Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6a7862e8-d2db-48ea-b809-d4b970d1d892/9e7e9a8fe1ca43cb14152673327b0e388d965e6a.roa
File:                     9e7e9a8fe1ca43cb14152673327b0e388d965e6a.roa (raw, json)
Hash identifier:          g4Sl7N7tti5A0Hlqy9OZna/vGvRV1TXDGhj0ifnIQwk=
Subject key identifier:   CA:44:DB:ED:83:13:3D:F5:29:56:9C:39:91:DE:E6:4D:43:C1:EE:3C
Certificate issuer:       /CN=44c2caf4f7cfddcc44bc95bcacbf2d7813f606ca
Certificate serial:       24293A
Authority key identifier: D9:E2:2D:FB:2E:DB:03:3D:7E:61:3B:B3:22:76:2A:C6:40:ED:53:30
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/44c2caf4f7cfddcc44bc95bcacbf2d7813f606ca.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6a7862e8-d2db-48ea-b809-d4b970d1d892/9e7e9a8fe1ca43cb14152673327b0e388d965e6a.roa
Signing time:             Tue 06 Jun 2023 15:26:44 +0000
ROA not before:           Mon 05 Jun 2023 15:26:44 +0000
ROA not after:            Fri 06 Jun 2025 15:26:44 +0000
asID:                     11830
IP address blocks:        190.10.18.0/24 maxlen: 24
                          190.10.24.0/24 maxlen: 24
                          190.10.120.0/24 maxlen: 24
                          190.171.1.0/24 maxlen: 24
                          190.171.2.0/24 maxlen: 24
                          190.171.29.0/24 maxlen: 24
                          190.241.7.0/24 maxlen: 24
                          190.241.10.0/24 maxlen: 24
                          190.241.16.0/24 maxlen: 24
                          190.241.31.0/24 maxlen: 24
                          190.241.73.0/24 maxlen: 24
                          190.241.76.0/24 maxlen: 24
                          190.241.117.0/24 maxlen: 24
                          190.241.118.0/24 maxlen: 24
                          190.241.120.0/24 maxlen: 24
                          190.241.129.0/24 maxlen: 24
                          190.241.130.0/24 maxlen: 24
                          190.241.133.0/24 maxlen: 24
                          190.241.134.0/24 maxlen: 24
                          190.241.198.0/24 maxlen: 24
                          190.241.201.0/24 maxlen: 24
                          190.241.207.0/24 maxlen: 24
                          196.40.48.0/24 maxlen: 24
                          196.40.73.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2369850 (0x24293a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44c2caf4f7cfddcc44bc95bcacbf2d7813f606ca
        Validity
            Not Before: Jun  5 15:26:44 2023 GMT
            Not After : Jun  6 15:26:44 2025 GMT
        Subject: CN=9e7e9a8fe1ca43cb14152673327b0e388d965e6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:98:a3:44:6c:50:ea:db:d2:5e:25:2d:1e:eb:
                    30:ec:72:a0:02:0f:cb:cf:89:74:5d:fe:f1:27:e4:
                    0b:39:a3:72:64:33:af:1b:78:7d:b5:54:8a:d8:1f:
                    aa:26:5a:cf:c0:a8:cd:ed:49:50:7d:e0:44:5c:7f:
                    b9:7a:18:01:83:d3:b8:35:df:86:8a:84:bb:26:be:
                    85:1e:94:64:77:1d:01:64:0a:13:79:8b:21:6e:aa:
                    b5:a0:ae:83:fb:04:4b:86:06:58:97:20:0c:05:c8:
                    ec:74:e5:9d:0e:7b:28:f2:08:ac:03:0b:d9:25:c1:
                    b4:db:10:98:f6:96:50:75:26:c2:ad:7b:2d:66:da:
                    83:4a:fb:05:be:ee:40:20:22:0c:e0:cb:cc:d8:d1:
                    84:03:4b:81:89:09:e5:cc:6e:37:5c:24:80:d7:7a:
                    ba:2d:17:c5:16:85:db:5b:ac:2a:ee:d4:a9:52:1d:
                    11:6b:8e:66:b0:a6:9b:7b:8b:a5:bf:6b:b7:2c:63:
                    b5:9b:f0:f6:36:01:f8:e2:15:69:4a:b9:b5:7e:98:
                    ad:9a:61:4c:75:9e:5f:db:53:91:76:7e:ea:3a:f3:
                    46:16:bc:50:03:6f:d0:bb:55:81:9f:95:73:24:71:
                    1e:63:85:d7:d4:f6:ea:55:74:e0:da:2c:06:3f:23:
                    0e:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:44:DB:ED:83:13:3D:F5:29:56:9C:39:91:DE:E6:4D:43:C1:EE:3C
            X509v3 Authority Key Identifier:
                keyid:D9:E2:2D:FB:2E:DB:03:3D:7E:61:3B:B3:22:76:2A:C6:40:ED:53:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/44c2caf4f7cfddcc44bc95bcacbf2d7813f606ca.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6a7862e8-d2db-48ea-b809-d4b970d1d892/9e7e9a8fe1ca43cb14152673327b0e388d965e6a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6a7862e8-d2db-48ea-b809-d4b970d1d892/44c2caf4f7cfddcc44bc95bcacbf2d7813f606ca.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.10.18.0/24
                  190.10.24.0/24
                  190.10.120.0/24
                  190.171.1.0-190.171.2.255
                  190.171.29.0/24
                  190.241.7.0/24
                  190.241.10.0/24
                  190.241.16.0/24
                  190.241.31.0/24
                  190.241.73.0/24
                  190.241.76.0/24
                  190.241.117.0-190.241.118.255
                  190.241.120.0/24
                  190.241.129.0-190.241.130.255
                  190.241.133.0-190.241.134.255
                  190.241.198.0/24
                  190.241.201.0/24
                  190.241.207.0/24
                  196.40.48.0/24
                  196.40.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:ba:6e:19:b0:e8:d0:9a:1d:2f:99:5d:f8:13:1a:10:d4:4c:
         c5:1a:9f:5a:94:d3:19:1d:96:1f:21:73:bf:5d:8a:bf:0f:b4:
         25:3b:8d:fb:21:b3:80:bd:ae:46:72:10:d5:cb:1e:ec:46:16:
         7c:90:31:02:40:02:96:54:fc:fd:08:85:07:1e:d8:80:85:e0:
         09:c7:df:04:75:1c:6d:e6:53:7f:5d:c5:2d:ce:8a:00:b6:2f:
         d4:9b:c9:6a:4c:50:2b:d1:2e:5b:a7:bc:62:4e:57:32:25:65:
         60:88:db:09:f6:c8:c0:fb:9c:0d:e1:eb:d2:57:75:fc:55:5d:
         53:26:35:71:f1:9d:8a:c0:87:81:43:db:9a:3a:cf:75:40:4d:
         f1:7a:2e:41:3f:ef:e8:28:9f:bd:a5:3b:e1:88:49:a0:2c:6d:
         7b:73:bf:cb:02:01:98:ba:ec:09:a8:49:2a:85:36:6f:ee:c6:
         f4:c7:25:ed:09:97:4d:9b:bd:a4:90:39:66:f3:69:c9:c0:33:
         d3:cd:46:19:6f:28:70:9d:72:ee:2d:ba:23:79:9a:da:a9:da:
         82:5b:dd:8b:ec:0f:3f:ee:a0:43:35:ce:fe:18:fa:26:03:f6:
         fb:62:c2:bf:3d:0a:bc:ba:67:70:cb:d4:d7:62:51:6f:f1:f3:
         8a:0b:75:f8
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgIDJCk6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ0
YzJjYWY0ZjdjZmRkY2M0NGJjOTViY2FjYmYyZDc4MTNmNjA2Y2EwHhcNMjMwNjA1
MTUyNjQ0WhcNMjUwNjA2MTUyNjQ0WjAzMTEwLwYDVQQDEyg5ZTdlOWE4ZmUxY2E0
M2NiMTQxNTI2NzMzMjdiMGUzODhkOTY1ZTZhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzZijRGxQ6tvSXiUtHusw7HKgAg/Lz4l0Xf7xJ+QLOaNyZDOv
G3h9tVSK2B+qJlrPwKjN7UlQfeBEXH+5ehgBg9O4Nd+GioS7Jr6FHpRkdx0BZAoT
eYshbqq1oK6D+wRLhgZYlyAMBcjsdOWdDnso8gisAwvZJcG02xCY9pZQdSbCrXst
ZtqDSvsFvu5AICIM4MvM2NGEA0uBiQnlzG43XCSA13q6LRfFFoXbW6wq7tSpUh0R
a45msKabe4ulv2u3LGO1m/D2NgH44hVpSrm1fpitmmFMdZ5f21ORdn7qOvNGFrxQ
A2/Qu1WBn5VzJHEeY4XX1PbqVXTg2iwGPyMOzQIDAQABo4IC8jCCAu4wHQYDVR0O
BBYEFMpE2+2DEz31KVacOZHe5k1Dwe48MB8GA1UdIwQYMBaAFNniLfsu2wM9fmE7
syJ2KsZA7VMwMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDRjMmNh
ZjRmN2NmZGRjYzQ0YmM5NWJjYWNiZjJkNzgxM2Y2MDZjYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmE3ODYyZTgtZDJkYi00OGVhLWI4MDktZDRiOTcw
ZDFkODkyLzllN2U5YThmZTFjYTQzY2IxNDE1MjY3MzMyN2IwZTM4OGQ5NjVlNmEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82YTc4NjJlOC1kMmRiLTQ4ZWEtYjgwOS1kNGI5
NzBkMWQ4OTIvNDRjMmNhZjRmN2NmZGRjYzQ0YmM5NWJjYWNiZjJkNzgxM2Y2MDZj
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBtQYIKwYBBQUHAQcBAf8E
gaUwgaIwgZ8EAgABMIGYAwQAvgoSAwQAvgoYAwQAvgp4MAwDBAC+qwEDBAC+qwID
BAC+qx0DBAC+8QcDBAC+8QoDBAC+8RADBAC+8R8DBAC+8UkDBAC+8UwwDAMEAL7x
dQMEAL7xdgMEAL7xeDAMAwQAvvGBAwQAvvGCMAwDBAC+8YUDBAC+8YYDBAC+8cYD
BAC+8ckDBAC+8c8DBADEKDADBADEKEkwDQYJKoZIhvcNAQELBQADggEBAAi6bhmw
6NCaHS+ZXfgTGhDUTMUan1qU0xkdlh8hc79dir8PtCU7jfshs4C9rkZyENXLHuxG
FnyQMQJAApZU/P0IhQce2ICF4AnH3wR1HG3mU39dxS3OigC2L9SbyWpMUCvRLlun
vGJOVzIlZWCI2wn2yMD7nA3h69JXdfxVXVMmNXHxnYrAh4FD25o6z3VATfF6LkE/
7+gon72lO+GISaAsbXtzv8sCAZi67AmoSSqFNm/uxvTHJe0Jl02bvaSQOWbzacnA
M9PNRhlvKHCdcu4tuiN5mtqp2oJb3YvsDz/uoEM1zv4Y+iYD9vtiwr89Cry6Z3DL
1NdiUW/x84oLdfg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:59 2024 by rpki-client on console-ams.rpki-client.org