Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/964b6088-85a6-4363-a11f-20d725bba3f7/ea43576f174a8e99cbf2daa6439e2da420d99c28.roa
File:                     ea43576f174a8e99cbf2daa6439e2da420d99c28.roa (raw, json)
Hash identifier:          pq8piEE2uW3fMFEZ4wL/1i1eo2Fl6csQU+ia5BmDYHg=
Subject key identifier:   3D:2E:D4:19:3C:83:4B:5D:CD:46:1E:D9:11:72:CA:49:6C:4B:18:8F
Certificate issuer:       /CN=d5f5b360f6396f35cac76fe7727148af2ea950d9
Certificate serial:       25868F
Authority key identifier: 38:66:D1:54:E1:04:2B:B2:C3:11:22:39:6A:CB:0D:60:F0:7A:DD:C9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5f5b360f6396f35cac76fe7727148af2ea950d9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/964b6088-85a6-4363-a11f-20d725bba3f7/ea43576f174a8e99cbf2daa6439e2da420d99c28.roa
Signing time:             Tue 25 Jul 2023 18:03:43 +0000
ROA not before:           Mon 24 Jul 2023 18:03:43 +0000
ROA not after:            Fri 25 Jul 2025 18:03:43 +0000
asID:                     52323
IP address blocks:        181.16.236.0/22 maxlen: 24
                          181.16.240.0/24 maxlen: 24
                          181.16.254.0/23 maxlen: 24
                          181.16.160.0/23 maxlen: 24
                          181.16.168.0/24 maxlen: 24
                          181.16.175.0/24 maxlen: 24
                          181.16.176.0/23 maxlen: 24
                          181.16.180.0/23 maxlen: 24
                          181.16.184.0/22 maxlen: 24
                          181.16.192.0/22 maxlen: 24
                          181.16.196.0/23 maxlen: 24
                          181.16.204.0/22 maxlen: 24
                          181.16.208.0/21 maxlen: 24
                          181.16.130.0/23 maxlen: 24
                          181.16.136.0/21 maxlen: 24
                          181.16.145.0/24 maxlen: 24
                          181.16.146.0/24 maxlen: 24
                          2800:600::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2459279 (0x25868f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f5b360f6396f35cac76fe7727148af2ea950d9
        Validity
            Not Before: Jul 24 18:03:43 2023 GMT
            Not After : Jul 25 18:03:43 2025 GMT
        Subject: CN=ea43576f174a8e99cbf2daa6439e2da420d99c28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:6c:ba:a0:e9:ec:92:de:b6:27:1d:14:be:ec:
                    98:bd:b0:4c:2b:2b:b2:e1:c0:26:b1:23:bd:ff:22:
                    2a:c1:0e:55:53:9f:b8:b7:bb:cb:cd:02:86:d0:70:
                    de:8f:0e:e3:ad:db:53:cd:4f:3a:f9:2f:9d:62:e3:
                    e5:3c:b3:0e:ba:82:10:d2:11:11:6a:3c:fd:9e:0a:
                    d1:18:74:e5:04:d6:77:8d:ef:b1:12:3f:9a:b1:9a:
                    a4:92:be:ec:21:c2:00:ab:50:b7:c0:bd:63:e9:a3:
                    2c:f6:e3:2d:37:8e:42:7c:39:88:55:6a:9c:db:cb:
                    b6:d6:af:0b:34:e7:65:ab:b5:f4:c7:d0:1c:cf:35:
                    d8:0f:10:f9:fe:6d:34:84:3c:e0:cc:ce:45:81:6b:
                    31:7b:97:15:d8:91:1d:fc:b7:30:cb:02:28:ea:87:
                    46:92:10:1d:30:ff:d9:53:ba:0d:26:4f:54:84:6e:
                    fb:83:f3:15:95:48:c8:5a:40:58:3f:a6:5d:fe:98:
                    d8:42:14:71:15:53:ea:c6:b4:16:d0:16:55:31:96:
                    a9:94:d1:15:e7:ce:4e:76:16:57:19:42:dd:ec:af:
                    4b:92:95:8b:dd:0c:01:3d:6c:89:ee:0d:70:2f:f2:
                    6b:a6:72:3c:d7:a4:f6:cc:40:d2:f7:ec:f6:f7:23:
                    f1:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:2E:D4:19:3C:83:4B:5D:CD:46:1E:D9:11:72:CA:49:6C:4B:18:8F
            X509v3 Authority Key Identifier:
                keyid:38:66:D1:54:E1:04:2B:B2:C3:11:22:39:6A:CB:0D:60:F0:7A:DD:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5f5b360f6396f35cac76fe7727148af2ea950d9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/964b6088-85a6-4363-a11f-20d725bba3f7/ea43576f174a8e99cbf2daa6439e2da420d99c28.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/964b6088-85a6-4363-a11f-20d725bba3f7/d5f5b360f6396f35cac76fe7727148af2ea950d9.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.16.130.0/23
                  181.16.136.0/21
                  181.16.145.0-181.16.146.255
                  181.16.160.0/23
                  181.16.168.0/24
                  181.16.175.0-181.16.177.255
                  181.16.180.0/23
                  181.16.184.0/22
                  181.16.192.0-181.16.197.255
                  181.16.204.0-181.16.215.255
                  181.16.236.0-181.16.240.255
                  181.16.254.0/23
                IPv6:
                  2800:600::/32

    Signature Algorithm: sha256WithRSAEncryption
         63:e7:24:61:8c:70:98:bb:b2:ca:5c:96:45:4a:98:23:16:b5:
         d8:0a:46:d8:ce:4a:4c:e9:d6:62:bd:db:d2:2c:93:cd:18:dc:
         b0:c8:74:b5:ff:b3:c5:f9:5a:c8:b8:0a:01:7f:1f:c4:84:26:
         8c:ad:13:25:a7:96:a7:35:95:a1:35:c5:3b:2f:aa:21:d7:34:
         0c:75:34:44:72:47:6f:95:12:80:7c:3d:87:2b:54:85:e3:ec:
         d0:65:30:b4:ac:fe:e8:6a:35:32:ba:5e:b3:89:7b:75:04:b1:
         67:e9:19:d6:57:0b:ad:eb:0e:74:40:01:7d:f8:39:83:9e:9b:
         fe:56:7b:f8:2a:fd:a0:ef:fb:b1:74:64:be:a4:83:11:79:6d:
         91:d5:29:b8:4f:3e:49:15:da:dd:ea:42:07:d3:8f:51:19:d0:
         18:ee:5d:ca:5b:cb:be:1a:82:79:1c:13:df:8c:2c:74:29:83:
         a9:7f:05:d5:84:fc:c3:ef:74:3d:66:3a:6b:7b:1c:18:67:4d:
         6e:51:fa:1f:04:cd:7b:ee:6b:a7:07:a3:af:37:5d:9b:f2:ab:
         88:31:aa:21:ab:9a:47:cf:c9:d8:93:e8:16:11:74:33:0d:5a:
         ca:2e:7b:da:0c:eb:6b:ac:ef:32:40:56:ac:5f:d1:a4:ac:d8:
         45:6f:19:eb
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDJYaPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
ZjViMzYwZjYzOTZmMzVjYWM3NmZlNzcyNzE0OGFmMmVhOTUwZDkwHhcNMjMwNzI0
MTgwMzQzWhcNMjUwNzI1MTgwMzQzWjAzMTEwLwYDVQQDEyhlYTQzNTc2ZjE3NGE4
ZTk5Y2JmMmRhYTY0MzllMmRhNDIwZDk5YzI4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgWy6oOnskt62Jx0UvuyYvbBMKyuy4cAmsSO9/yIqwQ5VU5+4
t7vLzQKG0HDejw7jrdtTzU86+S+dYuPlPLMOuoIQ0hERajz9ngrRGHTlBNZ3je+x
Ej+asZqkkr7sIcIAq1C3wL1j6aMs9uMtN45CfDmIVWqc28u21q8LNOdlq7X0x9Ac
zzXYDxD5/m00hDzgzM5FgWsxe5cV2JEd/LcwywIo6odGkhAdMP/ZU7oNJk9UhG77
g/MVlUjIWkBYP6Zd/pjYQhRxFVPqxrQW0BZVMZaplNEV585OdhZXGULd7K9LkpWL
3QwBPWyJ7g1wL/JrpnI816T2zEDS9+z29yPx3QIDAQABo4IC1zCCAtMwHQYDVR0O
BBYEFD0u1Bk8g0tdzUYe2RFyyklsSxiPMB8GA1UdIwQYMBaAFDhm0VThBCuywxEi
OWrLDWDwet3JMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDVmNWIz
NjBmNjM5NmYzNWNhYzc2ZmU3NzI3MTQ4YWYyZWE5NTBkOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTY0YjYwODgtODVhNi00MzYzLWExMWYtMjBkNzI1
YmJhM2Y3L2VhNDM1NzZmMTc0YThlOTljYmYyZGFhNjQzOWUyZGE0MjBkOTljMjgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NjRiNjA4OC04NWE2LTQzNjMtYTExZi0yMGQ3
MjViYmEzZjcvZDVmNWIzNjBmNjM5NmYzNWNhYzc2ZmU3NzI3MTQ4YWYyZWE5NTBk
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBmgYIKwYBBQUHAQcBAf8E
gYowgYcwdgQCAAEwcAMEAbUQggMEA7UQiDAMAwQAtRCRAwQAtRCSAwQBtRCgAwQA
tRCoMAwDBAC1EK8DBAG1ELADBAG1ELQDBAK1ELgwDAMEBrUQwAMEAbUQxDAMAwQC
tRDMAwQDtRDQMAwDBAK1EOwDBAC1EPADBAG1EP4wDQQCAAIwBwMFACgABgAwDQYJ
KoZIhvcNAQELBQADggEBAGPnJGGMcJi7sspclkVKmCMWtdgKRtjOSkzp1mK929Is
k80Y3LDIdLX/s8X5Wsi4CgF/H8SEJoytEyWnlqc1laE1xTsvqiHXNAx1NERyR2+V
EoB8PYcrVIXj7NBlMLSs/uhqNTK6XrOJe3UEsWfpGdZXC63rDnRAAX34OYOem/5W
e/gq/aDv+7F0ZL6kgxF5bZHVKbhPPkkV2t3qQgfTj1EZ0BjuXcpby74agnkcE9+M
LHQpg6l/BdWE/MPvdD1mOmt7HBhnTW5R+h8EzXvua6cHo683XZvyq4gxqiGrmkfP
ydiT6BYRdDMNWsoue9oM62us7zJAVqxf0aSs2EVvGes=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-ams.rpki-client.org