Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e3231392e34312e302f32342d3234203d3e203237383233.roa
File:                     3133382e3231392e34312e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          c46V59is/FaumhAxL6X6ps/a0gmvtlKyVS/VwZ9uPgI=
Subject key identifier:   FB:A7:E4:79:B1:2F:F5:FE:66:3E:57:FC:95:0C:18:D9:C9:48:FA:0E
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       23A8E3167A270690DF870B710301B7F47978A630
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e3231392e34312e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:25 +0000
ROA not before:           Tue 04 Feb 2025 18:03:25 +0000
ROA not after:            Tue 03 Feb 2026 18:08:25 +0000
asID:                     27823
IP address blocks:        138.219.41.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:a8:e3:16:7a:27:06:90:df:87:0b:71:03:01:b7:f4:79:78:a6:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:25 2025 GMT
            Not After : Feb  3 18:08:25 2026 GMT
        Subject: CN=FBA7E479B12FF5FE663E57FC950C18D9C948FA0E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:6c:0c:74:8b:c9:a9:9d:0d:d0:b5:a5:96:c3:
                    82:99:1b:1d:49:44:8a:2e:e7:47:93:3d:55:12:92:
                    7d:11:4c:ce:9d:10:90:1a:39:05:ca:a6:51:29:45:
                    1b:eb:a8:d8:94:0f:72:39:52:da:aa:1a:a4:97:4c:
                    49:03:1a:67:23:4d:4a:e6:5b:0c:7f:45:ea:af:db:
                    b1:8a:eb:9b:01:96:f6:e6:01:8a:8e:1c:25:7e:28:
                    d3:b8:b4:f6:12:d4:da:51:2d:0d:9a:2c:3e:2e:ad:
                    f9:b6:04:d5:d1:5a:eb:7e:f9:3f:40:bb:a8:2a:55:
                    0a:ae:b3:9c:7b:25:10:b3:63:be:e3:be:f7:90:94:
                    48:88:85:2e:ad:db:39:f2:fb:20:2b:12:44:85:78:
                    5b:52:51:ec:02:c6:5a:aa:db:05:1d:8b:71:0b:40:
                    a3:ac:fe:85:05:8a:f2:57:45:6d:d7:53:58:e0:34:
                    d7:f7:96:7b:a6:41:5c:a5:07:dc:1f:28:3d:16:73:
                    ee:8d:02:88:95:71:43:50:05:f6:80:a4:ef:d8:bf:
                    25:7e:ae:44:8d:23:89:74:47:87:04:65:e5:3b:f3:
                    63:98:c8:d9:3c:d8:4a:88:e7:bd:dc:52:96:dc:cd:
                    6a:01:f9:fd:9c:2a:55:c4:b5:4c:34:50:36:64:23:
                    ee:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:A7:E4:79:B1:2F:F5:FE:66:3E:57:FC:95:0C:18:D9:C9:48:FA:0E
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3133382e3231392e34312e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.219.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:ed:ce:ce:5a:93:ad:0f:73:d6:86:1f:9e:2c:94:f7:8c:c5:
         88:d0:4d:84:89:d6:b8:0e:fa:e8:51:36:23:bd:47:2f:29:ca:
         81:9b:ca:f8:a2:74:65:40:39:5a:6c:24:c7:cd:a4:81:1d:5d:
         20:55:5b:6a:eb:64:37:76:b0:13:c2:2b:31:77:18:23:da:64:
         a2:21:f0:be:4b:e1:b8:d3:37:a8:01:3e:c0:52:cf:00:44:42:
         09:08:42:1e:f4:96:9d:a2:ec:9b:20:69:ec:ee:a8:47:2e:d2:
         45:cb:2e:1f:04:6a:83:fe:06:72:20:32:e9:38:a3:52:67:bd:
         27:16:0a:de:b1:a9:99:3c:28:2a:c4:23:ff:b9:ef:5e:a5:63:
         7c:8c:5b:1c:cd:39:57:62:3b:ff:7c:18:a0:f9:f6:ff:4f:f4:
         2b:0b:60:53:67:20:1f:44:9b:3f:fc:1d:5f:81:13:5d:fa:2c:
         5e:3a:98:26:85:94:ba:18:16:3a:f4:5c:d1:51:b7:fb:a7:6a:
         17:c6:4d:50:c5:2f:97:60:a7:ea:56:cb:e3:00:97:e0:e5:21:
         40:8a:df:89:1e:ec:d3:21:02:24:f9:cc:57:64:15:49:ae:69:
         49:a9:57:ed:89:80:2f:39:f2:2d:20:70:2b:91:dc:66:8d:09:
         47:3a:38:da
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUI6jjFnonBpDfhwtxAwG39Hl4pjAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjVaFw0yNjAyMDMxODA4MjVaMDMxMTAvBgNV
BAMTKEZCQTdFNDc5QjEyRkY1RkU2NjNFNTdGQzk1MEMxOEQ5Qzk0OEZBMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsbAx0i8mpnQ3QtaWWw4KZGx1J
RIou50eTPVUSkn0RTM6dEJAaOQXKplEpRRvrqNiUD3I5UtqqGqSXTEkDGmcjTUrm
Wwx/Reqv27GK65sBlvbmAYqOHCV+KNO4tPYS1NpRLQ2aLD4urfm2BNXRWut++T9A
u6gqVQqus5x7JRCzY77jvveQlEiIhS6t2zny+yArEkSFeFtSUewCxlqq2wUdi3EL
QKOs/oUFivJXRW3XU1jgNNf3lnumQVylB9wfKD0Wc+6NAoiVcUNQBfaApO/YvyV+
rkSNI4l0R4cEZeU782OYyNk82EqI573cUpbczWoB+f2cKlXEtUw0UDZkI+5RAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU+6fkebEv9f5mPlf8lQwY2clI+g4wHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzMzODJlMzIzMTM5MmUzNDMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIrbKTAN
BgkqhkiG9w0BAQsFAAOCAQEAQe3OzlqTrQ9z1oYfniyU94zFiNBNhInWuA766FE2
I71HLynKgZvK+KJ0ZUA5Wmwkx82kgR1dIFVbautkN3awE8IrMXcYI9pkoiHwvkvh
uNM3qAE+wFLPAERCCQhCHvSWnaLsmyBp7O6oRy7SRcsuHwRqg/4GciAy6TijUme9
JxYK3rGpmTwoKsQj/7nvXqVjfIxbHM05V2I7/3wYoPn2/0/0KwtgU2cgH0SbP/wd
X4ETXfosXjqYJoWUuhgWOvRc0VG3+6dqF8ZNUMUvl2Cn6lbL4wCX4OUhQIrfiR7s
0yECJPnMV2QVSa5pSalX7YmALznyLSBwK5HcZo0JRzo42g==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:52 2025 by rpki-client