Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/74cd196ff7cb595a4cadd5cc32dc6e4fcb691869.roa
File:                     74cd196ff7cb595a4cadd5cc32dc6e4fcb691869.roa (raw, json)
Hash identifier:          yzJiJPQJV5kEmYNMznGaAF37Q1rAyFe0//22errBqc8=
Subject key identifier:   E2:12:45:79:94:94:45:8A:87:C2:82:45:D3:F3:5D:BE:6A:1C:20:8B
Certificate issuer:       /CN=913d5cdb160726dc92e04ed46a658ec6bfcbbdd1
Certificate serial:       0CB054
Authority key identifier: 8F:71:4F:02:F7:D5:BA:46:48:22:E9:D9:D4:7B:BB:60:D5:93:A1:32
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/74cd196ff7cb595a4cadd5cc32dc6e4fcb691869.roa
Signing time:             Wed 27 Sep 2023 17:59:53 +0000
ROA not before:           Tue 26 Sep 2023 17:59:52 +0000
ROA not after:            Sat 27 Sep 2025 17:59:52 +0000
asID:                     17072
IP address blocks:        187.188.73.0/24 maxlen: 24
                          187.188.76.0/24 maxlen: 24
                          187.188.155.0/24 maxlen: 24
                          187.189.68.0/24 maxlen: 24
                          187.189.69.0/24 maxlen: 24
                          187.189.128.0/24 maxlen: 24
                          187.189.136.0/24 maxlen: 24
                          187.189.141.0/24 maxlen: 24
                          187.189.142.0/24 maxlen: 24
                          187.189.150.0/24 maxlen: 24
                          187.189.160.0/24 maxlen: 24
                          187.189.163.0/24 maxlen: 24
                          187.189.164.0/24 maxlen: 24
                          187.189.165.0/24 maxlen: 24
                          187.189.166.0/24 maxlen: 24
                          187.189.167.0/24 maxlen: 24
                          187.189.181.0/24 maxlen: 24
                          187.189.187.0/24 maxlen: 24
                          187.189.188.0/24 maxlen: 24
                          187.190.23.0/24 maxlen: 24
                          189.203.90.0/24 maxlen: 24
                          189.203.91.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 831572 (0xcb054)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=913d5cdb160726dc92e04ed46a658ec6bfcbbdd1
        Validity
            Not Before: Sep 26 17:59:52 2023 GMT
            Not After : Sep 27 17:59:52 2025 GMT
        Subject: CN=74cd196ff7cb595a4cadd5cc32dc6e4fcb691869
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:32:76:f8:66:86:d9:b3:d1:17:3a:4d:a4:de:
                    74:5b:d4:6f:7d:bb:f9:6b:f5:97:50:12:1f:7f:3b:
                    ef:21:ee:69:10:c8:e6:ab:a6:29:9e:1b:6c:6d:c1:
                    10:6e:63:b0:35:d7:96:05:b0:70:21:db:f2:0b:be:
                    c6:a1:a7:c1:ae:ea:25:f6:ef:af:19:b4:e9:37:c5:
                    da:10:30:94:bf:a6:f6:21:02:96:91:cf:42:b1:35:
                    f7:f5:8d:16:69:17:75:ac:d9:78:b0:25:66:45:93:
                    cc:51:2c:7f:29:96:fd:ac:e5:d3:5c:74:0a:52:0c:
                    34:41:30:bc:48:48:f5:fd:3e:fc:d3:86:08:d4:3f:
                    e7:f3:a6:48:f7:84:5a:5e:5f:39:2a:3b:c6:a9:33:
                    6e:8f:52:61:92:bd:9f:1e:a5:ac:52:1d:e2:94:c5:
                    58:87:c9:31:71:06:42:f6:0d:10:c9:4b:47:0c:4f:
                    78:21:e5:c8:89:c4:e1:5b:b0:df:a9:61:de:d6:89:
                    33:c2:29:4a:d6:21:ce:69:e2:28:7d:32:c7:f6:4c:
                    82:5d:69:fc:d2:9b:1a:30:cf:17:3e:6a:6a:64:1e:
                    3d:0a:87:b6:82:eb:7e:e9:11:f4:24:06:fe:dd:10:
                    74:ee:d5:3e:60:f3:67:da:9a:a9:6f:f1:e6:4d:41:
                    a4:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:12:45:79:94:94:45:8A:87:C2:82:45:D3:F3:5D:BE:6A:1C:20:8B
            X509v3 Authority Key Identifier:
                keyid:8F:71:4F:02:F7:D5:BA:46:48:22:E9:D9:D4:7B:BB:60:D5:93:A1:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/74cd196ff7cb595a4cadd5cc32dc6e4fcb691869.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.188.73.0/24
                  187.188.76.0/24
                  187.188.155.0/24
                  187.189.68.0/23
                  187.189.128.0/24
                  187.189.136.0/24
                  187.189.141.0-187.189.142.255
                  187.189.150.0/24
                  187.189.160.0/24
                  187.189.163.0-187.189.167.255
                  187.189.181.0/24
                  187.189.187.0-187.189.188.255
                  187.190.23.0/24
                  189.203.90.0/23

    Signature Algorithm: sha256WithRSAEncryption
         84:d2:0d:42:c2:0b:dc:db:61:2e:9c:10:26:03:a4:ab:ce:9a:
         fe:2f:36:48:ba:31:17:93:e7:c8:62:13:21:20:9f:b2:be:8a:
         01:a4:ef:7c:4f:dc:6d:9b:dc:86:f8:3c:6c:10:ae:a4:db:b1:
         75:8b:4b:1f:94:4b:b4:65:3f:37:7f:07:01:ba:54:0b:ee:0a:
         ee:f5:d6:21:ec:b8:f0:6b:81:0e:fb:43:b6:ca:6c:f1:e8:6f:
         ec:fb:4b:72:f9:34:15:9c:e4:d2:78:df:d0:ca:34:54:97:f4:
         ef:98:06:16:8c:e4:39:88:5c:87:00:c5:4d:3c:5c:f4:28:29:
         1a:0b:ce:34:1a:62:d4:89:3f:da:e6:13:5b:86:39:06:49:99:
         f2:33:e0:b1:c8:b5:c3:e7:08:75:d9:85:d6:2d:35:37:38:1a:
         af:8c:e8:51:bd:9a:49:aa:9e:fb:02:44:c4:ff:98:7e:f5:ec:
         52:3c:83:fa:07:9e:af:03:8b:98:c8:71:9b:aa:fc:17:e9:69:
         16:73:6a:9f:d4:0c:1c:7d:d2:58:45:31:97:f2:be:41:29:b9:
         2c:5b:09:60:d5:cb:65:1c:57:3c:43:af:14:1e:e5:de:8f:61:
         95:47:68:09:8a:4c:2c:31:0f:8e:ec:dc:57:2a:cf:6f:e5:e0:
         db:3e:e3:67
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgIDDLBUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkx
M2Q1Y2RiMTYwNzI2ZGM5MmUwNGVkNDZhNjU4ZWM2YmZjYmJkZDEwHhcNMjMwOTI2
MTc1OTUyWhcNMjUwOTI3MTc1OTUyWjAzMTEwLwYDVQQDEyg3NGNkMTk2ZmY3Y2I1
OTVhNGNhZGQ1Y2MzMmRjNmU0ZmNiNjkxODY5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqzJ2+GaG2bPRFzpNpN50W9Rvfbv5a/WXUBIffzvvIe5pEMjm
q6YpnhtsbcEQbmOwNdeWBbBwIdvyC77GoafBruol9u+vGbTpN8XaEDCUv6b2IQKW
kc9CsTX39Y0WaRd1rNl4sCVmRZPMUSx/KZb9rOXTXHQKUgw0QTC8SEj1/T7804YI
1D/n86ZI94RaXl85KjvGqTNuj1Jhkr2fHqWsUh3ilMVYh8kxcQZC9g0QyUtHDE94
IeXIicThW7DfqWHe1okzwilK1iHOaeIofTLH9kyCXWn80psaMM8XPmpqZB49Coe2
gut+6RH0JAb+3RB07tU+YPNn2pqpb/HmTUGkAwIDAQABo4ICwjCCAr4wHQYDVR0O
BBYEFOISRXmUlEWKh8KCRdPzXb5qHCCLMB8GA1UdIwQYMBaAFI9xTwL31bpGSCLp
2dR7u2DVk6EyMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTEzZDVj
ZGIxNjA3MjZkYzkyZTA0ZWQ0NmE2NThlYzZiZmNiYmRkMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvY2Q1YWQ2YzAtNDk5Yi00MzgwLTk4NGYtODc0Yzlm
NTFkMmZmLzc0Y2QxOTZmZjdjYjU5NWE0Y2FkZDVjYzMyZGM2ZTRmY2I2OTE4Njku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jZDVhZDZjMC00OTliLTQzODAtOTg0Zi04NzRj
OWY1MWQyZmYvOTEzZDVjZGIxNjA3MjZkYzkyZTA0ZWQ0NmE2NThlYzZiZmNiYmRk
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBhQYIKwYBBQUHAQcBAf8E
djB0MHIEAgABMGwDBAC7vEkDBAC7vEwDBAC7vJsDBAG7vUQDBAC7vYADBAC7vYgw
DAMEALu9jQMEALu9jgMEALu9lgMEALu9oDAMAwQAu72jAwQDu72gAwQAu721MAwD
BAC7vbsDBAC7vbwDBAC7vhcDBAG9y1owDQYJKoZIhvcNAQELBQADggEBAITSDULC
C9zbYS6cECYDpKvOmv4vNki6MReT58hiEyEgn7K+igGk73xP3G2b3Ib4PGwQrqTb
sXWLSx+US7RlPzd/BwG6VAvuCu711iHsuPBrgQ77Q7bKbPHob+z7S3L5NBWc5NJ4
39DKNFSX9O+YBhaM5DmIXIcAxU08XPQoKRoLzjQaYtSJP9rmE1uGOQZJmfIz4LHI
tcPnCHXZhdYtNTc4Gq+M6FG9mkmqnvsCRMT/mH717FI8g/oHnq8Di5jIcZuq/Bfp
aRZzap/UDBx90lhFMZfyvkEpuSxbCWDVy2UcVzxDrxQe5d6PYZVHaAmKTCwxD47s
3Fcqz2/l4Ns+42c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-ams.rpki-client.org