Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c944eff2-c01a-43ac-b23c-71ab3115d219/2c10b480a526558a5f19018fa904b096e8b2976c.roa
File:                     2c10b480a526558a5f19018fa904b096e8b2976c.roa (raw, json)
Hash identifier:          axawfeOGKr6NS4xPLbnw47SCKs1l9Gvx2IvRMg+ZI2U=
Subject key identifier:   47:98:54:CF:F3:DB:6A:DE:7F:3B:A9:0A:BC:57:42:F0:AA:8A:D1:AB
Certificate issuer:       /CN=75efa7e220921478f459230041e65a4f7dc20ea6
Certificate serial:       20CD66
Authority key identifier: 6A:F0:47:DF:D7:F3:CF:31:79:98:C6:27:10:79:7E:21:32:E4:0B:11
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/75efa7e220921478f459230041e65a4f7dc20ea6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c944eff2-c01a-43ac-b23c-71ab3115d219/2c10b480a526558a5f19018fa904b096e8b2976c.roa
Signing time:             Tue 06 Jun 2023 04:50:25 +0000
ROA not before:           Mon 05 Jun 2023 04:50:25 +0000
ROA not after:            Fri 06 Jun 2025 04:50:25 +0000
asID:                     10269
IP address blocks:        170.0.180.0/22 maxlen: 22
                          179.42.192.0/18 maxlen: 18
                          179.42.192.0/19 maxlen: 19
                          179.42.224.0/19 maxlen: 19
                          190.197.0.0/17 maxlen: 17
                          190.197.0.0/20 maxlen: 20
                          190.197.51.0/24 maxlen: 24
                          190.197.53.0/24 maxlen: 24
                          190.197.56.0/21 maxlen: 21
                          190.197.64.0/19 maxlen: 19
                          190.197.96.0/19 maxlen: 19
                          200.32.192.0/18 maxlen: 18
                          200.32.192.0/19 maxlen: 19
                          200.32.192.0/24 maxlen: 24
                          200.32.195.0/24 maxlen: 24
                          200.32.198.0/24 maxlen: 24
                          200.32.203.0/24 maxlen: 24
                          200.32.205.0/24 maxlen: 24
                          200.32.213.0/24 maxlen: 24
                          200.32.218.0/24 maxlen: 24
                          200.32.221.0/24 maxlen: 24
                          200.32.222.0/24 maxlen: 24
                          200.32.224.0/22 maxlen: 22
                          200.32.228.0/22 maxlen: 22
                          200.32.228.0/24 maxlen: 24
                          200.32.232.0/22 maxlen: 22
                          200.32.236.0/22 maxlen: 22
                          200.32.240.0/22 maxlen: 22
                          200.32.244.0/22 maxlen: 22
                          200.32.248.0/21 maxlen: 21
                          200.32.252.0/24 maxlen: 24
                          200.32.253.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2149734 (0x20cd66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75efa7e220921478f459230041e65a4f7dc20ea6
        Validity
            Not Before: Jun  5 04:50:25 2023 GMT
            Not After : Jun  6 04:50:25 2025 GMT
        Subject: CN=2c10b480a526558a5f19018fa904b096e8b2976c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:de:bf:ad:fa:9d:c1:68:bf:e5:3d:97:22:a5:
                    3e:29:0d:fa:ed:0e:23:0e:e7:f4:86:0b:82:3a:bf:
                    ae:96:ff:12:0a:72:ff:c8:88:c7:59:ef:df:5d:f8:
                    ff:f2:a5:f4:2e:b2:9d:91:2d:e8:7c:e6:7e:f6:d8:
                    0c:8e:8e:1a:58:a9:38:01:96:1e:2e:a2:f3:26:30:
                    c0:16:51:67:2c:0a:98:8e:81:31:c4:f5:59:9f:c8:
                    5b:74:ea:b6:84:c6:b5:2d:a5:2b:58:9a:d3:b1:17:
                    a0:de:3e:d1:ff:44:d3:bb:25:cf:dd:d0:13:58:8c:
                    58:40:2e:00:58:56:fc:d3:d8:29:1a:ec:4c:5e:42:
                    c1:6b:61:87:8f:64:7b:fa:80:20:c1:11:70:af:92:
                    43:96:32:d7:aa:9a:8e:4e:7d:38:47:ec:dc:b7:c3:
                    46:38:35:c0:5f:1a:a6:b7:cd:a8:33:d6:24:47:ec:
                    f1:6b:6a:6f:d1:7d:96:38:92:76:eb:88:6b:26:c5:
                    3f:83:5e:7c:eb:d1:9d:9a:0c:ed:8a:46:df:2a:25:
                    44:b4:c1:d4:c2:e3:5b:b9:1d:53:5f:34:cc:83:ed:
                    8d:3d:02:89:14:fa:1c:2c:cb:b8:b8:9a:fd:10:d4:
                    20:fc:85:b8:db:5e:19:00:60:e2:2a:d8:8f:96:c8:
                    53:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:98:54:CF:F3:DB:6A:DE:7F:3B:A9:0A:BC:57:42:F0:AA:8A:D1:AB
            X509v3 Authority Key Identifier:
                keyid:6A:F0:47:DF:D7:F3:CF:31:79:98:C6:27:10:79:7E:21:32:E4:0B:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/75efa7e220921478f459230041e65a4f7dc20ea6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c944eff2-c01a-43ac-b23c-71ab3115d219/2c10b480a526558a5f19018fa904b096e8b2976c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c944eff2-c01a-43ac-b23c-71ab3115d219/75efa7e220921478f459230041e65a4f7dc20ea6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.0.180.0/22
                  179.42.192.0/18
                  190.197.0.0/17
                  200.32.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         a9:ed:b8:7c:35:73:86:d4:46:52:50:22:44:c7:34:cf:43:a4:
         70:cb:dd:46:1c:55:59:66:fb:71:25:89:38:f1:81:bd:8c:1b:
         b4:15:12:f5:b7:c7:18:a3:07:ed:04:71:42:02:2f:97:55:bf:
         ce:99:04:57:a5:fb:95:4b:e2:4d:c3:44:d4:38:be:50:d3:27:
         d5:2d:bd:7f:80:0c:0a:20:f0:45:b1:9c:c3:86:76:0a:07:d2:
         26:10:fd:e9:0f:31:0f:f7:8e:8a:68:c1:b1:7c:4e:33:ba:f8:
         d8:15:52:50:ae:ce:06:d9:b4:ca:3d:26:34:ce:cc:57:2d:65:
         ca:67:ca:09:96:c8:f4:b2:b2:9c:c7:81:38:ee:9f:1d:2b:c3:
         e0:64:fd:ea:32:1d:00:2a:ee:60:c9:98:9b:2f:1e:ae:5e:71:
         32:5b:38:39:1d:10:66:7a:2c:68:80:75:de:a4:da:a2:87:5f:
         9c:d3:9d:73:9f:aa:aa:52:15:67:eb:51:e8:84:8e:34:95:41:
         03:77:04:06:70:c9:d7:f8:71:c6:c5:3d:ef:af:b4:45:e2:a0:
         c5:11:3d:90:c4:04:e9:da:12:f5:2e:7f:f8:4d:29:9c:4b:cf:
         a6:a0:f2:db:c0:34:ff:ae:d5:05:a1:6d:6d:22:61:69:4c:13:
         64:4b:a0:22
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIDIM1mMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc1
ZWZhN2UyMjA5MjE0NzhmNDU5MjMwMDQxZTY1YTRmN2RjMjBlYTYwHhcNMjMwNjA1
MDQ1MDI1WhcNMjUwNjA2MDQ1MDI1WjAzMTEwLwYDVQQDEygyYzEwYjQ4MGE1MjY1
NThhNWYxOTAxOGZhOTA0YjA5NmU4YjI5NzZjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAj96/rfqdwWi/5T2XIqU+KQ367Q4jDuf0hguCOr+ulv8SCnL/
yIjHWe/fXfj/8qX0LrKdkS3ofOZ+9tgMjo4aWKk4AZYeLqLzJjDAFlFnLAqYjoEx
xPVZn8hbdOq2hMa1LaUrWJrTsReg3j7R/0TTuyXP3dATWIxYQC4AWFb809gpGuxM
XkLBa2GHj2R7+oAgwRFwr5JDljLXqpqOTn04R+zct8NGODXAXxqmt82oM9YkR+zx
a2pv0X2WOJJ264hrJsU/g15869GdmgztikbfKiVEtMHUwuNbuR1TXzTMg+2NPQKJ
FPocLMu4uJr9ENQg/IW4214ZAGDiKtiPlshTfQIDAQABo4ICbTCCAmkwHQYDVR0O
BBYEFEeYVM/z22refzupCrxXQvCqitGrMB8GA1UdIwQYMBaAFGrwR9/X888xeZjG
JxB5fiEy5AsRMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzVlZmE3
ZTIyMDkyMTQ3OGY0NTkyMzAwNDFlNjVhNGY3ZGMyMGVhNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzk0NGVmZjItYzAxYS00M2FjLWIyM2MtNzFhYjMx
MTVkMjE5LzJjMTBiNDgwYTUyNjU1OGE1ZjE5MDE4ZmE5MDRiMDk2ZThiMjk3NmMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jOTQ0ZWZmMi1jMDFhLTQzYWMtYjIzYy03MWFi
MzExNWQyMTkvNzVlZmE3ZTIyMDkyMTQ3OGY0NTkyMzAwNDFlNjVhNGY3ZGMyMGVh
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQi
MCAwHgQCAAEwGAMEAqoAtAMEBrMqwAMEB77FAAMEBsggwDANBgkqhkiG9w0BAQsF
AAOCAQEAqe24fDVzhtRGUlAiRMc0z0OkcMvdRhxVWWb7cSWJOPGBvYwbtBUS9bfH
GKMH7QRxQgIvl1W/zpkEV6X7lUviTcNE1Di+UNMn1S29f4AMCiDwRbGcw4Z2CgfS
JhD96Q8xD/eOimjBsXxOM7r42BVSUK7OBtm0yj0mNM7MVy1lymfKCZbI9LKynMeB
OO6fHSvD4GT96jIdACruYMmYmy8erl5xMls4OR0QZnosaIB13qTaoodfnNOdc5+q
qlIVZ+tR6ISONJVBA3cEBnDJ1/hxxsU976+0ReKgxRE9kMQE6doS9S5/+E0pnEvP
pqDy28A0/67VBaFtbSJhaUwTZEugIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-ams.rpki-client.org