Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/76422bb7546316e3c8c648063de15a82f13771a9.roa
File:                     76422bb7546316e3c8c648063de15a82f13771a9.roa (raw, json)
Hash identifier:          nt2Mx52uFLQwQrI5a9d13lYJD3C08pglWd+a6ihBxUA=
Subject key identifier:   F4:58:F2:E8:08:AD:E3:E0:8F:77:BA:C3:81:95:9C:7B:47:8B:FD:63
Certificate issuer:       /CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
Certificate serial:       1BCBC6
Authority key identifier: DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/76422bb7546316e3c8c648063de15a82f13771a9.roa
Signing time:             Mon 26 Sep 2022 20:12:48 +0000
ROA not before:           Mon 26 Sep 2022 20:11:47 +0000
ROA not after:            Thu 26 Sep 2024 20:11:47 +0000
asID:                     3816
IP address blocks:        179.32.0.0/20 maxlen: 20
                          179.32.20.0/22 maxlen: 22
                          179.32.24.0/22 maxlen: 22
                          179.32.28.0/22 maxlen: 22
                          179.32.32.0/22 maxlen: 22
                          179.32.34.0/23 maxlen: 23
                          179.32.36.0/22 maxlen: 22
                          179.32.40.0/22 maxlen: 22
                          179.32.44.0/22 maxlen: 22
                          179.32.48.0/22 maxlen: 22
                          179.32.52.0/22 maxlen: 22
                          179.32.56.0/22 maxlen: 22
                          179.32.60.0/22 maxlen: 22
                          179.32.64.0/20 maxlen: 20
                          179.32.80.0/20 maxlen: 20
                          179.32.96.0/20 maxlen: 20
                          179.32.112.0/20 maxlen: 20
                          179.32.128.0/20 maxlen: 20
                          179.32.144.0/20 maxlen: 20
                          179.32.160.0/20 maxlen: 20
                          179.32.176.0/20 maxlen: 20
                          179.32.192.0/20 maxlen: 20
                          179.32.208.0/20 maxlen: 20
                          179.32.224.0/20 maxlen: 20
                          179.32.240.0/20 maxlen: 20
                          179.33.0.0/22 maxlen: 22
                          179.33.4.0/22 maxlen: 22
                          179.33.8.0/22 maxlen: 22
                          179.33.12.0/22 maxlen: 22
                          179.33.16.0/22 maxlen: 22
                          179.33.20.0/22 maxlen: 22
                          179.33.24.0/22 maxlen: 22
                          179.33.28.0/22 maxlen: 22
                          179.33.32.0/20 maxlen: 20
                          179.33.48.0/20 maxlen: 20
                          179.33.64.0/20 maxlen: 20
                          179.33.80.0/20 maxlen: 20
                          179.33.96.0/24 maxlen: 24
                          179.33.97.0/24 maxlen: 24
                          179.33.98.0/24 maxlen: 24
                          179.33.99.0/24 maxlen: 24
                          179.33.100.0/24 maxlen: 24
                          179.33.101.0/24 maxlen: 24
                          179.33.102.0/24 maxlen: 24
                          179.33.103.0/24 maxlen: 24
                          179.33.104.0/22 maxlen: 22
                          179.33.110.0/23 maxlen: 23
                          179.33.112.0/20 maxlen: 20
                          179.33.128.0/21 maxlen: 21
                          179.33.136.0/22 maxlen: 22
                          179.33.140.0/22 maxlen: 22
                          179.33.144.0/20 maxlen: 20
                          179.33.160.0/21 maxlen: 21
                          179.33.168.0/23 maxlen: 23
                          179.33.170.0/23 maxlen: 23
                          179.33.172.0/23 maxlen: 23
                          179.33.174.0/24 maxlen: 24
                          179.33.175.0/24 maxlen: 24
                          179.33.176.0/22 maxlen: 22
                          179.33.180.0/22 maxlen: 22
                          179.33.184.0/22 maxlen: 22
                          179.33.188.0/22 maxlen: 22
                          179.33.192.0/20 maxlen: 20
                          179.33.208.0/22 maxlen: 22
                          179.33.210.0/24 maxlen: 24
                          179.33.212.0/22 maxlen: 22
                          179.33.216.0/22 maxlen: 22
                          179.33.220.0/22 maxlen: 22
                          179.33.224.0/21 maxlen: 21
                          179.33.232.0/21 maxlen: 21
                          179.33.240.0/20 maxlen: 20

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1821638 (0x1bcbc6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
        Validity
            Not Before: Sep 26 20:11:47 2022 GMT
            Not After : Sep 26 20:11:47 2024 GMT
        Subject: CN=76422bb7546316e3c8c648063de15a82f13771a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:b1:68:16:63:87:b3:17:b6:15:23:b6:d3:b8:
                    e0:21:04:c1:5e:7c:0f:2d:39:6a:5f:35:8c:89:4e:
                    bf:88:28:67:d5:68:98:70:ec:6b:17:32:d2:8a:08:
                    f6:58:4a:b4:56:85:e8:41:28:f5:70:0c:af:1b:97:
                    77:06:6c:79:4a:e0:a3:0d:d3:60:b3:2b:f4:9d:66:
                    a9:64:dc:6d:a5:91:55:39:7e:be:44:28:4c:13:5c:
                    6c:fd:92:a5:d1:98:79:c4:14:80:02:62:f0:b3:4b:
                    44:a7:8c:f6:70:b4:93:c8:cd:e1:4d:27:53:bf:9c:
                    dd:04:79:90:a1:a5:df:22:cc:f3:9d:ab:04:73:99:
                    bd:ae:af:09:34:57:a7:02:87:10:cd:9a:db:3b:4f:
                    55:3f:fc:1a:ad:cb:5f:f9:c0:4b:43:26:4b:e4:d8:
                    ab:28:c0:64:a3:eb:39:c9:50:7f:0b:1a:c8:13:aa:
                    0b:42:0a:b7:25:1d:0a:34:d8:23:8a:df:75:f5:a0:
                    0a:ff:d4:31:0a:7d:59:ec:79:2a:ca:97:32:a5:13:
                    24:5b:49:10:b4:c1:fc:47:dc:db:66:d7:71:5f:00:
                    16:53:73:4c:8d:e3:a1:7f:1f:ea:eb:10:b8:8b:f0:
                    0c:1e:a5:ff:ce:ca:a4:39:3f:80:68:b6:3b:ca:9b:
                    42:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:58:F2:E8:08:AD:E3:E0:8F:77:BA:C3:81:95:9C:7B:47:8B:FD:63
            X509v3 Authority Key Identifier:
                keyid:DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/76422bb7546316e3c8c648063de15a82f13771a9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.32.0.0/20
                  179.32.20.0-179.33.107.255
                  179.33.110.0-179.33.255.255

    Signature Algorithm: sha256WithRSAEncryption
         82:d2:ee:ce:f6:a9:07:98:c1:39:ce:a6:7f:18:5d:6c:ce:74:
         e6:b7:3d:42:25:a9:b0:60:4d:84:17:37:ae:90:a5:ef:ff:b1:
         78:e9:13:61:79:5b:c6:20:d9:2d:1d:75:07:5b:7c:9b:42:5d:
         06:f2:7a:69:52:50:74:18:81:7c:f7:af:31:f9:b7:48:2d:72:
         46:ab:e2:51:07:99:b1:7e:dc:9f:f9:cd:83:0c:ae:4e:d4:d4:
         5e:52:c7:9e:e7:f6:2d:64:ea:5c:7b:73:23:de:c4:7c:3a:84:
         f9:0f:53:2a:d4:a4:3c:a8:99:e1:b7:88:2a:a0:a6:e7:68:ff:
         b0:c8:10:7d:e8:a9:47:03:39:42:b1:26:74:7d:15:e9:3c:ad:
         41:e4:c6:30:d4:c9:a6:93:8e:f3:bb:de:e0:92:be:39:d9:c3:
         83:ec:d2:e2:70:79:84:89:d9:8a:d8:f5:42:60:12:b8:ef:0f:
         89:fa:69:22:b4:ba:56:07:b6:90:2b:f6:92:8b:db:9e:a5:60:
         18:e1:17:ec:2e:20:e0:a6:f7:31:ab:28:b8:f8:ce:8a:c2:a1:
         e0:4a:4b:82:3c:62:9f:a3:39:79:5a:d5:b3:f0:f7:53:0a:3c:
         4d:87:a6:57:c2:4b:08:45:9a:1e:dd:45:af:57:d4:b5:90:e4:
         91:e6:8d:af
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIDG8vGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIz
NTgwMDc4ZjRmODk3ZmNmZGJhYTBkOTBjMmVjNmY0NjBlMzMyMjIwHhcNMjIwOTI2
MjAxMTQ3WhcNMjQwOTI2MjAxMTQ3WjAzMTEwLwYDVQQDEyg3NjQyMmJiNzU0NjMx
NmUzYzhjNjQ4MDYzZGUxNWE4MmYxMzc3MWE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhrFoFmOHsxe2FSO207jgIQTBXnwPLTlqXzWMiU6/iChn1WiY
cOxrFzLSigj2WEq0VoXoQSj1cAyvG5d3Bmx5SuCjDdNgsyv0nWapZNxtpZFVOX6+
RChME1xs/ZKl0Zh5xBSAAmLws0tEp4z2cLSTyM3hTSdTv5zdBHmQoaXfIszznasE
c5m9rq8JNFenAocQzZrbO09VP/warctf+cBLQyZL5NirKMBko+s5yVB/CxrIE6oL
Qgq3JR0KNNgjit919aAK/9QxCn1Z7HkqypcypRMkW0kQtMH8R9zbZtdxXwAWU3NM
jeOhfx/q6xC4i/AMHqX/zsqkOT+AaLY7yptCyQIDAQABo4ICdjCCAnIwHQYDVR0O
BBYEFPRY8ugIrePgj3e6w4GVnHtHi/1jMB8GA1UdIwQYMBaAFN/Gyo1ROTKXljh0
TDeMs6BDDpW1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjM1ODAw
NzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzIwYjU1OGEtODllMC00YzllLWI2YzgtZDdjNjk0
NjMyMTIwLzc2NDIyYmI3NTQ2MzE2ZTNjOGM2NDgwNjNkZTE1YTgyZjEzNzcxYTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMjBiNTU4YS04OWUwLTRjOWUtYjZjOC1kN2M2
OTQ2MzIxMjAvYjM1ODAwNzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIy
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQr
MCkwJwQCAAEwIQMEBLMgADAMAwQCsyAUAwQCsyFoMAsDBAGzIW4DAwGzIDANBgkq
hkiG9w0BAQsFAAOCAQEAgtLuzvapB5jBOc6mfxhdbM505rc9QiWpsGBNhBc3rpCl
7/+xeOkTYXlbxiDZLR11B1t8m0JdBvJ6aVJQdBiBfPevMfm3SC1yRqviUQeZsX7c
n/nNgwyuTtTUXlLHnuf2LWTqXHtzI97EfDqE+Q9TKtSkPKiZ4beIKqCm52j/sMgQ
feipRwM5QrEmdH0V6TytQeTGMNTJppOO87ve4JK+OdnDg+zS4nB5hInZitj1QmAS
uO8PifppIrS6Vge2kCv2kovbnqVgGOEX7C4g4Kb3MasouPjOisKh4EpLgjxin6M5
eVrVs/D3Uwo8TYemV8JLCEWaHt1Fr1fUtZDkkeaNrw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:06 2024 by rpki-client on console-fra.rpki-client.org