Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/b66d3f1fa8e7f4e0ab176ac161ee1cdaacb520a4.roa
File:                     b66d3f1fa8e7f4e0ab176ac161ee1cdaacb520a4.roa (raw, json)
Hash identifier:          7H/GDDWSR01q18VbCIF/fdihd799Nb2KdePXlSAo3kA=
Subject key identifier:   05:ED:0A:1B:75:5D:E8:F5:18:88:EA:56:D1:71:6A:D5:1A:71:43:39
Certificate issuer:       /CN=1059e1e3317704575f2c0b750ee73b166a39cd37
Certificate serial:       0E7862
Authority key identifier: 80:F0:C7:27:4F:82:24:D1:E9:76:F3:80:E6:EF:32:CF:10:F8:9D:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/b66d3f1fa8e7f4e0ab176ac161ee1cdaacb520a4.roa
Signing time:             Wed 24 Mar 2021 14:38:32 +0000
ROA not before:           Wed 24 Mar 2021 14:38:31 +0000
ROA not after:            Tue 24 Mar 2026 14:38:31 +0000
asID:                     14420
IP address blocks:        190.152.128.0/17 maxlen: 24
                          190.214.0.0/17 maxlen: 24
                          190.214.128.0/17 maxlen: 24
                          200.107.0.0/19 maxlen: 24
                          200.107.32.0/19 maxlen: 24
                          200.125.192.0/19 maxlen: 24
                          200.125.224.0/19 maxlen: 24
                          200.73.200.0/21 maxlen: 24
                          200.77.188.0/22 maxlen: 24
                          200.85.80.0/24 maxlen: 24
                          181.112.0.0/16 maxlen: 24
                          181.113.0.0/16 maxlen: 24
                          181.196.0.0/16 maxlen: 24
                          181.211.0.0/16 maxlen: 24
                          186.178.0.0/16 maxlen: 24
                          186.42.0.0/17 maxlen: 24
                          186.42.128.0/17 maxlen: 24
                          186.46.0.0/17 maxlen: 24
                          186.46.128.0/17 maxlen: 24
                          186.47.0.0/16 maxlen: 24
                          190.11.0.0/19 maxlen: 24
                          190.152.0.0/17 maxlen: 24
                          2800:370::/32 maxlen: 48
                          2800:4f0::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 948322 (0xe7862)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1059e1e3317704575f2c0b750ee73b166a39cd37
        Validity
            Not Before: Mar 24 14:38:31 2021 GMT
            Not After : Mar 24 14:38:31 2026 GMT
        Subject: CN=b66d3f1fa8e7f4e0ab176ac161ee1cdaacb520a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:25:b6:d2:32:01:11:e1:12:a1:37:93:ed:38:
                    d8:27:06:80:d6:60:6c:c7:19:09:a2:93:4e:9d:ca:
                    78:1e:ca:df:ef:d4:31:d1:42:3e:f0:2f:83:0f:ed:
                    22:9a:d0:1d:06:e5:ba:a9:d5:45:d1:74:e0:8b:b1:
                    9b:d6:f3:1e:be:6a:e5:2b:0d:b1:77:26:cd:d9:47:
                    8e:73:27:18:a4:04:2a:a5:f3:67:98:6a:76:ef:b2:
                    8b:1a:b3:80:57:53:af:27:2f:45:5b:e7:49:14:9f:
                    8d:42:84:ce:60:fd:56:48:7d:ce:bf:ea:cb:d3:01:
                    51:03:81:08:49:bc:0a:66:c3:85:46:ec:88:40:24:
                    4b:0b:cd:ce:d5:34:f2:8d:a8:67:84:61:42:0f:4c:
                    a8:57:30:a2:62:3d:05:82:02:ec:b1:a2:7f:6d:48:
                    c1:2b:6a:57:c8:55:5d:29:ee:0f:a9:80:2e:5c:f8:
                    a3:61:20:7c:83:82:83:70:97:37:64:d1:d9:13:eb:
                    bf:96:f8:f2:d4:92:6f:18:68:0d:54:b4:09:22:52:
                    15:12:08:46:4f:18:d5:6e:32:37:2f:08:00:23:b2:
                    f3:54:13:f2:b4:9a:03:8c:fd:09:60:dd:e3:23:2d:
                    9d:65:00:40:60:e7:e9:25:42:7c:9a:74:3e:c7:c1:
                    4c:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:ED:0A:1B:75:5D:E8:F5:18:88:EA:56:D1:71:6A:D5:1A:71:43:39
            X509v3 Authority Key Identifier:
                keyid:80:F0:C7:27:4F:82:24:D1:E9:76:F3:80:E6:EF:32:CF:10:F8:9D:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/b66d3f1fa8e7f4e0ab176ac161ee1cdaacb520a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/1059e1e3317704575f2c0b750ee73b166a39cd37.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.112.0.0/15
                  181.196.0.0/16
                  181.211.0.0/16
                  186.42.0.0/16
                  186.46.0.0/15
                  186.178.0.0/16
                  190.11.0.0/19
                  190.152.0.0/16
                  190.214.0.0/16
                  200.73.200.0/21
                  200.77.188.0/22
                  200.85.80.0/24
                  200.107.0.0/18
                  200.125.192.0/18
                IPv6:
                  2800:370::/32
                  2800:4f0::/32

    Signature Algorithm: sha256WithRSAEncryption
         31:76:6d:a9:0a:e3:19:a7:94:66:fc:63:e9:44:b3:92:a4:0c:
         1d:9b:fc:ad:7a:9e:d5:63:81:de:0a:b6:aa:07:be:db:97:e5:
         9f:5f:c1:22:8c:9b:e4:0b:06:20:60:c5:b5:4f:ad:eb:30:a8:
         9c:1e:bd:11:e6:56:bf:25:16:85:20:02:1b:1a:03:e1:fb:2a:
         e4:ee:4d:74:e2:a8:0b:7c:05:4a:cc:7d:09:8d:49:7a:d4:1c:
         0a:34:5f:21:93:aa:de:94:74:64:15:32:32:4f:7a:f0:28:4f:
         58:3a:33:ea:04:61:a5:cc:a5:d8:f6:ce:30:ff:20:d4:12:bd:
         42:f8:86:60:2e:7e:1e:b6:4b:4d:f5:1b:e5:36:f9:96:54:76:
         dc:5e:3a:7c:d1:3d:65:db:f0:ba:32:8c:76:0f:61:d5:8f:0a:
         58:84:e6:1c:99:fd:56:ab:69:4b:fe:45:d4:18:49:d2:ed:a5:
         91:41:98:bb:02:bc:ef:1a:00:27:8f:83:32:01:b3:4f:82:65:
         f1:4a:e4:d9:d9:54:21:51:cc:08:26:1c:9a:cd:66:36:a4:5b:
         01:15:a7:54:44:76:56:c0:42:58:3d:e1:b4:e0:89:8a:a7:c6:
         43:2a:80:a5:be:b4:bf:03:39:0a:4b:eb:c9:bc:7a:5b:9f:6c:
         17:14:cd:96
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIDDnhiMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEw
NTllMWUzMzE3NzA0NTc1ZjJjMGI3NTBlZTczYjE2NmEzOWNkMzcwHhcNMjEwMzI0
MTQzODMxWhcNMjYwMzI0MTQzODMxWjAzMTEwLwYDVQQDEyhiNjZkM2YxZmE4ZTdm
NGUwYWIxNzZhYzE2MWVlMWNkYWFjYjUyMGE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhiW20jIBEeESoTeT7TjYJwaA1mBsxxkJopNOncp4Hsrf79Qx
0UI+8C+DD+0imtAdBuW6qdVF0XTgi7Gb1vMevmrlKw2xdybN2UeOcycYpAQqpfNn
mGp277KLGrOAV1OvJy9FW+dJFJ+NQoTOYP1WSH3Ov+rL0wFRA4EISbwKZsOFRuyI
QCRLC83O1TTyjahnhGFCD0yoVzCiYj0FggLssaJ/bUjBK2pXyFVdKe4PqYAuXPij
YSB8g4KDcJc3ZNHZE+u/lvjy1JJvGGgNVLQJIlIVEghGTxjVbjI3LwgAI7LzVBPy
tJoDjP0JYN3jIy2dZQBAYOfpJUJ8mnQ+x8FMgQIDAQABo4ICtzCCArMwHQYDVR0O
BBYEFAXtCht1Xej1GIjqVtFxatUacUM5MB8GA1UdIwQYMBaAFIDwxydPgiTR6Xbz
gObvMs8Q+J3TMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTA1OWUx
ZTMzMTc3MDQ1NzVmMmMwYjc1MGVlNzNiMTY2YTM5Y2QzNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWNhNzEzZjUtNmNhYy00ODZlLWEwMTYtYTNlOGIz
MWJmMDI5L2I2NmQzZjFmYThlN2Y0ZTBhYjE3NmFjMTYxZWUxY2RhYWNiNTIwYTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hY2E3MTNmNS02Y2FjLTQ4NmUtYTAxNi1hM2U4
YjMxYmYwMjkvMTA1OWUxZTMzMTc3MDQ1NzVmMmMwYjc1MGVlNzNiMTY2YTM5Y2Qz
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB7BggrBgEFBQcBBwEB/wRs
MGowUgQCAAEwTAMDAbVwAwMAtcQDAwC10wMDALoqAwMBui4DAwC6sgMEBb4LAAMD
AL6YAwMAvtYDBAPIScgDBALITbwDBADIVVADBAbIawADBAbIfcAwFAQCAAIwDgMF
ACgAA3ADBQAoAATwMA0GCSqGSIb3DQEBCwUAA4IBAQAxdm2pCuMZp5Rm/GPpRLOS
pAwdm/ytep7VY4HeCraqB77bl+WfX8EijJvkCwYgYMW1T63rMKicHr0R5la/JRaF
IAIbGgPh+yrk7k104qgLfAVKzH0JjUl61BwKNF8hk6relHRkFTIyT3rwKE9YOjPq
BGGlzKXY9s4w/yDUEr1C+IZgLn4etktN9RvlNvmWVHbcXjp80T1l2/C6Mox2D2HV
jwpYhOYcmf1Wq2lL/kXUGEnS7aWRQZi7ArzvGgAnj4MyAbNPgmXxSuTZ2VQhUcwI
JhyazWY2pFsBFadURHZWwEJYPeG04ImKp8ZDKoClvrS/AzkKS+vJvHpbn2wXFM2W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:22 2024 by rpki-client on console-ams.rpki-client.org