3L0K
yPovsuzD7QmPidOCgng87IZZhpSKbStm7uroC+WJYpwapHU10T0GW47N5nMwXVHm
xcTXOWeT5xLi5aaKy0frBbvdReIU1qy2SCCl4SujN5EG8smC3JNHGGEEAtjSrm30
XX1kqdEyFlBmcTJZRbSH+2uvz8PNQRGpwMVOXmqn/eO0jnzyli6z935DqBj+lia8
R91MBalrvRd1lPGGsqFPgqSpNPYmvTP4CZ/N8tb6VwI7M23DUHpAaKsrUdJK2mmL
K5osfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:50 2024 by rpki-client on console-fra.rpki-client.org