Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b3e5dd9e-bbca-4c49-92f5-8c6751165e92/cd3adc13d58cee6a078e1537f3d606dc4f43cb9e.roa
File:                     cd3adc13d58cee6a078e1537f3d606dc4f43cb9e.roa (raw, json)
Hash identifier:          HBACgQiRU9DC6Ltp6UpWFYQCdc1lJi7JqS/OLpO9g68=
Subject key identifier:   DE:8A:F9:0B:92:95:4D:EE:F2:B6:67:A8:EF:AB:39:44:8C:B4:11:6F
Certificate issuer:       /CN=337d330947d264c81b4503df3b1ef67d45cc2dc4
Certificate serial:       1D286D
Authority key identifier: 61:B6:8D:FD:87:EB:CE:D6:CA:2B:24:E2:AA:8F:F7:07:DA:63:5E:19
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/337d330947d264c81b4503df3b1ef67d45cc2dc4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b3e5dd9e-bbca-4c49-92f5-8c6751165e92/cd3adc13d58cee6a078e1537f3d606dc4f43cb9e.roa
Signing time:             Fri 07 Oct 2022 13:46:56 +0000
ROA not before:           Wed 24 Mar 2021 14:36:23 +0000
ROA not after:            Tue 24 Mar 2026 14:36:23 +0000
asID:                     3816
IP address blocks:        186.183.232.0/23 maxlen: 23
                          186.183.240.0/22 maxlen: 22
                          186.183.244.0/23 maxlen: 23
                          186.183.254.0/23 maxlen: 23
                          190.13.16.0/21 maxlen: 21
                          190.13.48.0/21 maxlen: 21
                          190.13.56.0/21 maxlen: 21
                          190.96.136.0/21 maxlen: 21
                          190.96.144.0/21 maxlen: 21
                          190.96.152.0/21 maxlen: 21
                          190.96.184.0/21 maxlen: 21
                          190.96.200.0/21 maxlen: 21
                          190.96.224.0/21 maxlen: 21
                          190.96.232.0/21 maxlen: 21
                          190.96.240.0/21 maxlen: 21
                          190.96.248.0/21 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1910893 (0x1d286d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=337d330947d264c81b4503df3b1ef67d45cc2dc4
        Validity
            Not Before: Mar 24 14:36:23 2021 GMT
            Not After : Mar 24 14:36:23 2026 GMT
        Subject: CN=cd3adc13d58cee6a078e1537f3d606dc4f43cb9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:4b:19:bc:05:d7:03:77:91:dc:28:cb:83:d1:
                    e0:9c:ce:4c:6e:6d:e6:ad:e2:fb:4c:5d:fe:4e:0d:
                    2d:38:cd:9c:b0:b3:1c:45:38:d0:cc:a2:c5:d1:58:
                    13:31:89:be:f1:c1:3a:b8:94:0c:1c:39:8d:28:75:
                    8d:31:88:20:70:4b:74:b3:47:af:a0:b0:8f:1a:b0:
                    30:27:d6:14:57:7d:77:53:ee:5e:43:05:ea:a8:20:
                    22:83:0d:d5:ac:97:aa:a1:df:5f:fc:69:3e:0a:cd:
                    4f:60:ae:1d:55:0d:33:49:0b:53:7e:46:f8:81:69:
                    80:42:70:e7:e1:94:1d:53:b9:47:20:5d:16:38:c7:
                    0b:8e:c1:32:2f:78:6c:ca:e3:18:97:c7:79:8a:57:
                    4b:a1:18:06:58:e4:dc:a1:3d:d6:8c:3a:13:62:af:
                    d8:d3:73:f7:bb:d6:7e:3a:92:c0:fe:7f:b8:7b:a3:
                    ec:2d:78:ee:33:dc:da:80:ee:c1:0e:4d:dc:c4:a8:
                    49:86:e1:a5:28:65:70:64:18:3f:b9:60:91:9c:fb:
                    ee:07:f6:6a:c8:b7:23:1a:2a:70:6b:93:05:a9:53:
                    99:29:ea:4c:1b:4c:52:d0:87:e1:65:a0:68:4c:c9:
                    b6:3a:65:0d:c6:81:11:3c:15:22:95:3c:97:8b:df:
                    40:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:8A:F9:0B:92:95:4D:EE:F2:B6:67:A8:EF:AB:39:44:8C:B4:11:6F
            X509v3 Authority Key Identifier:
                keyid:61:B6:8D:FD:87:EB:CE:D6:CA:2B:24:E2:AA:8F:F7:07:DA:63:5E:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/337d330947d264c81b4503df3b1ef67d45cc2dc4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b3e5dd9e-bbca-4c49-92f5-8c6751165e92/cd3adc13d58cee6a078e1537f3d606dc4f43cb9e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b3e5dd9e-bbca-4c49-92f5-8c6751165e92/337d330947d264c81b4503df3b1ef67d45cc2dc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.183.232.0/23
                  186.183.240.0-186.183.245.255
                  186.183.254.0/23
                  190.13.16.0/21
                  190.13.48.0/20
                  190.96.136.0-190.96.159.255
                  190.96.184.0/21
                  190.96.200.0/21
                  190.96.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         9e:39:54:0a:ee:fd:5d:a4:a8:e1:db:e2:49:b2:ea:9c:b7:a7:
         ce:6a:b9:e7:ca:dc:01:cc:59:cd:b6:0f:30:b7:e9:c9:6f:f0:
         e2:2d:8d:f6:1a:2e:91:c8:66:c7:3b:fd:fe:a9:87:3c:0c:d1:
         78:60:68:b7:72:6c:a9:ab:b6:a5:87:c4:87:3d:c2:29:ee:25:
         64:12:b6:5c:d7:bc:ba:48:16:7b:bc:29:1f:36:91:39:54:8d:
         16:e8:96:52:b6:81:a3:7c:61:b4:ca:10:4f:34:af:95:3a:a1:
         3e:87:94:73:87:16:81:99:ab:0f:62:6b:ed:7e:8b:ce:13:5f:
         de:68:be:3f:c8:9a:e0:b0:77:cf:c4:c2:5b:f4:1c:49:fa:72:
         0a:8f:94:1c:9e:2c:3a:66:2a:b7:05:4f:04:2d:29:3a:10:dc:
         98:57:f3:be:74:5f:da:9e:7e:bd:8d:42:23:93:c4:e1:f2:af:
         6b:59:64:f8:8f:f7:c4:03:4f:98:ea:9a:a4:be:e3:43:a2:72:
         19:d0:ef:bc:3e:7e:0f:58:e0:38:0d:0a:1c:91:37:1a:4e:01:
         82:e6:64:d2:b0:87:ba:6a:af:6b:fe:01:f4:51:d3:93:d1:9c:
         c7:b6:88:08:63:59:47:24:c3:e5:81:83:bf:1f:67:20:40:87:
         44:6a:b4:43
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDHShtMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
N2QzMzA5NDdkMjY0YzgxYjQ1MDNkZjNiMWVmNjdkNDVjYzJkYzQwHhcNMjEwMzI0
MTQzNjIzWhcNMjYwMzI0MTQzNjIzWjAzMTEwLwYDVQQDEyhjZDNhZGMxM2Q1OGNl
ZTZhMDc4ZTE1MzdmM2Q2MDZkYzRmNDNjYjllMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiUsZvAXXA3eR3CjLg9HgnM5Mbm3mreL7TF3+Tg0tOM2csLMc
RTjQzKLF0VgTMYm+8cE6uJQMHDmNKHWNMYggcEt0s0evoLCPGrAwJ9YUV313U+5e
QwXqqCAigw3VrJeqod9f/Gk+Cs1PYK4dVQ0zSQtTfkb4gWmAQnDn4ZQdU7lHIF0W
OMcLjsEyL3hsyuMYl8d5ildLoRgGWOTcoT3WjDoTYq/Y03P3u9Z+OpLA/n+4e6Ps
LXjuM9zagO7BDk3cxKhJhuGlKGVwZBg/uWCRnPvuB/ZqyLcjGipwa5MFqVOZKepM
G0xS0IfhZaBoTMm2OmUNxoERPBUilTyXi99AvwIDAQABo4ICmzCCApcwHQYDVR0O
BBYEFN6K+QuSlU3u8rZnqO+rOUSMtBFvMB8GA1UdIwQYMBaAFGG2jf2H687Wyisk
4qqP9wfaY14ZMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzM3ZDMz
MDk0N2QyNjRjODFiNDUwM2RmM2IxZWY2N2Q0NWNjMmRjNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjNlNWRkOWUtYmJjYS00YzQ5LTkyZjUtOGM2NzUx
MTY1ZTkyL2NkM2FkYzEzZDU4Y2VlNmEwNzhlMTUzN2YzZDYwNmRjNGY0M2NiOWUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iM2U1ZGQ5ZS1iYmNhLTRjNDktOTJmNS04YzY3
NTExNjVlOTIvMzM3ZDMzMDk0N2QyNjRjODFiNDUwM2RmM2IxZWY2N2Q0NWNjMmRj
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBggrBgEFBQcBBwEB/wRQ
ME4wTAQCAAEwRgMEAbq36DAMAwQEurfwAwQBurf0AwQBurf+AwQDvg0QAwQEvg0w
MAwDBAO+YIgDBAW+YIADBAO+YLgDBAO+YMgDBAW+YOAwDQYJKoZIhvcNAQELBQAD
ggEBAJ45VAru/V2kqOHb4kmy6py3p85quefK3AHMWc22DzC36clv8OItjfYaLpHI
Zsc7/f6phzwM0XhgaLdybKmrtqWHxIc9winuJWQStlzXvLpIFnu8KR82kTlUjRbo
llK2gaN8YbTKEE80r5U6oT6HlHOHFoGZqw9ia+1+i84TX95ovj/ImuCwd8/Ewlv0
HEn6cgqPlByeLDpmKrcFTwQtKToQ3JhX8750X9qefr2NQiOTxOHyr2tZZPiP98QD
T5jqmqS+40OichnQ77w+fg9Y4DgNChyRNxpOAYLmZNKwh7pqr2v+AfRR05PRnMe2
iAhjWUckw+WBg78fZyBAh0RqtEM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:02 2024 by rpki-client on console-fra.rpki-client.org