Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132322e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3132322e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          iZFbjZCgKb0TRfxR+vfLWF8kvve48q9QsIgS5iRKYVM=
Subject key identifier:   30:3F:55:3A:93:74:D0:0D:6D:A7:A0:36:21:F1:E9:9E:AB:C5:86:7E
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       3FA585E0D8020ABF1413FC8A41EA0471ACFB96EE
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132322e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:13 +0000
ROA not before:           Tue 04 Feb 2025 18:03:13 +0000
ROA not after:            Tue 03 Feb 2026 18:08:13 +0000
asID:                     27823
IP address blocks:        200.58.122.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:a5:85:e0:d8:02:0a:bf:14:13:fc:8a:41:ea:04:71:ac:fb:96:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:13 2025 GMT
            Not After : Feb  3 18:08:13 2026 GMT
        Subject: CN=303F553A9374D00D6DA7A03621F1E99EABC5867E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:05:37:b4:cb:44:00:be:56:91:80:db:71:b8:
                    4c:34:da:39:bb:cb:e5:a9:05:19:eb:63:61:be:60:
                    42:1f:d3:24:d3:68:4b:15:6d:ab:35:3e:d2:cf:aa:
                    9a:5b:26:7e:bc:25:07:6b:d0:ae:3f:b0:f5:72:00:
                    76:a0:50:a9:6d:06:09:60:7a:d7:f3:e9:2d:53:45:
                    45:41:d8:5c:df:f7:fe:66:b0:d5:79:99:33:03:68:
                    2d:d7:be:62:fd:77:c0:f0:0a:90:dd:7e:84:ec:a3:
                    68:84:63:4e:1f:d3:41:b3:e6:3b:c2:45:78:9e:30:
                    16:67:8c:14:1c:3b:b3:68:0d:9d:9f:57:7f:46:e9:
                    3d:20:9f:10:f9:80:82:ac:5c:ed:79:11:f1:4f:19:
                    fc:82:b4:49:c5:ba:77:28:82:df:9f:28:8d:b5:e7:
                    04:ab:57:ac:61:3c:58:8e:27:0c:59:a0:64:fd:62:
                    a6:8f:d0:de:49:70:75:d8:4d:3e:2b:0f:8b:9a:c6:
                    bf:66:88:b5:f8:e1:86:bc:11:94:80:9e:6a:98:c5:
                    42:2a:5e:5a:54:24:8e:4c:74:34:3c:1c:39:51:0c:
                    e7:09:e0:3c:7a:08:e2:6e:11:8a:79:72:c2:27:f7:
                    3c:12:1b:82:c2:04:bd:ab:86:92:58:80:84:3d:6d:
                    63:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:3F:55:3A:93:74:D0:0D:6D:A7:A0:36:21:F1:E9:9E:AB:C5:86:7E
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132322e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:70:6c:8e:5a:8b:f5:8f:20:11:4b:fa:bd:19:8a:47:59:2a:
         55:b8:8a:1a:f4:a1:7a:90:29:7f:ff:92:e8:41:27:90:69:f1:
         24:df:a4:5a:66:21:40:42:e4:11:b2:a6:d2:dd:c2:b9:3d:1c:
         67:f6:98:22:47:5d:c4:3f:c6:c8:1f:4c:26:cd:57:fc:a2:2c:
         6e:0f:60:66:67:36:03:73:f7:88:cf:be:bb:51:2d:fd:a9:d0:
         56:3c:42:cd:e2:3e:4c:dd:c7:b7:13:10:f4:7a:63:fc:ac:e4:
         7f:d2:78:09:7e:59:d4:5f:47:dc:6e:b0:51:70:27:2b:81:6c:
         5e:fb:13:e9:a4:57:07:c4:ec:93:11:e4:a9:0f:a5:8d:0f:02:
         0b:67:9a:e5:37:6e:fb:48:30:23:33:9f:b9:52:79:8c:f5:81:
         c1:ff:72:e8:52:d4:e8:09:a6:38:04:85:88:10:9c:a1:68:7f:
         4b:1b:77:48:e5:4d:86:1e:af:1f:e4:83:d9:69:b2:57:95:e1:
         31:f0:19:ff:0b:f9:ac:6b:e2:60:e4:e1:a4:f6:5b:a4:39:72:
         5b:e4:84:2a:0f:20:c6:9f:b8:52:1c:be:85:8c:c2:02:a7:28:
         53:c4:18:ce:2c:d7:8c:06:b7:ed:33:94:3f:4b:77:2e:4b:7f:
         76:a0:45:40
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUP6WF4NgCCr8UE/yKQeoEcaz7lu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTNaFw0yNjAyMDMxODA4MTNaMDMxMTAvBgNV
BAMTKDMwM0Y1NTNBOTM3NEQwMEQ2REE3QTAzNjIxRjFFOTlFQUJDNTg2N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmBTe0y0QAvlaRgNtxuEw02jm7
y+WpBRnrY2G+YEIf0yTTaEsVbas1PtLPqppbJn68JQdr0K4/sPVyAHagUKltBglg
etfz6S1TRUVB2Fzf9/5msNV5mTMDaC3XvmL9d8DwCpDdfoTso2iEY04f00Gz5jvC
RXieMBZnjBQcO7NoDZ2fV39G6T0gnxD5gIKsXO15EfFPGfyCtEnFuncogt+fKI21
5wSrV6xhPFiOJwxZoGT9YqaP0N5JcHXYTT4rD4uaxr9miLX44Ya8EZSAnmqYxUIq
XlpUJI5MdDQ8HDlRDOcJ4Dx6COJuEYp5csIn9zwSG4LCBL2rhpJYgIQ9bWMrAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUMD9VOpN00A1tp6A2IfHpnqvFhn4wHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMjMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6ejAN
BgkqhkiG9w0BAQsFAAOCAQEAsXBsjlqL9Y8gEUv6vRmKR1kqVbiKGvShepApf/+S
6EEnkGnxJN+kWmYhQELkEbKm0t3CuT0cZ/aYIkddxD/GyB9MJs1X/KIsbg9gZmc2
A3P3iM++u1Et/anQVjxCzeI+TN3HtxMQ9Hpj/Kzkf9J4CX5Z1F9H3G6wUXAnK4Fs
XvsT6aRXB8TskxHkqQ+ljQ8CC2ea5Tdu+0gwIzOfuVJ5jPWBwf9y6FLU6AmmOASF
iBCcoWh/Sxt3SOVNhh6vH+SD2WmyV5XhMfAZ/wv5rGviYOThpPZbpDlyW+SEKg8g
xp+4Uhy+hYzCAqcoU8QYzizXjAa37TOUP0t3Lkt/dqBFQA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:09 2025 by rpki-client