Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/c8f2d1ba61223604bd99d72fc45dba7256000fd2.roa
File:                     c8f2d1ba61223604bd99d72fc45dba7256000fd2.roa (raw, json)
Hash identifier:          fISaH4klpzD9O8ESFHk+n+rhWgYUjXCRUkc7NhB140U=
Subject key identifier:   1D:91:D3:CD:E0:BB:D7:0E:A4:F5:A2:A4:03:A0:E8:67:00:FF:8C:C4
Certificate issuer:       /CN=3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1
Certificate serial:       0D3728
Authority key identifier: AC:7D:7D:7E:A0:9E:88:51:25:89:0B:4F:D1:63:23:CE:9F:36:81:E7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/c8f2d1ba61223604bd99d72fc45dba7256000fd2.roa
Signing time:             Wed 24 Mar 2021 22:49:30 +0000
ROA not before:           Wed 24 Mar 2021 22:47:59 +0000
ROA not after:            Fri 24 Mar 2023 22:47:59 +0000
asID:                     32098
IP address blocks:        201.174.0.0/17 maxlen: 18
                          201.174.135.0/24 maxlen: 24
                          201.174.136.0/24 maxlen: 24
                          201.174.139.0/24 maxlen: 24
                          201.174.141.0/24 maxlen: 24
                          201.174.142.0/23 maxlen: 24
                          201.174.144.0/21 maxlen: 24
                          201.174.152.0/23 maxlen: 24
                          201.174.154.0/24 maxlen: 24
                          201.174.157.0/24 maxlen: 24
                          201.174.163.0/24 maxlen: 24
                          201.174.167.0/24 maxlen: 24
                          201.174.169.0/24 maxlen: 24
                          201.174.173.0/24 maxlen: 24
                          201.174.174.0/24 maxlen: 24
                          201.174.176.0/22 maxlen: 22
                          201.174.186.0/23 maxlen: 24
                          201.174.189.0/24 maxlen: 24
                          201.174.247.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 866088 (0xd3728)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1
        Validity
            Not Before: Mar 24 22:47:59 2021 GMT
            Not After : Mar 24 22:47:59 2023 GMT
        Subject: CN=c8f2d1ba61223604bd99d72fc45dba7256000fd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:1d:f2:16:e0:28:32:ba:d7:53:a7:32:70:c6:
                    a8:0f:21:36:68:5d:0a:3c:ac:44:b3:24:c1:5c:c9:
                    88:24:c9:cc:da:2c:6d:ff:72:df:7a:5f:28:b0:bf:
                    c1:c6:9e:2b:b9:fe:73:6d:f8:7a:e4:a2:67:ec:0c:
                    03:70:f2:1b:56:62:38:de:2a:8f:c3:ed:0b:e8:3e:
                    53:bd:77:40:d0:c8:8f:7b:cb:55:4e:a1:2a:46:83:
                    f2:86:43:a2:9b:73:24:a5:cb:1a:7f:5b:2d:33:37:
                    73:0a:40:f8:7d:7b:b4:60:c3:65:3e:ce:0c:3d:c6:
                    63:86:4d:39:d5:7f:1c:6f:04:56:68:a9:65:4a:48:
                    2f:05:0a:93:d6:aa:b4:07:19:33:10:97:4d:89:14:
                    3a:a2:7d:10:b9:6c:46:9f:a7:f9:f7:87:b3:51:24:
                    74:09:3a:37:45:c9:bd:27:5c:51:aa:d9:b7:a2:50:
                    d4:f9:f0:bc:24:20:aa:30:48:09:92:72:4a:ef:22:
                    9b:eb:34:af:bc:eb:7c:5f:50:a8:82:24:dc:68:35:
                    96:c5:f9:93:4f:fb:65:a5:b9:1f:2a:3e:fd:69:cf:
                    e6:7c:12:26:91:d4:60:8d:85:00:c8:a2:db:f8:99:
                    97:43:61:53:07:c7:3a:a5:1b:7f:25:66:08:d1:ef:
                    f1:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:91:D3:CD:E0:BB:D7:0E:A4:F5:A2:A4:03:A0:E8:67:00:FF:8C:C4
            X509v3 Authority Key Identifier:
                keyid:AC:7D:7D:7E:A0:9E:88:51:25:89:0B:4F:D1:63:23:CE:9F:36:81:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/c8f2d1ba61223604bd99d72fc45dba7256000fd2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6deb39b2-ee49-4619-998f-736886169694/3cdb9e7a87d72c90ba758a0dc70f09b3281cb0f1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.174.0.0/17
                  201.174.135.0-201.174.136.255
                  201.174.139.0/24
                  201.174.141.0-201.174.154.255
                  201.174.157.0/24
                  201.174.163.0/24
                  201.174.167.0/24
                  201.174.169.0/24
                  201.174.173.0-201.174.174.255
                  201.174.176.0/22
                  201.174.186.0/23
                  201.174.189.0/24
                  201.174.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:69:d5:52:d8:5d:67:1e:90:80:1d:56:41:a5:e9:e6:df:aa:
         df:48:1a:85:d1:e1:ce:50:02:98:78:44:ee:eb:f3:4f:76:6b:
         81:5c:0b:27:bb:a7:ca:d3:b0:74:5f:1d:fc:ef:05:55:2d:c0:
         5f:f5:c7:57:38:76:eb:ae:8e:91:3a:88:04:7d:73:24:15:8e:
         3a:05:ee:57:b5:72:67:a2:e1:ed:a6:82:d8:3e:9c:f3:e1:74:
         8f:47:bb:ae:0a:b4:9c:90:31:05:61:cd:39:ea:34:f7:73:c0:
         b8:4b:2b:34:0d:a5:97:46:f1:d3:48:ad:a7:3a:9f:7e:8b:e0:
         29:b9:84:85:49:d1:65:76:d7:2d:77:e5:0c:b9:19:09:dc:cc:
         90:03:7f:18:79:5f:0c:4b:5c:60:9b:b3:9b:21:44:69:5f:1b:
         e8:b2:57:4c:94:42:99:b6:6b:87:b9:3d:1d:09:c1:a2:1c:eb:
         52:a4:8d:37:d5:d8:47:e3:0d:1a:c8:58:f7:78:31:db:52:58:
         d4:23:ab:cb:1a:d7:e0:89:c0:a1:37:a3:48:68:a8:71:5f:5b:
         38:1c:c0:9b:9a:7b:f5:4d:b9:ea:95:ab:eb:ff:72:00:b0:68:
         70:1f:d5:3c:4a:4b:ef:a6:56:43:12:f9:60:5a:4f:e3:25:55:
         cd:8a:9b:14
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDDTcoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNj
ZGI5ZTdhODdkNzJjOTBiYTc1OGEwZGM3MGYwOWIzMjgxY2IwZjEwHhcNMjEwMzI0
MjI0NzU5WhcNMjMwMzI0MjI0NzU5WjAzMTEwLwYDVQQDEyhjOGYyZDFiYTYxMjIz
NjA0YmQ5OWQ3MmZjNDVkYmE3MjU2MDAwZmQyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1h3yFuAoMrrXU6cycMaoDyE2aF0KPKxEsyTBXMmIJMnM2ixt
/3Lfel8osL/Bxp4ruf5zbfh65KJn7AwDcPIbVmI43iqPw+0L6D5TvXdA0MiPe8tV
TqEqRoPyhkOim3Mkpcsaf1stMzdzCkD4fXu0YMNlPs4MPcZjhk051X8cbwRWaKll
SkgvBQqT1qq0BxkzEJdNiRQ6on0QuWxGn6f594ezUSR0CTo3Rcm9J1xRqtm3olDU
+fC8JCCqMEgJknJK7yKb6zSvvOt8X1CogiTcaDWWxfmTT/tlpbkfKj79ac/mfBIm
kdRgjYUAyKLb+JmXQ2FTB8c6pRt/JWYI0e/xYQIDAQABo4ICuzCCArcwHQYDVR0O
BBYEFB2R083gu9cOpPWipAOg6GcA/4zEMB8GA1UdIwQYMBaAFKx9fX6gnohRJYkL
T9FjI86fNoHnMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2NkYjll
N2E4N2Q3MmM5MGJhNzU4YTBkYzcwZjA5YjMyODFjYjBmMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmRlYjM5YjItZWU0OS00NjE5LTk5OGYtNzM2ODg2
MTY5Njk0L2M4ZjJkMWJhNjEyMjM2MDRiZDk5ZDcyZmM0NWRiYTcyNTYwMDBmZDIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82ZGViMzliMi1lZTQ5LTQ2MTktOTk4Zi03MzY4
ODYxNjk2OTQvM2NkYjllN2E4N2Q3MmM5MGJhNzU4YTBkYzcwZjA5YjMyODFjYjBm
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/BggrBgEFBQcBBwEB/wRw
MG4wbAQCAAEwZgMEB8muADAMAwQAya6HAwQAya6IAwQAya6LMAwDBADJro0DBADJ
rpoDBADJrp0DBADJrqMDBADJrqcDBADJrqkwDAMEAMmurQMEAMmurgMEAsmusAME
AcmuugMEAMmuvQMEAMmu9zANBgkqhkiG9w0BAQsFAAOCAQEAkWnVUthdZx6QgB1W
QaXp5t+q30gahdHhzlACmHhE7uvzT3ZrgVwLJ7unytOwdF8d/O8FVS3AX/XHVzh2
666OkTqIBH1zJBWOOgXuV7VyZ6Lh7aaC2D6c8+F0j0e7rgq0nJAxBWHNOeo093PA
uEsrNA2ll0bx00itpzqffovgKbmEhUnRZXbXLXflDLkZCdzMkAN/GHlfDEtcYJuz
myFEaV8b6LJXTJRCmbZrh7k9HQnBohzrUqSNN9XYR+MNGshY93gx21JY1COryxrX
4InAoTejSGiocV9bOBzAm5p79U256pWr6/9yALBocB/VPEpL76ZWQxL5YFpP4yVV
zYqbFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:50 2024 by rpki-client on console-fra.rpki-client.org