Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f250093c-ba98-48b8-8c52-9abe57d52d4f/1a37605e378b43fa37c86bd00fbe32c95ce8963b.roa
File:                     1a37605e378b43fa37c86bd00fbe32c95ce8963b.roa (raw, json)
Hash identifier:          JKsd7GZp5UAJ8OKg3gOzZXCkvmsELH5v01UtxDi3t9w=
Subject key identifier:   7D:12:02:AA:96:F4:35:FF:94:C2:9C:84:03:56:B5:A9:5A:B9:FA:11
Certificate issuer:       /CN=0932ed7fc7587a11240901c76c1f6f64f3020149
Certificate serial:       1220DC
Authority key identifier: 63:E5:E7:0F:A2:3C:0C:80:83:7E:A1:FE:96:50:76:95:C0:CE:5E:FF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0932ed7fc7587a11240901c76c1f6f64f3020149.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f250093c-ba98-48b8-8c52-9abe57d52d4f/1a37605e378b43fa37c86bd00fbe32c95ce8963b.roa
Signing time:             Fri 10 Dec 2021 17:32:54 +0000
ROA not before:           Fri 10 Dec 2021 02:00:00 +0000
ROA not after:            Sun 10 Dec 2023 02:00:00 +0000
asID:                     6503
IP address blocks:        143.202.156.0/22 maxlen: 22
                          148.244.0.0/16 maxlen: 24
                          189.206.0.0/16 maxlen: 24
                          192.190.30.0/23 maxlen: 23
                          192.207.204.0/23 maxlen: 23
                          200.52.112.0/20 maxlen: 24
                          200.56.112.0/20 maxlen: 24
                          200.76.0.0/18 maxlen: 24
                          200.76.128.0/18 maxlen: 24
                          200.94.0.0/17 maxlen: 24
                          200.94.128.0/19 maxlen: 24
                          201.151.0.0/16 maxlen: 24
                          201.163.0.0/16 maxlen: 24
                          207.248.224.0/19 maxlen: 24
                          2001:1248::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1188060 (0x1220dc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0932ed7fc7587a11240901c76c1f6f64f3020149
        Validity
            Not Before: Dec 10 02:00:00 2021 GMT
            Not After : Dec 10 02:00:00 2023 GMT
        Subject: CN=1a37605e378b43fa37c86bd00fbe32c95ce8963b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:2c:6a:4c:3b:c0:c6:db:e8:f1:50:9f:73:e2:
                    30:62:ea:4a:07:75:64:d1:77:46:62:7d:a0:0a:2c:
                    1f:61:d9:16:5f:41:b0:71:26:1e:bb:63:19:5a:b6:
                    c5:18:e9:f7:82:bd:01:6e:af:13:ea:2b:4f:cd:75:
                    1a:36:6c:8d:87:19:cf:e1:8f:a2:cf:6f:5d:da:8d:
                    18:66:f8:e0:69:25:7c:ea:2c:82:89:6a:f0:f0:13:
                    84:6a:fc:7a:90:a3:7b:40:a7:79:2a:13:46:cc:b7:
                    15:91:2f:71:e4:2a:14:09:6d:2b:cb:88:b1:98:ff:
                    dc:98:04:65:3b:84:09:6d:33:29:44:08:c5:cb:77:
                    fe:6f:ce:4f:c0:b5:60:6d:a0:6a:19:3c:4a:91:6f:
                    a3:6e:49:bc:46:e8:18:0b:7c:c1:09:c4:ce:b6:bb:
                    2e:d8:12:f1:6d:85:0a:68:15:41:64:90:bc:2e:b0:
                    e9:96:c1:12:69:6e:5b:b4:ea:42:04:50:c7:9d:01:
                    45:d4:cb:f1:83:9e:a1:22:20:2f:3d:d1:b7:e9:68:
                    4d:96:7e:10:43:d8:ef:cc:36:c1:e1:8b:12:58:45:
                    39:93:30:c2:56:26:a4:2b:85:83:39:7e:1e:62:22:
                    f2:82:9d:df:4c:66:1f:53:ae:d3:2e:26:38:ec:4a:
                    6d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:12:02:AA:96:F4:35:FF:94:C2:9C:84:03:56:B5:A9:5A:B9:FA:11
            X509v3 Authority Key Identifier:
                keyid:63:E5:E7:0F:A2:3C:0C:80:83:7E:A1:FE:96:50:76:95:C0:CE:5E:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0932ed7fc7587a11240901c76c1f6f64f3020149.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f250093c-ba98-48b8-8c52-9abe57d52d4f/1a37605e378b43fa37c86bd00fbe32c95ce8963b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f250093c-ba98-48b8-8c52-9abe57d52d4f/0932ed7fc7587a11240901c76c1f6f64f3020149.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.202.156.0/22
                  148.244.0.0/16
                  189.206.0.0/16
                  192.190.30.0/23
                  192.207.204.0/23
                  200.52.112.0/20
                  200.56.112.0/20
                  200.76.0.0/18
                  200.76.128.0/18
                  200.94.0.0-200.94.159.255
                  201.151.0.0/16
                  201.163.0.0/16
                  207.248.224.0/19
                IPv6:
                  2001:1248::/32

    Signature Algorithm: sha256WithRSAEncryption
         b1:3f:25:b7:68:43:08:11:82:80:41:a3:1f:2e:ed:d0:12:42:
         f8:a7:4e:4f:17:55:c9:76:cd:23:74:b0:e0:cf:b8:4d:f7:ad:
         c3:65:04:a6:04:4c:e5:78:86:4e:e3:9b:8c:f4:02:48:32:ec:
         53:00:77:88:36:1b:50:39:ce:8a:7b:2f:3b:a5:b0:72:36:d6:
         dd:16:1b:df:44:f2:73:07:11:e4:cb:85:57:06:66:94:1f:98:
         31:5e:38:58:17:3e:27:cb:ae:86:f3:a3:25:ae:e0:11:04:86:
         1b:58:5c:33:49:7b:fd:d7:6a:60:ba:8f:b2:8e:8c:19:4b:16:
         fc:d3:54:54:0b:fc:25:b6:42:7a:a3:5c:ab:e5:fb:54:e2:58:
         e8:cf:b8:c3:49:a7:72:19:f3:9b:68:97:53:ec:ab:e9:77:7c:
         b6:e6:e8:64:cb:ee:50:ec:f6:d9:87:41:86:f8:00:56:fb:85:
         fd:2e:19:83:37:62:2f:7d:48:8c:6b:a3:39:5b:82:ae:60:d4:
         45:2c:15:2a:3f:78:6a:42:16:c3:22:d3:73:ba:1d:60:4f:93:
         4f:e7:6a:e1:1d:e7:82:07:45:e2:06:b7:20:04:e5:7e:41:5c:
         0f:bc:0e:58:f2:22:85:b6:5d:60:87:e2:38:9d:0e:18:c4:2b:
         ad:ad:42:6f
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDEiDcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA5
MzJlZDdmYzc1ODdhMTEyNDA5MDFjNzZjMWY2ZjY0ZjMwMjAxNDkwHhcNMjExMjEw
MDIwMDAwWhcNMjMxMjEwMDIwMDAwWjAzMTEwLwYDVQQDEygxYTM3NjA1ZTM3OGI0
M2ZhMzdjODZiZDAwZmJlMzJjOTVjZTg5NjNiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwixqTDvAxtvo8VCfc+IwYupKB3Vk0XdGYn2gCiwfYdkWX0Gw
cSYeu2MZWrbFGOn3gr0Bbq8T6itPzXUaNmyNhxnP4Y+iz29d2o0YZvjgaSV86iyC
iWrw8BOEavx6kKN7QKd5KhNGzLcVkS9x5CoUCW0ry4ixmP/cmARlO4QJbTMpRAjF
y3f+b85PwLVgbaBqGTxKkW+jbkm8RugYC3zBCcTOtrsu2BLxbYUKaBVBZJC8LrDp
lsESaW5btOpCBFDHnQFF1Mvxg56hIiAvPdG36WhNln4QQ9jvzDbB4YsSWEU5kzDC
ViakK4WDOX4eYiLygp3fTGYfU67TLiY47EptEwIDAQABo4ICtTCCArEwHQYDVR0O
BBYEFH0SAqqW9DX/lMKchANWtalaufoRMB8GA1UdIwQYMBaAFGPl5w+iPAyAg36h
/pZQdpXAzl7/MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDkzMmVk
N2ZjNzU4N2ExMTI0MDkwMWM3NmMxZjZmNjRmMzAyMDE0OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjI1MDA5M2MtYmE5OC00OGI4LThjNTItOWFiZTU3
ZDUyZDRmLzFhMzc2MDVlMzc4YjQzZmEzN2M4NmJkMDBmYmUzMmM5NWNlODk2M2Iu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mMjUwMDkzYy1iYTk4LTQ4YjgtOGM1Mi05YWJl
NTdkNTJkNGYvMDkzMmVkN2ZjNzU4N2ExMTI0MDkwMWM3NmMxZjZmNjRmMzAyMDE0
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5BggrBgEFBQcBBwEB/wRq
MGgwVwQCAAEwUQMEAo/KnAMDAJT0AwMAvc4DBAHAvh4DBAHAz8wDBATINHADBATI
OHADBAbITAADBAbITIAwCwMDAcheAwQFyF6AAwMAyZcDAwDJowMEBc/44DANBAIA
AjAHAwUAIAESSDANBgkqhkiG9w0BAQsFAAOCAQEAsT8lt2hDCBGCgEGjHy7t0BJC
+KdOTxdVyXbNI3Sw4M+4Tfetw2UEpgRM5XiGTuObjPQCSDLsUwB3iDYbUDnOinsv
O6WwcjbW3RYb30TycwcR5MuFVwZmlB+YMV44WBc+J8uuhvOjJa7gEQSGG1hcM0l7
/ddqYLqPso6MGUsW/NNUVAv8JbZCeqNcq+X7VOJY6M+4w0mnchnzm2iXU+yr6Xd8
tuboZMvuUOz22YdBhvgAVvuF/S4ZgzdiL31IjGujOVuCrmDURSwVKj94akIWwyLT
c7odYE+TT+dq4R3nggdF4ga3IATlfkFcD7wOWPIihbZdYIfiOJ0OGMQrra1Cbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:43 2024 by rpki-client on console-ams.rpki-client.org