Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/db2906fa20728123984cad259482c0ed675198ec.roa
File:                     db2906fa20728123984cad259482c0ed675198ec.roa (raw, json)
Hash identifier:          TQI8AAKL7KceYkf6zKfcXLOBjR++hEwkvNCRH3oFSaw=
Subject key identifier:   4F:DF:F1:2C:CC:84:0E:3A:41:A8:9D:3A:46:B0:92:AD:B9:09:C5:41
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       258745
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/db2906fa20728123984cad259482c0ed675198ec.roa
Signing time:             Wed 28 Jun 2023 22:29:53 +0000
ROA not before:           Tue 27 Jun 2023 22:29:52 +0000
ROA not after:            Sat 28 Jun 2025 22:29:52 +0000
asID:                     18678
IP address blocks:        190.90.82.0/24 maxlen: 24
                          190.90.93.0/24 maxlen: 24
                          190.90.94.0/24 maxlen: 24
                          190.90.115.0/24 maxlen: 24
                          190.90.116.0/24 maxlen: 24
                          190.90.121.0/24 maxlen: 24
                          190.90.130.0/24 maxlen: 24
                          190.90.243.0/24 maxlen: 24
                          190.90.249.0/24 maxlen: 24
                          190.90.190.0/24 maxlen: 24
                          190.90.193.0/24 maxlen: 24
                          190.90.212.0/23 maxlen: 24
                          190.90.215.0/24 maxlen: 24
                          190.90.216.0/21 maxlen: 24
                          190.90.234.0/24 maxlen: 24
                          179.1.72.0/24 maxlen: 24
                          190.90.151.0/24 maxlen: 24
                          190.90.152.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2459461 (0x258745)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: Jun 27 22:29:52 2023 GMT
            Not After : Jun 28 22:29:52 2025 GMT
        Subject: CN=db2906fa20728123984cad259482c0ed675198ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:6e:fb:c2:4a:87:b3:9f:98:b3:9a:25:58:e5:
                    87:71:4d:72:00:60:95:77:ec:06:93:fa:16:65:df:
                    7b:fc:f4:a7:3a:5a:24:75:5e:8a:8c:b9:8d:5b:41:
                    31:6a:a3:03:b3:60:36:8c:b8:6b:2b:de:35:dd:bf:
                    c6:48:ef:ac:9c:f8:ea:a5:e2:12:05:45:a2:6f:78:
                    2c:c4:bd:c8:a0:0b:ef:d1:1b:f8:1e:ec:cc:e5:d5:
                    ab:b8:63:b7:e9:58:3a:d1:90:fe:b5:9f:81:ad:99:
                    36:26:7f:d6:61:bf:f4:a8:75:7c:16:81:8f:a9:a6:
                    15:9d:00:88:22:24:91:e4:7a:7b:25:a1:02:ff:9e:
                    48:b8:d0:bd:47:9f:d8:6d:73:1a:37:7e:df:72:b3:
                    5b:0e:16:29:75:6a:ee:3a:b0:ed:3d:d1:6e:23:bf:
                    3e:f3:62:35:8c:5a:73:5f:d6:4a:d9:00:ab:9a:da:
                    9b:91:58:f6:2f:26:4b:13:5f:ee:0e:b2:04:76:bf:
                    e0:97:84:66:9b:20:51:15:bb:2b:61:cf:2a:90:96:
                    28:52:ac:07:1a:b0:42:14:da:e8:72:d5:78:27:67:
                    ac:ac:2f:40:b3:5a:f4:73:85:ee:c4:2c:f9:8d:78:
                    b3:39:eb:94:74:32:7e:a0:7a:6d:22:2d:c6:29:1e:
                    d4:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:DF:F1:2C:CC:84:0E:3A:41:A8:9D:3A:46:B0:92:AD:B9:09:C5:41
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/db2906fa20728123984cad259482c0ed675198ec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.1.72.0/24
                  190.90.82.0/24
                  190.90.93.0-190.90.94.255
                  190.90.115.0-190.90.116.255
                  190.90.121.0/24
                  190.90.130.0/24
                  190.90.151.0-190.90.152.255
                  190.90.190.0/24
                  190.90.193.0/24
                  190.90.212.0/23
                  190.90.215.0-190.90.223.255
                  190.90.234.0/24
                  190.90.243.0/24
                  190.90.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:67:f4:99:08:57:b3:ad:c3:a1:d7:1b:98:6b:f8:21:e6:ee:
         7e:e6:6c:d8:20:f8:4f:12:32:5c:22:8a:e2:78:db:a3:96:95:
         2d:3e:68:d7:ef:b0:8f:d6:7c:da:1b:9c:a1:6a:00:26:6f:92:
         b4:f5:b5:6f:5c:0c:b0:aa:a3:48:d9:ac:ce:54:ee:bf:59:df:
         61:52:72:ba:d7:4f:f9:1b:f8:32:5e:be:58:a5:f4:09:86:1e:
         e7:8b:81:d2:41:ea:78:5b:63:33:dd:8c:1c:eb:33:76:c4:21:
         ec:f9:7d:d8:1e:6e:52:38:33:7e:84:5c:94:a5:86:e0:df:b7:
         f5:99:27:e2:56:62:c9:af:c9:1f:85:2a:a4:de:61:ed:c4:bf:
         7b:2a:06:21:ac:a7:b9:97:cd:a7:e6:f8:0d:5a:72:1e:18:a1:
         d7:ba:64:3a:4f:8c:42:28:7b:04:a3:ce:7a:43:cd:77:2a:82:
         85:39:d0:c5:e3:36:c4:b1:1d:cc:0f:4e:02:42:d2:4b:29:9f:
         6d:97:84:88:23:84:9f:c2:f1:3d:23:e6:60:dd:4e:06:ce:ba:
         74:fb:5b:42:f7:3c:c1:1b:3b:26:11:39:fe:a7:82:a7:be:a0:
         73:71:0c:e8:c9:e0:f3:27:ad:c0:29:59:81:7f:84:7c:05:d2:
         4b:83:e6:11
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgIDJYdFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjMwNjI3
MjIyOTUyWhcNMjUwNjI4MjIyOTUyWjAzMTEwLwYDVQQDEyhkYjI5MDZmYTIwNzI4
MTIzOTg0Y2FkMjU5NDgyYzBlZDY3NTE5OGVjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1G77wkqHs5+Ys5olWOWHcU1yAGCVd+wGk/oWZd97/PSnOlok
dV6KjLmNW0ExaqMDs2A2jLhrK9413b/GSO+snPjqpeISBUWib3gsxL3IoAvv0Rv4
HuzM5dWruGO36Vg60ZD+tZ+BrZk2Jn/WYb/0qHV8FoGPqaYVnQCIIiSR5Hp7JaEC
/55IuNC9R5/YbXMaN37fcrNbDhYpdWruOrDtPdFuI78+82I1jFpzX9ZK2QCrmtqb
kVj2LyZLE1/uDrIEdr/gl4RmmyBRFbsrYc8qkJYoUqwHGrBCFNroctV4J2esrC9A
s1r0c4XuxCz5jXizOeuUdDJ+oHptIi3GKR7UxwIDAQABo4ICyjCCAsYwHQYDVR0O
BBYEFE/f8SzMhA46QaidOkawkq25CcVBMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5L2RiMjkwNmZhMjA3MjgxMjM5ODRjYWQyNTk0ODJjMGVkNjc1MTk4ZWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBjQYIKwYBBQUHAQcBAf8E
fjB8MHoEAgABMHQDBACzAUgDBAC+WlIwDAMEAL5aXQMEAL5aXjAMAwQAvlpzAwQA
vlp0AwQAvlp5AwQAvlqCMAwDBAC+WpcDBAC+WpgDBAC+Wr4DBAC+WsEDBAG+WtQw
DAMEAL5a1wMEBb5awAMEAL5a6gMEAL5a8wMEAL5a+TANBgkqhkiG9w0BAQsFAAOC
AQEAQmf0mQhXs63DodcbmGv4IebufuZs2CD4TxIyXCKK4njbo5aVLT5o1++wj9Z8
2hucoWoAJm+StPW1b1wMsKqjSNmszlTuv1nfYVJyutdP+Rv4Ml6+WKX0CYYe54uB
0kHqeFtjM92MHOszdsQh7Pl92B5uUjgzfoRclKWG4N+39Zkn4lZiya/JH4UqpN5h
7cS/eyoGIaynuZfNp+b4DVpyHhih17pkOk+MQih7BKPOekPNdyqChTnQxeM2xLEd
zA9OAkLSSymfbZeEiCOEn8LxPSPmYN1OBs66dPtbQvc8wRs7JhE5/qeCp76gc3EM
6Mng8yetwClZgX+EfAXSS4PmEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:22 2024 by rpki-client on console-ams.rpki-client.org