Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/de478132f34a21650974cea0d2071e804b8062d5.roa
File:                     de478132f34a21650974cea0d2071e804b8062d5.roa (raw, json)
Hash identifier:          XohzwoeFTOGF+t2qq7L0PEfVT798mPp0PmYqcRi/Xj0=
Subject key identifier:   B0:70:D9:1C:76:AF:CD:02:C2:A1:0D:FC:7C:A3:13:53:26:DB:C8:32
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       21F882
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/de478132f34a21650974cea0d2071e804b8062d5.roa
Signing time:             Wed 22 Feb 2023 11:16:02 +0000
ROA not before:           Sat 10 Apr 2021 03:00:00 +0000
ROA not after:            Thu 11 May 2023 03:00:00 +0000
asID:                     262589
IP address blocks:        190.90.0.0/17 maxlen: 17
                          190.90.0.0/21 maxlen: 24
                          190.90.8.0/21 maxlen: 24
                          190.90.16.0/21 maxlen: 24
                          190.90.24.0/21 maxlen: 24
                          190.90.32.0/21 maxlen: 24
                          190.90.52.0/22 maxlen: 24
                          190.90.60.0/22 maxlen: 24
                          190.90.64.0/20 maxlen: 24
                          190.90.80.0/20 maxlen: 24
                          190.90.96.0/20 maxlen: 24
                          190.90.112.0/21 maxlen: 24
                          190.90.120.0/21 maxlen: 24
                          190.90.128.0/20 maxlen: 24
                          190.90.144.0/21 maxlen: 24
                          190.90.152.0/22 maxlen: 24
                          190.90.172.0/22 maxlen: 24
                          190.90.176.0/23 maxlen: 24
                          190.90.188.0/22 maxlen: 24
                          190.90.191.0/24 maxlen: 24
                          190.90.192.0/20 maxlen: 24
                          190.90.208.0/21 maxlen: 24
                          190.90.219.0/24 maxlen: 24
                          190.90.224.0/21 maxlen: 24
                          190.90.232.0/21 maxlen: 24
                          190.90.240.0/20 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2226306 (0x21f882)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: Apr 10 03:00:00 2021 GMT
            Not After : May 11 03:00:00 2023 GMT
        Subject: CN=de478132f34a21650974cea0d2071e804b8062d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:4f:47:57:66:0c:0c:02:60:ec:4f:12:0b:82:
                    4d:bd:90:ff:b6:66:8a:e7:02:ff:c0:df:6d:c8:75:
                    bc:03:3d:5f:da:45:e6:19:60:c3:24:7c:33:43:27:
                    0c:7a:94:30:1d:a6:b6:b9:ec:c3:92:37:40:a9:41:
                    c1:60:32:98:b5:0d:a9:32:6f:24:21:0f:b0:c5:34:
                    bf:c3:5a:20:39:33:3c:2a:cc:d9:36:f5:b2:de:6f:
                    fb:c9:e4:19:44:69:84:0c:00:14:85:9b:33:c5:a5:
                    12:df:7e:7b:a8:96:83:f0:17:76:ba:bb:d3:00:e4:
                    01:a7:ae:ea:19:00:1e:21:99:74:b9:44:79:61:83:
                    ea:0c:a8:ce:12:ab:4b:66:37:08:74:47:a0:fe:3e:
                    65:46:2a:cf:04:8d:22:59:76:2c:15:f3:31:04:e7:
                    73:cb:1f:dc:bf:a3:db:13:6b:e1:fd:2b:3c:83:01:
                    ff:b3:b5:2a:71:d5:c7:cf:2f:8e:10:03:c2:ba:61:
                    32:2e:4a:f8:7c:9b:1f:80:7b:e9:6a:31:fc:7c:73:
                    63:66:b7:51:71:f0:05:59:f6:93:a3:53:e2:e1:dd:
                    8e:09:7c:ce:df:0e:a3:27:6d:a5:ac:7c:0c:ce:2e:
                    7d:4f:26:3c:11:c8:fe:0d:a7:50:0e:65:db:46:64:
                    2c:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:70:D9:1C:76:AF:CD:02:C2:A1:0D:FC:7C:A3:13:53:26:DB:C8:32
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/de478132f34a21650974cea0d2071e804b8062d5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.0.0-190.90.155.255
                  190.90.172.0-190.90.177.255
                  190.90.188.0-190.90.215.255
                  190.90.219.0/24
                  190.90.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         8d:7a:be:7d:ea:87:8a:dd:99:8f:76:75:60:16:99:4a:aa:60:
         bd:ed:a4:1d:01:88:5b:c4:dd:6b:3b:f6:50:bf:6c:cf:52:e4:
         4e:1c:cf:7e:07:09:a2:1a:29:cd:1c:87:16:f0:5e:c9:42:51:
         76:ea:4d:1c:b6:67:b9:ff:e5:27:91:40:2d:80:37:a0:43:5b:
         9d:3e:f6:03:18:97:91:b0:ce:9d:66:07:a2:4a:eb:7d:f8:53:
         f8:8a:2d:b2:08:8c:a9:7a:64:5a:6c:d1:71:b5:e2:cc:c3:e7:
         f2:1f:01:fb:58:ee:6e:9f:ec:62:a6:65:aa:65:5a:75:e3:49:
         56:d7:d7:81:db:1c:74:ea:9c:c3:72:72:c8:79:62:42:b9:46:
         75:d4:4d:a2:8f:48:af:a8:3a:61:d4:a4:a7:2b:da:12:5e:9b:
         12:27:f5:81:e8:74:db:76:3b:47:c3:bb:fd:b2:35:6c:d8:ad:
         47:03:29:3e:d8:04:23:67:0c:cf:8f:d6:59:ee:8b:b1:59:ad:
         af:f0:8d:bf:94:bb:76:ae:c8:e5:69:9f:09:f1:fa:66:8b:c6:
         65:9e:d5:b0:dd:8a:41:9c:6f:66:d9:2b:2c:c4:b2:16:ce:8c:
         d3:34:21:1a:01:ae:c3:60:a2:10:66:aa:c3:fe:8d:0f:10:8a:
         4d:94:33:7c
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIDIfiCMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwNDEw
MDMwMDAwWhcNMjMwNTExMDMwMDAwWjAzMTEwLwYDVQQDEyhkZTQ3ODEzMmYzNGEy
MTY1MDk3NGNlYTBkMjA3MWU4MDRiODA2MmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApk9HV2YMDAJg7E8SC4JNvZD/tmaK5wL/wN9tyHW8Az1f2kXm
GWDDJHwzQycMepQwHaa2uezDkjdAqUHBYDKYtQ2pMm8kIQ+wxTS/w1ogOTM8KszZ
NvWy3m/7yeQZRGmEDAAUhZszxaUS3357qJaD8Bd2urvTAOQBp67qGQAeIZl0uUR5
YYPqDKjOEqtLZjcIdEeg/j5lRirPBI0iWXYsFfMxBOdzyx/cv6PbE2vh/Ss8gwH/
s7UqcdXHzy+OEAPCumEyLkr4fJsfgHvpajH8fHNjZrdRcfAFWfaTo1Pi4d2OCXzO
3w6jJ22lrHwMzi59TyY8Ecj+DadQDmXbRmQsqQIDAQABo4ICijCCAoYwHQYDVR0O
BBYEFLBw2Rx2r80CwqEN/HyjE1Mm28gyMB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5L2RlNDc4MTMyZjM0YTIxNjUwOTc0Y2VhMGQyMDcxZTgwNGI4MDYyZDUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBOBggrBgEFBQcBBwEB/wQ/
MD0wOwQCAAEwNTALAwMBvloDBAK+WpgwDAMEAr5arAMEAb5asDAMAwQCvlq8AwQD
vlrQAwQAvlrbAwQFvlrgMA0GCSqGSIb3DQEBCwUAA4IBAQCNer596oeK3ZmPdnVg
FplKqmC97aQdAYhbxN1rO/ZQv2zPUuROHM9+BwmiGinNHIcW8F7JQlF26k0ctme5
/+UnkUAtgDegQ1udPvYDGJeRsM6dZgeiSut9+FP4ii2yCIypemRabNFxteLMw+fy
HwH7WO5un+xipmWqZVp140lW19eB2xx06pzDcnLIeWJCuUZ11E2ij0ivqDph1KSn
K9oSXpsSJ/WB6HTbdjtHw7v9sjVs2K1HAyk+2AQjZwzPj9ZZ7ouxWa2v8I2/lLt2
rsjlaZ8J8fpmi8ZlntWw3YpBnG9m2SssxLIWzozTNCEaAa7DYKIQZqrD/o0PEIpN
lDN8
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:01 2024 by rpki-client on console-fra.rpki-client.org