Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/975363b0c828ed55473307bed7abe3b3705e3459.roa
File:                     975363b0c828ed55473307bed7abe3b3705e3459.roa (raw, json)
Hash identifier:          YWVq+R2MNRgYQ7RfsLx/V3C5oSaTsDf7QCcCkxnkpjI=
Subject key identifier:   22:31:D8:0A:E5:D0:24:0A:BB:D7:C3:6B:BE:62:24:FF:E9:83:42:60
Certificate issuer:       /CN=61dee5b94933b1c10377fd86ec970d3b4117ae3d
Certificate serial:       23A20B
Authority key identifier: CC:E9:F3:9E:8F:65:08:D4:CB:E1:EE:25:A5:CB:1C:73:05:6D:6C:93
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/61dee5b94933b1c10377fd86ec970d3b4117ae3d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/975363b0c828ed55473307bed7abe3b3705e3459.roa
Signing time:             Thu 24 Aug 2023 21:45:26 +0000
ROA not before:           Wed 23 Aug 2023 21:45:25 +0000
ROA not after:            Sun 24 Aug 2025 21:45:25 +0000
asID:                     23520
IP address blocks:        190.242.10.0/24 maxlen: 24
                          190.242.102.0/24 maxlen: 24
                          190.242.118.0/24 maxlen: 24
                          190.242.119.0/24 maxlen: 24
                          190.242.12.0/24 maxlen: 24
                          190.242.126.0/24 maxlen: 24
                          190.242.132.0/24 maxlen: 24
                          190.242.133.0/24 maxlen: 24
                          190.242.134.0/24 maxlen: 24
                          190.242.135.0/24 maxlen: 24
                          190.242.136.0/23 maxlen: 24
                          190.242.140.0/24 maxlen: 24
                          190.242.14.0/24 maxlen: 24
                          190.242.141.0/24 maxlen: 24
                          190.242.145.0/24 maxlen: 24
                          190.242.147.0/24 maxlen: 24
                          190.242.156.0/24 maxlen: 24
                          190.242.157.0/24 maxlen: 24
                          190.242.169.0/24 maxlen: 24
                          190.242.170.0/24 maxlen: 24
                          190.242.171.0/24 maxlen: 24
                          190.242.172.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2335243 (0x23a20b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61dee5b94933b1c10377fd86ec970d3b4117ae3d
        Validity
            Not Before: Aug 23 21:45:25 2023 GMT
            Not After : Aug 24 21:45:25 2025 GMT
        Subject: CN=975363b0c828ed55473307bed7abe3b3705e3459
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:16:58:5e:dc:22:9a:3d:fa:f2:68:ed:ee:bc:
                    0d:52:2e:2b:ea:39:9d:b1:cb:5b:64:9a:b6:a8:a2:
                    e9:ea:00:37:75:40:cb:9f:45:44:a7:3f:ad:06:fe:
                    ac:5c:d9:0f:c7:14:c1:be:6f:c6:ab:4e:df:b6:c5:
                    a6:bd:e5:0f:ef:3b:38:1e:2a:bc:dc:41:89:de:d0:
                    44:f3:89:fa:ed:a7:4f:19:b2:34:4e:18:41:c1:75:
                    2a:0e:a0:69:8b:81:f2:ad:8d:99:0f:ac:d3:10:9d:
                    b2:cd:8f:8f:43:6c:aa:5b:27:1e:6f:19:da:21:d2:
                    4e:e9:41:80:89:45:2d:ee:d5:1e:cb:2f:e2:a4:a0:
                    2d:21:9c:e6:43:17:52:20:8a:8c:da:52:0e:b5:c2:
                    82:d7:5b:8f:8e:9c:ae:14:5f:b1:62:7b:e8:99:d2:
                    d0:cb:5e:f9:04:77:de:7a:c6:cc:bf:6b:a1:d4:c1:
                    56:d0:69:48:25:da:81:f7:36:6d:26:58:97:80:97:
                    63:5f:0b:1a:36:92:b3:a5:ce:69:5f:5f:84:c2:8d:
                    5c:5f:1f:1d:20:fa:7a:7a:ee:2b:9e:06:ea:25:f2:
                    74:f6:69:57:f5:f0:dd:f5:20:cf:e6:bd:bf:a2:3a:
                    c7:be:c9:50:83:a5:b2:1a:5e:08:11:59:92:a6:30:
                    2d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:31:D8:0A:E5:D0:24:0A:BB:D7:C3:6B:BE:62:24:FF:E9:83:42:60
            X509v3 Authority Key Identifier:
                keyid:CC:E9:F3:9E:8F:65:08:D4:CB:E1:EE:25:A5:CB:1C:73:05:6D:6C:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/61dee5b94933b1c10377fd86ec970d3b4117ae3d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/975363b0c828ed55473307bed7abe3b3705e3459.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/61dee5b94933b1c10377fd86ec970d3b4117ae3d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.242.10.0/24
                  190.242.12.0/24
                  190.242.14.0/24
                  190.242.102.0/24
                  190.242.118.0/23
                  190.242.126.0/24
                  190.242.132.0-190.242.137.255
                  190.242.140.0/23
                  190.242.145.0/24
                  190.242.147.0/24
                  190.242.156.0/23
                  190.242.169.0-190.242.172.255

    Signature Algorithm: sha256WithRSAEncryption
         3b:5b:ba:7f:51:a3:06:2f:45:fa:51:32:ac:cb:03:f3:13:fe:
         05:2e:db:a5:3f:71:d8:ce:59:6d:f6:9d:75:d3:da:e8:c8:56:
         89:e1:57:a5:d9:db:31:3b:07:12:67:33:5d:e8:a3:be:f1:ef:
         77:00:16:c2:1a:6e:0b:0d:d6:f1:7d:0b:27:68:64:44:67:28:
         2b:a3:9e:af:be:fb:c8:38:c2:b6:f2:8d:bc:12:5e:41:f9:d9:
         5b:47:fe:06:4b:a2:5c:bc:69:92:e3:44:f9:02:fb:ca:7f:d4:
         67:71:2a:7f:a9:6d:9a:e6:fd:8f:45:89:c0:80:03:10:3c:6f:
         04:e0:84:bf:fb:fd:e6:de:c4:58:9e:3d:ea:6a:c9:09:18:2b:
         1c:fd:71:b0:b8:ec:2b:df:e7:5b:4e:f8:5c:a3:85:f8:e8:ad:
         74:49:ed:99:3e:cd:40:58:b9:f8:06:12:65:61:83:86:c6:d1:
         50:43:eb:c6:3c:f4:4d:31:7f:a3:ee:fc:ab:29:ef:44:fa:01:
         ab:5d:4a:e4:2c:6e:82:fe:2c:a1:2b:39:b7:80:ba:ce:f3:87:
         89:0b:2d:b2:34:d0:e6:1c:98:85:72:08:1b:79:ce:3c:09:69:
         56:40:7f:59:08:b9:11:eb:a0:d1:d1:13:29:50:5c:ad:67:ae:
         db:d2:8d:12
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDI6ILMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYx
ZGVlNWI5NDkzM2IxYzEwMzc3ZmQ4NmVjOTcwZDNiNDExN2FlM2QwHhcNMjMwODIz
MjE0NTI1WhcNMjUwODI0MjE0NTI1WjAzMTEwLwYDVQQDEyg5NzUzNjNiMGM4Mjhl
ZDU1NDczMzA3YmVkN2FiZTNiMzcwNWUzNDU5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApRZYXtwimj368mjt7rwNUi4r6jmdsctbZJq2qKLp6gA3dUDL
n0VEpz+tBv6sXNkPxxTBvm/Gq07ftsWmveUP7zs4Hiq83EGJ3tBE84n67adPGbI0
ThhBwXUqDqBpi4HyrY2ZD6zTEJ2yzY+PQ2yqWycebxnaIdJO6UGAiUUt7tUeyy/i
pKAtIZzmQxdSIIqM2lIOtcKC11uPjpyuFF+xYnvomdLQy175BHfeesbMv2uh1MFW
0GlIJdqB9zZtJliXgJdjXwsaNpKzpc5pX1+Ewo1cXx8dIPp6eu4rngbqJfJ09mlX
9fDd9SDP5r2/ojrHvslQg6WyGl4IEVmSpjAtmQIDAQABo4ICrTCCAqkwHQYDVR0O
BBYEFCIx2Arl0CQKu9fDa75iJP/pg0JgMB8GA1UdIwQYMBaAFMzp856PZQjUy+Hu
JaXLHHMFbWyTMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjFkZWU1
Yjk0OTMzYjFjMTAzNzdmZDg2ZWM5NzBkM2I0MTE3YWUzZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjdlZDkwMDgtYWUzNC00NGJlLTg4MmYtNTkzODEy
MDFiMWUxLzk3NTM2M2IwYzgyOGVkNTU0NzMzMDdiZWQ3YWJlM2IzNzA1ZTM0NTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82N2VkOTAwOC1hZTM0LTQ0YmUtODgyZi01OTM4
MTIwMWIxZTEvNjFkZWU1Yjk0OTMzYjFjMTAzNzdmZDg2ZWM5NzBkM2I0MTE3YWUz
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBxBggrBgEFBQcBBwEB/wRi
MGAwXgQCAAEwWAMEAL7yCgMEAL7yDAMEAL7yDgMEAL7yZgMEAb7ydgMEAL7yfjAM
AwQCvvKEAwQBvvKIAwQBvvKMAwQAvvKRAwQAvvKTAwQBvvKcMAwDBAC+8qkDBAC+
8qwwDQYJKoZIhvcNAQELBQADggEBADtbun9RowYvRfpRMqzLA/MT/gUu26U/cdjO
WW32nXXT2ujIVonhV6XZ2zE7BxJnM13oo77x73cAFsIabgsN1vF9CydoZERnKCuj
nq+++8g4wrbyjbwSXkH52VtH/gZLoly8aZLjRPkC+8p/1GdxKn+pbZrm/Y9FicCA
AxA8bwTghL/7/ebexFiePepqyQkYKxz9cbC47Cvf51tO+FyjhfjorXRJ7Zk+zUBY
ufgGEmVhg4bG0VBD68Y89E0xf6Pu/Ksp70T6AatdSuQsboL+LKErObeAus7zh4kL
LbI00OYcmIVyCBt5zjwJaVZAf1kIuRHroNHREylQXK1nrtvSjRI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:59 2024 by rpki-client on console-ams.rpki-client.org