Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e5948434-4056-4394-b7a7-433f5175173a/0bc98196e1484b5a06757ef132ab88050e0cbdf6.roa
File:                     0bc98196e1484b5a06757ef132ab88050e0cbdf6.roa (raw, json)
Hash identifier:          5oqg6YeUEKosUNUWX42qxqmLayeDE/s9h/jAkZYCOGg=
Subject key identifier:   2C:DD:16:1C:F3:3D:AC:6F:22:6E:B9:CB:9F:CF:45:36:41:EF:DB:A1
Certificate issuer:       /CN=701ea5e2aba4c6c0929eabf0a14b88f403a726e2
Certificate serial:       0CDB7B
Authority key identifier: B6:3F:DC:95:C1:3C:6E:F5:BD:51:84:5A:09:64:BF:E0:0B:14:9E:8E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/701ea5e2aba4c6c0929eabf0a14b88f403a726e2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e5948434-4056-4394-b7a7-433f5175173a/0bc98196e1484b5a06757ef132ab88050e0cbdf6.roa
Signing time:             Wed 24 Mar 2021 14:39:20 +0000
ROA not before:           Wed 24 Mar 2021 14:39:20 +0000
ROA not after:            Tue 24 Mar 2026 14:39:20 +0000
asID:                     27947
IP address blocks:        157.100.102.0/24 maxlen: 24
                          157.100.105.0/24 maxlen: 24
                          157.100.111.0/24 maxlen: 24
                          157.100.114.0/23 maxlen: 24
                          157.100.117.0/24 maxlen: 24
                          157.100.118.0/23 maxlen: 24
                          157.100.120.0/22 maxlen: 24
                          157.100.124.0/23 maxlen: 24
                          157.100.127.0/24 maxlen: 24
                          157.100.128.0/22 maxlen: 24
                          157.100.132.0/23 maxlen: 24
                          157.100.135.0/24 maxlen: 24
                          157.100.136.0/24 maxlen: 24
                          157.100.161.0/24 maxlen: 24
                          157.100.164.0/24 maxlen: 24
                          157.100.166.0/24 maxlen: 24
                          157.100.17.0/24 maxlen: 24
                          157.100.176.0/24 maxlen: 24
                          157.100.18.0/23 maxlen: 24
                          157.100.180.0/23 maxlen: 24
                          157.100.182.0/24 maxlen: 24
                          157.100.193.0/24 maxlen: 24
                          157.100.195.0/24 maxlen: 24
                          157.100.216.0/24 maxlen: 24
                          157.100.22.0/23 maxlen: 24
                          157.100.228.0/24 maxlen: 24
                          157.100.24.0/24 maxlen: 24
                          157.100.253.0/24 maxlen: 24
                          157.100.27.0/24 maxlen: 24
                          157.100.29.0/24 maxlen: 24
                          157.100.30.0/24 maxlen: 24
                          157.100.34.0/23 maxlen: 24
                          157.100.37.0/24 maxlen: 24
                          157.100.38.0/23 maxlen: 24
                          157.100.42.0/23 maxlen: 24
                          157.100.47.0/24 maxlen: 24
                          157.100.71.0/24 maxlen: 24
                          157.100.81.0/24 maxlen: 24
                          157.100.82.0/24 maxlen: 24
                          157.100.97.0/24 maxlen: 24
                          157.100.98.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 842619 (0xcdb7b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=701ea5e2aba4c6c0929eabf0a14b88f403a726e2
        Validity
            Not Before: Mar 24 14:39:20 2021 GMT
            Not After : Mar 24 14:39:20 2026 GMT
        Subject: CN=0bc98196e1484b5a06757ef132ab88050e0cbdf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:9e:ca:20:5c:fc:b4:56:fa:76:12:b8:13:7b:
                    69:ba:66:44:5b:02:7a:81:98:61:77:76:08:bd:23:
                    b0:cc:74:6c:f7:4c:e7:e9:49:b5:43:a9:d6:ff:7b:
                    08:4d:75:11:c9:99:15:2d:06:79:6f:b5:eb:c9:65:
                    1a:10:81:15:30:12:bd:c2:81:39:12:8e:ab:54:0d:
                    2f:99:4f:d6:10:c8:8a:d7:f0:bd:69:5c:08:1c:a1:
                    4e:0b:cb:30:4e:1e:3e:8f:6b:b3:5a:c3:b6:43:1c:
                    65:d7:8b:cd:2b:6e:96:5a:56:4d:90:ce:db:e3:d9:
                    16:14:c8:bb:44:00:18:36:0b:f5:81:21:61:09:6d:
                    51:e9:97:a4:39:f5:a8:22:fd:69:84:47:9c:61:dc:
                    f3:2e:26:37:40:ba:86:8d:f7:db:45:fc:da:9f:64:
                    38:94:ad:ea:50:95:e9:a7:2a:dc:fa:d5:13:4e:10:
                    bf:19:97:50:6c:b1:23:e1:06:3a:b8:06:18:21:1b:
                    7e:c0:f9:71:c6:72:3f:a9:bc:03:09:3c:41:40:2e:
                    ba:f4:70:9d:03:fe:dd:f3:c7:60:99:8f:d8:f6:6c:
                    6f:29:ff:e4:cc:c8:46:e8:6b:9b:e6:e2:d6:ce:5c:
                    b9:1c:00:73:bc:90:ed:88:f3:2b:39:62:f8:6e:77:
                    1a:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:DD:16:1C:F3:3D:AC:6F:22:6E:B9:CB:9F:CF:45:36:41:EF:DB:A1
            X509v3 Authority Key Identifier:
                keyid:B6:3F:DC:95:C1:3C:6E:F5:BD:51:84:5A:09:64:BF:E0:0B:14:9E:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/701ea5e2aba4c6c0929eabf0a14b88f403a726e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e5948434-4056-4394-b7a7-433f5175173a/0bc98196e1484b5a06757ef132ab88050e0cbdf6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e5948434-4056-4394-b7a7-433f5175173a/701ea5e2aba4c6c0929eabf0a14b88f403a726e2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.100.17.0-157.100.19.255
                  157.100.22.0-157.100.24.255
                  157.100.27.0/24
                  157.100.29.0-157.100.30.255
                  157.100.34.0/23
                  157.100.37.0-157.100.39.255
                  157.100.42.0/23
                  157.100.47.0/24
                  157.100.71.0/24
                  157.100.81.0-157.100.82.255
                  157.100.97.0-157.100.99.255
                  157.100.102.0/24
                  157.100.105.0/24
                  157.100.111.0/24
                  157.100.114.0/23
                  157.100.117.0-157.100.125.255
                  157.100.127.0-157.100.133.255
                  157.100.135.0-157.100.136.255
                  157.100.161.0/24
                  157.100.164.0/24
                  157.100.166.0/24
                  157.100.176.0/24
                  157.100.180.0-157.100.182.255
                  157.100.193.0/24
                  157.100.195.0/24
                  157.100.216.0/24
                  157.100.228.0/24
                  157.100.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:0c:fb:4d:91:65:97:97:80:07:24:30:7e:f8:21:96:4c:b5:
         0c:24:82:98:c0:1d:16:d5:55:be:23:2d:d3:ef:3d:a4:ee:a2:
         d8:de:6a:3a:b7:09:f2:8a:fb:42:68:a0:22:1a:1a:14:66:41:
         41:74:b4:ba:01:ab:b5:03:8c:24:50:7d:c6:db:b3:69:62:1a:
         b8:b4:84:bf:3e:3b:ad:69:ed:52:43:af:36:dc:9f:c7:cc:36:
         ca:54:d4:47:05:dc:e2:ea:56:ed:46:8d:07:1f:a6:0b:74:80:
         51:cd:d6:0c:89:e2:55:56:47:e8:bb:89:78:7d:7d:1b:f9:b3:
         96:02:36:72:e8:c5:ba:32:29:bc:ab:3a:d5:98:70:c0:5b:a4:
         0d:88:de:83:b0:b7:a9:20:69:55:fb:f1:c4:9d:15:e0:e1:42:
         ee:99:d7:d6:da:23:ff:a8:f0:d7:77:5c:4e:37:21:99:87:9e:
         35:6d:ae:ee:ce:17:39:d1:55:22:45:b7:52:c4:f4:37:d3:2f:
         16:04:f1:39:42:1c:0d:b7:4b:94:51:78:92:49:9f:85:e8:4b:
         b8:8b:ed:ad:10:77:fe:ac:b8:4f:3b:8b:b7:2c:40:ea:85:6a:
         39:86:81:7f:5b:a1:7b:bc:3b:fa:51:29:af:32:a4:4e:30:c1:
         f9:fb:d7:02
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgIDDNt7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcw
MWVhNWUyYWJhNGM2YzA5MjllYWJmMGExNGI4OGY0MDNhNzI2ZTIwHhcNMjEwMzI0
MTQzOTIwWhcNMjYwMzI0MTQzOTIwWjAzMTEwLwYDVQQDEygwYmM5ODE5NmUxNDg0
YjVhMDY3NTdlZjEzMmFiODgwNTBlMGNiZGY2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhJ7KIFz8tFb6dhK4E3tpumZEWwJ6gZhhd3YIvSOwzHRs90zn
6Um1Q6nW/3sITXURyZkVLQZ5b7XryWUaEIEVMBK9woE5Eo6rVA0vmU/WEMiK1/C9
aVwIHKFOC8swTh4+j2uzWsO2Qxxl14vNK26WWlZNkM7b49kWFMi7RAAYNgv1gSFh
CW1R6ZekOfWoIv1phEecYdzzLiY3QLqGjffbRfzan2Q4lK3qUJXppyrc+tUTThC/
GZdQbLEj4QY6uAYYIRt+wPlxxnI/qbwDCTxBQC669HCdA/7d88dgmY/Y9mxvKf/k
zMhG6Gub5uLWzly5HABzvJDtiPMrOWL4bncauwIDAQABo4IDVTCCA1EwHQYDVR0O
BBYEFCzdFhzzPaxvIm65y5/PRTZB79uhMB8GA1UdIwQYMBaAFLY/3JXBPG71vVGE
Wglkv+ALFJ6OMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzAxZWE1
ZTJhYmE0YzZjMDkyOWVhYmYwYTE0Yjg4ZjQwM2E3MjZlMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTU5NDg0MzQtNDA1Ni00Mzk0LWI3YTctNDMzZjUx
NzUxNzNhLzBiYzk4MTk2ZTE0ODRiNWEwNjc1N2VmMTMyYWI4ODA1MGUwY2JkZjYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNTk0ODQzNC00MDU2LTQzOTQtYjdhNy00MzNm
NTE3NTE3M2EvNzAxZWE1ZTJhYmE0YzZjMDkyOWVhYmYwYTE0Yjg4ZjQwM2E3MjZl
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCARcGCCsGAQUFBwEHAQH/
BIIBBjCCAQIwgf8EAgABMIH4MAwDBACdZBEDBAKdZBAwDAMEAZ1kFgMEAJ1kGAME
AJ1kGzAMAwQAnWQdAwQAnWQeAwQBnWQiMAwDBACdZCUDBAOdZCADBAGdZCoDBACd
ZC8DBACdZEcwDAMEAJ1kUQMEAJ1kUjAMAwQAnWRhAwQCnWRgAwQAnWRmAwQAnWRp
AwQAnWRvAwQBnWRyMAwDBACdZHUDBAGdZHwwDAMEAJ1kfwMEAZ1khDAMAwQAnWSH
AwQAnWSIAwQAnWShAwQAnWSkAwQAnWSmAwQAnWSwMAwDBAKdZLQDBACdZLYDBACd
ZMEDBACdZMMDBACdZNgDBACdZOQDBACdZP0wDQYJKoZIhvcNAQELBQADggEBADUM
+02RZZeXgAckMH74IZZMtQwkgpjAHRbVVb4jLdPvPaTuotjeajq3CfKK+0JooCIa
GhRmQUF0tLoBq7UDjCRQfcbbs2liGri0hL8+O61p7VJDrzbcn8fMNspU1EcF3OLq
Vu1GjQcfpgt0gFHN1gyJ4lVWR+i7iXh9fRv5s5YCNnLoxboyKbyrOtWYcMBbpA2I
3oOwt6kgaVX78cSdFeDhQu6Z19baI/+o8Nd3XE43IZmHnjVtru7OFznRVSJFt1LE
9DfTLxYE8TlCHA23S5RReJJJn4XoS7iL7a0Qd/6suE87i7csQOqFajmGgX9boXu8
O/pRKa8ypE4wwfn71wI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:10 2024 by rpki-client on console-fra.rpki-client.org