Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/bdba57781c5fc6585f7666eab0e95f9b126a0f59.roa
File:                     bdba57781c5fc6585f7666eab0e95f9b126a0f59.roa (raw, json)
Hash identifier:          4L994pulHfrN3ATncgwIbWuIQ1WJ+v6MSJh9B9SCXMg=
Subject key identifier:   53:16:33:FD:AA:A1:86:15:5C:2E:08:A2:03:80:DB:48:8B:A0:60:DC
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       1BE956
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/bdba57781c5fc6585f7666eab0e95f9b126a0f59.roa
Signing time:             Mon 19 Sep 2022 15:10:34 +0000
ROA not before:           Tue 11 May 2021 03:00:00 +0000
ROA not after:            Thu 11 May 2023 03:00:00 +0000
asID:                     262589
IP address blocks:        179.1.0.0/21 maxlen: 24
                          179.1.8.0/21 maxlen: 24
                          179.1.6.0/24 maxlen: 24
                          179.1.8.0/24 maxlen: 24
                          179.1.9.0/24 maxlen: 24
                          179.1.10.0/24 maxlen: 24
                          179.1.14.0/24 maxlen: 24
                          179.1.80.0/24 maxlen: 24
                          179.1.81.0/24 maxlen: 24
                          179.1.82.0/24 maxlen: 24
                          179.1.16.0/20 maxlen: 24
                          179.1.32.0/20 maxlen: 24
                          179.1.48.0/20 maxlen: 24
                          179.1.69.0/24 maxlen: 24
                          179.1.91.0/24 maxlen: 24
                          179.1.89.0/24 maxlen: 24
                          179.1.70.0/24 maxlen: 24
                          179.1.96.0/20 maxlen: 24
                          179.1.128.0/20 maxlen: 24
                          179.1.129.0/24 maxlen: 24
                          179.1.130.0/24 maxlen: 24
                          179.1.131.0/24 maxlen: 24
                          179.1.132.0/24 maxlen: 24
                          179.1.133.0/24 maxlen: 24
                          179.1.134.0/24 maxlen: 24
                          179.1.135.0/24 maxlen: 24
                          179.1.192.0/18 maxlen: 24
                          179.1.127.0/24 maxlen: 24
                          179.1.128.0/24 maxlen: 24
                          179.1.246.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1829206 (0x1be956)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: May 11 03:00:00 2021 GMT
            Not After : May 11 03:00:00 2023 GMT
        Subject: CN=bdba57781c5fc6585f7666eab0e95f9b126a0f59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:57:6e:4c:b4:07:e9:3a:53:ab:90:fc:3a:c8:
                    c4:f4:0c:74:00:f7:44:4c:c9:1d:81:84:03:45:59:
                    3f:ef:f6:99:da:4c:23:59:55:f2:b0:83:d0:06:1f:
                    ed:ab:cc:b8:10:6d:cf:47:1e:2b:d1:64:86:50:09:
                    37:38:53:b7:5f:76:b9:9e:bd:c1:49:aa:d9:76:df:
                    3a:f3:84:dc:e1:7f:08:7a:93:41:fa:60:99:55:42:
                    e5:74:ba:0c:a8:1e:64:87:ad:bc:79:3f:99:56:71:
                    77:60:8f:7a:2d:38:59:a5:cc:2d:5a:eb:28:cb:d2:
                    e8:3b:3a:ff:2c:0e:d8:4c:7c:00:0a:2a:26:c1:b5:
                    fd:31:04:ba:61:c1:68:fd:92:af:22:0f:7d:0e:12:
                    2b:7d:45:ef:32:d6:48:78:64:22:99:e6:4d:a4:65:
                    8f:78:dc:a0:67:c8:69:cf:72:de:47:e8:32:36:1a:
                    f6:8f:47:1b:ce:e3:81:91:a4:08:15:35:f8:7e:c1:
                    c5:5f:0f:aa:d1:85:1f:b7:74:69:1e:55:51:26:25:
                    16:91:0b:7e:62:ec:8e:83:c3:f8:84:e2:de:ea:8a:
                    d3:df:9d:d0:9f:df:90:1d:15:9f:a0:95:b2:36:5b:
                    2d:c3:cf:c6:d6:03:8e:23:41:1b:b7:4d:fc:16:7f:
                    0f:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:16:33:FD:AA:A1:86:15:5C:2E:08:A2:03:80:DB:48:8B:A0:60:DC
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/bdba57781c5fc6585f7666eab0e95f9b126a0f59.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.1.0.0/18
                  179.1.69.0-179.1.70.255
                  179.1.80.0-179.1.82.255
                  179.1.89.0/24
                  179.1.91.0/24
                  179.1.96.0/20
                  179.1.127.0-179.1.143.255
                  179.1.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         21:aa:bb:5d:10:39:14:40:e5:4f:63:48:78:12:3a:25:8e:32:
         bd:71:9c:8c:81:fd:09:69:cf:29:17:71:61:40:1f:62:d6:59:
         b7:0d:4e:ad:85:7b:fe:f0:9d:37:aa:2c:0b:36:74:57:6a:2b:
         02:ec:49:20:ff:87:45:ad:4f:2d:8f:46:78:00:55:26:bd:9b:
         f4:d6:7c:a5:f1:8f:37:35:20:f9:a3:e1:4d:56:08:c0:c7:d7:
         a6:3e:99:eb:e1:68:00:23:55:ec:00:9c:20:e2:cb:73:09:34:
         6c:e8:ac:ca:1f:73:5d:cd:54:e7:dd:aa:28:f4:38:13:d2:c4:
         f8:96:d3:22:37:29:05:51:61:44:69:73:b7:20:b7:fe:57:cf:
         a4:27:9d:63:5e:10:f5:5c:50:82:18:3a:35:64:1b:ce:13:4c:
         eb:f1:56:86:51:14:36:31:53:39:0f:e4:4d:a3:59:62:60:ad:
         7a:b9:e9:9d:ec:6d:a3:40:26:28:6d:71:3b:83:fb:90:4d:bb:
         1e:36:e5:b1:f5:f7:cc:3e:5d:cb:b5:c4:0f:2c:64:a9:ab:97:
         81:3b:2e:92:46:5b:14:41:82:ad:b3:35:c6:8e:ba:79:ee:06:
         bf:99:a9:c9:ab:8c:a2:1e:a4:05:ff:98:4a:90:b0:e9:94:ff:
         f2:c9:a1:97
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIDG+lWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwNTEx
MDMwMDAwWhcNMjMwNTExMDMwMDAwWjAzMTEwLwYDVQQDEyhiZGJhNTc3ODFjNWZj
NjU4NWY3NjY2ZWFiMGU5NWY5YjEyNmEwZjU5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA61duTLQH6TpTq5D8OsjE9Ax0APdETMkdgYQDRVk/7/aZ2kwj
WVXysIPQBh/tq8y4EG3PRx4r0WSGUAk3OFO3X3a5nr3BSarZdt8684Tc4X8IepNB
+mCZVULldLoMqB5kh628eT+ZVnF3YI96LThZpcwtWusoy9LoOzr/LA7YTHwACiom
wbX9MQS6YcFo/ZKvIg99DhIrfUXvMtZIeGQimeZNpGWPeNygZ8hpz3LeR+gyNhr2
j0cbzuOBkaQIFTX4fsHFXw+q0YUft3RpHlVRJiUWkQt+YuyOg8P4hOLe6orT353Q
n9+QHRWfoJWyNlstw8/G1gOOI0Ebt038Fn8PHQIDAQABo4ICnTCCApkwHQYDVR0O
BBYEFFMWM/2qoYYVXC4IogOA20iLoGDcMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5L2JkYmE1Nzc4MWM1ZmM2NTg1Zjc2NjZlYWIwZTk1ZjliMTI2YTBmNTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBhBggrBgEFBQcBBwEB/wRS
MFAwTgQCAAEwSAMEBrMBADAMAwQAswFFAwQAswFGMAwDBASzAVADBACzAVIDBACz
AVkDBACzAVsDBASzAWAwDAMEALMBfwMEBLMBgAMEBrMBwDANBgkqhkiG9w0BAQsF
AAOCAQEAIaq7XRA5FEDlT2NIeBI6JY4yvXGcjIH9CWnPKRdxYUAfYtZZtw1OrYV7
/vCdN6osCzZ0V2orAuxJIP+HRa1PLY9GeABVJr2b9NZ8pfGPNzUg+aPhTVYIwMfX
pj6Z6+FoACNV7ACcIOLLcwk0bOisyh9zXc1U592qKPQ4E9LE+JbTIjcpBVFhRGlz
tyC3/lfPpCedY14Q9VxQghg6NWQbzhNM6/FWhlEUNjFTOQ/kTaNZYmCternpnext
o0AmKG1xO4P7kE27HjblsfX3zD5dy7XEDyxkqauXgTsukkZbFEGCrbM1xo66ee4G
v5mpyauMoh6kBf+YSpCw6ZT/8smhlw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:22 2024 by rpki-client on console-ams.rpki-client.org