Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130332e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3130332e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          +ZxUWqj5D2L9P5RclbPsRkkU/fAt7vLuuarq1PvlHrI=
Subject key identifier:   4B:EA:D3:62:28:68:C8:CC:9E:FC:F3:B0:80:8A:7E:35:A6:77:1E:67
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       2A0CE3B0BFD9183854BD7D73F787CA2925BD32A8
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130332e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:12 +0000
ROA not before:           Tue 04 Feb 2025 18:03:12 +0000
ROA not after:            Tue 03 Feb 2026 18:08:12 +0000
asID:                     27823
IP address blocks:        200.58.103.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:0c:e3:b0:bf:d9:18:38:54:bd:7d:73:f7:87:ca:29:25:bd:32:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:12 2025 GMT
            Not After : Feb  3 18:08:12 2026 GMT
        Subject: CN=4BEAD3622868C8CC9EFCF3B0808A7E35A6771E67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:d2:75:07:58:9f:f9:97:ed:e3:fc:ea:48:a6:
                    88:fa:c7:b9:1f:f3:80:69:23:14:48:d3:e4:93:e7:
                    86:a3:db:33:1c:09:54:6a:59:0f:b5:b1:0e:f1:92:
                    f7:38:d7:60:c7:1d:ad:52:e1:1b:5e:09:af:d0:df:
                    82:90:cf:c8:71:12:53:e6:c1:ab:9d:f7:1b:9c:30:
                    33:42:a6:c4:b6:0a:1d:8c:07:7c:e5:4b:e7:be:9f:
                    c2:20:99:56:19:6b:e1:90:ab:19:5c:82:5d:c1:d3:
                    93:8a:cd:00:32:63:ca:44:e9:ab:38:f9:8f:41:10:
                    71:df:db:65:3e:9a:16:b9:e6:be:e8:e3:48:fa:d6:
                    b4:0d:1c:35:50:09:2f:be:df:9c:e3:b1:82:e7:46:
                    be:18:52:52:0e:ce:c1:fc:65:80:01:99:a6:a3:80:
                    77:8d:61:be:ab:4e:b6:c4:8c:6b:df:2f:43:46:04:
                    7e:93:27:7c:c3:7c:48:b4:f3:ee:19:1d:a7:97:e2:
                    b5:7b:db:a6:00:70:34:9c:bb:29:02:40:87:02:46:
                    38:12:28:83:7e:79:97:a5:8c:2b:c7:c7:20:bb:af:
                    34:06:9b:af:4e:d5:1c:0c:fa:aa:2f:8f:9c:a1:52:
                    ab:48:2f:ce:d3:d0:4b:02:2f:78:27:88:ff:73:9a:
                    68:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:EA:D3:62:28:68:C8:CC:9E:FC:F3:B0:80:8A:7E:35:A6:77:1E:67
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130332e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:09:7e:0c:f7:2a:cc:3c:36:81:18:be:d9:17:ae:07:60:0f:
         dc:bf:df:af:6a:5a:f2:53:b5:aa:fd:5e:d5:3f:06:7c:04:29:
         1d:85:47:ad:dd:bd:6a:3f:a1:e0:f0:77:15:9b:21:6e:c6:97:
         7b:87:05:f0:02:76:47:bc:2c:07:2d:01:42:5f:9d:b9:0c:13:
         65:9e:9e:02:51:1c:0e:4b:7e:3d:35:8d:2a:84:bd:2a:a1:e5:
         df:e4:41:4b:5a:1f:ee:49:3c:04:15:5f:5d:d2:dc:23:5c:5c:
         b3:84:d0:88:f5:da:de:fa:d0:1b:87:fc:00:04:85:96:89:ee:
         09:3f:c7:98:64:52:17:3b:ed:39:f4:ff:53:03:65:3f:a8:69:
         ed:3a:a8:ce:87:98:f0:bd:35:61:7a:d1:ff:2e:6d:a6:51:aa:
         58:79:56:bc:ce:ab:3c:04:11:7b:7d:fd:fe:e6:4c:eb:aa:3e:
         99:78:ab:b8:5d:fa:88:d0:b4:0f:06:8f:8c:c9:26:76:61:e7:
         53:c8:fb:82:53:3e:65:41:65:9c:09:a1:64:db:1d:ed:b2:25:
         9f:0b:d3:94:b5:d2:1f:a4:3d:74:a7:87:7d:c8:13:86:38:04:
         b3:38:a4:f8:9a:54:36:ae:fe:f6:ce:26:e9:a3:cb:35:a3:f6:
         cf:77:8e:7b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUKgzjsL/ZGDhUvX1z94fKKSW9MqgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTJaFw0yNjAyMDMxODA4MTJaMDMxMTAvBgNV
BAMTKDRCRUFEMzYyMjg2OEM4Q0M5RUZDRjNCMDgwOEE3RTM1QTY3NzFFNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDt0nUHWJ/5l+3j/OpIpoj6x7kf
84BpIxRI0+ST54aj2zMcCVRqWQ+1sQ7xkvc412DHHa1S4RteCa/Q34KQz8hxElPm
waud9xucMDNCpsS2Ch2MB3zlS+e+n8IgmVYZa+GQqxlcgl3B05OKzQAyY8pE6as4
+Y9BEHHf22U+mha55r7o40j61rQNHDVQCS++35zjsYLnRr4YUlIOzsH8ZYABmaaj
gHeNYb6rTrbEjGvfL0NGBH6TJ3zDfEi08+4ZHaeX4rV726YAcDScuykCQIcCRjgS
KIN+eZeljCvHxyC7rzQGm69O1RwM+qovj5yhUqtIL87T0EsCL3gniP9zmmgPAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUS+rTYihoyMye/POwgIp+NaZ3HmcwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMDMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6ZzAN
BgkqhkiG9w0BAQsFAAOCAQEAtwl+DPcqzDw2gRi+2ReuB2AP3L/fr2pa8lO1qv1e
1T8GfAQpHYVHrd29aj+h4PB3FZshbsaXe4cF8AJ2R7wsBy0BQl+duQwTZZ6eAlEc
Dkt+PTWNKoS9KqHl3+RBS1of7kk8BBVfXdLcI1xcs4TQiPXa3vrQG4f8AASFlonu
CT/HmGRSFzvtOfT/UwNlP6hp7TqozoeY8L01YXrR/y5tplGqWHlWvM6rPAQRe339
/uZM66o+mXiruF36iNC0DwaPjMkmdmHnU8j7glM+ZUFlnAmhZNsd7bIlnwvTlLXS
H6Q9dKeHfcgThjgEszik+JpUNq7+9s4m6aPLNaP2z3eOew==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:36 2025 by rpki-client