Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132352e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3132352e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          VzV3oghDbTjEXbCqycLczfYnIhUsx5aDMEYkHVafc68=
Subject key identifier:   CB:A6:8F:5C:E6:82:BF:A0:F0:5E:C4:5F:59:69:4D:FC:C0:D0:0D:3D
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       74ED2A1D105A92AEEECA5ECE633229BDB34A41BC
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132352e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:17 +0000
ROA not before:           Tue 04 Feb 2025 18:03:17 +0000
ROA not after:            Tue 03 Feb 2026 18:08:17 +0000
asID:                     27823
IP address blocks:        200.58.125.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:ed:2a:1d:10:5a:92:ae:ee:ca:5e:ce:63:32:29:bd:b3:4a:41:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:17 2025 GMT
            Not After : Feb  3 18:08:17 2026 GMT
        Subject: CN=CBA68F5CE682BFA0F05EC45F59694DFCC0D00D3D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:d2:c9:fb:03:ff:89:b2:e4:23:c8:2f:98:2d:
                    97:27:cc:3f:7d:98:bd:fc:9f:bd:98:c8:58:72:59:
                    98:58:75:e0:78:2b:e5:69:8c:e0:85:b8:06:94:0c:
                    bf:4b:7c:30:e3:30:84:84:be:49:48:1d:25:64:69:
                    fa:75:9c:06:73:02:b0:10:e8:83:b0:1c:ad:35:78:
                    bd:03:81:0f:27:92:5c:eb:0f:8d:d0:98:73:c8:32:
                    d7:ac:b0:91:4d:c6:b5:64:b5:69:8d:18:8c:7a:98:
                    ac:dc:7d:47:5c:4d:74:df:e5:a5:51:94:8b:1b:f9:
                    34:e3:2f:8d:40:92:b0:e1:70:f0:cc:3a:f8:a7:d6:
                    66:2b:08:58:ae:c6:f4:b0:d7:d2:62:42:d0:34:3b:
                    96:c9:0d:2c:a7:fc:39:bd:f4:fb:3f:7c:5e:aa:63:
                    02:d8:b6:0b:91:5f:6f:14:89:46:05:be:a5:61:14:
                    ee:f8:81:ef:ad:6a:5b:5c:fa:66:ff:b9:7f:70:98:
                    87:7b:b4:20:a9:57:ac:ae:ff:0d:dd:b7:2e:a4:94:
                    f1:a8:df:1c:8c:4b:3c:de:3b:2d:cc:3b:ca:f8:b8:
                    1e:75:0a:44:52:f3:75:2d:1a:b8:c0:d4:c5:90:95:
                    87:2b:c6:8f:09:77:a7:ed:52:6f:a5:92:62:ca:25:
                    12:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:A6:8F:5C:E6:82:BF:A0:F0:5E:C4:5F:59:69:4D:FC:C0:D0:0D:3D
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132352e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:a4:58:b5:89:98:32:64:f8:26:26:ba:97:7e:69:34:52:1b:
         ed:50:67:e6:c7:ca:b7:38:0b:2e:95:c8:7f:eb:95:76:9e:01:
         8f:ae:b5:c6:cc:93:1d:82:14:93:65:4d:42:3d:36:3e:4a:fb:
         f8:c3:74:3d:60:71:0f:16:d2:e9:31:2e:ca:35:7f:2d:73:da:
         5a:67:6b:23:37:0b:0d:1b:9e:a7:fb:27:46:c8:f4:1f:f3:73:
         19:e5:d0:4b:f5:89:a7:4e:de:97:cd:1e:06:41:95:a5:7f:d3:
         b7:82:5b:22:b6:d5:47:25:5b:37:45:60:1a:c9:d2:3e:d8:89:
         bd:a0:fe:f8:33:40:9c:b6:d2:da:c1:82:b7:9f:02:f4:9f:77:
         60:a7:99:77:6c:35:f9:18:51:d9:59:83:25:46:4c:3e:a6:b5:
         4c:2d:4f:37:23:7d:17:cd:e3:49:b9:9c:64:9b:37:16:1a:46:
         32:23:23:3c:47:96:72:e1:42:04:1d:5d:af:9e:4a:32:be:3f:
         a7:64:1e:dc:eb:1e:5f:6e:26:dd:f3:cd:e4:c6:8b:92:3e:66:
         51:40:84:7c:34:fe:8a:c2:8b:de:17:07:40:59:ab:f4:4b:c3:
         ea:f6:1a:3e:20:2c:f6:e1:8b:3e:64:1f:3e:6e:85:7b:a2:c4:
         41:22:7a:88
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUdO0qHRBakq7uyl7OYzIpvbNKQbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTdaFw0yNjAyMDMxODA4MTdaMDMxMTAvBgNV
BAMTKENCQTY4RjVDRTY4MkJGQTBGMDVFQzQ1RjU5Njk0REZDQzBEMDBEM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq0sn7A/+JsuQjyC+YLZcnzD99
mL38n72YyFhyWZhYdeB4K+VpjOCFuAaUDL9LfDDjMISEvklIHSVkafp1nAZzArAQ
6IOwHK01eL0DgQ8nklzrD43QmHPIMtessJFNxrVktWmNGIx6mKzcfUdcTXTf5aVR
lIsb+TTjL41AkrDhcPDMOvin1mYrCFiuxvSw19JiQtA0O5bJDSyn/Dm99Ps/fF6q
YwLYtguRX28UiUYFvqVhFO74ge+taltc+mb/uX9wmId7tCCpV6yu/w3dty6klPGo
3xyMSzzeOy3MO8r4uB51CkRS83UtGrjA1MWQlYcrxo8Jd6ftUm+lkmLKJRIdAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUy6aPXOaCv6DwXsRfWWlN/MDQDT0wHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMjM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6fTAN
BgkqhkiG9w0BAQsFAAOCAQEAbqRYtYmYMmT4Jia6l35pNFIb7VBn5sfKtzgLLpXI
f+uVdp4Bj661xsyTHYIUk2VNQj02Pkr7+MN0PWBxDxbS6TEuyjV/LXPaWmdrIzcL
DRuep/snRsj0H/NzGeXQS/WJp07el80eBkGVpX/Tt4JbIrbVRyVbN0VgGsnSPtiJ
vaD++DNAnLbS2sGCt58C9J93YKeZd2w1+RhR2VmDJUZMPqa1TC1PNyN9F83jSbmc
ZJs3FhpGMiMjPEeWcuFCBB1dr55KMr4/p2Qe3OseX24m3fPN5MaLkj5mUUCEfDT+
isKL3hcHQFmr9EvD6vYaPiAs9uGLPmQfPm6Fe6LEQSJ6iA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:48 2025 by rpki-client