Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/bd98710b191c1af236a649be47c381ad5ec0e56f.roa
File:                     bd98710b191c1af236a649be47c381ad5ec0e56f.roa (raw, json)
Hash identifier:          GYpdqFtyVk394n+KgWwDnAYM2v1h2cN5QNgN9kYZdEo=
Subject key identifier:   64:7B:C2:AB:AB:47:7A:4A:15:57:10:F0:B8:95:88:E4:89:63:E3:17
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       201BD2
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/bd98710b191c1af236a649be47c381ad5ec0e56f.roa
Signing time:             Fri 20 Jan 2023 01:58:13 +0000
ROA not before:           Thu 29 Apr 2021 03:00:00 +0000
ROA not after:            Thu 11 May 2023 03:00:00 +0000
asID:                     262589
IP address blocks:        190.90.0.0/21 maxlen: 21
                          190.90.8.0/21 maxlen: 21
                          190.90.16.0/21 maxlen: 21
                          190.90.24.0/24 maxlen: 24
                          190.90.28.0/22 maxlen: 24
                          190.90.33.0/24 maxlen: 24
                          190.90.34.0/24 maxlen: 24
                          190.90.36.0/22 maxlen: 24
                          190.90.52.0/22 maxlen: 24
                          190.90.60.0/22 maxlen: 24
                          190.90.64.0/20 maxlen: 24
                          190.90.80.0/20 maxlen: 24
                          190.90.96.0/20 maxlen: 24
                          190.90.112.0/21 maxlen: 24
                          190.90.208.0/21 maxlen: 24
                          190.90.252.0/24 maxlen: 24
                          190.90.240.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2104274 (0x201bd2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: Apr 29 03:00:00 2021 GMT
            Not After : May 11 03:00:00 2023 GMT
        Subject: CN=bd98710b191c1af236a649be47c381ad5ec0e56f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5b:3c:5a:37:e2:6e:8f:cd:53:41:b7:05:58:
                    22:09:a7:5f:b8:6e:21:1c:63:bd:c4:37:19:72:b0:
                    cf:c8:83:ec:8c:6a:75:02:f7:90:ef:ad:44:8e:f6:
                    03:7a:e1:40:4d:93:57:1b:c7:0f:12:d9:89:b2:d1:
                    31:d9:71:4e:08:03:a6:35:30:ac:07:c2:a6:b7:55:
                    25:ec:cd:50:a2:2a:25:c0:52:5c:a2:a9:ca:a5:44:
                    cc:54:6c:a6:33:45:82:86:ed:94:b2:35:db:66:72:
                    03:09:a6:ea:23:de:87:e6:e6:27:e1:5d:e1:0c:ef:
                    90:7e:ca:4a:c7:a4:d8:6d:1d:aa:38:61:21:5d:e9:
                    15:71:e5:3f:22:1d:51:7c:25:3d:53:c6:b5:a7:7d:
                    c3:e1:8d:e6:db:c8:9c:92:50:59:74:df:f2:79:d6:
                    35:c0:c5:13:3d:07:9c:19:35:75:21:41:ad:b9:3d:
                    85:55:cd:38:4c:42:39:a0:b8:d1:46:04:11:eb:54:
                    c0:3d:7f:15:a9:ce:66:4a:33:f7:c2:bf:0f:e1:39:
                    99:bd:75:ff:5a:79:ed:66:aa:02:40:93:7a:90:12:
                    38:90:05:5b:34:da:b4:bf:a8:c3:ae:9f:63:d5:d0:
                    a3:e3:e9:07:02:01:8f:bd:a7:95:32:ac:bd:a0:2e:
                    83:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:7B:C2:AB:AB:47:7A:4A:15:57:10:F0:B8:95:88:E4:89:63:E3:17
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/bd98710b191c1af236a649be47c381ad5ec0e56f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.0.0-190.90.24.255
                  190.90.28.0/22
                  190.90.33.0-190.90.34.255
                  190.90.36.0/22
                  190.90.52.0/22
                  190.90.60.0-190.90.119.255
                  190.90.208.0/21
                  190.90.240.0/24
                  190.90.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:e5:81:67:2b:62:87:a7:5b:be:05:6c:98:8b:66:6f:4e:81:
         2d:89:1d:00:07:6e:c0:b5:2f:60:e0:9f:32:f9:9d:bb:23:b3:
         7e:79:20:aa:d2:66:d8:ab:af:47:13:33:b6:db:f5:f3:ac:3c:
         0e:6e:fe:84:b2:68:74:17:e0:2e:9d:02:4c:10:be:31:92:dc:
         dd:17:50:b5:06:38:fc:f1:3c:7f:b2:23:20:23:75:dd:8b:1f:
         00:62:ad:c8:c5:dc:92:8c:45:c7:e3:76:6c:1f:c4:72:c2:87:
         4c:67:a9:82:60:98:3f:29:03:c5:eb:4a:f2:44:58:fa:d9:3c:
         26:73:5e:eb:e6:9b:53:5e:a1:a3:25:96:8e:00:c8:c4:6d:fb:
         38:a2:35:14:2e:e0:91:85:5e:71:62:21:ee:47:24:6f:d9:e6:
         18:4b:ed:16:91:a6:7f:69:80:cc:a3:83:1f:69:cb:57:4d:f0:
         67:9e:d4:27:05:2d:92:1b:91:f8:26:c1:54:dd:23:a9:b2:ff:
         c8:86:66:30:e7:91:65:9e:ab:64:f2:f1:16:b6:ea:62:01:18:
         b0:3f:b4:d5:68:b0:26:53:ca:d1:d1:00:b3:82:1d:9b:c9:8d:
         e0:da:f3:83:48:0c:9d:57:ed:0e:1b:77:01:79:20:91:fe:15:
         3d:ea:97:49
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDIBvSMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwNDI5
MDMwMDAwWhcNMjMwNTExMDMwMDAwWjAzMTEwLwYDVQQDEyhiZDk4NzEwYjE5MWMx
YWYyMzZhNjQ5YmU0N2MzODFhZDVlYzBlNTZmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAu1s8Wjfibo/NU0G3BVgiCadfuG4hHGO9xDcZcrDPyIPsjGp1
AveQ761EjvYDeuFATZNXG8cPEtmJstEx2XFOCAOmNTCsB8Kmt1Ul7M1QoiolwFJc
oqnKpUTMVGymM0WChu2UsjXbZnIDCabqI96H5uYn4V3hDO+QfspKx6TYbR2qOGEh
XekVceU/Ih1RfCU9U8a1p33D4Y3m28icklBZdN/yedY1wMUTPQecGTV1IUGtuT2F
Vc04TEI5oLjRRgQR61TAPX8Vqc5mSjP3wr8P4TmZvXX/WnntZqoCQJN6kBI4kAVb
NNq0v6jDrp9j1dCj4+kHAgGPvaeVMqy9oC6DPQIDAQABo4ICojCCAp4wHQYDVR0O
BBYEFGR7wqurR3pKFVcQ8LiViOSJY+MXMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5L2JkOTg3MTBiMTkxYzFhZjIzNmE2NDliZTQ3YzM4MWFkNWVjMGU1NmYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBggrBgEFBQcBBwEB/wRX
MFUwUwQCAAEwTTALAwMBvloDBAC+WhgDBAK+WhwwDAMEAL5aIQMEAL5aIgMEAr5a
JAMEAr5aNDAMAwQCvlo8AwQDvlpwAwQDvlrQAwQAvlrwAwQAvlr8MA0GCSqGSIb3
DQEBCwUAA4IBAQA75YFnK2KHp1u+BWyYi2ZvToEtiR0AB27AtS9g4J8y+Z27I7N+
eSCq0mbYq69HEzO22/XzrDwObv6Esmh0F+AunQJMEL4xktzdF1C1Bjj88Tx/siMg
I3Xdix8AYq3IxdySjEXH43ZsH8RywodMZ6mCYJg/KQPF60ryRFj62Twmc17r5ptT
XqGjJZaOAMjEbfs4ojUULuCRhV5xYiHuRyRv2eYYS+0WkaZ/aYDMo4MfactXTfBn
ntQnBS2SG5H4JsFU3SOpsv/IhmYw55Flnqtk8vEWtupiARiwP7TVaLAmU8rR0QCz
gh2byY3g2vODSAydV+0OG3cBeSCR/hU96pdJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:01 2024 by rpki-client on console-fra.rpki-client.org