Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131392e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3131392e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          RdKFGjBSHL3DgOw/DXS3yDgM7BZYNyTwn7aIAadY8jE=
Subject key identifier:   8B:02:C4:93:F4:51:2E:68:E2:28:11:83:AB:09:5A:A4:3A:F9:7E:02
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       0A70AA31897BE3E0B6E0573898192C63771AF8FE
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131392e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:11 +0000
ROA not before:           Tue 04 Feb 2025 18:03:11 +0000
ROA not after:            Tue 03 Feb 2026 18:08:11 +0000
asID:                     27823
IP address blocks:        200.58.119.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:70:aa:31:89:7b:e3:e0:b6:e0:57:38:98:19:2c:63:77:1a:f8:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:11 2025 GMT
            Not After : Feb  3 18:08:11 2026 GMT
        Subject: CN=8B02C493F4512E68E2281183AB095AA43AF97E02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ba:e2:de:03:5a:5a:19:f9:fe:d7:33:7f:31:
                    20:40:ed:21:35:b8:a9:de:b3:5d:76:3f:d7:17:d3:
                    53:63:9e:9c:03:94:a8:4b:59:a1:15:23:e4:95:fe:
                    ef:c4:68:41:1d:65:f1:7c:e9:8c:f6:d2:f8:d0:a5:
                    c6:b1:c7:eb:18:56:76:be:3c:a0:c4:75:62:1a:64:
                    0b:19:ef:ed:30:c8:55:61:1a:b8:59:f9:d6:78:b3:
                    0d:f9:50:39:05:8e:f4:a9:9d:00:b0:d6:8f:82:fa:
                    7c:80:25:25:45:db:1a:9e:ef:b4:b2:a5:a8:a7:57:
                    85:27:c1:3a:f6:a6:7d:a7:0a:b1:09:44:92:dd:74:
                    a3:e1:55:5e:7b:5a:ad:d2:3b:7c:ce:ac:4f:12:71:
                    44:54:82:29:35:78:72:16:8b:8d:a1:e6:e6:93:fe:
                    55:27:76:29:ea:2b:c5:1d:cc:2b:2f:4b:17:c6:5c:
                    e0:e4:1c:3f:78:a3:6b:cd:44:22:98:79:9a:a9:b3:
                    9b:39:ee:c3:67:8a:55:bb:bb:3b:b4:19:51:4b:24:
                    ae:08:5d:9c:73:ff:61:42:42:9d:b8:d1:c8:22:3f:
                    73:fb:b3:7d:6c:70:a3:71:e5:b6:62:60:a0:ea:b8:
                    ad:5e:36:2a:32:f4:d6:bc:0a:00:31:3f:49:e7:37:
                    d5:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:02:C4:93:F4:51:2E:68:E2:28:11:83:AB:09:5A:A4:3A:F9:7E:02
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3131392e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:67:c6:96:42:10:87:d0:c4:35:17:4d:3e:c4:c5:35:67:75:
         d2:79:ff:4e:49:06:67:76:91:ea:b6:a6:b5:e3:bf:78:16:13:
         23:5f:a4:4e:81:9c:65:34:c8:58:c0:d4:ed:42:d6:76:93:1b:
         3e:3e:c5:3f:f7:e6:17:4b:4e:77:be:c7:2d:1a:2b:53:35:6e:
         7b:94:74:38:b9:1e:66:52:b2:31:ed:a8:b4:ea:cc:ff:d1:25:
         ea:01:2b:07:0d:d3:3f:bb:c4:b1:8c:61:6f:6c:ff:66:f1:a4:
         38:c8:9e:2f:4b:f7:6a:73:0b:b2:1e:c5:d2:80:9b:10:48:1e:
         d3:f5:a0:ee:cf:c2:1d:64:10:d9:8e:c6:15:45:cf:57:1e:55:
         a4:7a:88:73:12:dc:52:92:91:01:b4:ed:26:a6:39:13:c8:8b:
         36:bd:48:7f:b1:1a:e6:22:c5:1d:eb:f2:ab:13:92:28:c4:24:
         c0:7f:61:75:50:2e:e9:89:17:d8:82:f4:f3:05:88:b0:92:63:
         4d:03:fe:af:fd:14:47:42:29:ee:59:3d:b3:9f:92:b6:f9:fa:
         d8:7c:e0:bb:cb:2f:46:ad:4f:ed:28:27:43:3c:01:6b:a2:69:
         15:36:cb:0e:3a:af:f6:75:63:d0:1e:0c:38:c9:cf:f4:57:69:
         e0:04:a1:09
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUCnCqMYl74+C24Fc4mBksY3ca+P4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTFaFw0yNjAyMDMxODA4MTFaMDMxMTAvBgNV
BAMTKDhCMDJDNDkzRjQ1MTJFNjhFMjI4MTE4M0FCMDk1QUE0M0FGOTdFMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzuuLeA1paGfn+1zN/MSBA7SE1
uKnes112P9cX01NjnpwDlKhLWaEVI+SV/u/EaEEdZfF86Yz20vjQpcaxx+sYVna+
PKDEdWIaZAsZ7+0wyFVhGrhZ+dZ4sw35UDkFjvSpnQCw1o+C+nyAJSVF2xqe77Sy
painV4UnwTr2pn2nCrEJRJLddKPhVV57Wq3SO3zOrE8ScURUgik1eHIWi42h5uaT
/lUndinqK8UdzCsvSxfGXODkHD94o2vNRCKYeZqps5s57sNnilW7uzu0GVFLJK4I
XZxz/2FCQp240cgiP3P7s31scKNx5bZiYKDquK1eNioy9Na8CgAxP0nnN9X3AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUiwLEk/RRLmjiKBGDqwlapDr5fgIwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMTM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6dzAN
BgkqhkiG9w0BAQsFAAOCAQEANGfGlkIQh9DENRdNPsTFNWd10nn/TkkGZ3aR6ram
teO/eBYTI1+kToGcZTTIWMDU7ULWdpMbPj7FP/fmF0tOd77HLRorUzVue5R0OLke
ZlKyMe2otOrM/9El6gErBw3TP7vEsYxhb2z/ZvGkOMieL0v3anMLsh7F0oCbEEge
0/Wg7s/CHWQQ2Y7GFUXPVx5VpHqIcxLcUpKRAbTtJqY5E8iLNr1If7Ea5iLFHevy
qxOSKMQkwH9hdVAu6YkX2IL08wWIsJJjTQP+r/0UR0Ip7lk9s5+Stvn62Hzgu8sv
Rq1P7SgnQzwBa6JpFTbLDjqv9nVj0B4MOMnP9Fdp4AShCQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:27 2025 by rpki-client