Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/b70ce43b5a527b2d73f5e6e0808ec5dcbfcc05ba.roa
File:                     b70ce43b5a527b2d73f5e6e0808ec5dcbfcc05ba.roa (raw, json)
Hash identifier:          n+xMWmbRufiaX1hieAyJQbgFiMgz7GHbaY7D0HhYfUY=
Subject key identifier:   EB:7F:7A:DF:3A:B3:D4:A4:41:EE:04:FB:98:F2:45:75:A6:59:A2:EF
Certificate issuer:       /CN=913d5cdb160726dc92e04ed46a658ec6bfcbbdd1
Certificate serial:       0D2BC7
Authority key identifier: 8F:71:4F:02:F7:D5:BA:46:48:22:E9:D9:D4:7B:BB:60:D5:93:A1:32
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/b70ce43b5a527b2d73f5e6e0808ec5dcbfcc05ba.roa
Signing time:             Wed 11 Oct 2023 18:09:55 +0000
ROA not before:           Tue 10 Oct 2023 18:09:55 +0000
ROA not after:            Sat 11 Oct 2025 18:09:55 +0000
asID:                     22884
IP address blocks:        187.188.208.0/24 maxlen: 24
                          187.189.39.0/24 maxlen: 24
                          187.189.67.0/24 maxlen: 24
                          187.189.89.0/24 maxlen: 24
                          187.189.157.0/24 maxlen: 24
                          187.189.161.0/24 maxlen: 24
                          187.189.162.0/24 maxlen: 24
                          187.189.179.0/24 maxlen: 24
                          187.189.204.0/24 maxlen: 24
                          187.190.37.0/24 maxlen: 24
                          187.190.54.0/24 maxlen: 24
                          187.190.61.0/24 maxlen: 24
                          187.190.77.0/24 maxlen: 24
                          187.190.119.0/24 maxlen: 24
                          187.190.210.0/24 maxlen: 24
                          187.190.216.0/24 maxlen: 24
                          187.191.14.0/24 maxlen: 24
                          187.251.158.0/24 maxlen: 24
                          187.251.223.0/24 maxlen: 24
                          189.203.30.0/24 maxlen: 24
                          189.203.31.0/24 maxlen: 24
                          189.203.43.0/24 maxlen: 24
                          189.203.140.0/24 maxlen: 24
                          189.203.154.0/24 maxlen: 24
                          189.203.165.0/24 maxlen: 24
                          189.203.168.0/24 maxlen: 24
                          189.203.229.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 863175 (0xd2bc7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=913d5cdb160726dc92e04ed46a658ec6bfcbbdd1
        Validity
            Not Before: Oct 10 18:09:55 2023 GMT
            Not After : Oct 11 18:09:55 2025 GMT
        Subject: CN=b70ce43b5a527b2d73f5e6e0808ec5dcbfcc05ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:89:6a:27:1c:7c:e7:37:02:63:ff:51:d5:fe:
                    c0:4c:e5:70:fb:e3:2a:b1:4f:6f:8a:fa:b1:89:1e:
                    52:af:44:74:0e:e2:24:ca:d2:2a:ac:9c:81:00:55:
                    27:6a:14:86:c9:01:7b:0d:63:c7:97:b2:10:7d:d2:
                    3b:e2:b4:88:39:89:af:ae:0d:0d:6e:43:0c:53:b1:
                    30:c4:58:83:89:4a:6a:c2:63:da:72:e7:dd:db:78:
                    cb:19:f7:c1:f1:bd:ba:9e:64:58:55:12:25:01:df:
                    e8:37:f8:df:45:68:14:53:80:db:c7:9a:b7:47:00:
                    db:4d:f2:c5:6f:16:b2:62:01:16:ed:a1:f8:f1:a9:
                    40:4c:f0:33:59:e5:5f:c9:00:4b:13:7f:09:04:49:
                    d3:d6:40:5b:87:2b:99:f5:65:e5:5b:f0:bc:c2:42:
                    96:07:b8:dd:fd:7c:4e:4b:72:c4:a7:aa:ef:42:7a:
                    66:a7:a8:c6:c8:80:89:ff:57:69:38:de:82:1f:e4:
                    0b:a8:74:92:a1:e4:39:7a:31:9a:77:8c:b0:39:1b:
                    92:5f:1b:25:81:fd:6a:f4:27:a5:0f:58:60:52:cd:
                    4d:d2:29:dc:92:fe:30:82:4c:39:34:da:71:bc:f1:
                    e2:ec:cb:9f:a2:12:ef:36:5e:8d:58:80:30:14:26:
                    75:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:7F:7A:DF:3A:B3:D4:A4:41:EE:04:FB:98:F2:45:75:A6:59:A2:EF
            X509v3 Authority Key Identifier:
                keyid:8F:71:4F:02:F7:D5:BA:46:48:22:E9:D9:D4:7B:BB:60:D5:93:A1:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/b70ce43b5a527b2d73f5e6e0808ec5dcbfcc05ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/cd5ad6c0-499b-4380-984f-874c9f51d2ff/913d5cdb160726dc92e04ed46a658ec6bfcbbdd1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.188.208.0/24
                  187.189.39.0/24
                  187.189.67.0/24
                  187.189.89.0/24
                  187.189.157.0/24
                  187.189.161.0-187.189.162.255
                  187.189.179.0/24
                  187.189.204.0/24
                  187.190.37.0/24
                  187.190.54.0/24
                  187.190.61.0/24
                  187.190.77.0/24
                  187.190.119.0/24
                  187.190.210.0/24
                  187.190.216.0/24
                  187.191.14.0/24
                  187.251.158.0/24
                  187.251.223.0/24
                  189.203.30.0/23
                  189.203.43.0/24
                  189.203.140.0/24
                  189.203.154.0/24
                  189.203.165.0/24
                  189.203.168.0/24
                  189.203.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:41:ee:74:2a:9f:7f:35:33:e7:b0:7c:ad:69:65:c4:9c:38:
         00:7e:78:9b:42:f5:ae:df:03:0a:33:3c:b4:1f:ba:65:12:64:
         f7:a7:ab:08:8d:5a:94:9a:a0:b8:f8:26:d7:d5:35:f2:c8:77:
         9b:0b:53:17:dd:46:8e:4c:6d:9e:f3:7f:61:c5:e5:11:f4:9c:
         ed:30:33:2f:b3:10:82:ca:3d:8c:d2:13:0b:21:ad:10:41:bb:
         c2:2c:3a:1b:45:07:93:5f:13:f2:5c:c9:50:b8:b3:db:74:d4:
         74:0e:85:85:bb:b0:50:f9:f9:2a:f8:d2:78:02:f7:aa:5d:37:
         e0:b4:88:7f:f2:db:c5:8c:92:fe:f0:fd:14:3a:58:e8:88:40:
         00:e2:60:e5:78:cc:27:41:94:e8:67:1e:58:da:cb:cb:d4:fe:
         ac:37:62:7d:f8:61:56:f5:f2:58:bb:34:e4:e3:e4:0c:90:92:
         91:ef:c9:22:fd:81:d7:f3:23:fa:92:2b:cb:dc:5a:ad:4f:d9:
         af:89:4a:5c:ec:35:02:8f:ff:a8:b0:9d:34:7d:06:7f:ef:91:
         d3:fc:81:32:42:1e:9c:f1:f2:6c:e8:39:cf:9f:55:8d:d4:02:
         d2:43:56:ef:df:49:ce:a9:a6:85:0a:42:24:1b:da:f7:2d:b7:
         32:33:d2:5f
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgIDDSvHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkx
M2Q1Y2RiMTYwNzI2ZGM5MmUwNGVkNDZhNjU4ZWM2YmZjYmJkZDEwHhcNMjMxMDEw
MTgwOTU1WhcNMjUxMDExMTgwOTU1WjAzMTEwLwYDVQQDEyhiNzBjZTQzYjVhNTI3
YjJkNzNmNWU2ZTA4MDhlYzVkY2JmY2MwNWJhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4olqJxx85zcCY/9R1f7ATOVw++MqsU9vivqxiR5Sr0R0DuIk
ytIqrJyBAFUnahSGyQF7DWPHl7IQfdI74rSIOYmvrg0NbkMMU7EwxFiDiUpqwmPa
cufd23jLGffB8b26nmRYVRIlAd/oN/jfRWgUU4Dbx5q3RwDbTfLFbxayYgEW7aH4
8alATPAzWeVfyQBLE38JBEnT1kBbhyuZ9WXlW/C8wkKWB7jd/XxOS3LEp6rvQnpm
p6jGyICJ/1dpON6CH+QLqHSSoeQ5ejGad4ywORuSXxslgf1q9CelD1hgUs1N0inc
kv4wgkw5NNpxvPHi7MufohLvNl6NWIAwFCZ1AQIDAQABo4IC+DCCAvQwHQYDVR0O
BBYEFOt/et86s9SkQe4E+5jyRXWmWaLvMB8GA1UdIwQYMBaAFI9xTwL31bpGSCLp
2dR7u2DVk6EyMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTEzZDVj
ZGIxNjA3MjZkYzkyZTA0ZWQ0NmE2NThlYzZiZmNiYmRkMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvY2Q1YWQ2YzAtNDk5Yi00MzgwLTk4NGYtODc0Yzlm
NTFkMmZmL2I3MGNlNDNiNWE1MjdiMmQ3M2Y1ZTZlMDgwOGVjNWRjYmZjYzA1YmEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jZDVhZDZjMC00OTliLTQzODAtOTg0Zi04NzRj
OWY1MWQyZmYvOTEzZDVjZGIxNjA3MjZkYzkyZTA0ZWQ0NmE2NThlYzZiZmNiYmRk
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBuwYIKwYBBQUHAQcBAf8E
gaswgagwgaUEAgABMIGeAwQAu7zQAwQAu70nAwQAu71DAwQAu71ZAwQAu72dMAwD
BAC7vaEDBAC7vaIDBAC7vbMDBAC7vcwDBAC7viUDBAC7vjYDBAC7vj0DBAC7vk0D
BAC7vncDBAC7vtIDBAC7vtgDBAC7vw4DBAC7+54DBAC7+98DBAG9yx4DBAC9yysD
BAC9y4wDBAC9y5oDBAC9y6UDBAC9y6gDBAC9y+UwDQYJKoZIhvcNAQELBQADggEB
AKpB7nQqn381M+ewfK1pZcScOAB+eJtC9a7fAwozPLQfumUSZPenqwiNWpSaoLj4
JtfVNfLId5sLUxfdRo5MbZ7zf2HF5RH0nO0wMy+zEILKPYzSEwshrRBBu8IsOhtF
B5NfE/JcyVC4s9t01HQOhYW7sFD5+Sr40ngC96pdN+C0iH/y28WMkv7w/RQ6WOiI
QADiYOV4zCdBlOhnHljay8vU/qw3Yn34YVb18li7NOTj5AyQkpHvySL9gdfzI/qS
K8vcWq1P2a+JSlzsNQKP/6iwnTR9Bn/vkdP8gTJCHpzx8mzoOc+fVY3UAtJDVu/f
Sc6ppoUKQiQb2vcttzIz0l8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:07 2024 by rpki-client on console-fra.rpki-client.org