Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/f34c4de6b53708168cee61062b8dc0df0a2d19c5.roa
File:                     f34c4de6b53708168cee61062b8dc0df0a2d19c5.roa (raw, json)
Hash identifier:          a4rLTdmP6nvSX9hdVWeCMXitWMstzdJU2AcsHgfK8rY=
Subject key identifier:   2C:57:F2:73:94:73:A6:35:B6:94:28:E9:15:F2:FA:DE:31:0F:89:7A
Certificate issuer:       /CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
Certificate serial:       202149
Authority key identifier: 62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/f34c4de6b53708168cee61062b8dc0df0a2d19c5.roa
Signing time:             Fri 20 Jan 2023 01:59:43 +0000
ROA not before:           Mon 15 Mar 2021 03:00:00 +0000
ROA not after:            Fri 24 Mar 2023 03:00:00 +0000
asID:                     18678
IP address blocks:        190.90.63.0/24 maxlen: 24
                          190.90.82.0/24 maxlen: 24
                          190.90.93.0/24 maxlen: 24
                          190.90.94.0/24 maxlen: 24
                          190.90.115.0/24 maxlen: 24
                          190.90.116.0/24 maxlen: 24
                          190.90.121.0/24 maxlen: 24
                          190.90.151.0/24 maxlen: 24
                          190.90.152.0/24 maxlen: 24
                          190.90.192.0/24 maxlen: 24
                          190.90.193.0/24 maxlen: 24
                          190.90.202.0/24 maxlen: 24
                          190.90.204.0/24 maxlen: 24
                          190.90.221.0/24 maxlen: 24
                          190.90.222.0/24 maxlen: 24
                          190.90.223.0/24 maxlen: 24
                          190.90.242.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2105673 (0x202149)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3300a6efb5b34c79125fce5dc4afa6977a46744f
        Validity
            Not Before: Mar 15 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2023 GMT
        Subject: CN=f34c4de6b53708168cee61062b8dc0df0a2d19c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:40:0e:cb:f1:a3:56:e6:67:49:ce:73:7b:c3:
                    4a:17:3f:f9:d2:a3:ae:4e:4c:f0:90:3f:39:32:76:
                    ba:bc:f6:ad:9a:15:d4:4e:f9:de:e7:14:ca:7a:64:
                    4e:e1:c1:28:bb:64:e4:99:d7:32:29:51:ea:63:ef:
                    af:eb:e8:63:cb:c5:64:cd:e8:3b:f8:23:9e:80:83:
                    62:ae:fd:95:6f:d4:e3:3b:15:41:44:3e:cb:5a:ad:
                    43:9f:92:6d:61:cf:a6:78:8c:23:59:6b:41:4e:66:
                    3d:61:a6:20:f0:a9:fd:c9:79:33:49:da:c3:6d:a1:
                    0a:16:f3:f9:36:ea:34:19:13:77:fe:97:5d:4b:b3:
                    4a:1d:3e:20:a4:13:81:f0:6a:2f:98:e5:bb:4e:76:
                    1f:f1:b9:a0:0f:a3:27:75:f0:3d:86:39:71:87:8f:
                    89:7b:de:00:8c:52:54:1c:a0:7b:a1:78:34:11:a1:
                    4f:17:3e:e7:8e:ca:47:03:2e:bf:bc:58:86:40:a5:
                    c5:28:7b:49:6d:9e:98:7e:ab:c4:59:0f:4e:01:a0:
                    1b:19:c6:c6:25:5f:19:68:23:29:46:ae:f2:6e:2f:
                    d0:64:28:f7:77:f4:e1:09:e8:20:84:5c:12:12:42:
                    6a:8e:1d:8f:83:9b:d4:73:9a:b7:90:c8:e1:c4:fa:
                    47:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:57:F2:73:94:73:A6:35:B6:94:28:E9:15:F2:FA:DE:31:0F:89:7A
            X509v3 Authority Key Identifier:
                keyid:62:AA:07:2A:74:5B:AE:77:82:D2:D9:44:76:20:4C:0C:A5:4E:ED:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3300a6efb5b34c79125fce5dc4afa6977a46744f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/f34c4de6b53708168cee61062b8dc0df0a2d19c5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aa69a975-83a3-4532-a779-5ffb87580309/3300a6efb5b34c79125fce5dc4afa6977a46744f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.63.0/24
                  190.90.82.0/24
                  190.90.93.0-190.90.94.255
                  190.90.115.0-190.90.116.255
                  190.90.121.0/24
                  190.90.151.0-190.90.152.255
                  190.90.192.0/23
                  190.90.202.0/24
                  190.90.204.0/24
                  190.90.221.0-190.90.223.255
                  190.90.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:ec:3c:62:e6:90:67:55:b3:e4:14:b9:77:e9:ad:84:40:86:
         bf:e2:2e:19:04:98:12:3b:04:66:e2:49:44:c9:09:3b:92:5b:
         df:e2:23:09:01:25:40:9d:c4:4c:d5:b8:20:01:f0:ea:e6:cd:
         f9:9d:61:88:04:f5:be:a2:a8:65:e2:65:1c:d2:5b:72:84:e3:
         47:9c:1d:bd:59:d4:e0:57:2d:b4:c1:a6:d5:58:9a:69:69:fd:
         41:05:e1:c2:9a:bc:98:08:fe:24:e6:de:65:c3:3b:7e:c9:c9:
         e1:a5:ab:5a:42:17:4a:60:57:1b:3d:42:b7:4c:7c:45:ed:e6:
         02:67:08:17:1a:92:b1:78:2c:df:2c:ac:0d:79:f9:c8:1e:0b:
         67:0f:7a:bd:a9:76:27:f2:8c:4b:ee:45:b8:38:73:60:6f:6b:
         da:c3:cb:45:ad:5d:82:2b:6b:48:69:66:d0:4d:3a:f5:74:53:
         71:9f:9d:1f:bb:5a:52:52:1b:f2:52:3b:c8:48:b1:b9:0f:1e:
         30:23:6c:a2:db:7c:82:38:1a:7b:2d:f3:98:e2:e7:da:ca:2a:
         6f:b1:08:68:00:d0:2a:ec:a7:90:fc:9a:c6:29:d9:30:e5:fe:
         ca:6a:b2:d1:39:3e:2c:04:53:fc:d3:1c:4d:bb:30:6e:72:ec:
         fa:84:72:46
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIDICFJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
MDBhNmVmYjViMzRjNzkxMjVmY2U1ZGM0YWZhNjk3N2E0Njc0NGYwHhcNMjEwMzE1
MDMwMDAwWhcNMjMwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhmMzRjNGRlNmI1Mzcw
ODE2OGNlZTYxMDYyYjhkYzBkZjBhMmQxOWM1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA+0AOy/GjVuZnSc5ze8NKFz/50qOuTkzwkD85Mna6vPatmhXU
Tvne5xTKemRO4cEou2TkmdcyKVHqY++v6+hjy8Vkzeg7+COegINirv2Vb9TjOxVB
RD7LWq1Dn5JtYc+meIwjWWtBTmY9YaYg8Kn9yXkzSdrDbaEKFvP5Nuo0GRN3/pdd
S7NKHT4gpBOB8GovmOW7TnYf8bmgD6MndfA9hjlxh4+Je94AjFJUHKB7oXg0EaFP
Fz7njspHAy6/vFiGQKXFKHtJbZ6YfqvEWQ9OAaAbGcbGJV8ZaCMpRq7ybi/QZCj3
d/ThCegghFwSEkJqjh2Pg5vUc5q3kMjhxPpHYQIDAQABo4ICtzCCArMwHQYDVR0O
BBYEFCxX8nOUc6Y1tpQo6RXy+t4xD4l6MB8GA1UdIwQYMBaAFGKqByp0W653gtLZ
RHYgTAylTu3CMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzMwMGE2
ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWE2OWE5NzUtODNhMy00NTMyLWE3NzktNWZmYjg3
NTgwMzA5L2YzNGM0ZGU2YjUzNzA4MTY4Y2VlNjEwNjJiOGRjMGRmMGEyZDE5YzUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYTY5YTk3NS04M2EzLTQ1MzItYTc3OS01ZmZi
ODc1ODAzMDkvMzMwMGE2ZWZiNWIzNGM3OTEyNWZjZTVkYzRhZmE2OTc3YTQ2NzQ0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB7BggrBgEFBQcBBwEB/wRs
MGowaAQCAAEwYgMEAL5aPwMEAL5aUjAMAwQAvlpdAwQAvlpeMAwDBAC+WnMDBAC+
WnQDBAC+WnkwDAMEAL5alwMEAL5amAMEAb5awAMEAL5aygMEAL5azDAMAwQAvlrd
AwQFvlrAAwQAvlryMA0GCSqGSIb3DQEBCwUAA4IBAQAV7Dxi5pBnVbPkFLl36a2E
QIa/4i4ZBJgSOwRm4klEyQk7klvf4iMJASVAncRM1bggAfDq5s35nWGIBPW+oqhl
4mUc0ltyhONHnB29WdTgVy20wabVWJppaf1BBeHCmryYCP4k5t5lwzt+ycnhpata
QhdKYFcbPUK3THxF7eYCZwgXGpKxeCzfLKwNefnIHgtnD3q9qXYn8oxL7kW4OHNg
b2vaw8tFrV2CK2tIaWbQTTr1dFNxn50fu1pSUhvyUjvISLG5Dx4wI2yi23yCOBp7
LfOY4ufayipvsQhoANAq7KeQ/JrGKdkw5f7KarLROT4sBFP80xxNuzBucuz6hHJG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:22 2024 by rpki-client on console-ams.rpki-client.org