Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/1dadfb3283f670545b5f3be7b67ca0eb8b22ecee.roa
File:                     1dadfb3283f670545b5f3be7b67ca0eb8b22ecee.roa (raw, json)
Hash identifier:          f1fhIKetiDBnGMg7GFAPhqOO62NFyqnRDZyfnPcI2IQ=
Subject key identifier:   64:1D:19:38:46:E5:51:B3:9C:A1:56:35:EE:27:46:A2:EA:4E:24:1C
Certificate issuer:       /CN=913d5cdb160726dc92e04ed46a658ec6bfcbbdd1
Certificate serial:       0CC3ED
Authority key identifier: 8F:71:4F:02:F7:D5:BA:46:48:22:E9:D9:D4:7B:BB:60:D5:93:A1:32
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/1dadfb3283f670545b5f3be7b67ca0eb8b22ecee.roa
Signing time:             Wed 27 Sep 2023 19:08:19 +0000
ROA not before:           Tue 26 Sep 2023 19:08:19 +0000
ROA not after:            Sat 27 Sep 2025 19:08:19 +0000
asID:                     17072
IP address blocks:        138.186.28.0/24 maxlen: 24
                          138.186.29.0/24 maxlen: 24
                          138.186.31.0/24 maxlen: 24
                          187.189.28.0/24 maxlen: 24
                          187.189.33.0/24 maxlen: 24
                          187.189.72.0/24 maxlen: 24
                          187.189.84.0/24 maxlen: 24
                          187.189.87.0/24 maxlen: 24
                          187.189.88.0/24 maxlen: 24
                          187.189.91.0/24 maxlen: 24
                          187.189.92.0/24 maxlen: 24
                          187.189.93.0/24 maxlen: 24
                          187.189.101.0/24 maxlen: 24
                          187.189.102.0/24 maxlen: 24
                          187.189.114.0/24 maxlen: 24
                          187.189.123.0/24 maxlen: 24
                          187.189.127.0/24 maxlen: 24
                          187.189.171.0/24 maxlen: 24
                          187.189.172.0/24 maxlen: 24
                          187.189.173.0/24 maxlen: 24
                          187.189.174.0/24 maxlen: 24
                          187.189.198.0/24 maxlen: 24
                          187.189.212.0/24 maxlen: 24
                          187.189.213.0/24 maxlen: 24
                          187.189.214.0/24 maxlen: 24
                          187.189.215.0/24 maxlen: 24
                          187.189.242.0/24 maxlen: 24
                          187.189.246.0/24 maxlen: 24
                          187.190.11.0/24 maxlen: 24
                          187.190.21.0/24 maxlen: 24
                          187.190.24.0/24 maxlen: 24
                          187.190.25.0/24 maxlen: 24
                          187.190.26.0/24 maxlen: 24
                          187.190.28.0/24 maxlen: 24
                          187.190.39.0/24 maxlen: 24
                          187.190.146.0/24 maxlen: 24
                          187.190.147.0/24 maxlen: 24
                          187.190.153.0/24 maxlen: 24
                          187.190.154.0/24 maxlen: 24
                          187.190.157.0/24 maxlen: 24
                          187.190.163.0/24 maxlen: 24
                          187.190.165.0/24 maxlen: 24
                          187.190.195.0/24 maxlen: 24
                          187.190.199.0/24 maxlen: 24
                          187.190.204.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 836589 (0xcc3ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=913d5cdb160726dc92e04ed46a658ec6bfcbbdd1
        Validity
            Not Before: Sep 26 19:08:19 2023 GMT
            Not After : Sep 27 19:08:19 2025 GMT
        Subject: CN=1dadfb3283f670545b5f3be7b67ca0eb8b22ecee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a5:ee:c0:a6:aa:23:20:eb:08:59:0b:14:aa:
                    e3:d8:db:76:45:85:88:80:78:55:34:ab:03:11:83:
                    b7:b7:4e:ea:df:d5:f8:c0:80:d8:f5:7d:f0:ca:e5:
                    e5:7a:de:2a:7b:c6:08:f7:6c:16:6e:fb:d1:bd:4d:
                    cc:0a:fb:17:c8:a5:76:7f:0c:cb:ac:d0:d9:c0:95:
                    57:58:74:b3:e8:da:2d:49:9c:98:2f:0b:79:dd:fb:
                    e5:b1:c5:6d:6f:d1:00:c4:2b:c0:c8:03:f4:20:b6:
                    0f:4a:5a:f3:78:a1:3c:dc:7d:47:11:3b:ed:c1:80:
                    6c:9f:e7:37:8b:a9:54:87:50:b6:f1:44:35:d2:f7:
                    5e:0a:46:fb:1f:7f:3d:e3:4b:c6:34:c8:b9:ae:bd:
                    2b:2e:21:c5:d5:dd:fb:d9:32:ad:32:c8:41:74:d4:
                    bf:25:d8:ba:49:c0:b2:a4:3a:09:67:48:80:f8:26:
                    f3:52:74:46:d8:bb:60:9c:f7:ab:55:16:07:13:fc:
                    2b:41:b3:da:66:25:58:35:48:84:73:25:4d:24:a3:
                    72:20:ef:a2:58:e4:57:77:d2:63:f8:28:2f:8f:4a:
                    fd:a4:a2:65:fe:e0:34:6a:4d:13:82:b1:dd:d2:6b:
                    28:b1:91:5c:1b:a6:b8:d2:d7:0b:ee:db:84:ee:04:
                    5e:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:1D:19:38:46:E5:51:B3:9C:A1:56:35:EE:27:46:A2:EA:4E:24:1C
            X509v3 Authority Key Identifier:
                keyid:8F:71:4F:02:F7:D5:BA:46:48:22:E9:D9:D4:7B:BB:60:D5:93:A1:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/1dadfb3283f670545b5f3be7b67ca0eb8b22ecee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.186.28.0/23
                  138.186.31.0/24
                  187.189.28.0/24
                  187.189.33.0/24
                  187.189.72.0/24
                  187.189.84.0/24
                  187.189.87.0-187.189.88.255
                  187.189.91.0-187.189.93.255
                  187.189.101.0-187.189.102.255
                  187.189.114.0/24
                  187.189.123.0/24
                  187.189.127.0/24
                  187.189.171.0-187.189.174.255
                  187.189.198.0/24
                  187.189.212.0/22
                  187.189.242.0/24
                  187.189.246.0/24
                  187.190.11.0/24
                  187.190.21.0/24
                  187.190.24.0-187.190.26.255
                  187.190.28.0/24
                  187.190.39.0/24
                  187.190.146.0/23
                  187.190.153.0-187.190.154.255
                  187.190.157.0/24
                  187.190.163.0/24
                  187.190.165.0/24
                  187.190.195.0/24
                  187.190.199.0/24
                  187.190.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:c2:cd:c4:df:89:bb:bf:f1:64:2c:94:5c:ca:86:a9:19:58:
         37:de:9c:45:e8:5d:1a:6f:ba:a3:2a:ea:67:52:4e:a7:a2:2b:
         a9:3f:21:c3:3e:d6:60:1a:14:dd:01:dd:cc:0c:88:b7:24:46:
         7e:a5:5f:08:7a:50:3c:76:4c:96:14:d1:e1:6f:a2:59:c3:17:
         c1:1f:65:29:98:1c:f8:c8:89:6d:c0:a8:7a:99:cf:be:50:6f:
         54:54:71:92:45:9a:55:f9:a4:67:6f:0e:fb:be:f6:d7:fa:9a:
         5c:d1:ab:14:91:1f:62:a6:f3:55:6f:6b:5d:73:cd:e9:04:c0:
         0e:ff:ac:82:31:1c:bc:27:df:f4:66:50:fe:95:ac:16:00:2a:
         c4:83:ba:22:b3:7c:c2:49:68:fd:f6:86:2a:bc:a0:f6:dc:af:
         4a:46:de:94:33:b2:d5:8a:0d:21:1d:e5:cc:03:68:62:72:1c:
         86:2b:b2:8e:00:33:60:fb:ee:1e:0d:86:16:ca:ca:39:e1:16:
         95:82:46:ec:b4:4d:1b:fc:d2:eb:4e:68:f6:05:b7:f3:84:b8:
         e7:85:0b:06:09:e2:fe:b4:f7:17:0d:4e:cf:c2:b8:61:ad:ce:
         f8:da:0c:48:d7:6a:13:10:15:34:f0:63:df:fa:ff:34:01:e2:
         a6:12:70:08
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgIDDMPtMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkx
M2Q1Y2RiMTYwNzI2ZGM5MmUwNGVkNDZhNjU4ZWM2YmZjYmJkZDEwHhcNMjMwOTI2
MTkwODE5WhcNMjUwOTI3MTkwODE5WjAzMTEwLwYDVQQDEygxZGFkZmIzMjgzZjY3
MDU0NWI1ZjNiZTdiNjdjYTBlYjhiMjJlY2VlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuaXuwKaqIyDrCFkLFKrj2Nt2RYWIgHhVNKsDEYO3t07q39X4
wIDY9X3wyuXlet4qe8YI92wWbvvRvU3MCvsXyKV2fwzLrNDZwJVXWHSz6NotSZyY
Lwt53fvlscVtb9EAxCvAyAP0ILYPSlrzeKE83H1HETvtwYBsn+c3i6lUh1C28UQ1
0vdeCkb7H38940vGNMi5rr0rLiHF1d372TKtMshBdNS/Jdi6ScCypDoJZ0iA+Cbz
UnRG2LtgnPerVRYHE/wrQbPaZiVYNUiEcyVNJKNyIO+iWORXd9Jj+Cgvj0r9pKJl
/uA0ak0TgrHd0msosZFcG6a40tcL7tuE7gReAQIDAQABo4IDPzCCAzswHQYDVR0O
BBYEFGQdGThG5VGznKFWNe4nRqLqTiQcMB8GA1UdIwQYMBaAFI9xTwL31bpGSCLp
2dR7u2DVk6EyMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTEzZDVj
ZGIxNjA3MjZkYzkyZTA0ZWQ0NmE2NThlYzZiZmNiYmRkMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvY2Q1YWQ2YzAtNDk5Yi00MzgwLTk4NGYtODc0Yzlm
NTFkMmZmLzFkYWRmYjMyODNmNjcwNTQ1YjVmM2JlN2I2N2NhMGViOGIyMmVjZWUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jZDVhZDZjMC00OTliLTQzODAtOTg0Zi04NzRj
OWY1MWQyZmYvOTEzZDVjZGIxNjA3MjZkYzkyZTA0ZWQ0NmE2NThlYzZiZmNiYmRk
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCAQEGCCsGAQUFBwEHAQH/
BIHxMIHuMIHrBAIAATCB5AMEAYq6HAMEAIq6HwMEALu9HAMEALu9IQMEALu9SAME
ALu9VDAMAwQAu71XAwQAu71YMAwDBAC7vVsDBAG7vVwwDAMEALu9ZQMEALu9ZgME
ALu9cgMEALu9ewMEALu9fzAMAwQAu72rAwQAu72uAwQAu73GAwQCu73UAwQAu73y
AwQAu732AwQAu74LAwQAu74VMAwDBAO7vhgDBAC7vhoDBAC7vhwDBAC7vicDBAG7
vpIwDAMEALu+mQMEALu+mgMEALu+nQMEALu+owMEALu+pQMEALu+wwMEALu+xwME
ALu+zDANBgkqhkiG9w0BAQsFAAOCAQEAVcLNxN+Ju7/xZCyUXMqGqRlYN96cRehd
Gm+6oyrqZ1JOp6IrqT8hwz7WYBoU3QHdzAyItyRGfqVfCHpQPHZMlhTR4W+iWcMX
wR9lKZgc+MiJbcCoepnPvlBvVFRxkkWaVfmkZ28O+7721/qaXNGrFJEfYqbzVW9r
XXPN6QTADv+sgjEcvCff9GZQ/pWsFgAqxIO6IrN8wklo/faGKryg9tyvSkbelDOy
1YoNIR3lzANoYnIchiuyjgAzYPvuHg2GFsrKOeEWlYJG7LRNG/zS605o9gW384S4
54ULBgni/rT3Fw1Oz8K4Ya3O+NoMSNdqExAVNPBj3/r/NAHiphJwCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:07 2024 by rpki-client on console-fra.rpki-client.org