Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132352e302f32342d3234203d3e203237383233.roa
File:                     3137392e34332e3132352e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          v1gEBv+Bsg126h0Y9dbspZgA+Dv8gRpSYyT5KgB5Mig=
Subject key identifier:   56:23:CE:B5:85:93:CB:ED:7E:41:44:D3:A1:6F:C1:9D:CE:43:60:C3
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       02656B1DA1ADBFA14915D794F2027E814B21E8F5
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132352e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:27 +0000
ROA not before:           Tue 04 Feb 2025 18:03:27 +0000
ROA not after:            Tue 03 Feb 2026 18:08:27 +0000
asID:                     27823
IP address blocks:        179.43.125.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:65:6b:1d:a1:ad:bf:a1:49:15:d7:94:f2:02:7e:81:4b:21:e8:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:27 2025 GMT
            Not After : Feb  3 18:08:27 2026 GMT
        Subject: CN=5623CEB58593CBED7E4144D3A16FC19DCE4360C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:a7:d4:0a:fe:08:0b:6b:f2:41:eb:a4:0a:5c:
                    fa:92:6c:81:8d:14:35:a3:c9:5f:48:3f:01:99:8b:
                    d8:cc:5e:ac:c9:b9:ea:2d:66:6c:aa:f0:37:7e:08:
                    fc:5a:5e:21:3a:6c:70:c7:cb:2a:63:75:eb:df:33:
                    11:f9:8d:96:e7:fd:fa:b2:f0:9f:b0:a3:e3:92:dc:
                    48:8a:7c:72:c2:00:78:98:51:df:07:b7:a6:37:80:
                    2c:06:7b:04:2c:54:fe:8b:19:a8:10:87:07:b3:dc:
                    ad:30:96:25:43:ff:29:ad:93:3d:ab:6a:ca:ce:0b:
                    e1:df:55:ef:77:e6:c5:70:ec:f5:b8:59:6a:35:34:
                    50:92:10:f4:11:bd:ed:b1:da:e3:52:10:e6:da:2f:
                    f2:12:11:56:6c:da:0e:b3:ea:7b:32:8c:63:57:82:
                    ca:b5:f2:4c:01:97:5d:59:ad:95:b1:6c:6d:11:9e:
                    6b:1b:3e:96:54:92:37:7b:1e:54:83:83:ec:cc:19:
                    aa:95:f8:87:c2:99:a5:44:dc:57:a6:86:f1:06:71:
                    d4:ea:67:57:5e:7b:ef:28:5d:52:fb:e9:ba:6e:6c:
                    44:21:63:70:98:4c:84:a2:2e:c7:6d:91:e2:cb:0c:
                    b3:bf:4d:b1:01:f8:11:11:7c:a8:64:37:33:fd:6f:
                    81:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:23:CE:B5:85:93:CB:ED:7E:41:44:D3:A1:6F:C1:9D:CE:43:60:C3
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3137392e34332e3132352e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.43.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cd:7b:f7:a3:b3:c5:5d:2f:ca:f2:ec:02:e6:57:15:95:ca:51:
         f1:ad:b1:2a:95:ea:56:c1:f7:56:a0:e9:fd:8b:1f:45:b8:a0:
         af:81:d6:f5:4d:ea:a1:b1:76:be:ee:61:13:c9:17:1a:08:39:
         c1:92:68:d7:b5:f1:7a:55:9b:0f:fb:0e:f6:2b:ab:a7:df:dc:
         01:4f:65:96:2a:4a:e4:52:32:63:b4:18:9c:21:fd:75:cb:05:
         fa:05:68:ae:03:89:ce:c4:e8:b3:66:ff:41:8b:91:da:ac:a4:
         f2:9f:51:c4:31:c4:33:c9:42:e4:d0:f7:1a:0b:81:9c:ec:57:
         34:d8:2f:99:df:b2:4c:dd:31:3b:71:25:73:9c:a4:62:a6:5f:
         8b:03:fe:61:aa:58:0e:db:82:c0:59:e5:1b:98:fd:ce:60:a9:
         73:75:61:17:c5:e7:41:24:a1:99:c0:c0:d8:e3:5c:9d:a9:b5:
         91:c9:6d:dd:fd:14:d7:b2:1a:ac:03:7e:c1:c6:80:5b:55:a7:
         e0:47:03:79:1a:1a:a8:d1:c6:ed:4e:87:37:52:31:c5:78:af:
         9f:59:a1:a9:73:4c:92:66:10:35:dc:12:8e:d0:88:0f:f0:ae:
         5e:03:36:5f:b4:0c:ac:3c:55:e3:7c:83:23:76:a6:f6:c4:49:
         07:64:62:45
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUAmVrHaGtv6FJFdeU8gJ+gUsh6PUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjdaFw0yNjAyMDMxODA4MjdaMDMxMTAvBgNV
BAMTKDU2MjNDRUI1ODU5M0NCRUQ3RTQxNDREM0ExNkZDMTlEQ0U0MzYwQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGp9QK/ggLa/JB66QKXPqSbIGN
FDWjyV9IPwGZi9jMXqzJueotZmyq8Dd+CPxaXiE6bHDHyypjdevfMxH5jZbn/fqy
8J+wo+OS3EiKfHLCAHiYUd8Ht6Y3gCwGewQsVP6LGagQhwez3K0wliVD/ymtkz2r
asrOC+HfVe935sVw7PW4WWo1NFCSEPQRve2x2uNSEObaL/ISEVZs2g6z6nsyjGNX
gsq18kwBl11ZrZWxbG0RnmsbPpZUkjd7HlSDg+zMGaqV+IfCmaVE3FemhvEGcdTq
Z1dee+8oXVL76bpubEQhY3CYTISiLsdtkeLLDLO/TbEB+BERfKhkNzP9b4GnAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUViPOtYWTy+1+QUTToW/Bnc5DYMMwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzczOTJlMzQzMzJlMzEzMjM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALMrfTAN
BgkqhkiG9w0BAQsFAAOCAQEAzXv3o7PFXS/K8uwC5lcVlcpR8a2xKpXqVsH3VqDp
/YsfRbigr4HW9U3qobF2vu5hE8kXGgg5wZJo17XxelWbD/sO9iurp9/cAU9llipK
5FIyY7QYnCH9dcsF+gVorgOJzsTos2b/QYuR2qyk8p9RxDHEM8lC5ND3GguBnOxX
NNgvmd+yTN0xO3Elc5ykYqZfiwP+YapYDtuCwFnlG5j9zmCpc3VhF8XnQSShmcDA
2ONcnam1kclt3f0U17IarAN+wcaAW1Wn4EcDeRoaqNHG7U6HN1IxxXivn1mhqXNM
kmYQNdwSjtCID/CuXgM2X7QMrDxV43yDI3am9sRJB2RiRQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:25 2025 by rpki-client