Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ef96c69d-d455-40a0-a9e3-14dd69c14564/a2a545e5b91600f5f8382c66ae1e2d8e57dece03.roa
File:                     a2a545e5b91600f5f8382c66ae1e2d8e57dece03.roa (raw, json)
Hash identifier:          yJkoT50hASY/P8f4EjFje3JytcdyZnVgQqPyRcEf3uM=
Subject key identifier:   E9:29:B4:59:EF:EE:9B:F2:7F:03:D8:14:85:CA:14:A6:E1:F8:63:04
Certificate issuer:       /CN=513d4f24351d23b0d1286ff946b24bfd08afdc12
Certificate serial:       24D07E
Authority key identifier: B2:5F:EE:E0:58:9A:94:87:AE:CE:2B:11:01:69:98:5F:A2:1B:5B:F2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/513d4f24351d23b0d1286ff946b24bfd08afdc12.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ef96c69d-d455-40a0-a9e3-14dd69c14564/a2a545e5b91600f5f8382c66ae1e2d8e57dece03.roa
Signing time:             Tue 26 Sep 2023 17:12:49 +0000
ROA not before:           Mon 25 Sep 2023 17:12:48 +0000
ROA not after:            Fri 26 Sep 2025 17:12:48 +0000
asID:                     19169
IP address blocks:        168.197.188.0/22 maxlen: 24
                          181.39.0.0/16 maxlen: 24
                          200.93.192.0/19 maxlen: 24
                          200.93.224.0/20 maxlen: 24
                          186.4.128.0/17 maxlen: 24
                          186.5.0.0/17 maxlen: 24
                          201.218.0.0/18 maxlen: 24
                          190.95.128.0/17 maxlen: 24
                          200.110.64.0/19 maxlen: 24
                          186.101.0.0/16 maxlen: 24
                          186.3.0.0/16 maxlen: 24
                          181.198.0.0/16 maxlen: 24
                          181.199.0.0/17 maxlen: 24
                          2800:2a0::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2412670 (0x24d07e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=513d4f24351d23b0d1286ff946b24bfd08afdc12
        Validity
            Not Before: Sep 25 17:12:48 2023 GMT
            Not After : Sep 26 17:12:48 2025 GMT
        Subject: CN=a2a545e5b91600f5f8382c66ae1e2d8e57dece03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ad:07:d4:d4:b7:0b:03:99:09:e2:8f:68:4a:
                    83:ec:39:c7:93:d8:5a:0b:0f:10:8b:e7:75:20:2b:
                    80:92:1d:7a:c7:ab:59:cf:e4:6d:c9:ab:bb:80:c5:
                    6a:3b:ed:38:b8:17:9c:a2:71:b1:df:61:ce:4f:1a:
                    3e:6c:33:f6:d9:45:91:28:d7:1d:63:06:3c:0d:49:
                    dd:3b:33:61:b1:0f:2f:55:6e:ff:45:44:81:9d:4d:
                    be:01:0f:2f:01:bf:88:12:21:43:c5:4c:6d:94:d4:
                    fc:5a:be:05:ee:93:ce:dd:4c:f0:e5:71:96:e4:91:
                    55:61:74:5e:85:2e:ac:ec:80:2e:1e:3a:35:00:07:
                    4d:e8:49:f3:d2:6a:8e:67:51:cc:c3:ee:38:24:6b:
                    01:c7:e4:3a:83:aa:7b:f8:c3:61:dc:3d:1f:18:ba:
                    7e:20:f0:8c:27:58:8d:7a:8e:43:4c:36:a4:87:bb:
                    49:5d:28:69:5f:d6:a7:9b:06:71:66:72:4b:63:29:
                    9e:44:03:66:de:d5:dc:0f:11:2d:c9:8f:4c:9b:64:
                    4f:54:58:d6:54:e0:8a:13:b0:e1:d1:45:62:ae:eb:
                    8f:55:b3:ce:9c:bb:a9:07:10:51:1d:08:dd:64:2f:
                    10:9b:b5:f6:48:c4:41:47:f6:16:68:00:20:a4:22:
                    da:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:29:B4:59:EF:EE:9B:F2:7F:03:D8:14:85:CA:14:A6:E1:F8:63:04
            X509v3 Authority Key Identifier:
                keyid:B2:5F:EE:E0:58:9A:94:87:AE:CE:2B:11:01:69:98:5F:A2:1B:5B:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/513d4f24351d23b0d1286ff946b24bfd08afdc12.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ef96c69d-d455-40a0-a9e3-14dd69c14564/a2a545e5b91600f5f8382c66ae1e2d8e57dece03.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ef96c69d-d455-40a0-a9e3-14dd69c14564/513d4f24351d23b0d1286ff946b24bfd08afdc12.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.197.188.0/22
                  181.39.0.0/16
                  181.198.0.0-181.199.127.255
                  186.3.0.0/16
                  186.4.128.0-186.5.127.255
                  186.101.0.0/16
                  190.95.128.0/17
                  200.93.192.0-200.93.239.255
                  200.110.64.0/19
                  201.218.0.0/18
                IPv6:
                  2800:2a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         2f:c4:b1:f7:f6:65:7a:3d:72:bf:3c:15:d9:ac:9f:8d:e1:59:
         e8:1b:7e:91:79:6c:ca:67:f0:10:42:6c:cb:f4:33:33:f4:94:
         aa:75:57:f0:19:9c:06:13:3c:42:17:71:53:f9:ea:51:89:4f:
         f1:5b:15:52:10:84:59:f6:fe:d0:0a:8c:c7:03:ed:cf:c0:81:
         7c:b6:f1:f9:06:94:aa:c4:01:36:b8:35:d5:56:0b:1d:ff:c0:
         82:d3:de:4c:4d:8c:98:20:4d:a3:1d:c5:e7:4a:db:af:c3:3c:
         3a:b9:e5:ab:57:45:29:ed:a5:3a:23:44:34:d3:42:35:e8:fa:
         03:f6:f2:ca:20:4b:6d:2d:2d:4c:1a:47:72:8f:e0:a5:f1:a3:
         38:5f:fb:fe:bf:c5:a8:f8:54:e1:43:f4:c6:fb:5e:cc:56:2f:
         b1:47:48:34:29:bf:fa:13:ea:4b:da:19:9a:4f:9b:c9:d7:fc:
         89:60:89:2d:82:23:35:d0:f9:2c:88:31:d1:7b:fe:13:aa:12:
         d7:33:7e:32:8f:0c:8f:fd:c2:3d:f1:83:c5:c6:7a:55:8d:7d:
         75:c6:3f:ae:c4:21:20:c4:86:ba:b3:75:49:ad:ef:6a:93:5f:
         aa:bc:4a:dc:8b:62:92:4e:d0:9f:c2:14:d6:42:2c:60:81:50:
         34:b6:82:59
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIDJNB+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUx
M2Q0ZjI0MzUxZDIzYjBkMTI4NmZmOTQ2YjI0YmZkMDhhZmRjMTIwHhcNMjMwOTI1
MTcxMjQ4WhcNMjUwOTI2MTcxMjQ4WjAzMTEwLwYDVQQDEyhhMmE1NDVlNWI5MTYw
MGY1ZjgzODJjNjZhZTFlMmQ4ZTU3ZGVjZTAzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmq0H1NS3CwOZCeKPaEqD7DnHk9haCw8Qi+d1ICuAkh16x6tZ
z+Rtyau7gMVqO+04uBeconGx32HOTxo+bDP22UWRKNcdYwY8DUndOzNhsQ8vVW7/
RUSBnU2+AQ8vAb+IEiFDxUxtlNT8Wr4F7pPO3Uzw5XGW5JFVYXRehS6s7IAuHjo1
AAdN6Enz0mqOZ1HMw+44JGsBx+Q6g6p7+MNh3D0fGLp+IPCMJ1iNeo5DTDakh7tJ
XShpX9anmwZxZnJLYymeRANm3tXcDxEtyY9Mm2RPVFjWVOCKE7Dh0UViruuPVbPO
nLupBxBRHQjdZC8Qm7X2SMRBR/YWaAAgpCLakwIDAQABo4ICtDCCArAwHQYDVR0O
BBYEFOkptFnv7pvyfwPYFIXKFKbh+GMEMB8GA1UdIwQYMBaAFLJf7uBYmpSHrs4r
EQFpmF+iG1vyMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTEzZDRm
MjQzNTFkMjNiMGQxMjg2ZmY5NDZiMjRiZmQwOGFmZGMxMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZWY5NmM2OWQtZDQ1NS00MGEwLWE5ZTMtMTRkZDY5
YzE0NTY0L2EyYTU0NWU1YjkxNjAwZjVmODM4MmM2NmFlMWUyZDhlNTdkZWNlMDMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lZjk2YzY5ZC1kNDU1LTQwYTAtYTllMy0xNGRk
NjljMTQ1NjQvNTEzZDRmMjQzNTFkMjNiMGQxMjg2ZmY5NDZiMjRiZmQwOGFmZGMx
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB4BggrBgEFBQcBBwEB/wRp
MGcwVgQCAAEwUAMEAqjFvAMDALUnMAsDAwG1xgMEB7XHAAMDALoDMAwDBAe6BIAD
BAe6BQADAwC6ZQMEB75fgDAMAwQGyF3AAwQEyF3gAwQFyG5AAwQGydoAMA0EAgAC
MAcDBQAoAAKgMA0GCSqGSIb3DQEBCwUAA4IBAQAvxLH39mV6PXK/PBXZrJ+N4Vno
G36ReWzKZ/AQQmzL9DMz9JSqdVfwGZwGEzxCF3FT+epRiU/xWxVSEIRZ9v7QCozH
A+3PwIF8tvH5BpSqxAE2uDXVVgsd/8CC095MTYyYIE2jHcXnStuvwzw6ueWrV0Up
7aU6I0Q000I16PoD9vLKIEttLS1MGkdyj+Cl8aM4X/v+v8Wo+FThQ/TG+17MVi+x
R0g0Kb/6E+pL2hmaT5vJ1/yJYIktgiM10PksiDHRe/4TqhLXM34yjwyP/cI98YPF
xnpVjX11xj+uxCEgxIa6s3VJre9qk1+qvErci2KSTtCfwhTWQixggVA0toJZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:42 2024 by rpki-client on console-ams.rpki-client.org