Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e348bdf3-6c2a-4e7f-9deb-ebcd2c56f245/d85d75e58a3fe848acc9de7e180dfa6c6b66894d.roa
File:                     d85d75e58a3fe848acc9de7e180dfa6c6b66894d.roa (raw, json)
Hash identifier:          sXbej/+nxnOm8H1xTVpJ968MovJLAbxeBWaabZJl/Es=
Subject key identifier:   96:F2:5C:8C:C3:28:56:DA:33:04:70:6D:C2:BC:98:28:01:13:99:CB
Certificate issuer:       /CN=eb6de066f1c70b82f75b54d19209c0e03f1f0279
Certificate serial:       0D763A
Authority key identifier: 76:12:49:46:59:CF:CF:F8:19:4B:DD:87:76:20:C2:55:68:E0:EA:0C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/eb6de066f1c70b82f75b54d19209c0e03f1f0279.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e348bdf3-6c2a-4e7f-9deb-ebcd2c56f245/d85d75e58a3fe848acc9de7e180dfa6c6b66894d.roa
Signing time:             Wed 24 Mar 2021 14:46:57 +0000
ROA not before:           Wed 24 Mar 2021 14:46:54 +0000
ROA not after:            Tue 24 Mar 2026 14:46:54 +0000
asID:                     27773
IP address blocks:        138.186.249.0/24 maxlen: 24
                          138.186.250.0/23 maxlen: 24
                          179.51.0.0/18 maxlen: 24
                          186.32.64.0/23 maxlen: 24
                          186.32.66.0/24 maxlen: 24
                          186.32.68.0/22 maxlen: 24
                          186.32.72.0/21 maxlen: 24
                          186.32.80.0/20 maxlen: 24
                          186.32.96.0/19 maxlen: 24
                          186.32.248.0/21 maxlen: 24
                          190.53.0.0/19 maxlen: 24
                          190.53.96.0/19 maxlen: 24
                          190.53.128.0/18 maxlen: 24
                          190.99.24.0/21 maxlen: 24
                          190.99.32.0/22 maxlen: 24
                          190.99.37.0/24 maxlen: 24
                          190.99.38.0/23 maxlen: 24
                          190.99.40.0/21 maxlen: 24
                          190.99.48.0/20 maxlen: 24
                          190.150.0.0/19 maxlen: 24
                          190.150.32.0/20 maxlen: 24
                          190.150.48.0/24 maxlen: 24
                          190.150.50.0/23 maxlen: 24
                          190.150.52.0/22 maxlen: 24
                          190.150.56.0/21 maxlen: 24
                          190.150.64.0/22 maxlen: 24
                          190.150.68.0/23 maxlen: 24
                          190.150.72.0/21 maxlen: 24
                          190.150.80.0/20 maxlen: 24
                          190.150.96.0/19 maxlen: 24
                          190.150.128.0/18 maxlen: 24
                          190.150.192.0/21 maxlen: 24
                          190.150.200.0/22 maxlen: 24
                          190.150.205.0/24 maxlen: 24
                          190.150.206.0/23 maxlen: 24
                          190.150.208.0/20 maxlen: 24
                          190.150.224.0/20 maxlen: 24
                          190.150.240.0/21 maxlen: 24
                          190.150.248.0/22 maxlen: 24
                          190.150.252.0/23 maxlen: 24
                          190.150.254.0/24 maxlen: 24
                          200.13.161.0/24 maxlen: 24
                          200.13.168.0/22 maxlen: 24
                          200.13.172.0/23 maxlen: 24
                          200.13.174.0/24 maxlen: 24
                          200.13.180.0/24 maxlen: 24
                          200.13.184.0/23 maxlen: 24
                          200.13.186.0/24 maxlen: 24
                          200.13.189.0/24 maxlen: 24
                          200.13.190.0/24 maxlen: 24
                          200.106.232.0/23 maxlen: 24
                          200.106.234.0/24 maxlen: 24
                          2800:880::/30 maxlen: 30

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 882234 (0xd763a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb6de066f1c70b82f75b54d19209c0e03f1f0279
        Validity
            Not Before: Mar 24 14:46:54 2021 GMT
            Not After : Mar 24 14:46:54 2026 GMT
        Subject: CN=d85d75e58a3fe848acc9de7e180dfa6c6b66894d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e2:41:91:bb:94:4f:a5:25:7c:c4:35:29:93:
                    cb:09:80:be:7d:0b:fb:8e:ff:d6:4d:a2:43:b4:ab:
                    da:52:5e:9c:ab:f6:73:21:21:c8:49:9d:6c:b7:c6:
                    b1:3d:f9:47:1a:1c:fd:fc:06:4c:0f:53:c4:f8:4c:
                    4e:23:d9:94:f3:d0:82:77:10:e4:0f:86:23:67:03:
                    a7:d1:3c:ce:4a:e1:a7:21:9a:4d:05:79:15:b0:8b:
                    bc:6d:e4:cd:8d:dd:7c:63:96:c3:96:fc:f8:45:78:
                    3a:bf:0b:69:53:df:2f:b5:f3:06:06:44:7e:a4:36:
                    d0:8c:d0:a7:0e:ef:e0:28:bf:1d:69:57:2e:e8:95:
                    af:f9:9f:e9:ca:bf:57:02:9c:a6:dc:d5:b3:dd:e9:
                    2e:21:c6:c1:53:cd:34:1c:0e:81:ea:ba:8c:e6:34:
                    60:b2:15:ad:b8:0b:5b:f7:54:dc:a3:63:76:8d:c0:
                    40:6b:38:0a:f5:c9:03:2c:9e:93:5c:a3:3e:21:0b:
                    15:b2:fd:21:17:21:ed:e9:bd:2c:a2:43:e6:c5:33:
                    7d:9b:29:da:ee:b0:b7:eb:c6:2c:8c:1c:d7:03:68:
                    96:40:05:b1:d2:77:ec:06:dc:10:8c:50:f2:20:52:
                    38:d4:09:04:87:e8:e9:b7:e8:8c:01:b3:e9:d7:fc:
                    4b:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:F2:5C:8C:C3:28:56:DA:33:04:70:6D:C2:BC:98:28:01:13:99:CB
            X509v3 Authority Key Identifier:
                keyid:76:12:49:46:59:CF:CF:F8:19:4B:DD:87:76:20:C2:55:68:E0:EA:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/eb6de066f1c70b82f75b54d19209c0e03f1f0279.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e348bdf3-6c2a-4e7f-9deb-ebcd2c56f245/d85d75e58a3fe848acc9de7e180dfa6c6b66894d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e348bdf3-6c2a-4e7f-9deb-ebcd2c56f245/eb6de066f1c70b82f75b54d19209c0e03f1f0279.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.186.249.0-138.186.251.255
                  179.51.0.0/18
                  186.32.64.0-186.32.66.255
                  186.32.68.0-186.32.127.255
                  186.32.248.0/21
                  190.53.0.0/19
                  190.53.96.0-190.53.191.255
                  190.99.24.0-190.99.35.255
                  190.99.37.0-190.99.63.255
                  190.150.0.0-190.150.48.255
                  190.150.50.0-190.150.69.255
                  190.150.72.0-190.150.203.255
                  190.150.205.0-190.150.254.255
                  200.13.161.0/24
                  200.13.168.0-200.13.174.255
                  200.13.180.0/24
                  200.13.184.0-200.13.186.255
                  200.13.189.0-200.13.190.255
                  200.106.232.0-200.106.234.255
                IPv6:
                  2800:880::/30

    Signature Algorithm: sha256WithRSAEncryption
         71:77:52:22:69:f0:1f:45:69:98:6e:be:bc:05:21:eb:61:1d:
         cc:72:71:74:92:c9:c5:d4:a1:06:35:23:79:40:82:bd:ef:86:
         5a:69:41:f6:b4:76:52:11:d4:2d:8c:d3:d0:be:db:74:d8:e4:
         a9:1b:7c:24:21:06:72:47:40:58:29:d5:c7:31:02:7e:47:c5:
         bd:98:52:ba:92:86:e6:14:03:11:f8:f7:50:4f:df:ad:47:29:
         11:51:be:f6:bf:1f:d9:ef:cd:18:56:78:4c:36:19:4d:41:f6:
         74:56:5a:fe:92:bf:e9:1c:bb:b4:92:2a:1a:af:db:f7:74:6e:
         20:98:13:23:da:17:d4:24:c2:41:79:2c:b1:46:5e:e4:10:2b:
         4b:53:cc:f5:31:69:e7:21:66:3b:36:03:03:b9:ee:20:0f:04:
         11:f3:ee:86:f1:40:51:ed:4b:45:a5:a7:19:6e:44:d4:05:ef:
         39:0e:56:cc:5f:9c:db:63:52:36:92:b0:50:67:e8:de:8f:90:
         e8:8f:0d:5f:cc:bf:7a:f1:e5:2a:7f:22:ed:34:02:7c:6a:25:
         2a:2a:00:4f:36:e5:6d:94:e4:8f:2b:bd:01:2a:4e:2d:13:13:
         5e:24:25:f2:78:84:f4:d2:4f:b5:3f:7a:d1:88:c0:d2:39:3f:
         6c:39:ed:3e
-----BEGIN CERTIFICATE-----
MIIGMDCCBRigAwIBAgIDDXY6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVi
NmRlMDY2ZjFjNzBiODJmNzViNTRkMTkyMDljMGUwM2YxZjAyNzkwHhcNMjEwMzI0
MTQ0NjU0WhcNMjYwMzI0MTQ0NjU0WjAzMTEwLwYDVQQDEyhkODVkNzVlNThhM2Zl
ODQ4YWNjOWRlN2UxODBkZmE2YzZiNjY4OTRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvuJBkbuUT6UlfMQ1KZPLCYC+fQv7jv/WTaJDtKvaUl6cq/Zz
ISHISZ1st8axPflHGhz9/AZMD1PE+ExOI9mU89CCdxDkD4YjZwOn0TzOSuGnIZpN
BXkVsIu8beTNjd18Y5bDlvz4RXg6vwtpU98vtfMGBkR+pDbQjNCnDu/gKL8daVcu
6JWv+Z/pyr9XApym3NWz3ekuIcbBU800HA6B6rqM5jRgshWtuAtb91Tco2N2jcBA
azgK9ckDLJ6TXKM+IQsVsv0hFyHt6b0sokPmxTN9myna7rC368YsjBzXA2iWQAWx
0nfsBtwQjFDyIFI41AkEh+jpt+iMAbPp1/xLKwIDAQABo4IDSzCCA0cwHQYDVR0O
BBYEFJbyXIzDKFbaMwRwbcK8mCgBE5nLMB8GA1UdIwQYMBaAFHYSSUZZz8/4GUvd
h3YgwlVo4OoMMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZWI2ZGUw
NjZmMWM3MGI4MmY3NWI1NGQxOTIwOWMwZTAzZjFmMDI3OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTM0OGJkZjMtNmMyYS00ZTdmLTlkZWItZWJjZDJj
NTZmMjQ1L2Q4NWQ3NWU1OGEzZmU4NDhhY2M5ZGU3ZTE4MGRmYTZjNmI2Njg5NGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lMzQ4YmRmMy02YzJhLTRlN2YtOWRlYi1lYmNk
MmM1NmYyNDUvZWI2ZGUwNjZmMWM3MGI4MmY3NWI1NGQxOTIwOWMwZTAzZjFmMDI3
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCAQ0GCCsGAQUFBwEHAQH/
BIH9MIH6MIHoBAIAATCB4TAMAwQAirr5AwQCirr4AwQGszMAMAwDBAa6IEADBAC6
IEIwDAMEArogRAMEB7ogAAMEA7og+AMEBb41ADAMAwQFvjVgAwQGvjWAMAwDBAO+
YxgDBAK+YyAwDAMEAL5jJQMEBr5jADALAwMBvpYDBAC+ljAwDAMEAb6WMgMEAb6W
RDAMAwQDvpZIAwQCvpbIMAwDBAC+ls0DBAC+lv4DBADIDaEwDAMEA8gNqAMEAMgN
rgMEAMgNtDAMAwQDyA24AwQAyA26MAwDBADIDb0DBADIDb4wDAMEA8hq6AMEAMhq
6jANBAIAAjAHAwUCKAAIgDANBgkqhkiG9w0BAQsFAAOCAQEAcXdSImnwH0VpmG6+
vAUh62EdzHJxdJLJxdShBjUjeUCCve+GWmlB9rR2UhHULYzT0L7bdNjkqRt8JCEG
ckdAWCnVxzECfkfFvZhSupKG5hQDEfj3UE/frUcpEVG+9r8f2e/NGFZ4TDYZTUH2
dFZa/pK/6Ry7tJIqGq/b93RuIJgTI9oX1CTCQXkssUZe5BArS1PM9TFp5yFmOzYD
A7nuIA8EEfPuhvFAUe1LRaWnGW5E1AXvOQ5WzF+c22NSNpKwUGfo3o+Q6I8NX8y/
evHlKn8i7TQCfGolKioATzblbZTkjyu9ASpOLRMTXiQl8niE9NJPtT960YjA0jk/
bDntPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:38 2024 by rpki-client on console-ams.rpki-client.org