Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/b3c58c0fc5e85b105033703aec10c87b86a470ab.roa
File:                     b3c58c0fc5e85b105033703aec10c87b86a470ab.roa (raw, json)
Hash identifier:          l4FOm5s6gKUn3bfg/M65y4XmaPOJXJcv7JmxY+oSCuE=
Subject key identifier:   12:65:BB:9C:4C:AB:2A:70:BE:4A:DF:EA:B4:C6:8D:8E:3E:F8:DA:82
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       1FBBAB
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/b3c58c0fc5e85b105033703aec10c87b86a470ab.roa
Signing time:             Thu 19 Jan 2023 11:17:51 +0000
ROA not before:           Tue 04 May 2021 03:00:00 +0000
ROA not after:            Thu 11 May 2023 03:00:00 +0000
asID:                     262589
IP address blocks:        190.90.0.0/21 maxlen: 21
                          190.90.8.0/21 maxlen: 21
                          190.90.16.0/21 maxlen: 21
                          190.90.24.0/24 maxlen: 24
                          190.90.28.0/22 maxlen: 24
                          190.90.33.0/24 maxlen: 24
                          190.90.34.0/24 maxlen: 24
                          190.90.36.0/22 maxlen: 24
                          190.90.52.0/22 maxlen: 24
                          190.90.60.0/22 maxlen: 24
                          190.90.208.0/21 maxlen: 24
                          190.90.252.0/24 maxlen: 24
                          190.90.240.0/24 maxlen: 24
                          190.90.76.0/24 maxlen: 24
                          190.90.77.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2079659 (0x1fbbab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: May  4 03:00:00 2021 GMT
            Not After : May 11 03:00:00 2023 GMT
        Subject: CN=b3c58c0fc5e85b105033703aec10c87b86a470ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:eb:6e:9a:9b:56:ac:f0:8e:b3:6e:3b:f5:2d:
                    4d:8c:31:a8:9c:92:11:7c:88:01:fa:dd:91:82:32:
                    c4:2c:8b:13:71:ed:f7:45:d6:22:94:9b:4d:94:01:
                    1d:d1:9d:7e:bc:7f:e8:5b:49:07:f4:36:2f:8f:f7:
                    38:9a:23:c6:11:0a:a7:64:34:38:0c:9d:ed:11:31:
                    40:f8:2a:f1:52:be:92:74:95:1e:51:37:08:5f:30:
                    15:48:3b:c9:21:80:de:fc:cb:68:d5:d7:e6:ab:bc:
                    31:a6:0c:db:7b:cf:25:d2:e7:37:d4:76:cf:77:ff:
                    4c:e7:d7:e5:52:3a:42:fe:29:56:57:17:20:74:83:
                    b9:e5:0e:10:9d:ab:7b:12:87:54:18:db:a9:25:84:
                    07:80:b5:d9:4b:e1:ac:23:29:0e:50:96:58:8a:51:
                    ba:d9:7e:63:fc:2c:cb:cd:ff:45:82:5f:08:c4:51:
                    0f:ab:27:4e:bf:94:23:16:7f:61:5a:cf:77:25:23:
                    b3:ff:23:68:0b:25:c4:43:15:b4:5a:bf:c0:fa:96:
                    c6:25:b9:56:84:54:24:d3:90:ee:0c:b7:79:8d:d4:
                    5f:3d:c7:c6:55:a4:28:aa:c6:53:12:a5:af:2e:13:
                    1f:76:98:6b:e9:d1:f0:3e:c3:02:f5:51:9b:51:5c:
                    62:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:65:BB:9C:4C:AB:2A:70:BE:4A:DF:EA:B4:C6:8D:8E:3E:F8:DA:82
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/b3c58c0fc5e85b105033703aec10c87b86a470ab.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.0.0-190.90.24.255
                  190.90.28.0/22
                  190.90.33.0-190.90.34.255
                  190.90.36.0/22
                  190.90.52.0/22
                  190.90.60.0/22
                  190.90.76.0/23
                  190.90.208.0/21
                  190.90.240.0/24
                  190.90.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:df:49:8b:09:55:b6:0f:24:55:49:66:3a:f6:19:ce:40:fd:
         5f:40:fa:e2:2e:7d:d5:fb:96:39:20:eb:18:b0:dd:72:57:d3:
         54:f3:3e:d7:bb:c8:21:2c:69:42:10:a0:02:a8:b6:d1:33:3d:
         55:ad:59:05:f3:76:1c:40:f1:38:85:7d:11:e4:ab:bf:05:31:
         1f:b6:b0:23:61:fc:37:13:7e:0b:09:de:f9:20:08:04:73:2c:
         ab:b8:47:40:97:cb:ef:03:14:e8:47:70:d7:a1:c1:fc:6b:a6:
         78:1b:69:1d:6a:69:99:f7:68:8a:84:c2:91:4a:61:84:27:86:
         50:14:0f:f0:9c:7a:18:51:51:d4:5a:74:da:79:e6:8f:aa:cd:
         e2:84:17:2c:3d:1d:ea:e2:8c:b7:c6:ae:49:3e:ee:c9:32:e9:
         17:a7:63:9f:81:a2:39:20:fd:04:77:1c:57:9d:4f:89:7e:7c:
         85:b8:ce:f1:25:08:ae:3d:6b:f2:21:bd:9d:41:bc:ab:e4:6e:
         76:c7:0a:dd:f3:81:48:ce:ad:f7:71:44:52:ef:f3:fe:6f:77:
         dd:52:57:40:07:e4:a2:08:dd:f4:04:2f:68:04:1e:4b:3d:86:
         94:6c:e6:89:7a:12:b0:03:3b:b2:54:08:fc:8f:53:30:9f:44:
         9b:e6:36:9f
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIDH7urMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwNTA0
MDMwMDAwWhcNMjMwNTExMDMwMDAwWjAzMTEwLwYDVQQDEyhiM2M1OGMwZmM1ZTg1
YjEwNTAzMzcwM2FlYzEwYzg3Yjg2YTQ3MGFiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAketumptWrPCOs2479S1NjDGonJIRfIgB+t2RgjLELIsTce33
RdYilJtNlAEd0Z1+vH/oW0kH9DYvj/c4miPGEQqnZDQ4DJ3tETFA+CrxUr6SdJUe
UTcIXzAVSDvJIYDe/Mto1dfmq7wxpgzbe88l0uc31HbPd/9M59flUjpC/ilWVxcg
dIO55Q4Qnat7EodUGNupJYQHgLXZS+GsIykOUJZYilG62X5j/CzLzf9Fgl8IxFEP
qydOv5QjFn9hWs93JSOz/yNoCyXEQxW0Wr/A+pbGJblWhFQk05DuDLd5jdRfPcfG
VaQoqsZTEqWvLhMfdphr6dHwPsMC9VGbUVxi9wIDAQABo4ICoDCCApwwHQYDVR0O
BBYEFBJlu5xMqypwvkrf6rTGjY4++NqCMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5L2IzYzU4YzBmYzVlODViMTA1MDMzNzAzYWVjMTBjODdiODZhNDcwYWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBkBggrBgEFBQcBBwEB/wRV
MFMwUQQCAAEwSzALAwMBvloDBAC+WhgDBAK+WhwwDAMEAL5aIQMEAL5aIgMEAr5a
JAMEAr5aNAMEAr5aPAMEAb5aTAMEA75a0AMEAL5a8AMEAL5a/DANBgkqhkiG9w0B
AQsFAAOCAQEAcN9JiwlVtg8kVUlmOvYZzkD9X0D64i591fuWOSDrGLDdclfTVPM+
17vIISxpQhCgAqi20TM9Va1ZBfN2HEDxOIV9EeSrvwUxH7awI2H8NxN+Cwne+SAI
BHMsq7hHQJfL7wMU6Edw16HB/GumeBtpHWppmfdoioTCkUphhCeGUBQP8Jx6GFFR
1Fp02nnmj6rN4oQXLD0d6uKMt8auST7uyTLpF6djn4GiOSD9BHccV51PiX58hbjO
8SUIrj1r8iG9nUG8q+RudscK3fOBSM6t93FEUu/z/m933VJXQAfkogjd9AQvaAQe
Sz2GlGzmiXoSsAM7slQI/I9TMJ9Em+Y2nw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:22 2024 by rpki-client on console-ams.rpki-client.org