Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/f91811f6259f4956e71e48e52e90d995cdf657d2.roa
File:                     f91811f6259f4956e71e48e52e90d995cdf657d2.roa (raw, json)
Hash identifier:          enTc3G3kwo54Mm71HRe9ph4DFgsm5daz9CDkkgR3SMk=
Subject key identifier:   43:A3:EB:7F:7D:2A:D0:0B:6D:39:03:7C:39:D5:90:95:F7:AA:2C:4B
Certificate issuer:       /CN=1059e1e3317704575f2c0b750ee73b166a39cd37
Certificate serial:       1DB58B
Authority key identifier: 80:F0:C7:27:4F:82:24:D1:E9:76:F3:80:E6:EF:32:CF:10:F8:9D:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/f91811f6259f4956e71e48e52e90d995cdf657d2.roa
Signing time:             Wed 26 Oct 2022 16:41:42 +0000
ROA not before:           Mon 22 Mar 2021 22:47:59 +0000
ROA not after:            Fri 24 Mar 2023 22:47:59 +0000
asID:                     28006
IP address blocks:        181.196.80.0/24 maxlen: 24
                          181.211.132.0/22 maxlen: 24
                          186.178.104.0/21 maxlen: 24
                          186.178.112.0/24 maxlen: 24
                          186.178.113.0/24 maxlen: 24
                          186.178.118.0/24 maxlen: 24
                          186.178.120.0/21 maxlen: 24
                          186.178.80.0/21 maxlen: 24
                          186.42.174.0/23 maxlen: 24
                          186.46.92.0/22 maxlen: 24
                          186.47.176.0/22 maxlen: 22
                          186.47.206.0/24 maxlen: 24
                          190.152.153.0/24 maxlen: 24
                          190.152.214.0/24 maxlen: 24
                          190.214.216.0/24 maxlen: 24
                          190.214.3.0/24 maxlen: 24
                          201.219.1.0/24 maxlen: 24
                          201.219.10.0/24 maxlen: 24
                          201.219.15.0/24 maxlen: 24
                          201.219.18.0/24 maxlen: 24
                          201.219.2.0/24 maxlen: 24
                          201.219.22.0/24 maxlen: 24
                          201.219.23.0/24 maxlen: 24
                          201.219.24.0/24 maxlen: 24
                          201.219.26.0/24 maxlen: 24
                          201.219.27.0/24 maxlen: 24
                          201.219.28.0/24 maxlen: 24
                          201.219.29.0/24 maxlen: 24
                          201.219.3.0/24 maxlen: 24
                          201.219.30.0/24 maxlen: 24
                          201.219.31.0/24 maxlen: 24
                          201.219.33.0/24 maxlen: 24
                          201.219.35.0/24 maxlen: 24
                          201.219.36.0/24 maxlen: 24
                          201.219.4.0/24 maxlen: 24
                          201.219.40.0/24 maxlen: 24
                          201.219.41.0/24 maxlen: 24
                          201.219.44.0/24 maxlen: 24
                          201.219.5.0/24 maxlen: 24
                          201.219.55.0/24 maxlen: 24
                          201.219.6.0/24 maxlen: 24
                          201.219.62.0/24 maxlen: 24
                          201.219.63.0/24 maxlen: 24
                          201.219.7.0/24 maxlen: 24
                          201.219.8.0/24 maxlen: 24
                          190.152.0.0/17 maxlen: 24
                          2800:370:10:31::/64 maxlen: 64
                          2800:370:10::/48 maxlen: 64
                          2800:4f0:10:24::/64 maxlen: 64
                          2800:4f0:10:25::/64 maxlen: 64
                          2800:4f0:10::/48 maxlen: 64

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1947019 (0x1db58b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1059e1e3317704575f2c0b750ee73b166a39cd37
        Validity
            Not Before: Mar 22 22:47:59 2021 GMT
            Not After : Mar 24 22:47:59 2023 GMT
        Subject: CN=f91811f6259f4956e71e48e52e90d995cdf657d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:5a:10:f0:5f:8f:27:77:ef:23:be:cc:f5:0d:
                    51:29:bd:8f:91:b1:c3:e6:53:f8:4f:d2:d8:37:fc:
                    e9:15:e0:6c:b0:de:66:75:66:be:5b:2a:0c:9e:74:
                    0a:6e:2d:42:37:df:69:97:27:a8:1e:f0:44:47:fb:
                    50:43:69:19:9d:ed:bf:fc:dc:7e:62:47:ea:0e:18:
                    18:61:88:ae:0e:a0:ab:d9:e2:50:4a:da:8e:ee:93:
                    47:c3:f8:85:6f:0f:da:56:43:fe:21:8e:3f:91:3a:
                    d4:ae:3b:ef:9b:74:13:60:22:13:e8:5a:eb:46:24:
                    13:7c:37:e8:e6:94:1b:45:29:59:23:19:8b:7c:12:
                    17:cc:53:96:3b:9e:7d:fc:71:fd:1c:a2:81:86:db:
                    88:89:2f:25:63:3d:3c:b3:0b:ea:8f:a2:11:89:20:
                    52:07:37:ef:d6:0a:af:ec:43:f3:73:3f:62:2a:c6:
                    f0:9e:c7:d0:c7:cf:4c:3b:c2:74:fd:b3:f9:7d:dd:
                    3f:a9:e4:8e:2f:76:40:61:67:76:19:d4:22:3a:ec:
                    56:7f:9a:5a:af:93:db:51:41:e1:ad:d3:12:90:61:
                    f6:21:53:10:00:76:ae:65:da:a1:0b:bd:3c:88:73:
                    08:b9:8e:bb:f7:b5:ac:0a:3f:e9:b6:53:a5:91:92:
                    28:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:A3:EB:7F:7D:2A:D0:0B:6D:39:03:7C:39:D5:90:95:F7:AA:2C:4B
            X509v3 Authority Key Identifier:
                keyid:80:F0:C7:27:4F:82:24:D1:E9:76:F3:80:E6:EF:32:CF:10:F8:9D:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/f91811f6259f4956e71e48e52e90d995cdf657d2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/1059e1e3317704575f2c0b750ee73b166a39cd37.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.196.80.0/24
                  181.211.132.0/22
                  186.42.174.0/23
                  186.46.92.0/22
                  186.47.176.0/22
                  186.47.206.0/24
                  186.178.80.0/21
                  186.178.104.0-186.178.113.255
                  186.178.118.0/24
                  186.178.120.0/21
                  190.152.0.0/17
                  190.152.153.0/24
                  190.152.214.0/24
                  190.214.3.0/24
                  190.214.216.0/24
                  201.219.1.0-201.219.8.255
                  201.219.10.0/24
                  201.219.15.0/24
                  201.219.18.0/24
                  201.219.22.0-201.219.24.255
                  201.219.26.0-201.219.31.255
                  201.219.33.0/24
                  201.219.35.0-201.219.36.255
                  201.219.40.0/23
                  201.219.44.0/24
                  201.219.55.0/24
                  201.219.62.0/23
                IPv6:
                  2800:370:10::/48
                  2800:4f0:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         3d:0f:26:95:0d:06:5b:06:cd:d0:68:9b:c1:f7:19:e0:56:2a:
         b0:4d:60:5b:cf:1d:62:4c:42:cb:84:9e:64:27:94:5a:04:ce:
         f4:a0:3a:f2:68:79:70:f4:a5:76:4e:6f:a4:c8:66:41:44:0c:
         66:dc:7e:a6:0f:ad:f1:7b:18:d1:2d:78:39:af:c9:7e:31:a2:
         f1:6d:3f:2d:24:a7:6d:be:1a:43:2b:25:b5:03:91:e6:a6:e1:
         b1:82:28:d9:3e:fb:bb:a4:6d:b1:d0:20:6a:41:1e:57:e7:77:
         7b:95:6c:45:f0:cc:33:31:f9:95:66:a1:0e:ec:d7:d9:f1:1c:
         fa:19:13:81:f3:e3:1c:ce:5a:02:ba:36:33:6a:6f:1a:d9:09:
         e7:62:d5:5f:9f:5e:bf:ac:6a:2c:73:d3:8c:dd:89:27:12:5b:
         e4:ce:77:e1:28:0e:27:79:eb:06:c8:4a:19:06:b2:fd:94:c4:
         14:30:af:f4:2f:c5:bf:3f:05:94:2c:3a:ab:4c:a3:0f:bf:81:
         b6:ad:f2:0a:63:2d:2d:f0:e8:97:0b:b2:c5:70:70:de:8f:88:
         4b:2b:8e:3f:d9:0d:2a:b5:74:ec:15:a3:68:29:41:22:db:62:
         bd:f2:74:58:53:81:28:78:da:6e:aa:e4:6a:26:99:b2:34:f5:
         20:f3:5d:9f
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgIDHbWLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEw
NTllMWUzMzE3NzA0NTc1ZjJjMGI3NTBlZTczYjE2NmEzOWNkMzcwHhcNMjEwMzIy
MjI0NzU5WhcNMjMwMzI0MjI0NzU5WjAzMTEwLwYDVQQDEyhmOTE4MTFmNjI1OWY0
OTU2ZTcxZTQ4ZTUyZTkwZDk5NWNkZjY1N2QyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApFoQ8F+PJ3fvI77M9Q1RKb2PkbHD5lP4T9LYN/zpFeBssN5m
dWa+WyoMnnQKbi1CN99plyeoHvBER/tQQ2kZne2//Nx+YkfqDhgYYYiuDqCr2eJQ
StqO7pNHw/iFbw/aVkP+IY4/kTrUrjvvm3QTYCIT6FrrRiQTfDfo5pQbRSlZIxmL
fBIXzFOWO559/HH9HKKBhtuIiS8lYz08swvqj6IRiSBSBzfv1gqv7EPzcz9iKsbw
nsfQx89MO8J0/bP5fd0/qeSOL3ZAYWd2GdQiOuxWf5par5PbUUHhrdMSkGH2IVMQ
AHauZdqhC708iHMIuY6797WsCj/ptlOlkZIoNwIDAQABo4IDPzCCAzswHQYDVR0O
BBYEFEOj6399KtALbTkDfDnVkJX3qixLMB8GA1UdIwQYMBaAFIDwxydPgiTR6Xbz
gObvMs8Q+J3TMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTA1OWUx
ZTMzMTc3MDQ1NzVmMmMwYjc1MGVlNzNiMTY2YTM5Y2QzNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWNhNzEzZjUtNmNhYy00ODZlLWEwMTYtYTNlOGIz
MWJmMDI5L2Y5MTgxMWY2MjU5ZjQ5NTZlNzFlNDhlNTJlOTBkOTk1Y2RmNjU3ZDIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hY2E3MTNmNS02Y2FjLTQ4NmUtYTAxNi1hM2U4
YjMxYmYwMjkvMTA1OWUxZTMzMTc3MDQ1NzVmMmMwYjc1MGVlNzNiMTY2YTM5Y2Qz
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCAQEGCCsGAQUFBwEHAQH/
BIHxMIHuMIHRBAIAATCBygMEALXEUAMEArXThAMEAboqrgMEArouXAMEArovsAME
ALovzgMEA7qyUDAMAwQDurJoAwQBurJwAwQAurJ2AwQDurJ4AwQHvpgAAwQAvpiZ
AwQAvpjWAwQAvtYDAwQAvtbYMAwDBADJ2wEDBADJ2wgDBADJ2woDBADJ2w8DBADJ
2xIwDAMEAcnbFgMEAMnbGDAMAwQBydsaAwQFydsAAwQAydshMAwDBADJ2yMDBADJ
2yQDBAHJ2ygDBADJ2ywDBADJ2zcDBAHJ2z4wGAQCAAIwEgMHACgAA3AAEAMHACgA
BPAAEDANBgkqhkiG9w0BAQsFAAOCAQEAPQ8mlQ0GWwbN0GibwfcZ4FYqsE1gW88d
YkxCy4SeZCeUWgTO9KA68mh5cPSldk5vpMhmQUQMZtx+pg+t8XsY0S14Oa/JfjGi
8W0/LSSnbb4aQysltQOR5qbhsYIo2T77u6RtsdAgakEeV+d3e5VsRfDMMzH5lWah
DuzX2fEc+hkTgfPjHM5aAro2M2pvGtkJ52LVX59ev6xqLHPTjN2JJxJb5M534SgO
J3nrBshKGQay/ZTEFDCv9C/Fvz8FlCw6q0yjD7+Btq3yCmMtLfDolwuyxXBw3o+I
SyuOP9kNKrV07BWjaClBIttivfJ0WFOBKHjabqrkaiaZsjT1IPNdnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:01 2024 by rpki-client on console-fra.rpki-client.org