Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130362e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3130362e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          Y3tC8zYRxkS3A6glw2XtMfVkFRmR3MS0KY3Jdnfxc8Q=
Subject key identifier:   98:0B:58:9C:1D:2E:A7:36:D8:27:B9:3A:AB:81:1F:CE:1B:B2:71:C5
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       5B582D8D8BD57254D6D6F90C3A935D75759B7839
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130362e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:10 +0000
ROA not before:           Tue 04 Feb 2025 18:03:10 +0000
ROA not after:            Tue 03 Feb 2026 18:08:10 +0000
asID:                     27823
IP address blocks:        200.58.106.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:58:2d:8d:8b:d5:72:54:d6:d6:f9:0c:3a:93:5d:75:75:9b:78:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:10 2025 GMT
            Not After : Feb  3 18:08:10 2026 GMT
        Subject: CN=980B589C1D2EA736D827B93AAB811FCE1BB271C5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:4d:8a:be:75:bf:6f:ea:2e:b7:e0:b8:d6:1c:
                    4e:58:64:cb:89:29:38:e8:d1:85:52:ba:ca:1e:24:
                    8b:51:3b:4c:ee:d8:3d:a8:ed:40:1a:3c:57:48:6d:
                    ce:4e:01:04:2a:a3:47:0d:7a:f0:ed:bb:44:63:50:
                    c1:e8:31:ed:2f:a8:12:e3:e9:93:bc:74:14:1f:b0:
                    c7:4d:4d:31:07:95:e0:23:83:bb:ba:47:d4:64:70:
                    30:b7:f9:5c:94:29:29:3d:14:aa:30:47:4c:2a:3b:
                    f1:17:d1:90:db:87:88:ac:ca:1c:a8:3e:9c:0b:4e:
                    b0:78:f1:61:c4:50:b9:01:24:1c:85:fe:3f:c0:7c:
                    38:c5:3e:15:48:cb:69:ee:be:13:de:a6:85:3f:eb:
                    f7:e6:d4:11:3b:76:ee:ab:1a:c8:fd:aa:dc:b7:3b:
                    60:e2:4c:4c:de:22:9a:86:8d:7c:ba:ce:ef:14:26:
                    12:f8:96:88:fd:25:62:ba:19:fe:68:ee:ee:4e:33:
                    55:57:8e:65:54:09:d5:84:48:0e:de:b4:67:06:df:
                    64:82:fe:f8:b5:fe:a0:d0:79:05:ee:05:e6:ab:7b:
                    27:68:0b:29:41:86:34:b9:5a:4e:26:c0:de:4d:f2:
                    ae:f5:47:d8:91:31:62:e5:be:43:b8:95:79:2e:85:
                    0a:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:0B:58:9C:1D:2E:A7:36:D8:27:B9:3A:AB:81:1F:CE:1B:B2:71:C5
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3130362e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:79:cd:4e:12:8a:34:e6:fb:87:0b:70:77:4e:7d:a7:b9:b8:
         c5:bb:ee:24:6d:69:d1:36:02:d6:9c:f6:e6:5d:50:15:02:aa:
         16:a5:e1:7b:8d:b6:24:f4:cc:d3:bd:fa:49:6b:99:8e:f9:88:
         d7:dc:0f:e5:f3:92:cc:e3:78:52:4c:e6:73:b9:6f:18:b8:cc:
         07:8b:7e:68:23:5f:22:70:0e:28:37:64:54:e5:d5:c4:0f:77:
         03:e0:25:a0:4d:c6:28:02:a3:f1:a7:2b:39:60:15:4b:ff:cd:
         50:0b:0e:f4:6c:22:ae:bc:db:d5:b7:03:2b:65:38:6f:fe:e9:
         15:bb:46:ca:6a:f1:f7:fe:6a:f5:be:15:52:49:a1:e6:3d:3a:
         87:3c:8d:22:74:43:6a:e4:5d:59:d0:a7:a4:9d:7d:b9:7d:51:
         fd:1d:b8:ce:02:ca:3f:42:7f:e6:2c:ef:bb:59:fb:75:01:00:
         2e:2e:57:0a:8e:6c:68:75:2c:bb:db:50:d7:c5:38:e0:a7:66:
         db:14:2a:cd:89:87:35:c5:9c:60:e7:52:6b:d9:cc:80:b9:22:
         f4:47:16:1e:49:04:19:f7:1a:2b:63:08:ae:b8:02:83:dc:8c:
         b8:3c:a4:df:ae:ed:3c:23:7b:c6:3e:1a:0c:ae:aa:01:1f:c0:
         03:5c:76:f7
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUW1gtjYvVclTW1vkMOpNddXWbeDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTBaFw0yNjAyMDMxODA4MTBaMDMxMTAvBgNV
BAMTKDk4MEI1ODlDMUQyRUE3MzZEODI3QjkzQUFCODExRkNFMUJCMjcxQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJTYq+db9v6i634LjWHE5YZMuJ
KTjo0YVSusoeJItRO0zu2D2o7UAaPFdIbc5OAQQqo0cNevDtu0RjUMHoMe0vqBLj
6ZO8dBQfsMdNTTEHleAjg7u6R9RkcDC3+VyUKSk9FKowR0wqO/EX0ZDbh4isyhyo
PpwLTrB48WHEULkBJByF/j/AfDjFPhVIy2nuvhPepoU/6/fm1BE7du6rGsj9qty3
O2DiTEzeIpqGjXy6zu8UJhL4loj9JWK6Gf5o7u5OM1VXjmVUCdWESA7etGcG32SC
/vi1/qDQeQXuBeareydoCylBhjS5Wk4mwN5N8q71R9iRMWLlvkO4lXkuhQqbAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUmAtYnB0upzbYJ7k6q4EfzhuyccUwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMDM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6ajAN
BgkqhkiG9w0BAQsFAAOCAQEArHnNThKKNOb7hwtwd059p7m4xbvuJG1p0TYC1pz2
5l1QFQKqFqXhe422JPTM0736SWuZjvmI19wP5fOSzON4Ukzmc7lvGLjMB4t+aCNf
InAOKDdkVOXVxA93A+AloE3GKAKj8acrOWAVS//NUAsO9Gwirrzb1bcDK2U4b/7p
FbtGymrx9/5q9b4VUkmh5j06hzyNInRDauRdWdCnpJ19uX1R/R24zgLKP0J/5izv
u1n7dQEALi5XCo5saHUsu9tQ18U44Kdm2xQqzYmHNcWcYOdSa9nMgLki9EcWHkkE
GfcaK2MIrrgCg9yMuDyk367tPCN7xj4aDK6qAR/AA1x29w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:33 2025 by rpki-client