Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ead99edc-7c47-4c4d-a47a-3f7261ead2e3/cc2f3f2463ad83f8c7bf523b7e37e618b52d37fc.roa
File:                     cc2f3f2463ad83f8c7bf523b7e37e618b52d37fc.roa (raw, json)
Hash identifier:          VTJVrKu/PxCcWOJixFpdqEm/Ii9LdIegp95kyZkXQjA=
Subject key identifier:   13:FD:1C:B1:A9:1B:32:B8:96:72:B1:E7:92:45:74:50:EA:A3:E0:16
Certificate issuer:       /CN=82a0f3b8699157d02e2e70513969f2e77b6b9db5
Certificate serial:       2207BA
Authority key identifier: 26:E4:47:4D:F2:87:F7:F9:E4:DD:84:AA:2B:A6:B2:D0:ED:E4:EA:68
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/82a0f3b8699157d02e2e70513969f2e77b6b9db5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ead99edc-7c47-4c4d-a47a-3f7261ead2e3/cc2f3f2463ad83f8c7bf523b7e37e618b52d37fc.roa
Signing time:             Wed 16 Aug 2023 16:46:13 +0000
ROA not before:           Tue 15 Aug 2023 16:46:13 +0000
ROA not after:            Sat 16 Aug 2025 16:46:13 +0000
asID:                     7438
IP address blocks:        200.36.160.0/19 maxlen: 24
                          200.36.166.0/23 maxlen: 24
                          200.36.178.0/23 maxlen: 24
                          200.36.180.0/22 maxlen: 24
                          201.131.4.0/24 maxlen: 24
                          200.36.184.0/21 maxlen: 24
                          200.36.186.0/23 maxlen: 24
                          200.36.188.0/23 maxlen: 24
                          200.39.0.0/19 maxlen: 24
                          200.39.0.0/23 maxlen: 23
                          200.39.2.0/24 maxlen: 24
                          200.39.7.0/24 maxlen: 24
                          200.39.8.0/23 maxlen: 24
                          200.39.11.0/24 maxlen: 24
                          200.39.14.0/23 maxlen: 24
                          200.39.13.0/24 maxlen: 24
                          200.39.14.0/23 maxlen: 24
                          200.39.24.0/22 maxlen: 24
                          200.39.18.0/24 maxlen: 24
                          200.39.20.0/22 maxlen: 24
                          200.39.28.0/23 maxlen: 24
                          200.39.25.0/24 maxlen: 24
                          200.39.26.0/24 maxlen: 24
                          200.39.28.0/22 maxlen: 24
                          201.166.188.0/22 maxlen: 24
                          200.76.80.0/20 maxlen: 24
                          200.76.80.0/21 maxlen: 24
                          200.76.82.0/24 maxlen: 24
                          200.76.88.0/23 maxlen: 23
                          200.76.90.0/23 maxlen: 24
                          200.76.92.0/22 maxlen: 22
                          201.162.192.0/23 maxlen: 24
                          201.162.191.0/24 maxlen: 24
                          201.162.192.0/23 maxlen: 24
                          201.162.194.0/24 maxlen: 24
                          201.162.224.0/23 maxlen: 24
                          201.162.224.0/24 maxlen: 24
                          201.162.232.0/23 maxlen: 24
                          201.162.234.0/24 maxlen: 24
                          201.162.236.0/24 maxlen: 24
                          201.162.136.0/21 maxlen: 24
                          201.162.144.0/24 maxlen: 24
                          201.162.162.0/24 maxlen: 24
                          201.162.178.0/24 maxlen: 24
                          201.166.137.0/24 maxlen: 24
                          201.166.148.0/22 maxlen: 24
                          201.166.151.0/24 maxlen: 24
                          201.166.168.0/23 maxlen: 24
                          201.166.176.0/20 maxlen: 24
                          201.166.175.0/24 maxlen: 24
                          201.166.176.0/23 maxlen: 24
                          201.166.178.0/24 maxlen: 24
                          201.166.180.0/22 maxlen: 24
                          201.162.247.0/24 maxlen: 24
                          201.166.128.0/18 maxlen: 24
                          201.166.128.0/19 maxlen: 24
                          201.166.128.0/19 maxlen: 24
                          201.166.160.0/20 maxlen: 24
                          201.166.128.0/22 maxlen: 22
                          201.166.132.0/23 maxlen: 24
                          201.162.128.0/17 maxlen: 24
                          201.162.128.0/18 maxlen: 24
                          201.162.128.0/20 maxlen: 24
                          201.162.128.0/21 maxlen: 21
                          2806:200::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2230202 (0x2207ba)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82a0f3b8699157d02e2e70513969f2e77b6b9db5
        Validity
            Not Before: Aug 15 16:46:13 2023 GMT
            Not After : Aug 16 16:46:13 2025 GMT
        Subject: CN=cc2f3f2463ad83f8c7bf523b7e37e618b52d37fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:65:f5:54:55:23:58:37:b2:0d:66:c4:bb:ae:
                    90:34:62:a3:ed:8c:84:ad:5f:4d:cc:83:dd:e6:71:
                    17:76:0b:63:a1:58:83:09:7e:b6:36:bd:97:12:f1:
                    f6:47:bb:89:9a:a7:a1:5f:ce:d3:0b:1d:55:80:1b:
                    f2:78:09:3a:88:5f:e2:30:6a:71:79:be:0f:fc:67:
                    d8:5f:cd:9d:c3:79:9f:7e:2e:02:43:aa:a1:62:79:
                    9c:1b:45:f5:31:1f:ec:71:03:de:5f:e3:f6:3a:4f:
                    1f:e0:72:91:e6:a2:2b:fb:9c:c7:36:9b:7c:44:3a:
                    b1:17:ff:f3:88:30:1a:bf:22:82:12:e3:35:39:c3:
                    d4:3a:6c:05:0a:a6:72:82:3f:d7:0d:53:1a:1a:fb:
                    f8:1b:67:32:74:51:87:5f:9c:a1:55:0e:2a:39:96:
                    cf:55:67:1d:a1:6f:e8:e6:ac:c6:80:48:55:ca:3e:
                    6c:54:53:9f:25:1c:cf:6c:54:03:fd:a5:f0:ba:d4:
                    c3:83:8a:39:87:25:47:bb:0b:7f:07:62:d0:f3:46:
                    c2:4b:a5:a3:f6:14:24:37:26:79:7d:5c:1c:c2:0e:
                    d4:be:23:63:cb:e2:0f:d4:d8:de:1c:76:8c:e9:d4:
                    d7:f5:e7:05:7e:71:52:b4:f7:df:e8:b2:11:6d:f0:
                    4c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:FD:1C:B1:A9:1B:32:B8:96:72:B1:E7:92:45:74:50:EA:A3:E0:16
            X509v3 Authority Key Identifier:
                keyid:26:E4:47:4D:F2:87:F7:F9:E4:DD:84:AA:2B:A6:B2:D0:ED:E4:EA:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/82a0f3b8699157d02e2e70513969f2e77b6b9db5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ead99edc-7c47-4c4d-a47a-3f7261ead2e3/cc2f3f2463ad83f8c7bf523b7e37e618b52d37fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ead99edc-7c47-4c4d-a47a-3f7261ead2e3/82a0f3b8699157d02e2e70513969f2e77b6b9db5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.36.160.0/19
                  200.39.0.0/19
                  200.76.80.0/20
                  201.131.4.0/24
                  201.162.128.0/17
                  201.166.128.0/18
                IPv6:
                  2806:200::/32

    Signature Algorithm: sha256WithRSAEncryption
         5c:a4:d5:62:93:4d:4c:f2:1f:bf:56:05:c1:27:31:db:f6:2f:
         91:ca:e0:74:eb:e2:7a:08:c3:24:8e:03:23:6a:0b:6d:0b:ac:
         c5:08:3e:8a:5e:b4:4e:e0:fd:4b:fe:21:18:20:29:38:b9:ae:
         db:3f:5b:df:f0:81:79:87:33:2a:0f:24:b9:24:84:ff:d1:8b:
         7e:c8:82:d9:7c:fe:1d:c9:c2:51:dc:99:b4:4c:11:47:72:a7:
         92:6f:42:dc:75:50:3d:93:61:d0:cc:c4:9e:0e:9b:06:c2:30:
         f5:8e:1e:85:6b:50:24:48:8e:1c:b5:63:d3:d9:cc:94:2c:62:
         a8:f8:aa:8c:ed:ea:5a:5b:4d:57:02:86:cf:fd:57:9b:8a:ac:
         2c:c0:78:42:bb:18:9c:19:53:88:21:9e:bd:de:fb:f2:cd:b0:
         74:e1:6d:6f:67:a0:48:27:61:54:7e:7c:11:0f:b5:bd:1d:0b:
         24:8e:8a:f7:44:5d:5c:84:15:07:4c:3e:8c:9d:59:ab:69:9d:
         d0:12:ab:ee:dd:2f:12:c5:62:8c:4e:db:04:ba:e2:25:66:cd:
         59:dd:0f:a5:01:55:d8:21:94:c7:d9:3c:ba:de:42:54:2d:f4:
         ec:8b:f6:a4:01:f8:fb:44:4f:d9:99:01:06:e7:c9:f3:ce:55:
         76:61:ba:b2
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIDIge6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDgy
YTBmM2I4Njk5MTU3ZDAyZTJlNzA1MTM5NjlmMmU3N2I2YjlkYjUwHhcNMjMwODE1
MTY0NjEzWhcNMjUwODE2MTY0NjEzWjAzMTEwLwYDVQQDEyhjYzJmM2YyNDYzYWQ4
M2Y4YzdiZjUyM2I3ZTM3ZTYxOGI1MmQzN2ZjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnWX1VFUjWDeyDWbEu66QNGKj7YyErV9NzIPd5nEXdgtjoViD
CX62Nr2XEvH2R7uJmqehX87TCx1VgBvyeAk6iF/iMGpxeb4P/GfYX82dw3mffi4C
Q6qhYnmcG0X1MR/scQPeX+P2Ok8f4HKR5qIr+5zHNpt8RDqxF//ziDAavyKCEuM1
OcPUOmwFCqZygj/XDVMaGvv4G2cydFGHX5yhVQ4qOZbPVWcdoW/o5qzGgEhVyj5s
VFOfJRzPbFQD/aXwutTDg4o5hyVHuwt/B2LQ80bCS6Wj9hQkNyZ5fVwcwg7UviNj
y+IP1NjeHHaM6dTX9ecFfnFStPff6LIRbfBMFQIDAQABo4ICiDCCAoQwHQYDVR0O
BBYEFBP9HLGpGzK4lnKx55JFdFDqo+AWMB8GA1UdIwQYMBaAFCbkR03yh/f55N2E
qiumstDt5OpoMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODJhMGYz
Yjg2OTkxNTdkMDJlMmU3MDUxMzk2OWYyZTc3YjZiOWRiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZWFkOTllZGMtN2M0Ny00YzRkLWE0N2EtM2Y3MjYx
ZWFkMmUzL2NjMmYzZjI0NjNhZDgzZjhjN2JmNTIzYjdlMzdlNjE4YjUyZDM3ZmMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lYWQ5OWVkYy03YzQ3LTRjNGQtYTQ3YS0zZjcy
NjFlYWQyZTMvODJhMGYzYjg2OTkxNTdkMDJlMmU3MDUxMzk2OWYyZTc3YjZiOWRi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9
MDswKgQCAAEwJAMEBcgkoAMEBcgnAAMEBMhMUAMEAMmDBAMEB8migAMEBsmmgDAN
BAIAAjAHAwUAKAYCADANBgkqhkiG9w0BAQsFAAOCAQEAXKTVYpNNTPIfv1YFwScx
2/YvkcrgdOviegjDJI4DI2oLbQusxQg+il60TuD9S/4hGCApOLmu2z9b3/CBeYcz
Kg8kuSSE/9GLfsiC2Xz+HcnCUdyZtEwRR3Knkm9C3HVQPZNh0MzEng6bBsIw9Y4e
hWtQJEiOHLVj09nMlCxiqPiqjO3qWltNVwKGz/1Xm4qsLMB4QrsYnBlTiCGevd77
8s2wdOFtb2egSCdhVH58EQ+1vR0LJI6K90RdXIQVB0w+jJ1Zq2md0BKr7t0vEsVi
jE7bBLriJWbNWd0PpQFV2CGUx9k8ut5CVC307Iv2pAH4+0RP2ZkBBufJ885VdmG6
sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:11 2024 by rpki-client on console-fra.rpki-client.org