Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/a5d63c473ccb5e467582375da2f55a2ec92819ae.roa
File:                     a5d63c473ccb5e467582375da2f55a2ec92819ae.roa (raw, json)
Hash identifier:          cyHQc+PblHLxrmRBD8ZdWoySYerV8GN6zC5IcqItOss=
Subject key identifier:   73:73:D9:3A:40:B5:97:2D:98:C2:14:72:23:8B:A4:78:2D:7D:F8:5B
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       1FE8AD
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/a5d63c473ccb5e467582375da2f55a2ec92819ae.roa
Signing time:             Fri 20 Jan 2023 00:28:45 +0000
ROA not before:           Mon 22 Mar 2021 14:35:22 +0000
ROA not after:            Tue 24 Mar 2026 14:35:22 +0000
asID:                     27837
IP address blocks:        190.90.40.0/21 maxlen: 24
                          190.90.48.0/22 maxlen: 24
                          190.90.65.0/24 maxlen: 24
                          190.90.66.0/24 maxlen: 24
                          190.90.87.0/24 maxlen: 24
                          190.90.122.0/24 maxlen: 24
                          190.90.123.0/24 maxlen: 24
                          190.90.124.0/24 maxlen: 24
                          190.90.195.0/24 maxlen: 24
                          190.90.196.0/24 maxlen: 24
                          190.90.197.0/24 maxlen: 24
                          190.90.228.0/24 maxlen: 24
                          190.90.243.0/24 maxlen: 24
                          190.90.246.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2091181 (0x1fe8ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: Mar 22 14:35:22 2021 GMT
            Not After : Mar 24 14:35:22 2026 GMT
        Subject: CN=a5d63c473ccb5e467582375da2f55a2ec92819ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:af:55:2b:a7:f4:75:0d:89:b7:01:b5:8a:41:
                    02:bf:07:79:bd:3c:c5:37:b6:69:7b:8f:e6:7d:e1:
                    be:73:5b:2e:d8:84:1b:f5:a0:55:06:b2:78:2e:32:
                    da:83:b4:a0:aa:57:2d:a3:e0:5c:18:ab:c9:6d:72:
                    0f:c5:3a:ab:88:74:79:38:10:78:00:cf:6b:23:2b:
                    c6:9e:ec:81:0c:f4:79:76:c9:bd:1c:f1:bf:71:62:
                    97:97:4c:29:48:12:94:31:04:2b:91:70:ad:d3:82:
                    c5:0c:a2:48:97:3f:30:6f:a7:35:9a:94:b5:fd:ad:
                    b9:83:f1:6b:fa:d2:49:cf:8f:0f:ff:aa:41:f3:5f:
                    4d:34:d3:3f:b6:6d:4a:da:bb:41:78:b2:dc:f7:7b:
                    07:5c:a6:ca:5f:1e:49:61:1b:b4:cb:05:f8:d6:c3:
                    36:6b:64:07:64:88:5c:68:18:a8:73:5f:86:fb:c8:
                    f5:44:3c:57:44:c6:8b:5f:25:81:7d:5a:44:41:74:
                    23:2c:be:d8:d6:fa:a8:1e:99:14:57:41:f0:b1:d2:
                    b6:91:0c:a7:bc:43:7f:30:ff:d8:e6:0d:c4:a8:78:
                    95:de:33:af:9b:61:4a:28:cd:13:e3:8a:cb:c1:d1:
                    a2:db:43:e6:db:19:0b:db:f4:8c:8f:ec:db:c9:a4:
                    f4:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:73:D9:3A:40:B5:97:2D:98:C2:14:72:23:8B:A4:78:2D:7D:F8:5B
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/a5d63c473ccb5e467582375da2f55a2ec92819ae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.40.0-190.90.51.255
                  190.90.65.0-190.90.66.255
                  190.90.87.0/24
                  190.90.122.0-190.90.124.255
                  190.90.195.0-190.90.197.255
                  190.90.228.0/24
                  190.90.243.0/24
                  190.90.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7d:86:71:5c:05:50:df:f0:7f:05:a5:b1:d1:d3:bc:a7:3a:4e:
         a6:27:64:5d:e5:06:25:27:ff:c5:e1:a9:ef:ef:64:e4:08:d8:
         5d:c0:af:f1:25:bb:7a:3b:66:31:7c:91:9a:9b:c1:51:54:7a:
         e2:44:94:38:12:dc:84:f5:a0:96:db:3f:c9:c5:33:9b:67:70:
         a7:d1:65:ac:c6:22:2c:5f:e8:fe:b3:32:d4:6c:66:86:f6:d8:
         2a:1f:6a:c8:e3:01:21:24:79:ec:a3:2b:94:cd:b1:c0:5d:a7:
         11:41:7a:66:4d:a9:90:b4:fa:7a:09:7f:bb:45:ff:6c:51:ee:
         1c:05:16:36:a2:83:ba:96:13:84:69:7b:81:c1:2f:4c:f7:84:
         ce:cb:f1:d7:f9:c6:8f:29:72:56:6d:8d:52:12:2e:68:e8:d3:
         4a:e7:c2:e2:ec:5f:ea:81:2a:a6:13:d1:3d:1b:85:cb:8b:61:
         e2:1d:bb:4f:3f:4a:18:14:c5:86:4e:76:d4:9f:5b:77:d2:38:
         05:73:77:4f:b7:c7:ff:b2:1f:0c:1f:0d:0b:0a:4b:34:1a:66:
         cb:77:e8:92:88:fe:f4:8a:7e:96:c2:95:93:20:69:f7:5f:ff:
         fa:ac:e2:24:71:50:02:06:e0:fc:42:98:f3:5f:be:e2:b8:ae:
         50:f5:dc:03
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDH+itMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwMzIy
MTQzNTIyWhcNMjYwMzI0MTQzNTIyWjAzMTEwLwYDVQQDEyhhNWQ2M2M0NzNjY2I1
ZTQ2NzU4MjM3NWRhMmY1NWEyZWM5MjgxOWFlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAga9VK6f0dQ2JtwG1ikECvwd5vTzFN7Zpe4/mfeG+c1su2IQb
9aBVBrJ4LjLag7Sgqlcto+BcGKvJbXIPxTqriHR5OBB4AM9rIyvGnuyBDPR5dsm9
HPG/cWKXl0wpSBKUMQQrkXCt04LFDKJIlz8wb6c1mpS1/a25g/Fr+tJJz48P/6pB
819NNNM/tm1K2rtBeLLc93sHXKbKXx5JYRu0ywX41sM2a2QHZIhcaBioc1+G+8j1
RDxXRMaLXyWBfVpEQXQjLL7Y1vqoHpkUV0HwsdK2kQynvEN/MP/Y5g3EqHiV3jOv
m2FKKM0T44rLwdGi20Pm2xkL2/SMj+zbyaT08QIDAQABo4ICpTCCAqEwHQYDVR0O
BBYEFHNz2TpAtZctmMIUciOLpHgtffhbMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5L2E1ZDYzYzQ3M2NjYjVlNDY3NTgyMzc1ZGEyZjU1YTJlYzkyODE5YWUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRa
MFgwVgQCAAEwUDAMAwQDvlooAwQCvlowMAwDBAC+WkEDBAC+WkIDBAC+WlcwDAME
Ab5aegMEAL5afDAMAwQAvlrDAwQBvlrEAwQAvlrkAwQAvlrzAwQBvlr2MA0GCSqG
SIb3DQEBCwUAA4IBAQB9hnFcBVDf8H8FpbHR07ynOk6mJ2Rd5QYlJ//F4anv72Tk
CNhdwK/xJbt6O2YxfJGam8FRVHriRJQ4EtyE9aCW2z/JxTObZ3Cn0WWsxiIsX+j+
szLUbGaG9tgqH2rI4wEhJHnsoyuUzbHAXacRQXpmTamQtPp6CX+7Rf9sUe4cBRY2
ooO6lhOEaXuBwS9M94TOy/HX+caPKXJWbY1SEi5o6NNK58Li7F/qgSqmE9E9G4XL
i2HiHbtPP0oYFMWGTnbUn1t30jgFc3dPt8f/sh8MHw0LCks0GmbLd+iSiP70in6W
wpWTIGn3X//6rOIkcVACBuD8QpjzX77iuK5Q9dwD
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:01 2024 by rpki-client on console-fra.rpki-client.org