Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c102fa88-a0c3-438b-b62f-6c4ad3d7ae5e/3375673716645463c88c5127cb219ed3b9f56ed6.roa
File:                     3375673716645463c88c5127cb219ed3b9f56ed6.roa (raw, json)
Hash identifier:          L5/iKL/mzR+fWjDFbd2p3awrcqHOo7v4/HGGVDwB+io=
Subject key identifier:   C6:C1:11:5E:B1:07:81:8C:07:0D:24:6A:BC:B1:F0:BE:DB:E7:BD:33
Certificate issuer:       /CN=af916a8098c48f9f0fefd791512ee124a99ce09d
Certificate serial:       0EB653
Authority key identifier: 72:51:EE:4E:B7:2D:E8:EB:21:05:10:5C:13:54:28:D2:1B:65:6E:20
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/af916a8098c48f9f0fefd791512ee124a99ce09d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c102fa88-a0c3-438b-b62f-6c4ad3d7ae5e/3375673716645463c88c5127cb219ed3b9f56ed6.roa
Signing time:             Tue 04 Apr 2023 09:48:21 +0000
ROA not before:           Fri 06 Aug 2021 03:00:00 +0000
ROA not after:            Thu 10 Aug 2023 03:00:00 +0000
asID:                     20191
IP address blocks:        146.155.0.0/16 maxlen: 24
                          146.155.1.0/24 maxlen: 24
                          146.155.2.0/24 maxlen: 24
                          146.155.25.0/24 maxlen: 24
                          146.155.39.0/24 maxlen: 24
                          146.155.49.0/24 maxlen: 24
                          146.155.60.0/24 maxlen: 24
                          146.155.73.0/24 maxlen: 24
                          146.155.75.0/24 maxlen: 24
                          146.155.77.0/24 maxlen: 24
                          146.155.89.0/24 maxlen: 24
                          146.155.92.0/24 maxlen: 24
                          146.155.94.0/24 maxlen: 24
                          146.155.95.0/24 maxlen: 24
                          146.155.96.0/24 maxlen: 24
                          146.155.97.0/24 maxlen: 24
                          146.155.99.0/24 maxlen: 24
                          146.155.100.0/24 maxlen: 24
                          146.155.109.0/24 maxlen: 24
                          146.155.117.0/24 maxlen: 24
                          146.155.118.0/24 maxlen: 24
                          146.155.119.0/24 maxlen: 24
                          146.155.122.0/24 maxlen: 24
                          146.155.123.0/24 maxlen: 24
                          146.155.127.0/24 maxlen: 24
                          146.155.157.0/24 maxlen: 24
                          146.155.158.0/24 maxlen: 24
                          146.155.160.0/23 maxlen: 23
                          2800:1b0::/32 maxlen: 48
                          2800:1b0:5000::/36 maxlen: 36
                          2800:1b0:6000::/36 maxlen: 36

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 964179 (0xeb653)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af916a8098c48f9f0fefd791512ee124a99ce09d
        Validity
            Not Before: Aug  6 03:00:00 2021 GMT
            Not After : Aug 10 03:00:00 2023 GMT
        Subject: CN=3375673716645463c88c5127cb219ed3b9f56ed6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:9f:e8:2b:3e:a6:b6:6b:15:fd:5b:34:99:93:
                    08:91:a0:62:36:4f:f9:6a:19:e6:ca:0e:28:58:fd:
                    cd:ea:25:49:6f:b2:94:1d:dd:e3:9f:bc:19:2e:d1:
                    f0:f4:57:50:ed:21:bd:b2:9e:36:36:29:f9:a3:ce:
                    60:51:c8:d0:13:48:5b:78:81:dc:36:91:66:ba:0a:
                    b7:2d:5c:fb:be:47:a1:cc:73:3b:ba:a3:f7:6c:48:
                    3b:e7:72:f7:9c:0d:fa:d3:fc:2f:53:f4:ba:6f:9e:
                    4d:7e:ac:03:6a:88:06:79:ab:dc:94:70:13:eb:4e:
                    3f:77:a1:3c:90:23:bb:5e:0c:9a:d2:a7:fd:aa:d8:
                    3f:a7:f3:e3:73:a7:65:26:1d:5c:8c:4d:16:5f:68:
                    cf:af:d2:1e:99:91:4f:4b:fb:29:3b:20:c8:9d:67:
                    cf:3f:a1:5c:40:25:c9:51:9d:fc:41:2f:0a:45:55:
                    8a:e6:25:8c:6f:51:50:cc:cc:ca:5e:34:ab:a7:39:
                    79:dd:6d:3a:9d:f4:89:d9:18:02:8e:2e:90:85:f6:
                    70:30:75:25:9f:71:e5:ea:ad:72:86:b9:77:fc:6e:
                    a3:f2:81:d9:ec:06:79:cf:e9:e0:b6:7b:ea:2a:25:
                    51:65:03:f2:29:07:b8:a2:0e:66:54:ed:61:06:c4:
                    d6:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:C1:11:5E:B1:07:81:8C:07:0D:24:6A:BC:B1:F0:BE:DB:E7:BD:33
            X509v3 Authority Key Identifier:
                keyid:72:51:EE:4E:B7:2D:E8:EB:21:05:10:5C:13:54:28:D2:1B:65:6E:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/af916a8098c48f9f0fefd791512ee124a99ce09d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c102fa88-a0c3-438b-b62f-6c4ad3d7ae5e/3375673716645463c88c5127cb219ed3b9f56ed6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c102fa88-a0c3-438b-b62f-6c4ad3d7ae5e/af916a8098c48f9f0fefd791512ee124a99ce09d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.155.0.0/16
                IPv6:
                  2800:1b0::/32

    Signature Algorithm: sha256WithRSAEncryption
         67:1f:bc:7b:e2:78:28:36:1c:72:bb:f5:2f:ab:95:05:e7:cc:
         9f:20:0e:ed:f6:af:2c:b3:9b:7c:b0:83:d1:87:95:34:af:cd:
         fe:bd:8a:56:59:b5:5c:10:af:e0:b6:e7:ee:14:9b:56:5d:6a:
         c6:67:2b:eb:ba:82:0b:31:83:a2:8c:d7:bb:52:c6:99:36:b2:
         96:5d:f2:7d:9c:ed:31:19:af:68:89:ee:d3:1a:46:b1:2e:55:
         c0:83:0e:2f:e8:c4:51:68:30:1a:a5:94:cc:bb:1d:e6:9e:1c:
         67:d1:eb:9a:ce:ef:35:a6:1b:2c:5c:40:35:73:87:a6:c1:59:
         21:8c:93:d0:7e:96:9c:ef:47:f7:00:51:04:fe:9e:c3:7f:c0:
         28:5b:68:c9:f1:92:be:1a:ad:fb:d6:06:f6:ca:4a:d2:a3:e2:
         e0:f6:a2:26:45:ec:a3:57:a6:a0:ea:c5:b4:a2:f9:c2:df:83:
         ca:5a:e0:7b:b6:a4:b6:57:4e:b4:0f:04:18:30:e3:ed:24:6f:
         44:3b:9e:86:50:0a:19:05:85:ca:d8:98:75:a2:6f:b8:02:06:
         6d:10:7b:97:99:b7:2a:4d:06:29:4d:0e:ca:af:bd:1c:b7:5d:
         ce:48:81:a1:53:56:a0:d2:04:cf:dc:ee:49:bc:e3:af:2c:3d:
         bf:78:fe:41
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIDDrZTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFm
OTE2YTgwOThjNDhmOWYwZmVmZDc5MTUxMmVlMTI0YTk5Y2UwOWQwHhcNMjEwODA2
MDMwMDAwWhcNMjMwODEwMDMwMDAwWjAzMTEwLwYDVQQDEygzMzc1NjczNzE2NjQ1
NDYzYzg4YzUxMjdjYjIxOWVkM2I5ZjU2ZWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAh5/oKz6mtmsV/Vs0mZMIkaBiNk/5ahnmyg4oWP3N6iVJb7KU
Hd3jn7wZLtHw9FdQ7SG9sp42Nin5o85gUcjQE0hbeIHcNpFmugq3LVz7vkehzHM7
uqP3bEg753L3nA360/wvU/S6b55NfqwDaogGeavclHAT604/d6E8kCO7Xgya0qf9
qtg/p/Pjc6dlJh1cjE0WX2jPr9IemZFPS/spOyDInWfPP6FcQCXJUZ38QS8KRVWK
5iWMb1FQzMzKXjSrpzl53W06nfSJ2RgCji6QhfZwMHUln3Hl6q1yhrl3/G6j8oHZ
7AZ5z+ngtnvqKiVRZQPyKQe4og5mVO1hBsTWuwIDAQABo4ICaTCCAmUwHQYDVR0O
BBYEFMbBEV6xB4GMBw0karyx8L7b570zMB8GA1UdIwQYMBaAFHJR7k63LejrIQUQ
XBNUKNIbZW4gMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYWY5MTZh
ODA5OGM0OGY5ZjBmZWZkNzkxNTEyZWUxMjRhOTljZTA5ZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzEwMmZhODgtYTBjMy00MzhiLWI2MmYtNmM0YWQz
ZDdhZTVlLzMzNzU2NzM3MTY2NDU0NjNjODhjNTEyN2NiMjE5ZWQzYjlmNTZlZDYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMTAyZmE4OC1hMGMzLTQzOGItYjYyZi02YzRh
ZDNkN2FlNWUvYWY5MTZhODA5OGM0OGY5ZjBmZWZkNzkxNTEyZWUxMjRhOTljZTA5
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQe
MBwwCwQCAAEwBQMDAJKbMA0EAgACMAcDBQAoAAGwMA0GCSqGSIb3DQEBCwUAA4IB
AQBnH7x74ngoNhxyu/Uvq5UF58yfIA7t9q8ss5t8sIPRh5U0r83+vYpWWbVcEK/g
tufuFJtWXWrGZyvruoILMYOijNe7UsaZNrKWXfJ9nO0xGa9oie7TGkaxLlXAgw4v
6MRRaDAapZTMux3mnhxn0euazu81phssXEA1c4emwVkhjJPQfpac70f3AFEE/p7D
f8AoW2jJ8ZK+Gq371gb2ykrSo+Lg9qImReyjV6ag6sW0ovnC34PKWuB7tqS2V060
DwQYMOPtJG9EO56GUAoZBYXK2Jh1om+4AgZtEHuXmbcqTQYpTQ7Kr70ct13OSIGh
U1ag0gTP3O5JvOOvLD2/eP5B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:26 2024 by rpki-client on console-ams.rpki-client.org