Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132332e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3132332e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          4w/KVuaTTaeEijIEpGJKRPFzrITwZ+QTguxhbdHxUCU=
Subject key identifier:   83:19:09:BE:77:42:91:94:35:1F:3A:7F:0D:57:A4:EB:96:06:D1:E6
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       51249CD9CD89F1C276CF52DF9F7210ACC0161D82
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132332e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:23 +0000
ROA not before:           Tue 04 Feb 2025 18:03:23 +0000
ROA not after:            Tue 03 Feb 2026 18:08:23 +0000
asID:                     27823
IP address blocks:        200.58.123.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:24:9c:d9:cd:89:f1:c2:76:cf:52:df:9f:72:10:ac:c0:16:1d:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:23 2025 GMT
            Not After : Feb  3 18:08:23 2026 GMT
        Subject: CN=831909BE77429194351F3A7F0D57A4EB9606D1E6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c9:3f:b6:84:51:ba:16:10:c1:41:c1:11:08:
                    55:55:7e:a6:55:c5:ca:9e:9e:83:b4:19:65:66:82:
                    8a:e3:b7:d1:b1:3a:94:0f:ee:b8:e9:c3:bb:d2:2b:
                    91:b4:a9:ec:4b:d6:d7:91:9a:3a:bf:96:c0:01:21:
                    5c:bd:25:e5:44:db:56:58:38:cc:02:44:5b:de:63:
                    4d:c7:5e:67:30:75:31:e7:fb:9e:ac:c6:99:7b:e7:
                    7b:58:cf:0a:3c:65:71:3f:9d:ca:3d:7f:55:47:88:
                    02:46:9a:ab:0f:b9:8a:c4:74:b6:97:29:93:9a:b3:
                    c7:f4:77:6d:7b:2b:44:a1:22:fc:73:39:01:e0:e0:
                    29:d2:0e:d6:da:b2:0b:3c:76:9f:5d:e1:9a:a6:35:
                    44:a0:34:8f:88:fe:39:09:85:8f:e5:d7:7f:03:42:
                    fd:83:b2:94:9d:db:58:82:98:a8:37:ea:37:57:75:
                    c2:f4:b1:82:2f:72:ca:c7:dd:42:67:9f:0a:d2:26:
                    4e:0d:f4:23:e8:4e:1e:05:e0:b1:92:6c:13:62:83:
                    7c:c9:10:9b:79:8b:7c:d0:5a:e5:3f:f4:d9:11:ee:
                    38:ef:f3:28:b2:e1:9e:50:28:a7:2d:f8:82:0f:b7:
                    ac:3c:c8:cd:00:77:89:0e:15:86:e8:49:33:ff:45:
                    0d:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:19:09:BE:77:42:91:94:35:1F:3A:7F:0D:57:A4:EB:96:06:D1:E6
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132332e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c2:d3:2c:51:4e:e6:ed:db:6c:70:b1:6a:e3:b4:8a:19:71:80:
         bf:7d:da:3b:76:f0:27:5c:6b:64:6e:1f:e4:46:85:4b:60:d1:
         8b:e5:d0:f8:ad:a8:9c:18:47:c0:ee:80:d6:31:21:c9:63:57:
         86:91:cf:1b:39:7a:25:d6:d4:d7:26:80:01:3d:92:ef:d9:96:
         77:4d:0f:9e:ed:f5:3b:59:cd:b0:f1:db:49:e0:88:a6:e1:6a:
         67:9d:80:eb:16:d5:9e:35:fd:2a:74:5b:d6:da:1a:13:b4:6b:
         7f:02:89:ab:82:e6:82:00:c6:ab:b4:8c:7c:d3:c6:7f:37:28:
         10:3a:a0:1b:5a:df:73:5f:fd:2c:92:f6:79:50:67:df:04:88:
         d6:90:22:36:03:ce:0e:9e:93:be:f3:a1:97:1a:7f:9b:0d:c3:
         e3:b9:65:cb:e9:90:12:fa:2d:ed:93:cd:0e:ea:7b:13:17:7e:
         67:1f:87:18:aa:b6:bf:ab:64:f1:eb:f0:23:b9:51:ae:e3:3e:
         0f:7b:1e:6e:f0:24:8d:29:b7:93:1a:97:94:b5:ad:a7:55:04:
         5a:31:36:ec:81:24:c2:55:b3:ba:3e:ea:43:8b:97:ce:6c:e0:
         85:b1:22:89:c7:5a:a8:9c:14:24:13:88:8e:1d:4e:56:7a:21:
         71:7a:13:94
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUSSc2c2J8cJ2z1Lfn3IQrMAWHYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjNaFw0yNjAyMDMxODA4MjNaMDMxMTAvBgNV
BAMTKDgzMTkwOUJFNzc0MjkxOTQzNTFGM0E3RjBENTdBNEVCOTYwNkQxRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7yT+2hFG6FhDBQcERCFVVfqZV
xcqenoO0GWVmgorjt9GxOpQP7rjpw7vSK5G0qexL1teRmjq/lsABIVy9JeVE21ZY
OMwCRFveY03HXmcwdTHn+56sxpl753tYzwo8ZXE/nco9f1VHiAJGmqsPuYrEdLaX
KZOas8f0d217K0ShIvxzOQHg4CnSDtbasgs8dp9d4ZqmNUSgNI+I/jkJhY/l138D
Qv2DspSd21iCmKg36jdXdcL0sYIvcsrH3UJnnwrSJk4N9CPoTh4F4LGSbBNig3zJ
EJt5i3zQWuU/9NkR7jjv8yiy4Z5QKKct+IIPt6w8yM0Ad4kOFYboSTP/RQ3vAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUgxkJvndCkZQ1Hzp/DVek65YG0eYwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMjMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6ezAN
BgkqhkiG9w0BAQsFAAOCAQEAwtMsUU7m7dtscLFq47SKGXGAv33aO3bwJ1xrZG4f
5EaFS2DRi+XQ+K2onBhHwO6A1jEhyWNXhpHPGzl6JdbU1yaAAT2S79mWd00Pnu31
O1nNsPHbSeCIpuFqZ52A6xbVnjX9KnRb1toaE7RrfwKJq4LmggDGq7SMfNPGfzco
EDqgG1rfc1/9LJL2eVBn3wSI1pAiNgPODp6TvvOhlxp/mw3D47lly+mQEvot7ZPN
Dup7Exd+Zx+HGKq2v6tk8evwI7lRruM+D3sebvAkjSm3kxqXlLWtp1UEWjE27IEk
wlWzuj7qQ4uXzmzghbEiicdaqJwUJBOIjh1OVnohcXoTlA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:46:54 2025 by rpki-client