Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/76899cecb18ba3d1a426660e681b882de2ce327c.roa
File:                     76899cecb18ba3d1a426660e681b882de2ce327c.roa (raw, json)
Hash identifier:          115ClMDaYg3OuxRlaWrzJXwt/qEKUKQrFzcaAlvY1Kc=
Subject key identifier:   48:E9:43:CE:1E:BF:76:FA:73:BB:EA:4F:BD:8C:E8:5F:C0:70:22:16
Certificate issuer:       /CN=913d5cdb160726dc92e04ed46a658ec6bfcbbdd1
Certificate serial:       0D845A
Authority key identifier: 8F:71:4F:02:F7:D5:BA:46:48:22:E9:D9:D4:7B:BB:60:D5:93:A1:32
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/76899cecb18ba3d1a426660e681b882de2ce327c.roa
Signing time:             Wed 18 Oct 2023 17:50:14 +0000
ROA not before:           Tue 17 Oct 2023 17:50:14 +0000
ROA not after:            Sat 18 Oct 2025 17:50:14 +0000
asID:                     22884
IP address blocks:        186.96.8.0/24 maxlen: 24
                          186.96.22.0/24 maxlen: 24
                          186.96.23.0/24 maxlen: 24
                          186.96.24.0/24 maxlen: 24
                          186.96.26.0/24 maxlen: 24
                          186.96.40.0/24 maxlen: 24
                          186.96.52.0/24 maxlen: 24
                          186.96.55.0/24 maxlen: 24
                          186.96.61.0/24 maxlen: 24
                          186.96.63.0/24 maxlen: 24
                          186.96.128.0/24 maxlen: 24
                          186.96.146.0/24 maxlen: 24
                          186.96.159.0/24 maxlen: 24
                          187.188.13.0/24 maxlen: 24
                          187.188.69.0/24 maxlen: 24
                          187.188.77.0/24 maxlen: 24
                          187.188.110.0/24 maxlen: 24
                          187.188.139.0/24 maxlen: 24
                          187.188.207.0/24 maxlen: 24
                          187.188.248.0/24 maxlen: 24
                          187.189.12.0/24 maxlen: 24
                          187.189.16.0/24 maxlen: 24
                          187.189.19.0/24 maxlen: 24
                          187.189.30.0/24 maxlen: 24
                          187.189.70.0/24 maxlen: 24
                          187.189.118.0/24 maxlen: 24
                          187.189.129.0/24 maxlen: 24
                          187.189.137.0/24 maxlen: 24
                          187.189.169.0/24 maxlen: 24
                          187.189.254.0/24 maxlen: 24
                          187.190.2.0/24 maxlen: 24
                          187.190.3.0/24 maxlen: 24
                          187.190.32.0/24 maxlen: 24
                          187.190.36.0/24 maxlen: 24
                          187.190.44.0/24 maxlen: 24
                          187.190.52.0/24 maxlen: 24
                          187.190.76.0/24 maxlen: 24
                          187.190.170.0/24 maxlen: 24
                          187.190.171.0/24 maxlen: 24
                          187.190.200.0/24 maxlen: 24
                          187.190.201.0/24 maxlen: 24
                          187.190.234.0/24 maxlen: 24
                          187.190.241.0/24 maxlen: 24
                          187.190.244.0/24 maxlen: 24
                          187.191.12.0/24 maxlen: 24
                          187.191.18.0/24 maxlen: 24
                          187.191.34.0/24 maxlen: 24
                          187.191.55.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 885850 (0xd845a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=913d5cdb160726dc92e04ed46a658ec6bfcbbdd1
        Validity
            Not Before: Oct 17 17:50:14 2023 GMT
            Not After : Oct 18 17:50:14 2025 GMT
        Subject: CN=76899cecb18ba3d1a426660e681b882de2ce327c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:04:87:d7:84:d9:1c:a4:d8:11:e6:5d:db:47:
                    ae:7f:ee:37:64:92:1c:3a:18:95:de:39:8a:a2:3d:
                    1c:15:f7:6e:60:67:a8:2b:cd:33:8b:19:15:f3:60:
                    28:4c:67:09:05:d1:01:2c:6c:60:1d:2a:4b:0e:ad:
                    71:12:8b:01:6a:40:82:e8:4d:7e:23:cf:53:cc:6d:
                    a2:03:36:65:c6:fd:b8:c3:05:29:6c:28:5d:97:b5:
                    38:42:4a:6a:bd:60:e3:2b:3e:32:5f:5b:04:c7:ae:
                    de:c3:f1:e4:a3:72:6e:27:d8:e1:02:2e:f9:05:ef:
                    7b:b6:3a:b7:f5:48:99:04:05:8c:95:69:8b:95:0c:
                    8c:e3:31:e5:fc:98:7e:c6:e2:ce:39:94:1d:72:7d:
                    ca:09:59:3b:cf:f2:ae:6d:0c:c9:4e:7f:32:0f:76:
                    78:6f:d8:a8:3b:15:31:54:4f:95:df:df:3d:40:3f:
                    14:95:33:1f:5c:2e:8a:43:1a:60:4c:b6:10:18:5e:
                    e9:f6:9c:40:fb:52:7d:a9:8b:38:ea:23:34:0e:f1:
                    08:c4:46:8b:92:6a:b5:1e:f6:7b:56:52:2d:9d:ca:
                    83:40:b0:f3:fd:0d:2d:33:cc:74:d3:0b:9e:37:68:
                    b4:26:b4:4c:d0:86:19:0c:2d:5e:5a:e3:5a:5d:ba:
                    07:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:E9:43:CE:1E:BF:76:FA:73:BB:EA:4F:BD:8C:E8:5F:C0:70:22:16
            X509v3 Authority Key Identifier:
                keyid:8F:71:4F:02:F7:D5:BA:46:48:22:E9:D9:D4:7B:BB:60:D5:93:A1:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/76899cecb18ba3d1a426660e681b882de2ce327c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.96.8.0/24
                  186.96.22.0-186.96.24.255
                  186.96.26.0/24
                  186.96.40.0/24
                  186.96.52.0/24
                  186.96.55.0/24
                  186.96.61.0/24
                  186.96.63.0/24
                  186.96.128.0/24
                  186.96.146.0/24
                  186.96.159.0/24
                  187.188.13.0/24
                  187.188.69.0/24
                  187.188.77.0/24
                  187.188.110.0/24
                  187.188.139.0/24
                  187.188.207.0/24
                  187.188.248.0/24
                  187.189.12.0/24
                  187.189.16.0/24
                  187.189.19.0/24
                  187.189.30.0/24
                  187.189.70.0/24
                  187.189.118.0/24
                  187.189.129.0/24
                  187.189.137.0/24
                  187.189.169.0/24
                  187.189.254.0/24
                  187.190.2.0/23
                  187.190.32.0/24
                  187.190.36.0/24
                  187.190.44.0/24
                  187.190.52.0/24
                  187.190.76.0/24
                  187.190.170.0/23
                  187.190.200.0/23
                  187.190.234.0/24
                  187.190.241.0/24
                  187.190.244.0/24
                  187.191.12.0/24
                  187.191.18.0/24
                  187.191.34.0/24
                  187.191.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:ce:10:fa:2e:93:79:9e:bd:25:ed:db:5b:48:b1:61:88:e1:
         16:ff:75:53:fc:70:51:17:14:53:04:05:a9:62:26:2f:95:d7:
         10:23:4e:93:dc:b6:db:6b:f4:38:c0:dd:39:d2:52:5e:11:68:
         11:a9:fa:e8:c8:da:4d:21:22:cc:c6:6c:14:7b:d6:65:d6:d6:
         f3:45:38:4e:78:bc:d1:45:74:4b:a2:8d:4f:9d:4d:9f:cb:c6:
         f6:5b:75:e4:ab:80:4e:cf:ff:d3:63:ca:1e:76:80:4c:de:21:
         18:3f:31:4e:8d:15:86:b4:ff:d0:bc:61:54:ca:7b:57:7d:35:
         56:61:45:4c:e5:f8:32:3a:3a:03:d6:7c:22:36:0f:bf:24:1a:
         6b:51:38:fc:23:76:dd:c7:58:a6:43:65:e1:e4:95:c4:d0:70:
         d8:e6:ff:72:f3:ba:26:af:e4:57:30:ac:8f:e9:a7:8c:aa:f9:
         97:4b:72:b7:c9:c7:bf:2d:bb:fa:99:13:75:6e:68:44:28:27:
         a6:c6:18:04:78:1c:e1:96:cb:92:b7:79:8e:2f:36:d3:c4:85:
         02:23:9d:a6:c6:f9:43:b9:b2:68:1d:86:1c:0b:6b:80:47:7e:
         3a:47:5f:0e:ed:e7:0b:40:b4:f6:73:39:a3:20:19:06:d3:e9:
         c6:ae:cc:a1
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgIDDYRaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkx
M2Q1Y2RiMTYwNzI2ZGM5MmUwNGVkNDZhNjU4ZWM2YmZjYmJkZDEwHhcNMjMxMDE3
MTc1MDE0WhcNMjUxMDE4MTc1MDE0WjAzMTEwLwYDVQQDEyg3Njg5OWNlY2IxOGJh
M2QxYTQyNjY2MGU2ODFiODgyZGUyY2UzMjdjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgwSH14TZHKTYEeZd20euf+43ZJIcOhiV3jmKoj0cFfduYGeo
K80zixkV82AoTGcJBdEBLGxgHSpLDq1xEosBakCC6E1+I89TzG2iAzZlxv24wwUp
bChdl7U4QkpqvWDjKz4yX1sEx67ew/Hko3JuJ9jhAi75Be97tjq39UiZBAWMlWmL
lQyM4zHl/Jh+xuLOOZQdcn3KCVk7z/KubQzJTn8yD3Z4b9ioOxUxVE+V3989QD8U
lTMfXC6KQxpgTLYQGF7p9pxA+1J9qYs46iM0DvEIxEaLkmq1HvZ7VlItncqDQLDz
/Q0tM8x00wueN2i0JrRM0IYZDC1eWuNaXboH4wIDAQABo4IDaTCCA2UwHQYDVR0O
BBYEFEjpQ84ev3b6c7vqT72M6F/AcCIWMB8GA1UdIwQYMBaAFI9xTwL31bpGSCLp
2dR7u2DVk6EyMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTEzZDVj
ZGIxNjA3MjZkYzkyZTA0ZWQ0NmE2NThlYzZiZmNiYmRkMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvY2Q1YWQ2YzAtNDk5Yi00MzgwLTk4NGYtODc0Yzlm
NTFkMmZmLzc2ODk5Y2VjYjE4YmEzZDFhNDI2NjYwZTY4MWI4ODJkZTJjZTMyN2Mu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jZDVhZDZjMC00OTliLTQzODAtOTg0Zi04NzRj
OWY1MWQyZmYvOTEzZDVjZGIxNjA3MjZkYzkyZTA0ZWQ0NmE2NThlYzZiZmNiYmRk
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCASsGCCsGAQUFBwEHAQH/
BIIBGjCCARYwggESBAIAATCCAQoDBAC6YAgwDAMEAbpgFgMEALpgGAMEALpgGgME
ALpgKAMEALpgNAMEALpgNwMEALpgPQMEALpgPwMEALpggAMEALpgkgMEALpgnwME
ALu8DQMEALu8RQMEALu8TQMEALu8bgMEALu8iwMEALu8zwMEALu8+AMEALu9DAME
ALu9EAMEALu9EwMEALu9HgMEALu9RgMEALu9dgMEALu9gQMEALu9iQMEALu9qQME
ALu9/gMEAbu+AgMEALu+IAMEALu+JAMEALu+LAMEALu+NAMEALu+TAMEAbu+qgME
Abu+yAMEALu+6gMEALu+8QMEALu+9AMEALu/DAMEALu/EgMEALu/IgMEALu/NzAN
BgkqhkiG9w0BAQsFAAOCAQEADM4Q+i6TeZ69Je3bW0ixYYjhFv91U/xwURcUUwQF
qWImL5XXECNOk9y222v0OMDdOdJSXhFoEan66MjaTSEizMZsFHvWZdbW80U4Tni8
0UV0S6KNT51Nn8vG9lt15KuATs//02PKHnaATN4hGD8xTo0VhrT/0LxhVMp7V301
VmFFTOX4Mjo6A9Z8IjYPvyQaa1E4/CN23cdYpkNl4eSVxNBw2Ob/cvO6Jq/kVzCs
j+mnjKr5l0tyt8nHvy27+pkTdW5oRCgnpsYYBHgc4ZbLkrd5ji8208SFAiOdpsb5
Q7myaB2GHAtrgEd+OkdfDu3nC0C09nM5oyAZBtPpxq7MoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:07 2024 by rpki-client on console-fra.rpki-client.org