Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/806264ff74f84bfd719d5dfb057c9c456e5e1142.roa
File:                     806264ff74f84bfd719d5dfb057c9c456e5e1142.roa (raw, json)
Hash identifier:          i+B4sStOt27ocwe1PrhzGe7ALUBkamJs7Gqh4PAAe80=
Subject key identifier:   5F:90:EA:2A:0C:4B:A9:B2:98:AF:48:EA:34:96:E0:5B:BB:A2:DF:79
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       1D843C
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/806264ff74f84bfd719d5dfb057c9c456e5e1142.roa
Signing time:             Thu 17 Nov 2022 00:18:59 +0000
ROA not before:           Tue 23 Mar 2021 03:00:00 +0000
ROA not after:            Fri 24 Mar 2023 03:00:00 +0000
asID:                     262589
IP address blocks:        190.90.1.0/24 maxlen: 24
                          190.90.209.0/24 maxlen: 24
                          190.90.19.0/24 maxlen: 24
                          190.90.140.0/24 maxlen: 24
                          190.90.141.0/24 maxlen: 24
                          190.90.242.0/24 maxlen: 24
                          190.90.225.0/24 maxlen: 24
                          190.90.37.0/24 maxlen: 24
                          190.90.233.0/24 maxlen: 24
                          190.90.250.0/24 maxlen: 24
                          190.90.251.0/24 maxlen: 24
                          190.90.20.0/24 maxlen: 24
                          190.90.28.0/24 maxlen: 24
                          190.90.60.0/24 maxlen: 24
                          190.90.81.0/24 maxlen: 24
                          190.90.95.0/24 maxlen: 24
                          190.90.142.0/24 maxlen: 24
                          190.90.147.0/24 maxlen: 24
                          190.90.154.0/24 maxlen: 24
                          190.90.136.0/24 maxlen: 24
                          190.90.62.0/24 maxlen: 24
                          190.90.102.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1934396 (0x1d843c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: Mar 23 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2023 GMT
        Subject: CN=806264ff74f84bfd719d5dfb057c9c456e5e1142
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b8:2a:54:cc:9f:a9:fe:de:36:24:0f:1f:ca:
                    fe:23:21:82:9b:f3:29:6d:11:fd:e5:78:d0:9d:fd:
                    10:9b:f3:75:a7:fb:52:b4:55:61:f4:10:70:f7:d2:
                    a7:38:87:9f:20:09:da:ea:16:84:a3:bd:ef:9d:bf:
                    e1:2b:eb:ce:e7:c3:6a:b4:3a:1e:0b:d6:51:5e:d9:
                    21:02:58:6e:00:ce:da:a5:01:a1:92:72:1f:cd:c8:
                    e8:cb:7b:03:33:3c:e4:5f:8a:d5:dc:4c:60:8d:66:
                    8a:15:d5:ed:9f:6d:2b:18:67:d4:17:82:cb:7f:31:
                    4a:bc:ea:d3:10:b3:cd:7c:80:e2:f6:c8:ac:e7:ab:
                    e0:2e:b1:92:f5:06:00:01:b1:30:28:59:ba:4f:a7:
                    9b:2a:a6:bd:9d:e6:e3:05:18:41:fb:4c:ed:96:c6:
                    e3:5f:bb:3f:44:00:a7:ee:ff:0b:9b:ad:50:df:6d:
                    e5:ea:84:9e:5f:1e:d9:48:31:32:35:b1:6d:3c:1b:
                    07:0a:ca:fd:8e:23:88:46:d2:3c:b9:7a:09:42:7b:
                    31:79:42:60:c7:92:a0:cf:d2:4b:f4:95:0c:5d:5a:
                    13:3d:c8:1d:ed:4f:30:1e:f0:7f:bb:c4:26:af:8e:
                    ad:23:76:ef:5f:29:bd:9c:c2:77:99:d8:f7:57:8d:
                    61:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:90:EA:2A:0C:4B:A9:B2:98:AF:48:EA:34:96:E0:5B:BB:A2:DF:79
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/806264ff74f84bfd719d5dfb057c9c456e5e1142.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.1.0/24
                  190.90.19.0-190.90.20.255
                  190.90.28.0/24
                  190.90.37.0/24
                  190.90.60.0/24
                  190.90.62.0/24
                  190.90.81.0/24
                  190.90.95.0/24
                  190.90.102.0/24
                  190.90.136.0/24
                  190.90.140.0-190.90.142.255
                  190.90.147.0/24
                  190.90.154.0/24
                  190.90.209.0/24
                  190.90.225.0/24
                  190.90.233.0/24
                  190.90.242.0/24
                  190.90.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         80:96:46:99:cf:02:19:98:29:a1:1b:72:ad:8d:f9:28:fb:d2:
         5d:0a:b7:ba:c5:ad:ec:26:61:e8:33:70:fa:43:aa:91:63:8a:
         6c:d3:ef:22:ef:c9:c1:74:0c:5f:78:a1:20:c1:5e:80:9f:0a:
         52:6e:29:d1:ca:04:c8:74:ae:dd:4d:16:45:ec:4e:44:ad:e5:
         1f:3a:16:1e:c0:5c:24:58:b7:e1:a2:9b:09:b1:34:d9:33:14:
         94:32:d4:bd:ee:bb:ea:b5:fb:bb:72:44:dd:0c:2d:1e:42:61:
         97:3f:46:31:3a:4b:5c:97:5f:9a:48:b2:64:8d:93:9f:aa:cb:
         d9:79:0b:42:5e:14:ac:05:c8:38:23:74:b2:c2:8a:1a:c5:c9:
         60:d1:6f:48:c3:c1:0a:c3:db:7b:56:81:96:02:ae:84:2d:2d:
         a0:51:38:73:aa:7e:6d:89:fc:6b:98:f0:7a:e7:c0:34:9f:12:
         f0:b8:06:82:eb:4a:fb:bd:3e:15:cf:88:c8:6f:b7:ca:d5:85:
         6c:bd:62:52:38:68:9a:68:91:68:80:9e:f8:a8:c2:98:c7:b4:
         68:f3:a7:77:b3:ec:7c:7d:55:35:fe:ff:6d:92:34:9b:74:bb:
         ed:08:29:3f:6a:5e:f6:c6:28:11:f5:e7:a4:e7:b4:84:20:a5:
         27:2f:a1:21
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIDHYQ8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwMzIz
MDMwMDAwWhcNMjMwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg4MDYyNjRmZjc0Zjg0
YmZkNzE5ZDVkZmIwNTdjOWM0NTZlNWUxMTQyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsbgqVMyfqf7eNiQPH8r+IyGCm/MpbRH95XjQnf0Qm/N1p/tS
tFVh9BBw99KnOIefIAna6haEo73vnb/hK+vO58NqtDoeC9ZRXtkhAlhuAM7apQGh
knIfzcjoy3sDMzzkX4rV3ExgjWaKFdXtn20rGGfUF4LLfzFKvOrTELPNfIDi9sis
56vgLrGS9QYAAbEwKFm6T6ebKqa9nebjBRhB+0ztlsbjX7s/RACn7v8Lm61Q323l
6oSeXx7ZSDEyNbFtPBsHCsr9jiOIRtI8uXoJQnsxeUJgx5Kgz9JL9JUMXVoTPcgd
7U8wHvB/u8Qmr46tI3bvXym9nMJ3mdj3V41hgQIDAQABo4IC1TCCAtEwHQYDVR0O
BBYEFF+Q6ioMS6mymK9I6jSW4Fu7ot95MB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5LzgwNjI2NGZmNzRmODRiZmQ3MTlkNWRmYjA1N2M5YzQ1NmU1ZTExNDIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBmAYIKwYBBQUHAQcBAf8E
gYgwgYUwgYIEAgABMHwDBAC+WgEwDAMEAL5aEwMEAL5aFAMEAL5aHAMEAL5aJQME
AL5aPAMEAL5aPgMEAL5aUQMEAL5aXwMEAL5aZgMEAL5aiDAMAwQCvlqMAwQAvlqO
AwQAvlqTAwQAvlqaAwQAvlrRAwQAvlrhAwQAvlrpAwQAvlryAwQBvlr6MA0GCSqG
SIb3DQEBCwUAA4IBAQCAlkaZzwIZmCmhG3Ktjfko+9JdCre6xa3sJmHoM3D6Q6qR
Y4ps0+8i78nBdAxfeKEgwV6AnwpSbinRygTIdK7dTRZF7E5EreUfOhYewFwkWLfh
opsJsTTZMxSUMtS97rvqtfu7ckTdDC0eQmGXP0YxOktcl1+aSLJkjZOfqsvZeQtC
XhSsBcg4I3Sywooaxclg0W9Iw8EKw9t7VoGWAq6ELS2gUThzqn5tifxrmPB658A0
nxLwuAaC60r7vT4Vz4jIb7fK1YVsvWJSOGiaaJFogJ74qMKYx7Ro86d3s+x8fVU1
/v9tkjSbdLvtCCk/al72xigR9eek57SEIKUnL6Eh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:22 2024 by rpki-client on console-ams.rpki-client.org