Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/91c81eff-a6cd-4319-b3c3-dca83e866d25/4e3a899bcca053e0c00ac24ffb98a5c4a2927893.roa
File:                     4e3a899bcca053e0c00ac24ffb98a5c4a2927893.roa (raw, json)
Hash identifier:          9o0I3ITw5NwDNOv2eUBfKyuRxVG9K0HzT8cTgTKPL0k=
Subject key identifier:   97:EF:5A:4D:DC:16:58:67:ED:E1:15:19:AB:41:B0:7C:66:E8:75:31
Certificate issuer:       /CN=1c730cc4f1140e9c3a243768d1052ae2bf36d279
Certificate serial:       234A7B
Authority key identifier: 3D:A3:67:37:DA:4A:CD:E5:E9:6B:4B:A9:47:08:77:64:8A:B3:25:19
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1c730cc4f1140e9c3a243768d1052ae2bf36d279.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/91c81eff-a6cd-4319-b3c3-dca83e866d25/4e3a899bcca053e0c00ac24ffb98a5c4a2927893.roa
Signing time:             Wed 23 Aug 2023 18:47:28 +0000
ROA not before:           Tue 22 Aug 2023 18:47:26 +0000
ROA not after:            Sat 23 Aug 2025 18:47:26 +0000
asID:                     6535
IP address blocks:        190.208.64.0/18 maxlen: 18
                          190.54.64.0/19 maxlen: 19
                          186.34.0.0/15 maxlen: 16
                          190.54.190.0/23 maxlen: 23
                          190.54.192.0/18 maxlen: 18
                          190.54.0.0/24 maxlen: 24
                          190.54.2.0/24 maxlen: 24
                          190.209.0.0/16 maxlen: 24
                          186.36.0.0/16 maxlen: 22
                          190.54.160.0/20 maxlen: 20
                          190.54.180.0/23 maxlen: 24
                          190.54.184.0/21 maxlen: 24
                          190.208.128.0/17 maxlen: 19
                          181.72.0.0/14 maxlen: 22
                          190.54.125.0/24 maxlen: 24
                          190.54.128.0/19 maxlen: 23
                          190.54.127.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2312827 (0x234a7b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c730cc4f1140e9c3a243768d1052ae2bf36d279
        Validity
            Not Before: Aug 22 18:47:26 2023 GMT
            Not After : Aug 23 18:47:26 2025 GMT
        Subject: CN=4e3a899bcca053e0c00ac24ffb98a5c4a2927893
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1d:94:6e:35:da:fe:32:7c:60:66:d2:68:fd:
                    1c:34:5e:ca:03:0a:03:75:cf:e7:02:82:b8:de:7e:
                    f6:4b:f0:93:66:9f:5b:74:55:84:ae:b5:12:68:ed:
                    d7:a6:24:a3:31:2f:d3:46:be:5a:30:44:68:b0:f2:
                    eb:03:58:47:69:5b:1c:8a:7e:c8:f3:b1:69:33:2f:
                    e3:a0:0e:33:fe:56:08:54:d0:0a:a3:8e:ed:81:95:
                    e7:23:40:2b:dc:dd:ca:bb:18:92:f7:39:ab:dd:4f:
                    35:25:9e:ea:a8:ef:03:23:1d:ed:1c:71:af:c6:58:
                    a3:b5:e9:9f:08:b5:00:7b:6e:e6:12:d7:4d:47:ba:
                    34:c9:3a:11:23:77:8f:ab:11:12:1e:01:0d:00:0b:
                    9f:db:03:9a:f9:70:05:c8:0e:bc:f1:a9:69:c4:9e:
                    2a:cd:01:79:e9:87:ae:6a:18:0c:16:42:f4:87:c3:
                    6e:14:cd:78:02:86:b0:e5:d1:aa:9c:b1:cf:08:3c:
                    bf:74:a5:d9:5e:64:bc:9e:07:b8:14:1c:53:30:7d:
                    0b:f9:7b:94:f5:3b:3c:81:2c:4a:3e:e8:8d:db:1b:
                    d6:08:a1:f4:13:7e:8e:be:4a:ac:17:8e:38:9b:56:
                    d8:80:8f:0c:88:5e:a9:82:2d:e1:78:70:96:b3:6b:
                    4d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:EF:5A:4D:DC:16:58:67:ED:E1:15:19:AB:41:B0:7C:66:E8:75:31
            X509v3 Authority Key Identifier:
                keyid:3D:A3:67:37:DA:4A:CD:E5:E9:6B:4B:A9:47:08:77:64:8A:B3:25:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1c730cc4f1140e9c3a243768d1052ae2bf36d279.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/91c81eff-a6cd-4319-b3c3-dca83e866d25/4e3a899bcca053e0c00ac24ffb98a5c4a2927893.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/91c81eff-a6cd-4319-b3c3-dca83e866d25/1c730cc4f1140e9c3a243768d1052ae2bf36d279.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.72.0.0/14
                  186.34.0.0-186.36.255.255
                  190.54.0.0/24
                  190.54.2.0/24
                  190.54.64.0/19
                  190.54.125.0/24
                  190.54.127.0-190.54.175.255
                  190.54.180.0/23
                  190.54.184.0-190.54.255.255
                  190.208.64.0-190.209.255.255

    Signature Algorithm: sha256WithRSAEncryption
         6d:66:28:ea:f1:24:44:42:a3:0c:70:2f:67:d9:28:2c:b7:e0:
         ea:70:f0:86:ed:a4:30:b6:68:2a:5f:12:99:b4:7b:d8:e3:48:
         d4:10:44:28:fa:6d:af:61:68:d9:61:db:62:4f:08:f9:e5:ca:
         a7:f7:8b:36:33:8b:83:b7:5c:df:ed:ad:a8:25:19:2a:c3:62:
         71:41:22:97:cc:d5:73:6b:3e:1f:7b:7d:c1:d5:88:a5:de:12:
         46:dc:3a:a2:44:06:59:91:a2:fc:2c:a2:20:92:b4:d5:0c:2d:
         10:9a:15:fe:bd:e1:c5:44:26:04:8c:68:4c:a0:f2:cc:9c:80:
         34:4d:83:d2:71:a7:85:bd:29:c3:93:83:94:69:09:54:fe:7f:
         ee:af:3f:8c:f0:2b:e1:2c:7a:5a:55:1e:5f:00:3e:df:ad:db:
         5e:8a:15:30:ef:a8:40:6b:b7:bc:df:1c:e3:15:a2:8b:69:f0:
         7b:01:e0:51:04:55:38:d4:07:db:36:b5:a6:14:f6:c1:fa:46:
         3a:8e:6f:bc:0f:49:85:27:54:09:54:ef:ef:3d:38:56:b8:ef:
         e1:9e:da:19:56:30:18:70:9d:84:6a:90:9a:da:f2:d9:02:4e:
         13:f1:cc:0e:15:49:c6:a5:cf:c2:6b:2a:85:4c:6b:e5:d4:7c:
         71:76:5c:4b
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIDI0p7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFj
NzMwY2M0ZjExNDBlOWMzYTI0Mzc2OGQxMDUyYWUyYmYzNmQyNzkwHhcNMjMwODIy
MTg0NzI2WhcNMjUwODIzMTg0NzI2WjAzMTEwLwYDVQQDEyg0ZTNhODk5YmNjYTA1
M2UwYzAwYWMyNGZmYjk4YTVjNGEyOTI3ODkzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArh2UbjXa/jJ8YGbSaP0cNF7KAwoDdc/nAoK43n72S/CTZp9b
dFWErrUSaO3XpiSjMS/TRr5aMERosPLrA1hHaVscin7I87FpMy/joA4z/lYIVNAK
o47tgZXnI0Ar3N3KuxiS9zmr3U81JZ7qqO8DIx3tHHGvxlijtemfCLUAe27mEtdN
R7o0yToRI3ePqxESHgENAAuf2wOa+XAFyA688alpxJ4qzQF56YeuahgMFkL0h8Nu
FM14Aoaw5dGqnLHPCDy/dKXZXmS8nge4FBxTMH0L+XuU9Ts8gSxKPuiN2xvWCKH0
E36OvkqsF444m1bYgI8MiF6pgi3heHCWs2tNMQIDAQABo4ICrDCCAqgwHQYDVR0O
BBYEFJfvWk3cFlhn7eEVGatBsHxm6HUxMB8GA1UdIwQYMBaAFD2jZzfaSs3l6WtL
qUcId2SKsyUZMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMWM3MzBj
YzRmMTE0MGU5YzNhMjQzNzY4ZDEwNTJhZTJiZjM2ZDI3OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTFjODFlZmYtYTZjZC00MzE5LWIzYzMtZGNhODNl
ODY2ZDI1LzRlM2E4OTliY2NhMDUzZTBjMDBhYzI0ZmZiOThhNWM0YTI5Mjc4OTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85MWM4MWVmZi1hNmNkLTQzMTktYjNjMy1kY2E4
M2U4NjZkMjUvMWM3MzBjYzRmMTE0MGU5YzNhMjQzNzY4ZDEwNTJhZTJiZjM2ZDI3
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBwBggrBgEFBQcBBwEB/wRh
MF8wXQQCAAEwVwMDArVIMAoDAwG6IgMDALokAwQAvjYAAwQAvjYCAwQFvjZAAwQA
vjZ9MAwDBAC+Nn8DBAS+NqADBAG+NrQwCwMEA742uAMDAL42MAsDBAa+0EADAwG+
0DANBgkqhkiG9w0BAQsFAAOCAQEAbWYo6vEkREKjDHAvZ9koLLfg6nDwhu2kMLZo
Kl8SmbR72ONI1BBEKPptr2Fo2WHbYk8I+eXKp/eLNjOLg7dc3+2tqCUZKsNicUEi
l8zVc2s+H3t9wdWIpd4SRtw6okQGWZGi/CyiIJK01QwtEJoV/r3hxUQmBIxoTKDy
zJyANE2D0nGnhb0pw5ODlGkJVP5/7q8/jPAr4Sx6WlUeXwA+363bXooVMO+oQGu3
vN8c4xWii2nwewHgUQRVONQH2za1phT2wfpGOo5vvA9JhSdUCVTv7z04Vrjv4Z7a
GVYwGHCdhGqQmtry2QJOE/HMDhVJxqXPwmsqhUxr5dR8cXZcSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:08 2024 by rpki-client on console-ams.rpki-client.org