Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9e898202-551c-4a4e-a6d0-cf739c316678/e70c19ad5a69997da4f3526c1e000ea044e8196f.roa
File:                     e70c19ad5a69997da4f3526c1e000ea044e8196f.roa (raw, json)
Hash identifier:          jBLLBBWyMYXAF7xFHPJ94HpBrlQ38X4UbCWgAIbS//w=
Subject key identifier:   DC:2B:7A:D7:2D:3E:97:53:15:EC:34:CF:81:73:7A:27:6F:09:C8:1D
Certificate issuer:       /CN=a3a1d5f9c3b42669fce6b8ae03d338f1d21f942f
Certificate serial:       210525
Authority key identifier: DB:EE:7B:EC:56:4F:90:5D:60:8E:8A:D7:C2:54:C5:D8:32:57:10:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a3a1d5f9c3b42669fce6b8ae03d338f1d21f942f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9e898202-551c-4a4e-a6d0-cf739c316678/e70c19ad5a69997da4f3526c1e000ea044e8196f.roa
Signing time:             Wed 06 Dec 2023 13:38:40 +0000
ROA not before:           Wed 06 Dec 2023 13:38:40 +0000
ROA not after:            Sat 06 Dec 2025 13:38:40 +0000
asID:                     264688
IP address blocks:        190.107.240.0/21 maxlen: 21
                          190.107.240.0/24 maxlen: 24
                          190.107.241.0/24 maxlen: 24
                          190.107.242.0/24 maxlen: 24
                          190.107.243.0/24 maxlen: 24
                          190.107.244.0/24 maxlen: 24
                          190.107.245.0/24 maxlen: 24
                          190.107.246.0/24 maxlen: 24
                          190.107.247.0/24 maxlen: 24
                          190.196.224.0/20 maxlen: 20
                          190.196.225.0/24 maxlen: 24
                          190.196.226.0/24 maxlen: 24
                          190.196.227.0/24 maxlen: 24
                          190.196.228.0/24 maxlen: 24
                          190.196.229.0/24 maxlen: 24
                          190.196.230.0/24 maxlen: 24
                          190.196.231.0/24 maxlen: 24
                          190.196.232.0/24 maxlen: 24
                          190.196.233.0/24 maxlen: 24
                          190.196.234.0/24 maxlen: 24
                          190.196.235.0/24 maxlen: 24
                          190.196.236.0/24 maxlen: 24
                          190.196.237.0/24 maxlen: 24
                          190.196.238.0/24 maxlen: 24
                          190.196.239.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2164005 (0x210525)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a1d5f9c3b42669fce6b8ae03d338f1d21f942f
        Validity
            Not Before: Dec  6 13:38:40 2023 GMT
            Not After : Dec  6 13:38:40 2025 GMT
        Subject: CN=e70c19ad5a69997da4f3526c1e000ea044e8196f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:8f:11:dc:b6:c2:96:c7:89:9e:cc:03:ef:22:
                    40:73:81:4c:db:c9:9f:1a:7d:d9:5d:45:83:94:9b:
                    ae:b1:41:df:c0:9d:eb:b3:2f:3c:30:c7:d8:e9:aa:
                    25:be:9f:0c:1e:0c:81:c3:da:bf:a6:35:9d:f5:f2:
                    d6:6c:70:e4:8f:28:ac:83:0c:dd:fc:d6:df:4f:ed:
                    b5:75:03:47:e5:33:02:1f:a8:87:10:4f:b4:8d:17:
                    7b:f7:cd:db:88:83:ba:0f:31:8b:94:ba:50:92:4e:
                    ab:eb:0d:72:48:91:30:89:be:55:4b:69:28:97:c6:
                    44:e9:6b:34:b1:86:2a:75:21:fd:39:5f:96:0b:12:
                    f6:de:2c:a0:f1:26:f5:ba:f2:b1:a3:00:bb:21:1e:
                    1f:ce:30:bc:a8:ed:32:0f:44:f8:29:5b:c3:43:7a:
                    97:96:ec:8b:00:94:e3:a4:78:b3:11:91:dc:00:af:
                    5c:13:39:db:20:a9:f8:00:a8:5b:5d:c3:f0:7b:45:
                    88:12:27:8f:3c:ed:40:17:87:e9:fc:b6:17:6d:e0:
                    16:3f:a9:7b:1b:99:72:78:94:76:56:95:43:5c:cf:
                    98:3a:0a:35:37:c3:35:3f:c8:43:64:cb:26:38:b0:
                    29:80:50:3e:45:a5:34:d3:05:db:b6:7e:18:88:5c:
                    cc:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:2B:7A:D7:2D:3E:97:53:15:EC:34:CF:81:73:7A:27:6F:09:C8:1D
            X509v3 Authority Key Identifier:
                keyid:DB:EE:7B:EC:56:4F:90:5D:60:8E:8A:D7:C2:54:C5:D8:32:57:10:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a3a1d5f9c3b42669fce6b8ae03d338f1d21f942f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9e898202-551c-4a4e-a6d0-cf739c316678/e70c19ad5a69997da4f3526c1e000ea044e8196f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9e898202-551c-4a4e-a6d0-cf739c316678/a3a1d5f9c3b42669fce6b8ae03d338f1d21f942f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.107.240.0/21
                  190.196.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         26:79:58:f6:b6:63:46:bb:c0:ad:0b:14:6f:48:df:82:26:f8:
         96:07:43:ed:50:1c:b2:f9:3a:f1:6b:db:1c:6e:5a:1e:08:b9:
         ac:c3:d4:57:b9:fe:76:22:a6:3a:f8:60:27:9a:c3:01:19:46:
         7f:36:c4:45:13:23:37:1f:fe:43:dc:29:35:95:68:51:b6:4f:
         f3:9a:38:ac:99:dd:09:86:a5:90:bf:f0:39:ad:38:f4:b9:aa:
         d0:70:ac:9d:a5:9d:fc:76:62:3c:49:73:73:69:76:4c:e3:8a:
         c1:35:13:40:23:68:dd:77:5a:e5:20:68:6b:4e:aa:d0:6e:b4:
         ce:66:26:cd:c4:99:86:84:b7:22:f8:05:6c:4e:5a:d7:e9:c9:
         cc:e4:42:ca:b3:a7:e2:54:a7:e5:dc:f5:11:ad:ea:90:be:8d:
         fa:b9:d4:b0:fc:4e:e5:fe:78:3a:5c:2a:1a:c9:05:31:95:4e:
         e8:b2:76:57:10:84:cc:29:63:47:d3:b1:5b:9c:da:0f:6e:b3:
         5a:97:84:4d:1e:aa:eb:34:24:87:f1:5e:7b:5c:d1:77:8b:9e:
         4c:69:09:0e:1b:df:37:bd:06:53:19:d8:bf:d9:7a:59:3a:a6:
         fc:de:a3:15:02:6f:9d:aa:da:5f:c8:fe:fc:ae:b1:85:e1:98:
         fd:e8:1e:9f
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDIQUlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGEz
YTFkNWY5YzNiNDI2NjlmY2U2YjhhZTAzZDMzOGYxZDIxZjk0MmYwHhcNMjMxMjA2
MTMzODQwWhcNMjUxMjA2MTMzODQwWjAzMTEwLwYDVQQDEyhlNzBjMTlhZDVhNjk5
OTdkYTRmMzUyNmMxZTAwMGVhMDQ0ZTgxOTZmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmo8R3LbClseJnswD7yJAc4FM28mfGn3ZXUWDlJuusUHfwJ3r
sy88MMfY6aolvp8MHgyBw9q/pjWd9fLWbHDkjyisgwzd/NbfT+21dQNH5TMCH6iH
EE+0jRd7983biIO6DzGLlLpQkk6r6w1ySJEwib5VS2kol8ZE6Ws0sYYqdSH9OV+W
CxL23iyg8Sb1uvKxowC7IR4fzjC8qO0yD0T4KVvDQ3qXluyLAJTjpHizEZHcAK9c
EznbIKn4AKhbXcPwe0WIEiePPO1AF4fp/LYXbeAWP6l7G5lyeJR2VpVDXM+YOgo1
N8M1P8hDZMsmOLApgFA+RaU00wXbtn4YiFzMnwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFNwretctPpdTFew0z4FzeidvCcgdMB8GA1UdIwQYMBaAFNvue+xWT5BdYI6K
18JUxdgyVxBQMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTNhMWQ1
ZjljM2I0MjY2OWZjZTZiOGFlMDNkMzM4ZjFkMjFmOTQyZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWU4OTgyMDItNTUxYy00YTRlLWE2ZDAtY2Y3Mzlj
MzE2Njc4L2U3MGMxOWFkNWE2OTk5N2RhNGYzNTI2YzFlMDAwZWEwNDRlODE5NmYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85ZTg5ODIwMi01NTFjLTRhNGUtYTZkMC1jZjcz
OWMzMTY2NzgvYTNhMWQ1ZjljM2I0MjY2OWZjZTZiOGFlMDNkMzM4ZjFkMjFmOTQy
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEA75r8AMEBL7E4DANBgkqhkiG9w0BAQsFAAOCAQEAJnlY9rZj
RrvArQsUb0jfgib4lgdD7VAcsvk68WvbHG5aHgi5rMPUV7n+diKmOvhgJ5rDARlG
fzbERRMjNx/+Q9wpNZVoUbZP85o4rJndCYalkL/wOa049Lmq0HCsnaWd/HZiPElz
c2l2TOOKwTUTQCNo3Xda5SBoa06q0G60zmYmzcSZhoS3IvgFbE5a1+nJzORCyrOn
4lSn5dz1Ea3qkL6N+rnUsPxO5f54OlwqGskFMZVO6LJ2VxCEzCljR9OxW5zaD26z
WpeETR6q6zQkh/Fee1zRd4ueTGkJDhvfN70GUxnYv9l6WTqm/N6jFQJvnaraX8j+
/K6xheGY/egenw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:59 2024 by rpki-client on console-fra.rpki-client.org