Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131362e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3131362e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          46qJRUwWHHXe7RWJIFakUA0mEvtO6wBDagSmQ15IMEQ=
Subject key identifier:   23:79:4B:5A:70:3A:42:77:96:C9:D1:AB:41:7A:A7:A4:83:A9:48:05
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       7CA4FCA2B629D57B6B945605946BB7DEB250BBF1
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131362e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:09 +0000
ROA not before:           Tue 04 Feb 2025 18:03:09 +0000
ROA not after:            Tue 03 Feb 2026 18:08:09 +0000
asID:                     27823
IP address blocks:        200.58.116.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:a4:fc:a2:b6:29:d5:7b:6b:94:56:05:94:6b:b7:de:b2:50:bb:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:09 2025 GMT
            Not After : Feb  3 18:08:09 2026 GMT
        Subject: CN=23794B5A703A427796C9D1AB417AA7A483A94805
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:0f:a0:48:86:a0:b7:38:89:1f:56:52:54:db:
                    af:3d:e2:02:99:74:d6:37:20:b8:53:18:7d:07:5c:
                    4b:3d:9f:0c:57:26:b3:05:bc:94:95:d9:49:aa:ef:
                    bf:eb:90:08:7c:b0:14:fc:6c:a7:6a:84:c2:20:64:
                    af:80:71:9d:1d:a1:db:39:b1:6f:a0:ab:c2:7f:04:
                    36:35:d8:ad:dd:1c:b5:1c:bc:31:83:a8:ba:cb:67:
                    55:db:29:67:fb:4d:3b:35:e1:2e:be:20:f8:fa:16:
                    f7:1a:35:5f:df:0a:e5:8b:05:2d:b8:59:5b:10:95:
                    50:d4:7f:1f:0e:73:c5:f1:cf:ed:66:a9:0f:c7:79:
                    ff:7c:b7:7e:01:d6:34:55:ae:32:67:01:f5:77:06:
                    1b:2a:c7:6f:58:f7:13:15:c6:d3:f0:d8:2f:ba:4d:
                    1a:96:08:08:c4:2d:1b:7f:2f:07:e0:1f:8a:7b:39:
                    cf:78:eb:ef:35:4b:23:cd:d7:f4:93:19:aa:1c:e8:
                    70:bc:da:2e:43:78:3c:8e:8d:88:5b:a5:b1:13:53:
                    87:df:12:c9:5d:3f:81:85:b0:76:f7:c1:b6:7a:00:
                    c5:15:71:9d:e6:17:6d:c3:04:2c:a2:eb:33:54:c7:
                    f2:33:88:32:55:99:d5:92:40:49:87:ae:de:6d:7e:
                    81:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:79:4B:5A:70:3A:42:77:96:C9:D1:AB:41:7A:A7:A4:83:A9:48:05
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131362e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:93:40:1c:c5:3a:f4:5d:69:f3:d0:87:e2:ab:f9:c8:d9:4c:
         e9:a4:b0:82:aa:4e:7f:0f:af:52:c1:1d:d3:5a:58:e3:93:ae:
         52:f3:5a:2c:bc:a0:78:90:76:db:b7:14:47:ef:a7:47:f7:b4:
         c0:55:45:5b:8c:d9:94:a2:3f:d9:23:2c:f8:a3:14:af:e0:81:
         f1:84:b4:69:c4:f7:83:01:9d:fb:8f:63:95:5a:d5:98:5a:77:
         39:9b:ff:d3:d0:de:c4:76:9d:6a:3c:b4:da:03:09:66:7e:87:
         04:f2:4e:3b:7b:07:9b:4e:ad:a3:94:9c:21:86:56:22:64:f3:
         4d:7d:d3:eb:26:50:ba:eb:6f:8a:89:c1:43:ab:64:43:f0:62:
         2f:98:ad:b2:84:10:f6:e2:b6:07:42:6d:c5:20:4d:28:dc:ba:
         3c:d2:4f:0f:51:46:a0:1a:4c:6f:fc:8d:f5:fc:d9:88:8f:5e:
         06:a0:f8:a7:57:27:72:99:b3:70:93:38:22:f4:33:8e:d9:1e:
         74:48:d4:dc:56:96:16:eb:34:ae:f4:98:0c:3c:be:cf:fc:10:
         7b:d1:9d:a8:33:e1:8a:3d:72:4e:a4:fb:89:3a:62:03:cf:51:
         7e:75:92:db:58:fb:e5:ad:30:a5:c6:e6:31:17:2b:1e:0a:1f:
         1d:04:a0:80
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUfKT8orYp1XtrlFYFlGu33rJQu/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMDlaFw0yNjAyMDMxODA4MDlaMDMxMTAvBgNV
BAMTKDIzNzk0QjVBNzAzQTQyNzc5NkM5RDFBQjQxN0FBN0E0ODNBOTQ4MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMD6BIhqC3OIkfVlJU26894gKZ
dNY3ILhTGH0HXEs9nwxXJrMFvJSV2Umq77/rkAh8sBT8bKdqhMIgZK+AcZ0dods5
sW+gq8J/BDY12K3dHLUcvDGDqLrLZ1XbKWf7TTs14S6+IPj6FvcaNV/fCuWLBS24
WVsQlVDUfx8Oc8Xxz+1mqQ/Hef98t34B1jRVrjJnAfV3Bhsqx29Y9xMVxtPw2C+6
TRqWCAjELRt/LwfgH4p7Oc946+81SyPN1/STGaoc6HC82i5DeDyOjYhbpbETU4ff
EsldP4GFsHb3wbZ6AMUVcZ3mF23DBCyi6zNUx/IziDJVmdWSQEmHrt5tfoHHAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUI3lLWnA6QneWydGrQXqnpIOpSAUwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMTM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6dDAN
BgkqhkiG9w0BAQsFAAOCAQEAlJNAHMU69F1p89CH4qv5yNlM6aSwgqpOfw+vUsEd
01pY45OuUvNaLLygeJB227cUR++nR/e0wFVFW4zZlKI/2SMs+KMUr+CB8YS0acT3
gwGd+49jlVrVmFp3OZv/09DexHadajy02gMJZn6HBPJOO3sHm06to5ScIYZWImTz
TX3T6yZQuutvionBQ6tkQ/BiL5itsoQQ9uK2B0JtxSBNKNy6PNJPD1FGoBpMb/yN
9fzZiI9eBqD4p1cncpmzcJM4IvQzjtkedEjU3FaWFus0rvSYDDy+z/wQe9GdqDPh
ij1yTqT7iTpiA89RfnWS21j75a0wpcbmMRcrHgofHQSggA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:17 2025 by rpki-client