Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8a5ec771-114b-465b-bb92-def8ced631ef/30b24ad942ed8d692fdea3c551f9a729c5fffe94.roa
File:                     30b24ad942ed8d692fdea3c551f9a729c5fffe94.roa (raw, json)
Hash identifier:          1xfGk1ZMt5TdMPlT90mMxVenBIBRO15nqtyJzLTx7cE=
Subject key identifier:   23:47:B4:19:52:84:DA:BF:49:D6:9B:B4:55:66:CF:10:21:E9:2B:5E
Certificate issuer:       /CN=1c9b973317eb80280ae3912672e94609f196869d
Certificate serial:       1ED905
Authority key identifier: 50:A0:2E:42:62:3B:B0:F4:70:CB:60:81:93:84:E8:22:6E:34:CA:65
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1c9b973317eb80280ae3912672e94609f196869d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8a5ec771-114b-465b-bb92-def8ced631ef/30b24ad942ed8d692fdea3c551f9a729c5fffe94.roa
Signing time:             Wed 31 Jan 2024 15:04:52 +0000
ROA not before:           Wed 31 Jan 2024 15:04:52 +0000
ROA not after:            Sat 31 Jan 2026 15:04:52 +0000
asID:                     52348
IP address blocks:        190.14.40.0/21 maxlen: 21
                          190.14.40.0/24 maxlen: 24
                          190.14.41.0/24 maxlen: 24
                          190.14.42.0/24 maxlen: 24
                          190.14.43.0/24 maxlen: 24
                          190.14.44.0/24 maxlen: 24
                          190.14.45.0/24 maxlen: 24
                          190.14.46.0/24 maxlen: 24
                          190.14.47.0/24 maxlen: 24
                          190.52.208.0/20 maxlen: 20
                          190.52.208.0/24 maxlen: 24
                          190.52.209.0/24 maxlen: 24
                          190.52.210.0/24 maxlen: 24
                          190.52.211.0/24 maxlen: 24
                          190.52.212.0/24 maxlen: 24
                          190.52.213.0/24 maxlen: 24
                          190.52.214.0/24 maxlen: 24
                          190.52.215.0/24 maxlen: 24
                          190.52.216.0/24 maxlen: 24
                          190.52.217.0/24 maxlen: 24
                          190.52.218.0/24 maxlen: 24
                          190.52.219.0/24 maxlen: 24
                          190.52.220.0/24 maxlen: 24
                          190.52.221.0/24 maxlen: 24
                          190.52.222.0/24 maxlen: 24
                          190.52.223.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2021637 (0x1ed905)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c9b973317eb80280ae3912672e94609f196869d
        Validity
            Not Before: Jan 31 15:04:52 2024 GMT
            Not After : Jan 31 15:04:52 2026 GMT
        Subject: CN=30b24ad942ed8d692fdea3c551f9a729c5fffe94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:68:7c:5a:fb:2f:00:79:8d:57:97:37:cb:69:
                    1b:aa:ba:53:63:73:bf:7f:a8:1c:c2:1f:58:e3:b5:
                    18:4e:55:4a:e2:07:0e:5c:2f:79:a6:5a:c2:ef:1b:
                    25:54:8b:a4:7f:ed:3d:17:a2:e1:30:e8:43:7d:3a:
                    a0:74:20:79:50:8b:e7:bf:84:2a:83:12:8d:76:41:
                    3c:94:d2:92:0d:40:8c:09:30:1a:ae:59:24:5d:0d:
                    4e:1e:02:a2:10:d2:27:ff:04:1e:0e:c7:0a:02:df:
                    3e:79:1e:0a:af:7b:50:de:d3:27:98:bb:ce:5e:4e:
                    75:18:2b:08:04:3e:6e:81:54:d3:c1:e8:7a:3e:5f:
                    fa:92:9e:06:9d:e4:ff:7e:43:f7:d8:78:e1:db:b8:
                    ac:aa:5d:a5:bd:50:09:4f:6f:4c:e6:62:73:d3:2a:
                    4f:36:50:a6:ad:2d:da:4a:fc:9c:33:f1:f8:0d:9a:
                    3c:a9:5d:18:cd:57:03:83:b7:40:c5:94:05:c8:a8:
                    0b:78:49:a0:f7:e4:2c:ef:63:aa:0f:58:c2:0e:45:
                    93:3c:15:3c:bf:b7:c1:db:7c:54:3b:75:fe:d1:1a:
                    b8:82:6b:92:98:87:6c:f8:81:d1:ee:57:a0:35:21:
                    57:9b:54:0f:56:6e:d8:30:15:1e:62:92:85:d6:6a:
                    dc:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:47:B4:19:52:84:DA:BF:49:D6:9B:B4:55:66:CF:10:21:E9:2B:5E
            X509v3 Authority Key Identifier:
                keyid:50:A0:2E:42:62:3B:B0:F4:70:CB:60:81:93:84:E8:22:6E:34:CA:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1c9b973317eb80280ae3912672e94609f196869d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8a5ec771-114b-465b-bb92-def8ced631ef/30b24ad942ed8d692fdea3c551f9a729c5fffe94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8a5ec771-114b-465b-bb92-def8ced631ef/1c9b973317eb80280ae3912672e94609f196869d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.14.40.0/21
                  190.52.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         8e:b4:29:1a:c0:42:c2:76:c3:77:eb:3f:7f:01:1f:0b:57:16:
         49:be:9f:66:30:b4:4d:a6:ea:43:b1:f9:65:58:78:1e:ad:00:
         3f:83:12:4c:c7:4f:f9:19:eb:04:52:e0:79:5a:a5:5c:d6:4d:
         ee:e6:ac:59:d0:78:69:0c:71:ff:7e:ff:f0:e5:bb:2b:7e:71:
         47:24:d4:8a:6f:ed:cb:01:8b:00:76:67:98:28:7b:cb:09:8a:
         69:62:3a:65:b3:d8:16:72:c1:78:b9:4e:e7:2d:b5:cf:12:e6:
         33:60:1a:07:c5:43:7e:b9:0a:13:82:43:0b:76:00:9b:38:43:
         a9:0c:76:c9:73:80:a9:70:bb:60:c8:66:60:98:d7:fa:8b:5a:
         26:85:6c:d3:7f:92:88:84:ef:45:62:65:89:81:93:da:ed:55:
         a4:18:a0:f1:7a:4c:2a:81:13:cf:3c:d6:1a:a1:31:67:50:e8:
         d6:37:c4:10:d1:55:60:29:16:29:b4:b7:c2:a0:98:68:bd:b4:
         cd:e4:e8:a2:d1:09:4f:0d:89:2f:19:f0:24:e5:48:c6:41:e1:
         f0:c9:7f:b6:fa:f8:ad:1a:ae:c4:9f:9d:cf:b9:f8:5a:2a:17:
         59:65:db:0f:fd:27:57:e6:c8:bb:84:33:6b:f5:c6:0e:66:91:
         7a:43:b6:38
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDHtkFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFj
OWI5NzMzMTdlYjgwMjgwYWUzOTEyNjcyZTk0NjA5ZjE5Njg2OWQwHhcNMjQwMTMx
MTUwNDUyWhcNMjYwMTMxMTUwNDUyWjAzMTEwLwYDVQQDEygzMGIyNGFkOTQyZWQ4
ZDY5MmZkZWEzYzU1MWY5YTcyOWM1ZmZmZTk0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlWh8WvsvAHmNV5c3y2kbqrpTY3O/f6gcwh9Y47UYTlVK4gcO
XC95plrC7xslVIukf+09F6LhMOhDfTqgdCB5UIvnv4QqgxKNdkE8lNKSDUCMCTAa
rlkkXQ1OHgKiENIn/wQeDscKAt8+eR4Kr3tQ3tMnmLvOXk51GCsIBD5ugVTTweh6
Pl/6kp4GneT/fkP32Hjh27isql2lvVAJT29M5mJz0ypPNlCmrS3aSvycM/H4DZo8
qV0YzVcDg7dAxZQFyKgLeEmg9+Qs72OqD1jCDkWTPBU8v7fB23xUO3X+0Rq4gmuS
mIds+IHR7legNSFXm1QPVm7YMBUeYpKF1mrccQIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFCNHtBlShNq/SdabtFVmzxAh6SteMB8GA1UdIwQYMBaAFFCgLkJiO7D0cMtg
gZOE6CJuNMplMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMWM5Yjk3
MzMxN2ViODAyODBhZTM5MTI2NzJlOTQ2MDlmMTk2ODY5ZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOGE1ZWM3NzEtMTE0Yi00NjViLWJiOTItZGVmOGNl
ZDYzMWVmLzMwYjI0YWQ5NDJlZDhkNjkyZmRlYTNjNTUxZjlhNzI5YzVmZmZlOTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84YTVlYzc3MS0xMTRiLTQ2NWItYmI5Mi1kZWY4
Y2VkNjMxZWYvMWM5Yjk3MzMxN2ViODAyODBhZTM5MTI2NzJlOTQ2MDlmMTk2ODY5
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEA74OKAMEBL400DANBgkqhkiG9w0BAQsFAAOCAQEAjrQpGsBC
wnbDd+s/fwEfC1cWSb6fZjC0TabqQ7H5ZVh4Hq0AP4MSTMdP+RnrBFLgeVqlXNZN
7uasWdB4aQxx/37/8OW7K35xRyTUim/tywGLAHZnmCh7ywmKaWI6ZbPYFnLBeLlO
5y21zxLmM2AaB8VDfrkKE4JDC3YAmzhDqQx2yXOAqXC7YMhmYJjX+otaJoVs03+S
iITvRWJliYGT2u1VpBig8XpMKoETzzzWGqExZ1Do1jfEENFVYCkWKbS3wqCYaL20
zeTootEJTw2JLxnwJOVIxkHh8Ml/tvr4rRquxJ+dz7n4WioXWWXbD/0nV+bIu4Qz
a/XGDmaRekO2OA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:07 2024 by rpki-client on console-ams.rpki-client.org