Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/5016d9e8cab64525489c754807728b1c3e01339f.roa
File:                     5016d9e8cab64525489c754807728b1c3e01339f.roa (raw, json)
Hash identifier:          2s3xg6gkF/phkphvGnhc43Q0aI/POviHGI9YlLp3HfI=
Subject key identifier:   6A:B6:7C:D7:99:25:E4:7E:78:B5:C9:15:88:2E:25:44:5F:6C:40:AE
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       20B056
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/5016d9e8cab64525489c754807728b1c3e01339f.roa
Signing time:             Mon 23 Jan 2023 15:51:07 +0000
ROA not before:           Fri 12 Mar 2021 03:00:00 +0000
ROA not after:            Fri 24 Mar 2023 03:00:00 +0000
asID:                     18678
IP address blocks:        190.90.63.0/24 maxlen: 24
                          190.90.82.0/24 maxlen: 24
                          190.90.93.0/24 maxlen: 24
                          190.90.94.0/24 maxlen: 24
                          190.90.115.0/24 maxlen: 24
                          190.90.116.0/24 maxlen: 24
                          190.90.121.0/24 maxlen: 24
                          190.90.151.0/24 maxlen: 24
                          190.90.152.0/24 maxlen: 24
                          190.90.190.0/24 maxlen: 24
                          190.90.193.0/24 maxlen: 24
                          190.90.202.0/23 maxlen: 24
                          190.90.216.0/21 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2142294 (0x20b056)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: Mar 12 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2023 GMT
        Subject: CN=5016d9e8cab64525489c754807728b1c3e01339f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:2b:58:e3:4c:22:0f:12:44:b8:fd:62:52:24:
                    a6:79:5f:90:20:51:8c:41:c4:c2:7c:78:d7:da:75:
                    c4:da:6c:07:ed:1a:d9:1e:08:55:d3:8c:f0:ef:94:
                    d3:cc:a3:44:95:f0:43:17:24:14:20:b3:5c:65:4d:
                    ab:7e:25:e0:80:43:0c:9c:c6:6d:2d:03:d5:02:db:
                    5e:51:b1:3b:00:ce:06:3a:f8:a0:48:99:eb:86:6d:
                    c1:8b:75:e7:64:c0:e0:e2:62:1f:ab:6f:6b:6b:23:
                    0b:6a:de:13:e4:5f:68:eb:f5:18:9e:bd:8c:62:8b:
                    ba:e9:76:9f:0d:13:12:ab:51:ca:80:03:95:28:1c:
                    82:74:4d:50:ca:b1:8b:2c:0f:e0:b0:66:00:db:ab:
                    44:70:c8:74:30:10:97:3b:00:ec:49:27:51:a7:3c:
                    ca:d0:ed:27:1e:a6:16:b3:14:c2:f8:eb:e1:ae:88:
                    b8:f2:94:68:be:3b:00:e8:2a:f1:45:e2:59:58:97:
                    20:f7:5d:93:68:21:1b:3c:ee:c3:04:d4:ef:34:66:
                    d6:af:65:3e:e8:e9:2a:2b:77:a2:f3:70:0b:30:6f:
                    2d:b3:05:76:e2:9e:3e:f4:77:aa:82:13:8c:1b:0a:
                    5b:41:a6:31:ab:31:1b:48:92:13:25:39:4f:15:fe:
                    2d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:B6:7C:D7:99:25:E4:7E:78:B5:C9:15:88:2E:25:44:5F:6C:40:AE
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/5016d9e8cab64525489c754807728b1c3e01339f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.63.0/24
                  190.90.82.0/24
                  190.90.93.0-190.90.94.255
                  190.90.115.0-190.90.116.255
                  190.90.121.0/24
                  190.90.151.0-190.90.152.255
                  190.90.190.0/24
                  190.90.193.0/24
                  190.90.202.0/23
                  190.90.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         10:62:f3:da:c2:2a:3e:38:9f:a1:ac:3d:a1:86:61:67:ed:02:
         c4:8e:f0:53:5d:39:81:3d:7f:55:64:88:54:8c:93:fd:ea:b3:
         85:0c:5b:3d:41:eb:16:d1:4d:5f:1b:db:76:2e:29:57:84:fd:
         17:86:89:92:1c:db:f7:eb:03:e1:3e:57:a6:40:bf:05:9c:7c:
         0b:9d:1b:8f:a8:c8:b7:a1:24:8c:d5:eb:4c:a3:2c:00:71:fd:
         ea:92:8a:dd:69:e3:8a:1d:56:9f:6e:7e:94:36:ce:e3:6f:e3:
         43:46:f3:4c:2b:67:a0:a8:96:b7:25:0b:4e:6b:79:d1:86:06:
         27:be:6a:bc:63:a3:9e:65:2c:57:31:94:73:4f:86:ca:8c:44:
         a2:a9:c3:77:e8:66:67:38:af:b4:68:50:70:9c:81:e7:d0:66:
         83:28:fd:9a:21:d1:90:02:ea:35:03:b9:eb:69:7a:6d:ce:a4:
         43:27:68:5d:08:6b:1b:76:d7:76:36:89:9a:3d:c4:d4:93:bc:
         7d:44:b1:90:2f:31:07:4f:3a:83:6f:fa:88:1f:bb:d9:c9:a9:
         b4:47:d9:f3:62:be:b3:ba:5c:ec:96:41:b5:f5:45:76:da:0e:
         75:f9:08:9e:3a:f7:c0:d9:49:a5:86:5f:e5:1d:45:bd:95:a2:
         f4:32:be:e2
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIDILBWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwMzEy
MDMwMDAwWhcNMjMwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg1MDE2ZDllOGNhYjY0
NTI1NDg5Yzc1NDgwNzcyOGIxYzNlMDEzMzlmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhytY40wiDxJEuP1iUiSmeV+QIFGMQcTCfHjX2nXE2mwH7RrZ
HghV04zw75TTzKNElfBDFyQUILNcZU2rfiXggEMMnMZtLQPVAtteUbE7AM4GOvig
SJnrhm3Bi3XnZMDg4mIfq29rayMLat4T5F9o6/UYnr2MYou66XafDRMSq1HKgAOV
KByCdE1QyrGLLA/gsGYA26tEcMh0MBCXOwDsSSdRpzzK0O0nHqYWsxTC+Ovhroi4
8pRovjsA6CrxReJZWJcg912TaCEbPO7DBNTvNGbWr2U+6OkqK3ei83ALMG8tswV2
4p4+9HeqghOMGwpbQaYxqzEbSJITJTlPFf4tmQIDAQABo4ICqTCCAqUwHQYDVR0O
BBYEFGq2fNeZJeR+eLXJFYguJURfbECuMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5LzUwMTZkOWU4Y2FiNjQ1MjU0ODljNzU0ODA3NzI4YjFjM2UwMTMzOWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBtBggrBgEFBQcBBwEB/wRe
MFwwWgQCAAEwVAMEAL5aPwMEAL5aUjAMAwQAvlpdAwQAvlpeMAwDBAC+WnMDBAC+
WnQDBAC+WnkwDAMEAL5alwMEAL5amAMEAL5avgMEAL5awQMEAb5aygMEA75a2DAN
BgkqhkiG9w0BAQsFAAOCAQEAEGLz2sIqPjifoaw9oYZhZ+0CxI7wU105gT1/VWSI
VIyT/eqzhQxbPUHrFtFNXxvbdi4pV4T9F4aJkhzb9+sD4T5XpkC/BZx8C50bj6jI
t6EkjNXrTKMsAHH96pKK3Wnjih1Wn25+lDbO42/jQ0bzTCtnoKiWtyULTmt50YYG
J75qvGOjnmUsVzGUc0+GyoxEoqnDd+hmZzivtGhQcJyB59Bmgyj9miHRkALqNQO5
62l6bc6kQydoXQhrG3bXdjaJmj3E1JO8fUSxkC8xB086g2/6iB+72cmptEfZ82K+
s7pc7JZBtfVFdtoOdfkInjr3wNlJpYZf5R1FvZWi9DK+4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:01 2024 by rpki-client on console-fra.rpki-client.org