Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/d68153dffa129b2a9fc8730db670040a26ca4ef1.roa
File:                     d68153dffa129b2a9fc8730db670040a26ca4ef1.roa (raw, json)
Hash identifier:          wsNqAL07P+HILxRCDHU71Up2bX/9pCWNLxEyG3ZK2YM=
Subject key identifier:   CD:68:D3:96:0D:32:7B:81:ED:32:F6:63:83:B8:4B:53:A2:88:8A:EB
Certificate issuer:       /CN=20cfd36a556e1a46c18de53d3fa81b0e1e970f23
Certificate serial:       025924
Authority key identifier: D6:76:54:78:51:E9:6F:3D:87:FA:EF:A4:05:EA:D4:A4:B7:0D:89:00
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/20cfd36a556e1a46c18de53d3fa81b0e1e970f23.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/d68153dffa129b2a9fc8730db670040a26ca4ef1.roa
Signing time:             Wed 07 Dec 2022 03:20:43 +0000
ROA not before:           Mon 19 Sep 2022 21:15:45 +0000
ROA not after:            Fri 20 Sep 2024 21:15:45 +0000
asID:                     8163
IP address blocks:        190.1.128.0/19 maxlen: 19
                          190.1.128.0/24 maxlen: 24
                          190.1.129.0/24 maxlen: 24
                          190.1.130.0/24 maxlen: 24
                          190.1.131.0/24 maxlen: 24
                          190.1.132.0/24 maxlen: 24
                          190.1.133.0/24 maxlen: 24
                          190.1.134.0/24 maxlen: 24
                          190.1.135.0/24 maxlen: 24
                          190.1.136.0/24 maxlen: 24
                          190.1.137.0/24 maxlen: 24
                          190.1.138.0/24 maxlen: 24
                          190.1.139.0/24 maxlen: 24
                          190.1.140.0/24 maxlen: 24
                          190.1.141.0/24 maxlen: 24
                          190.1.142.0/24 maxlen: 24
                          190.1.143.0/24 maxlen: 24
                          190.1.144.0/24 maxlen: 24
                          190.1.145.0/24 maxlen: 24
                          190.1.146.0/24 maxlen: 24
                          190.1.147.0/24 maxlen: 24
                          190.1.148.0/24 maxlen: 24
                          190.1.149.0/24 maxlen: 24
                          190.1.150.0/24 maxlen: 24
                          190.1.151.0/24 maxlen: 24
                          190.1.152.0/24 maxlen: 24
                          190.1.153.0/24 maxlen: 24
                          190.1.154.0/24 maxlen: 24
                          190.1.155.0/24 maxlen: 24
                          190.1.156.0/24 maxlen: 24
                          190.1.157.0/24 maxlen: 24
                          190.1.158.0/24 maxlen: 24
                          190.1.159.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153892 (0x25924)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20cfd36a556e1a46c18de53d3fa81b0e1e970f23
        Validity
            Not Before: Sep 19 21:15:45 2022 GMT
            Not After : Sep 20 21:15:45 2024 GMT
        Subject: CN=d68153dffa129b2a9fc8730db670040a26ca4ef1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:5d:43:46:55:43:5e:2a:49:b4:59:4d:06:d0:
                    01:58:79:32:22:d2:10:0c:cf:d9:39:3b:5c:08:bc:
                    60:a5:c4:59:c3:65:68:1b:f8:53:22:0b:90:64:69:
                    2d:0e:3c:4b:98:5d:84:d1:c4:12:9b:04:a8:2e:6b:
                    50:c0:69:7c:26:58:a0:48:6b:f8:99:e2:f7:36:df:
                    41:83:39:2a:3b:c1:1d:70:f3:59:99:86:71:d7:f7:
                    66:24:c3:b1:b5:83:2d:87:a2:2e:f2:f7:b9:eb:4e:
                    92:d9:44:c1:b5:c2:29:4a:f9:b2:07:5f:2b:34:1e:
                    5d:93:2b:e5:f7:69:ca:6d:46:22:35:ec:bf:10:a7:
                    55:84:e6:48:0d:bd:19:84:d0:be:ab:52:4f:59:bb:
                    36:77:83:55:30:a2:7b:22:a5:f5:ec:75:48:b2:05:
                    59:9f:d2:4f:f6:bb:91:c6:23:60:68:94:9d:ed:d1:
                    47:4c:83:03:48:fd:49:6f:9c:7e:fb:4f:01:3b:b5:
                    5a:fe:89:3d:21:ed:ad:00:38:c5:3a:88:87:b7:c7:
                    3e:d2:f2:6e:6c:cd:3c:b8:59:ba:5d:a2:b2:83:66:
                    0a:da:56:ea:f0:0b:03:6b:75:dd:34:55:9b:ba:27:
                    99:b0:28:77:dc:cd:dc:5d:58:11:0f:cf:d2:38:68:
                    6a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:68:D3:96:0D:32:7B:81:ED:32:F6:63:83:B8:4B:53:A2:88:8A:EB
            X509v3 Authority Key Identifier:
                keyid:D6:76:54:78:51:E9:6F:3D:87:FA:EF:A4:05:EA:D4:A4:B7:0D:89:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/20cfd36a556e1a46c18de53d3fa81b0e1e970f23.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/d68153dffa129b2a9fc8730db670040a26ca4ef1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/958b31ec-3133-423d-8adb-38136b3c9f51/20cfd36a556e1a46c18de53d3fa81b0e1e970f23.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.1.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         9b:37:00:25:55:43:32:07:f9:5b:32:df:fa:a0:71:07:0b:3b:
         26:d8:8c:18:26:87:ed:bb:e5:15:56:28:29:72:7f:ea:98:74:
         2a:7c:be:7b:f8:81:57:2a:fa:65:43:d3:5f:70:1c:dd:88:36:
         a9:a1:5f:f5:b0:0b:a1:b0:41:4e:99:5e:63:9e:cc:73:a9:64:
         b4:1c:e8:6f:da:69:69:fb:9a:df:cd:25:10:eb:56:6b:4d:da:
         9b:ee:a6:7d:9c:b0:43:e3:71:b2:d9:49:55:32:1c:e8:79:af:
         89:47:86:a7:0e:a7:9d:49:d6:ec:50:67:2a:b1:2e:35:61:d2:
         22:eb:ea:74:fc:4a:00:e8:25:65:5b:7a:29:f8:83:59:fc:ce:
         48:db:d5:55:b0:27:c5:9e:7b:bf:03:b4:f1:70:23:e0:50:78:
         57:d9:fb:3e:4d:9e:db:1d:35:5d:98:37:b0:2d:7b:f9:82:36:
         d8:a4:9c:80:49:fe:4a:07:d4:be:c5:32:9c:57:ea:9c:67:5a:
         cc:13:7c:fe:8b:b9:8c:3b:b6:57:2a:23:0b:96:41:94:90:71:
         cf:51:a0:d1:aa:1f:4f:c2:3e:7c:62:a2:90:04:95:81:35:2c:
         8b:9f:e6:20:90:45:7d:54:87:9d:56:bd:22:25:12:e0:5c:5c:
         45:e7:bf:d4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDAlkkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIw
Y2ZkMzZhNTU2ZTFhNDZjMThkZTUzZDNmYTgxYjBlMWU5NzBmMjMwHhcNMjIwOTE5
MjExNTQ1WhcNMjQwOTIwMjExNTQ1WjAzMTEwLwYDVQQDEyhkNjgxNTNkZmZhMTI5
YjJhOWZjODczMGRiNjcwMDQwYTI2Y2E0ZWYxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAn11DRlVDXipJtFlNBtABWHkyItIQDM/ZOTtcCLxgpcRZw2Vo
G/hTIguQZGktDjxLmF2E0cQSmwSoLmtQwGl8JligSGv4meL3Nt9BgzkqO8EdcPNZ
mYZx1/dmJMOxtYMth6Iu8ve5606S2UTBtcIpSvmyB18rNB5dkyvl92nKbUYiNey/
EKdVhOZIDb0ZhNC+q1JPWbs2d4NVMKJ7IqX17HVIsgVZn9JP9ruRxiNgaJSd7dFH
TIMDSP1Jb5x++08BO7Va/ok9Ie2tADjFOoiHt8c+0vJubM08uFm6XaKyg2YK2lbq
8AsDa3XdNFWbuieZsCh33M3cXVgRD8/SOGhqRwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFM1o05YNMnuB7TL2Y4O4S1OiiIrrMB8GA1UdIwQYMBaAFNZ2VHhR6W89h/rv
pAXq1KS3DYkAMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjBjZmQz
NmE1NTZlMWE0NmMxOGRlNTNkM2ZhODFiMGUxZTk3MGYyMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTU4YjMxZWMtMzEzMy00MjNkLThhZGItMzgxMzZi
M2M5ZjUxL2Q2ODE1M2RmZmExMjliMmE5ZmM4NzMwZGI2NzAwNDBhMjZjYTRlZjEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NThiMzFlYy0zMTMzLTQyM2QtOGFkYi0zODEz
NmIzYzlmNTEvMjBjZmQzNmE1NTZlMWE0NmMxOGRlNTNkM2ZhODFiMGUxZTk3MGYy
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBb4BgDANBgkqhkiG9w0BAQsFAAOCAQEAmzcAJVVDMgf5WzLf
+qBxBws7JtiMGCaH7bvlFVYoKXJ/6ph0Kny+e/iBVyr6ZUPTX3Ac3Yg2qaFf9bAL
obBBTpleY57Mc6lktBzob9ppafua380lEOtWa03am+6mfZywQ+NxstlJVTIc6Hmv
iUeGpw6nnUnW7FBnKrEuNWHSIuvqdPxKAOglZVt6KfiDWfzOSNvVVbAnxZ57vwO0
8XAj4FB4V9n7Pk2e2x01XZg3sC17+YI22KScgEn+SgfUvsUynFfqnGdazBN8/ou5
jDu2VyojC5ZBlJBxz1Gg0aofT8I+fGKikASVgTUsi5/mIJBFfVSHnVa9IiUS4Fxc
Ree/1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:54 2024 by rpki-client on console-fra.rpki-client.org