Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8c794bd0-7d94-445f-8233-1200c9c6f2ec/d4195a1c437126032017c57a680dc8b6f31e7363.roa
File:                     d4195a1c437126032017c57a680dc8b6f31e7363.roa (raw, json)
Hash identifier:          u+wJBh1FEYlyNrptyeJMsFHbrVGPt1/bF26AKIR5Ia8=
Subject key identifier:   CA:81:69:61:C7:FE:3A:65:9A:23:EB:11:74:FA:94:94:45:27:9B:7C
Certificate issuer:       /CN=05ae69d2f111c794165a01a865fe187b8831227d
Certificate serial:       0E3D9E
Authority key identifier: 82:14:5E:DA:B6:58:1E:73:E4:BD:54:60:09:3E:CE:C9:76:0B:C4:9F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/05ae69d2f111c794165a01a865fe187b8831227d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8c794bd0-7d94-445f-8233-1200c9c6f2ec/d4195a1c437126032017c57a680dc8b6f31e7363.roa
Signing time:             Wed 24 Mar 2021 14:39:08 +0000
ROA not before:           Wed 24 Mar 2021 14:39:07 +0000
ROA not after:            Tue 24 Mar 2026 14:39:07 +0000
asID:                     27947
IP address blocks:        190.15.128.0/20 maxlen: 24
                          2800:68:3::/48 maxlen: 48
                          2800:68:7::/48 maxlen: 48
                          2800:68:c::/48 maxlen: 48
                          2800:68:d::/48 maxlen: 48
                          2800:68:12::/48 maxlen: 48
                          2800:68:13::/48 maxlen: 48
                          2800:68:14::/48 maxlen: 48
                          2800:68:16::/48 maxlen: 48
                          2800:68:18::/48 maxlen: 48
                          2800:68:19::/48 maxlen: 48
                          2800:68:20::/48 maxlen: 48
                          2800:68:21::/48 maxlen: 48
                          2800:68:22::/48 maxlen: 48
                          2800:68:24::/48 maxlen: 48
                          2800:68:1f::/48 maxlen: 48
                          2800:68:41::/48 maxlen: 48
                          2800:68:33::/48 maxlen: 48
                          2800:68:35::/48 maxlen: 48
                          2800:68:3d::/48 maxlen: 48
                          2800:68:3b::/48 maxlen: 48
                          2800:68:37::/48 maxlen: 48
                          2800:68:39::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 933278 (0xe3d9e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ae69d2f111c794165a01a865fe187b8831227d
        Validity
            Not Before: Mar 24 14:39:07 2021 GMT
            Not After : Mar 24 14:39:07 2026 GMT
        Subject: CN=d4195a1c437126032017c57a680dc8b6f31e7363
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:4a:c1:35:7e:3c:72:ed:ae:75:de:d3:12:ca:
                    1c:40:68:34:6d:79:09:19:8d:1c:2d:10:1b:93:75:
                    60:8e:62:1e:9f:6d:bb:90:92:7d:46:6b:3c:3c:4f:
                    ed:16:2b:17:cd:d1:54:e4:73:ab:e7:e3:db:bd:bd:
                    08:b9:e2:7e:b2:9a:cd:ed:f2:d6:7c:1a:1c:ba:75:
                    fe:a9:02:c5:32:35:96:c2:14:0c:1d:b4:03:ee:e3:
                    f7:a4:3b:1f:0f:a8:fe:a0:66:d2:5e:e8:1c:04:35:
                    87:05:e6:b2:f6:30:9e:18:49:2f:2a:b8:26:e6:e1:
                    8c:d9:fc:5e:c0:ff:86:d1:f9:6f:c3:1e:c3:88:85:
                    b1:14:6f:75:f9:be:55:f6:e4:39:37:45:ae:15:9d:
                    a2:f5:29:f0:7f:c1:2d:8c:58:ef:b9:d2:31:ca:b0:
                    28:3c:7c:c7:d9:51:d4:71:5d:5a:99:77:79:88:e8:
                    7b:bb:20:65:19:18:82:f1:d6:cb:19:0e:8b:bb:07:
                    c6:01:36:b1:d2:62:3f:1e:05:2a:11:3e:3f:2b:b1:
                    f6:63:66:a9:be:17:01:27:21:88:0f:d1:70:3c:d6:
                    22:c5:0c:0b:72:11:f1:cd:6a:28:ef:ed:06:ee:85:
                    e1:f6:c0:08:cb:47:c6:47:6e:04:97:c3:9e:3d:99:
                    bf:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:81:69:61:C7:FE:3A:65:9A:23:EB:11:74:FA:94:94:45:27:9B:7C
            X509v3 Authority Key Identifier:
                keyid:82:14:5E:DA:B6:58:1E:73:E4:BD:54:60:09:3E:CE:C9:76:0B:C4:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/05ae69d2f111c794165a01a865fe187b8831227d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8c794bd0-7d94-445f-8233-1200c9c6f2ec/d4195a1c437126032017c57a680dc8b6f31e7363.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8c794bd0-7d94-445f-8233-1200c9c6f2ec/05ae69d2f111c794165a01a865fe187b8831227d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.15.128.0/20
                IPv6:
                  2800:68:3::/48
                  2800:68:7::/48
                  2800:68:c::/47
                  2800:68:12::-2800:68:14:ffff:ffff:ffff:ffff:ffff
                  2800:68:16::/48
                  2800:68:18::/47
                  2800:68:1f::-2800:68:22:ffff:ffff:ffff:ffff:ffff
                  2800:68:24::/48
                  2800:68:33::/48
                  2800:68:35::/48
                  2800:68:37::/48
                  2800:68:39::/48
                  2800:68:3b::/48
                  2800:68:3d::/48
                  2800:68:41::/48

    Signature Algorithm: sha256WithRSAEncryption
         23:93:40:66:82:82:ec:84:19:5e:92:69:b1:f1:de:75:46:c6:
         f5:ce:d6:a9:33:30:57:55:5a:b7:d6:9e:71:df:68:5c:b1:7f:
         4d:27:33:fb:0b:8b:0e:54:3b:3f:ca:51:60:b2:cf:57:b9:cd:
         b2:6b:e6:22:90:09:7b:fa:4e:d8:f6:32:e7:ce:91:93:70:d7:
         06:91:e6:3e:fc:4e:18:57:ce:14:98:9b:24:ba:e7:e4:4e:68:
         a2:cb:64:34:12:1d:3a:cd:63:34:87:af:cf:3d:b9:0a:62:2e:
         3c:88:a4:fb:e4:5c:03:a0:c4:e2:9b:ee:6e:d6:ae:34:f8:60:
         cf:b5:ce:9c:c7:cc:ce:fc:2e:28:1d:3a:a9:7c:c3:3d:87:94:
         90:de:f4:5e:db:8a:c7:16:01:4c:dd:6d:4b:c0:29:47:2e:91:
         fd:b0:09:5f:76:65:a9:42:d0:01:fb:38:30:3c:40:61:93:27:
         2d:34:d6:b9:e5:00:91:11:00:0d:ee:a5:11:59:2b:83:7e:61:
         0e:89:7b:b5:a8:32:a6:82:44:1f:b2:7a:fd:7d:c3:14:4c:24:
         bf:36:92:97:b3:65:52:d0:de:d1:dd:f4:5f:ed:52:06:75:c1:
         38:3b:9a:3e:32:dc:c3:c6:bf:72:b2:02:08:da:66:8a:ee:c9:
         f3:21:ac:8d
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgIDDj2eMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA1
YWU2OWQyZjExMWM3OTQxNjVhMDFhODY1ZmUxODdiODgzMTIyN2QwHhcNMjEwMzI0
MTQzOTA3WhcNMjYwMzI0MTQzOTA3WjAzMTEwLwYDVQQDEyhkNDE5NWExYzQzNzEy
NjAzMjAxN2M1N2E2ODBkYzhiNmYzMWU3MzYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl0rBNX48cu2udd7TEsocQGg0bXkJGY0cLRAbk3VgjmIen227
kJJ9Rms8PE/tFisXzdFU5HOr5+Pbvb0IueJ+sprN7fLWfBocunX+qQLFMjWWwhQM
HbQD7uP3pDsfD6j+oGbSXugcBDWHBeay9jCeGEkvKrgm5uGM2fxewP+G0flvwx7D
iIWxFG91+b5V9uQ5N0WuFZ2i9Snwf8EtjFjvudIxyrAoPHzH2VHUcV1amXd5iOh7
uyBlGRiC8dbLGQ6LuwfGATax0mI/HgUqET4/K7H2Y2apvhcBJyGID9FwPNYixQwL
chHxzWoo7+0G7oXh9sAIy0fGR24El8OePZm/XQIDAQABo4IDBTCCAwEwHQYDVR0O
BBYEFMqBaWHH/jplmiPrEXT6lJRFJ5t8MB8GA1UdIwQYMBaAFIIUXtq2WB5z5L1U
YAk+zsl2C8SfMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDVhZTY5
ZDJmMTExYzc5NDE2NWEwMWE4NjVmZTE4N2I4ODMxMjI3ZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOGM3OTRiZDAtN2Q5NC00NDVmLTgyMzMtMTIwMGM5
YzZmMmVjL2Q0MTk1YTFjNDM3MTI2MDMyMDE3YzU3YTY4MGRjOGI2ZjMxZTczNjMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84Yzc5NGJkMC03ZDk0LTQ0NWYtODIzMy0xMjAw
YzljNmYyZWMvMDVhZTY5ZDJmMTExYzc5NDE2NWEwMWE4NjVmZTE4N2I4ODMxMjI3
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCByAYIKwYBBQUHAQcBAf8E
gbgwgbUwDAQCAAEwBgMEBL4PgDCBpAQCAAIwgZ0DBwAoAABoAAMDBwAoAABoAAcD
BwEoAABoAAwwEgMHASgAAGgAEgMHACgAAGgAFAMHACgAAGgAFgMHASgAAGgAGDAS
AwcAKAAAaAAfAwcAKAAAaAAiAwcAKAAAaAAkAwcAKAAAaAAzAwcAKAAAaAA1AwcA
KAAAaAA3AwcAKAAAaAA5AwcAKAAAaAA7AwcAKAAAaAA9AwcAKAAAaABBMA0GCSqG
SIb3DQEBCwUAA4IBAQAjk0BmgoLshBlekmmx8d51Rsb1ztapMzBXVVq31p5x32hc
sX9NJzP7C4sOVDs/ylFgss9Xuc2ya+YikAl7+k7Y9jLnzpGTcNcGkeY+/E4YV84U
mJskuufkTmiiy2Q0Eh06zWM0h6/PPbkKYi48iKT75FwDoMTim+5u1q40+GDPtc6c
x8zO/C4oHTqpfMM9h5SQ3vRe24rHFgFM3W1LwClHLpH9sAlfdmWpQtAB+zgwPEBh
kyctNNa55QCREQAN7qURWSuDfmEOiXu1qDKmgkQfsnr9fcMUTCS/NpKXs2VS0N7R
3fRf7VIGdcE4O5o+MtzDxr9ysgII2maK7snzIayN
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:53 2024 by rpki-client on console-fra.rpki-client.org