Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130312e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3130312e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          I3woKmEJhXlBfUtyNO8j3syZtp+/KvV8Qtn1L4pxjyM=
Subject key identifier:   4E:29:F4:8E:69:1A:29:98:64:11:35:F5:DC:6F:70:A9:27:9C:82:59
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       37AEC38673FDBB623D03591251E291697582A1E7
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130312e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:18 +0000
ROA not before:           Tue 04 Feb 2025 18:03:18 +0000
ROA not after:            Tue 03 Feb 2026 18:08:18 +0000
asID:                     27823
IP address blocks:        200.58.101.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:ae:c3:86:73:fd:bb:62:3d:03:59:12:51:e2:91:69:75:82:a1:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:18 2025 GMT
            Not After : Feb  3 18:08:18 2026 GMT
        Subject: CN=4E29F48E691A2998641135F5DC6F70A9279C8259
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:85:1e:c0:e4:96:dd:ca:ad:ff:ca:ae:af:88:
                    a6:b4:25:a7:d6:f8:82:6c:e0:3e:84:86:ec:50:85:
                    59:b9:65:d5:cb:0b:85:9b:df:7e:65:25:d5:51:ec:
                    d4:de:35:d9:3a:47:da:91:a4:3c:6f:8c:13:b6:8c:
                    38:f1:05:57:ff:8b:5c:ef:5a:50:3a:dd:02:20:ab:
                    58:05:ee:f4:18:c7:d3:1d:4b:45:c6:f3:2d:32:66:
                    ae:9b:8c:13:0f:05:de:4a:94:67:65:ca:f9:0f:8a:
                    6c:58:8c:55:62:9b:82:23:24:51:b1:24:34:11:17:
                    6f:6c:fc:b2:14:93:d3:33:ea:15:27:e3:b3:33:42:
                    12:5f:8a:f1:47:0b:10:4c:15:ba:10:89:a7:32:30:
                    84:95:ef:18:ee:29:47:90:04:57:b3:b7:58:7e:38:
                    eb:89:35:29:86:4d:ad:2b:0b:4f:f8:e7:55:0d:cd:
                    88:20:3f:49:c9:31:6a:d3:86:ed:c1:f7:8a:14:83:
                    d1:c4:66:fe:45:df:20:83:09:84:8c:18:08:33:81:
                    8d:9e:4b:d6:9c:91:4c:75:69:86:66:12:6a:8c:f8:
                    b8:0b:0e:64:85:8c:b2:41:2f:cf:60:f2:c6:10:ad:
                    e6:92:b3:ca:21:de:cf:b8:de:76:1b:89:02:71:6d:
                    21:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:29:F4:8E:69:1A:29:98:64:11:35:F5:DC:6F:70:A9:27:9C:82:59
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130312e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:03:f0:b3:5a:4c:a4:04:24:7f:d5:05:e7:b0:ce:cf:3b:f8:
         fc:6f:44:91:06:bf:9f:3b:7d:3a:a2:86:e5:6f:dd:c5:54:1a:
         64:e3:e6:a8:5f:71:df:17:c1:0e:03:84:b3:d6:44:f4:c7:13:
         c9:86:6c:b3:64:f4:78:83:5e:f8:3a:2f:96:2f:4e:ff:c8:7a:
         22:69:7d:a3:d3:0c:57:e5:e2:51:0b:53:78:d7:8d:b5:e1:9c:
         9a:09:28:17:d8:19:06:00:99:91:85:c7:b3:5d:96:d2:77:f0:
         de:70:fd:d3:2f:fb:68:aa:3b:f1:82:7f:02:e8:3f:4f:34:45:
         0e:74:4a:b4:b8:bd:de:b1:e8:c2:81:f5:35:72:ba:fd:f1:4f:
         e0:ea:b3:21:66:f4:37:03:bd:e0:5b:6d:20:e4:32:a5:92:cb:
         31:ca:f1:00:d4:ae:5d:7d:52:d0:1a:9d:e8:e5:24:21:49:67:
         d9:bf:05:5e:f2:18:c2:8f:dd:7b:50:92:33:b5:47:6c:6d:1a:
         54:70:51:d0:2a:54:5f:51:57:39:ae:54:2c:08:32:0d:9e:3c:
         e8:3d:c1:78:d0:44:a5:fe:19:9d:84:47:3d:b9:d8:47:b4:ae:
         70:14:78:73:1d:fd:27:fe:fd:75:e7:14:02:cc:0a:f1:e6:da:
         3c:ae:dd:92
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUN67DhnP9u2I9A1kSUeKRaXWCoecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMThaFw0yNjAyMDMxODA4MThaMDMxMTAvBgNV
BAMTKDRFMjlGNDhFNjkxQTI5OTg2NDExMzVGNURDNkY3MEE5Mjc5QzgyNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCthR7A5Jbdyq3/yq6viKa0JafW
+IJs4D6EhuxQhVm5ZdXLC4Wb335lJdVR7NTeNdk6R9qRpDxvjBO2jDjxBVf/i1zv
WlA63QIgq1gF7vQYx9MdS0XG8y0yZq6bjBMPBd5KlGdlyvkPimxYjFVim4IjJFGx
JDQRF29s/LIUk9Mz6hUn47MzQhJfivFHCxBMFboQiacyMISV7xjuKUeQBFezt1h+
OOuJNSmGTa0rC0/451UNzYggP0nJMWrThu3B94oUg9HEZv5F3yCDCYSMGAgzgY2e
S9ackUx1aYZmEmqM+LgLDmSFjLJBL89g8sYQreaSs8oh3s+43nYbiQJxbSHVAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUTin0jmkaKZhkETX13G9wqSecglkwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMDMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6ZTAN
BgkqhkiG9w0BAQsFAAOCAQEAcgPws1pMpAQkf9UF57DOzzv4/G9EkQa/nzt9OqKG
5W/dxVQaZOPmqF9x3xfBDgOEs9ZE9McTyYZss2T0eINe+Dovli9O/8h6Iml9o9MM
V+XiUQtTeNeNteGcmgkoF9gZBgCZkYXHs12W0nfw3nD90y/7aKo78YJ/Aug/TzRF
DnRKtLi93rHowoH1NXK6/fFP4OqzIWb0NwO94FttIOQypZLLMcrxANSuXX1S0Bqd
6OUkIUln2b8FXvIYwo/de1CSM7VHbG0aVHBR0CpUX1FXOa5ULAgyDZ486D3BeNBE
pf4ZnYRHPbnYR7SucBR4cx39J/79decUAswK8ebaPK7dkg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:21 2025 by rpki-client