Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f04334a6-8e56-4903-90f0-1a897fc935c5/818b6a55b63e7b54ebfe1753510e01e91d36c7a1.roa
File:                     818b6a55b63e7b54ebfe1753510e01e91d36c7a1.roa (raw, json)
Hash identifier:          9BOx/WWNUxsqhyAi+JKoa4I5rzpZoibn8gvFsblYhKk=
Subject key identifier:   BC:5D:0D:6F:94:D0:1C:06:BB:40:D8:F9:8E:1D:16:05:1E:1D:FA:EA
Certificate issuer:       /CN=c69b99fc2d2eefbdb75ba663d575a10ac84f78c1
Certificate serial:       22DE51
Authority key identifier: 26:32:3A:4B:C0:9F:4A:66:92:5C:34:E7:A0:CD:05:9E:A1:ED:05:3B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c69b99fc2d2eefbdb75ba663d575a10ac84f78c1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f04334a6-8e56-4903-90f0-1a897fc935c5/818b6a55b63e7b54ebfe1753510e01e91d36c7a1.roa
Signing time:             Tue 15 Aug 2023 20:28:48 +0000
ROA not before:           Mon 14 Aug 2023 20:28:48 +0000
ROA not after:            Fri 15 Aug 2025 20:28:48 +0000
asID:                     6306
IP address blocks:        161.140.0.0/16 maxlen: 17
                          181.185.128.0/17 maxlen: 17
                          179.20.128.0/17 maxlen: 17
                          200.31.128.0/19 maxlen: 24
                          179.45.128.0/17 maxlen: 17
                          181.184.128.0/17 maxlen: 17
                          186.184.128.0/17 maxlen: 20
                          186.166.0.0/16 maxlen: 24
                          186.186.64.0/18 maxlen: 18
                          161.212.0.0/16 maxlen: 17
                          161.255.0.0/16 maxlen: 16
                          179.44.128.0/17 maxlen: 17
                          200.35.64.0/18 maxlen: 23
                          161.234.0.0/16 maxlen: 16
                          181.183.128.0/17 maxlen: 17
                          200.71.128.0/18 maxlen: 22
                          179.21.128.0/17 maxlen: 17
                          186.24.0.0/15 maxlen: 24
                          181.182.128.0/17 maxlen: 17
                          186.185.0.0/16 maxlen: 20
                          2800:6b0::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2285137 (0x22de51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c69b99fc2d2eefbdb75ba663d575a10ac84f78c1
        Validity
            Not Before: Aug 14 20:28:48 2023 GMT
            Not After : Aug 15 20:28:48 2025 GMT
        Subject: CN=818b6a55b63e7b54ebfe1753510e01e91d36c7a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:2b:b9:ef:be:0a:06:f0:15:02:0e:50:a7:70:
                    47:7c:20:4d:f6:3d:37:3b:82:8a:18:b6:4a:4a:31:
                    e5:f5:cb:53:29:72:f3:48:86:d0:33:a2:49:aa:6d:
                    12:79:81:f6:d2:b7:ca:e3:2d:03:6f:ff:6b:d9:46:
                    0d:c0:2c:39:ee:8d:eb:a7:cf:ce:8f:1e:60:b6:5d:
                    f2:98:8b:da:cb:14:75:64:8a:31:a1:6c:e5:3b:9c:
                    9f:3f:f8:7d:87:b5:2e:40:9d:ed:8d:97:00:5a:a4:
                    19:02:8d:e9:42:cc:a5:21:cc:de:ce:88:eb:91:b1:
                    b8:72:43:47:c3:41:fd:ca:40:87:0c:12:42:2e:33:
                    df:f9:37:2f:f9:66:13:43:50:1a:3f:28:33:38:7f:
                    ea:34:b3:da:0c:ae:11:eb:58:19:ca:b9:e3:02:a2:
                    71:a7:02:37:0c:7a:15:98:52:8a:c7:a5:de:1b:60:
                    a0:5d:33:1d:d1:21:69:07:09:90:b5:11:3a:f2:8b:
                    18:45:83:4b:13:3a:2a:1f:48:12:a6:fe:29:aa:d3:
                    0c:97:61:34:db:5e:b9:31:46:25:1f:5c:dd:77:bf:
                    1b:f2:9b:a3:7b:2c:16:31:3e:a0:72:6e:a5:fb:b6:
                    48:6b:22:bd:fe:e0:23:96:75:40:ca:34:d6:68:be:
                    fc:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:5D:0D:6F:94:D0:1C:06:BB:40:D8:F9:8E:1D:16:05:1E:1D:FA:EA
            X509v3 Authority Key Identifier:
                keyid:26:32:3A:4B:C0:9F:4A:66:92:5C:34:E7:A0:CD:05:9E:A1:ED:05:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c69b99fc2d2eefbdb75ba663d575a10ac84f78c1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f04334a6-8e56-4903-90f0-1a897fc935c5/818b6a55b63e7b54ebfe1753510e01e91d36c7a1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f04334a6-8e56-4903-90f0-1a897fc935c5/c69b99fc2d2eefbdb75ba663d575a10ac84f78c1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.140.0.0/16
                  161.212.0.0/16
                  161.234.0.0/16
                  161.255.0.0/16
                  179.20.128.0/17
                  179.21.128.0/17
                  179.44.128.0/17
                  179.45.128.0/17
                  181.182.128.0/17
                  181.183.128.0/17
                  181.184.128.0/17
                  181.185.128.0/17
                  186.24.0.0/15
                  186.166.0.0/16
                  186.184.128.0-186.185.255.255
                  186.186.64.0/18
                  200.31.128.0/19
                  200.35.64.0/18
                  200.71.128.0/18
                IPv6:
                  2800:6b0::/32

    Signature Algorithm: sha256WithRSAEncryption
         1c:50:e7:e7:7a:4f:ee:6c:08:bc:9b:8d:8a:bc:ff:0d:f4:19:
         ed:9e:c7:3c:9b:ad:f4:6a:14:52:93:e9:2a:14:eb:8f:98:9e:
         55:b6:36:33:38:a6:1d:47:3e:0b:d3:9f:ee:50:98:54:2d:d3:
         99:bd:33:29:49:a2:b1:72:a4:6c:8d:11:2c:cb:75:71:1b:c1:
         65:67:8c:49:cf:a3:47:c9:97:30:91:c8:6a:58:6d:f6:d3:5f:
         ac:06:de:4a:22:73:5f:f7:45:04:fe:7f:7e:7f:e1:54:39:da:
         eb:47:eb:95:0e:4f:83:8c:dd:52:a3:7e:8f:d5:1e:1a:c0:03:
         15:cc:f3:ae:d2:9e:64:a7:ba:ae:8d:26:f1:13:22:02:ca:91:
         f3:ef:dc:36:e3:46:b8:eb:2d:57:a7:63:ef:8e:39:0e:ca:47:
         c4:a8:e9:25:e6:08:8b:c2:f1:35:f3:16:9d:7e:e0:7d:08:9b:
         5a:ae:5a:a4:bd:70:25:b9:42:63:99:ae:97:4c:39:fa:17:26:
         18:bb:f9:47:1c:74:ec:13:d9:95:f3:f6:06:fb:8f:8c:4b:78:
         71:7c:ef:e4:b5:d4:96:84:78:74:2f:d3:db:42:c1:4c:46:7d:
         87:0a:ae:31:f2:af:fe:c1:cd:d8:56:37:2c:bd:03:98:8c:99:
         ee:a1:7b:9d
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIDIt5RMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM2
OWI5OWZjMmQyZWVmYmRiNzViYTY2M2Q1NzVhMTBhYzg0Zjc4YzEwHhcNMjMwODE0
MjAyODQ4WhcNMjUwODE1MjAyODQ4WjAzMTEwLwYDVQQDEyg4MThiNmE1NWI2M2U3
YjU0ZWJmZTE3NTM1MTBlMDFlOTFkMzZjN2ExMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmCu5774KBvAVAg5Qp3BHfCBN9j03O4KKGLZKSjHl9ctTKXLz
SIbQM6JJqm0SeYH20rfK4y0Db/9r2UYNwCw57o3rp8/Ojx5gtl3ymIvayxR1ZIox
oWzlO5yfP/h9h7UuQJ3tjZcAWqQZAo3pQsylIczezojrkbG4ckNHw0H9ykCHDBJC
LjPf+Tcv+WYTQ1AaPygzOH/qNLPaDK4R61gZyrnjAqJxpwI3DHoVmFKKx6XeG2Cg
XTMd0SFpBwmQtRE68osYRYNLEzoqH0gSpv4pqtMMl2E02165MUYlH1zdd78b8puj
eywWMT6gcm6l+7ZIayK9/uAjlnVAyjTWaL785wIDAQABo4IC2jCCAtYwHQYDVR0O
BBYEFLxdDW+U0BwGu0DY+Y4dFgUeHfrqMB8GA1UdIwQYMBaAFCYyOkvAn0pmklw0
56DNBZ6h7QU7MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzY5Yjk5
ZmMyZDJlZWZiZGI3NWJhNjYzZDU3NWExMGFjODRmNzhjMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjA0MzM0YTYtOGU1Ni00OTAzLTkwZjAtMWE4OTdm
YzkzNWM1LzgxOGI2YTU1YjYzZTdiNTRlYmZlMTc1MzUxMGUwMWU5MWQzNmM3YTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mMDQzMzRhNi04ZTU2LTQ5MDMtOTBmMC0xYTg5
N2ZjOTM1YzUvYzY5Yjk5ZmMyZDJlZWZiZGI3NWJhNjYzZDU3NWExMGFjODRmNzhj
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBnQYIKwYBBQUHAQcBAf8E
gY0wgYoweQQCAAEwcwMDAKGMAwMAodQDAwCh6gMDAKH/AwQHsxSAAwQHsxWAAwQH
syyAAwQHsy2AAwQHtbaAAwQHtbeAAwQHtbiAAwQHtbmAAwMBuhgDAwC6pjALAwQH
uriAAwMBurgDBAa6ukADBAXIH4ADBAbII0ADBAbIR4AwDQQCAAIwBwMFACgABrAw
DQYJKoZIhvcNAQELBQADggEBABxQ5+d6T+5sCLybjYq8/w30Ge2exzybrfRqFFKT
6SoU64+YnlW2NjM4ph1HPgvTn+5QmFQt05m9MylJorFypGyNESzLdXEbwWVnjEnP
o0fJlzCRyGpYbfbTX6wG3koic1/3RQT+f35/4VQ52utH65UOT4OM3VKjfo/VHhrA
AxXM867SnmSnuq6NJvETIgLKkfPv3DbjRrjrLVenY++OOQ7KR8So6SXmCIvC8TXz
Fp1+4H0Im1quWqS9cCW5QmOZrpdMOfoXJhi7+UccdOwT2ZXz9gb7j4xLeHF87+S1
1JaEeHQv09tCwUxGfYcKrjHyr/7BzdhWNyy9A5iMme6he50=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:42 2024 by rpki-client on console-ams.rpki-client.org