Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/fd2d280b-6bac-4cce-b0e1-c95b4cdd050c/0356fcde5da204c0c14b8a91c3cd9af92d80eba0.roa
File:                     0356fcde5da204c0c14b8a91c3cd9af92d80eba0.roa (raw, json)
Hash identifier:          ZVuwlLQxBrCLv3T3GueDPl4Kc5uZXhTKoT9wQonqmac=
Subject key identifier:   8F:CA:D9:84:3E:26:06:A4:33:5C:84:55:B9:53:C0:CD:61:61:B1:97
Certificate issuer:       /CN=d62baf1d43712ef5f3860b21d04e8534536fa164
Certificate serial:       0E0650
Authority key identifier: 87:E3:56:32:C3:DB:AB:0D:4B:98:DD:5C:12:0E:34:A9:48:38:30:49
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d62baf1d43712ef5f3860b21d04e8534536fa164.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/fd2d280b-6bac-4cce-b0e1-c95b4cdd050c/0356fcde5da204c0c14b8a91c3cd9af92d80eba0.roa
Signing time:             Wed 24 Mar 2021 14:33:16 +0000
ROA not before:           Wed 24 Mar 2021 14:33:16 +0000
ROA not after:            Tue 24 Mar 2026 14:33:16 +0000
asID:                     27995
IP address blocks:        179.3.128.0/21 maxlen: 23
                          179.3.136.0/22 maxlen: 23
                          179.3.140.0/24 maxlen: 24
                          179.3.143.0/24 maxlen: 24
                          179.3.144.0/21 maxlen: 23
                          179.3.152.0/22 maxlen: 23
                          190.110.130.0/24 maxlen: 24
                          190.110.135.0/24 maxlen: 24
                          190.110.138.0/23 maxlen: 24
                          190.110.141.0/24 maxlen: 24
                          190.110.142.0/24 maxlen: 24
                          190.110.148.0/24 maxlen: 24
                          190.110.151.0/24 maxlen: 24
                          190.110.152.0/24 maxlen: 24
                          190.110.154.0/24 maxlen: 24
                          190.110.158.0/23 maxlen: 24
                          191.116.0.0/16 maxlen: 17
                          191.119.0.0/16 maxlen: 17

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 919120 (0xe0650)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d62baf1d43712ef5f3860b21d04e8534536fa164
        Validity
            Not Before: Mar 24 14:33:16 2021 GMT
            Not After : Mar 24 14:33:16 2026 GMT
        Subject: CN=0356fcde5da204c0c14b8a91c3cd9af92d80eba0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ce:a1:5b:bc:82:2d:8b:67:88:7b:47:bf:05:
                    57:37:8f:da:b8:a1:47:6b:5e:00:aa:e1:29:0d:8e:
                    8d:9f:64:7b:85:e9:57:24:2b:b3:58:51:de:95:cf:
                    1e:73:5c:bd:05:ad:a4:24:d0:4d:d9:dd:8c:9c:92:
                    37:a5:8e:f8:51:28:09:42:12:93:45:c0:19:c1:16:
                    d4:24:3e:6b:07:ab:a1:f0:a4:a4:e4:21:02:36:38:
                    93:fe:13:4e:49:db:62:2c:a5:97:bc:d7:ac:25:10:
                    fe:15:3e:84:5f:87:d7:7d:51:bf:dc:fd:3c:80:9f:
                    d7:01:41:04:e3:12:91:ab:42:1b:49:b1:24:af:63:
                    b4:53:d9:46:ab:f4:dc:d7:de:60:8a:d1:b8:e8:17:
                    87:fd:be:45:61:ca:d0:0c:5c:0c:c7:6e:66:9e:b0:
                    d9:2a:ba:d6:a9:be:c2:75:a3:16:3a:8f:96:03:71:
                    c8:27:b5:5d:74:e0:02:9d:f5:80:01:84:b6:2d:d3:
                    c4:72:21:5c:34:e3:a8:dd:c1:30:b9:89:6b:c6:10:
                    1b:7f:d5:77:62:7c:a6:87:e4:00:49:dc:9d:02:3a:
                    d4:10:1e:6f:66:81:53:65:fc:23:bc:b4:78:a0:63:
                    5b:c4:cf:d2:dc:72:5a:dd:67:4c:7f:01:a5:15:62:
                    89:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:CA:D9:84:3E:26:06:A4:33:5C:84:55:B9:53:C0:CD:61:61:B1:97
            X509v3 Authority Key Identifier:
                keyid:87:E3:56:32:C3:DB:AB:0D:4B:98:DD:5C:12:0E:34:A9:48:38:30:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d62baf1d43712ef5f3860b21d04e8534536fa164.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/fd2d280b-6bac-4cce-b0e1-c95b4cdd050c/0356fcde5da204c0c14b8a91c3cd9af92d80eba0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/fd2d280b-6bac-4cce-b0e1-c95b4cdd050c/d62baf1d43712ef5f3860b21d04e8534536fa164.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.3.128.0-179.3.140.255
                  179.3.143.0-179.3.155.255
                  190.110.130.0/24
                  190.110.135.0/24
                  190.110.138.0/23
                  190.110.141.0-190.110.142.255
                  190.110.148.0/24
                  190.110.151.0-190.110.152.255
                  190.110.154.0/24
                  190.110.158.0/23
                  191.116.0.0/16
                  191.119.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b7:a5:2c:e5:c1:4c:2a:a7:65:59:1c:42:89:60:c6:c4:1e:ff:
         8a:3a:c7:53:f5:e3:65:fd:77:ea:fe:ef:41:c9:b9:5f:89:da:
         01:5e:44:38:bd:f1:73:a8:58:76:97:51:31:85:2f:f2:90:5e:
         e9:fc:7b:95:0a:e1:68:77:fd:41:28:2e:94:4b:f9:8c:1b:bf:
         45:2f:d7:cd:8d:02:61:00:66:30:76:d9:c2:a3:c6:c4:f4:b2:
         ff:ca:d8:6c:34:a3:7a:9b:55:86:1d:7d:c5:00:af:01:f4:7b:
         cd:91:fc:55:18:65:2f:c5:47:5d:55:11:3d:7d:27:4d:a0:e4:
         4a:f3:13:f2:83:b4:01:b5:e7:6e:2b:5f:62:02:7a:57:03:88:
         5c:be:dd:f1:27:57:39:79:7d:d6:7c:b0:ee:75:ba:2a:40:7b:
         44:23:f0:a0:6e:61:73:65:57:5e:ad:1d:53:a5:2b:93:de:28:
         e2:7c:05:70:4a:65:c7:c1:be:55:16:ea:f9:5a:1a:54:7f:10:
         d7:65:cb:e4:91:1f:fe:90:fc:33:1f:74:d9:b4:df:10:e4:da:
         5b:48:54:5e:a4:18:2a:10:65:53:0f:74:80:14:20:1e:28:42:
         14:84:94:c5:ff:36:3b:22:32:49:10:d6:25:74:72:0a:77:ef:
         33:43:2f:85
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDDgZQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ2
MmJhZjFkNDM3MTJlZjVmMzg2MGIyMWQwNGU4NTM0NTM2ZmExNjQwHhcNMjEwMzI0
MTQzMzE2WhcNMjYwMzI0MTQzMzE2WjAzMTEwLwYDVQQDEygwMzU2ZmNkZTVkYTIw
NGMwYzE0YjhhOTFjM2NkOWFmOTJkODBlYmEwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApM6hW7yCLYtniHtHvwVXN4/auKFHa14AquEpDY6Nn2R7helX
JCuzWFHelc8ec1y9Ba2kJNBN2d2MnJI3pY74USgJQhKTRcAZwRbUJD5rB6uh8KSk
5CECNjiT/hNOSdtiLKWXvNesJRD+FT6EX4fXfVG/3P08gJ/XAUEE4xKRq0IbSbEk
r2O0U9lGq/Tc195gitG46BeH/b5FYcrQDFwMx25mnrDZKrrWqb7CdaMWOo+WA3HI
J7VddOACnfWAAYS2LdPEciFcNOOo3cEwuYlrxhAbf9V3Ynymh+QASdydAjrUEB5v
ZoFTZfwjvLR4oGNbxM/S3HJa3WdMfwGlFWKJBQIDAQABo4ICuzCCArcwHQYDVR0O
BBYEFI/K2YQ+JgakM1yEVblTwM1hYbGXMB8GA1UdIwQYMBaAFIfjVjLD26sNS5jd
XBIONKlIODBJMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDYyYmFm
MWQ0MzcxMmVmNWYzODYwYjIxZDA0ZTg1MzQ1MzZmYTE2NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZmQyZDI4MGItNmJhYy00Y2NlLWIwZTEtYzk1YjRj
ZGQwNTBjLzAzNTZmY2RlNWRhMjA0YzBjMTRiOGE5MWMzY2Q5YWY5MmQ4MGViYTAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mZDJkMjgwYi02YmFjLTRjY2UtYjBlMS1jOTVi
NGNkZDA1MGMvZDYyYmFmMWQ0MzcxMmVmNWYzODYwYjIxZDA0ZTg1MzQ1MzZmYTE2
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/BggrBgEFBQcBBwEB/wRw
MG4wbAQCAAEwZjAMAwQHswOAAwQAswOMMAwDBACzA48DBAKzA5gDBAC+boIDBAC+
bocDBAG+boowDAMEAL5ujQMEAL5ujgMEAL5ulDAMAwQAvm6XAwQAvm6YAwQAvm6a
AwQBvm6eAwMAv3QDAwC/dzANBgkqhkiG9w0BAQsFAAOCAQEAt6Us5cFMKqdlWRxC
iWDGxB7/ijrHU/XjZf136v7vQcm5X4naAV5EOL3xc6hYdpdRMYUv8pBe6fx7lQrh
aHf9QSgulEv5jBu/RS/XzY0CYQBmMHbZwqPGxPSy/8rYbDSjeptVhh19xQCvAfR7
zZH8VRhlL8VHXVURPX0nTaDkSvMT8oO0AbXnbitfYgJ6VwOIXL7d8SdXOXl91nyw
7nW6KkB7RCPwoG5hc2VXXq0dU6Urk94o4nwFcEplx8G+VRbq+VoaVH8Q12XL5JEf
/pD8Mx902bTfEOTaW0hUXqQYKhBlUw90gBQgHihCFISUxf82OyIySRDWJXRyCnfv
M0MvhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:15 2024 by rpki-client on console-fra.rpki-client.org