Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e39392e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e39392e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          RKmNccRAv5LhhcqgxJ01+qLNFH9g1n2BFAY8ToKwngg=
Subject key identifier:   ED:1F:59:94:95:E6:1D:1C:A8:C5:9F:1F:15:EF:5C:F2:88:A1:00:5E
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       2CC46FC18AFFB79B7611FAD41CF0C930152DD11F
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e39392e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:24 +0000
ROA not before:           Tue 04 Feb 2025 18:03:24 +0000
ROA not after:            Tue 03 Feb 2026 18:08:24 +0000
asID:                     27823
IP address blocks:        200.58.99.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:c4:6f:c1:8a:ff:b7:9b:76:11:fa:d4:1c:f0:c9:30:15:2d:d1:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:24 2025 GMT
            Not After : Feb  3 18:08:24 2026 GMT
        Subject: CN=ED1F599495E61D1CA8C59F1F15EF5CF288A1005E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:d1:62:a7:d4:fe:a3:bd:a0:a5:e5:25:b3:d2:
                    81:87:29:58:8b:cf:ff:db:30:7c:98:aa:a0:b6:21:
                    7b:a6:16:2d:a6:ed:ab:65:92:42:60:0a:d5:df:30:
                    c4:a7:dd:cd:75:99:1f:cd:57:84:31:05:a9:c4:0d:
                    15:72:f3:78:2f:39:03:61:76:39:cc:4d:b9:50:92:
                    3f:b1:24:5e:03:f7:32:7a:43:e7:52:a2:c1:97:88:
                    73:6e:6a:a8:4c:ed:52:3b:fb:6c:97:85:3e:52:3c:
                    ef:92:13:4f:21:45:6d:3e:9a:86:c2:26:44:6f:48:
                    be:62:c5:7c:10:c6:27:b7:97:5b:ab:88:56:07:6f:
                    c7:40:33:7f:23:eb:d9:b9:0e:cd:d5:6a:b9:82:d3:
                    92:10:91:10:bc:d3:24:58:54:33:4d:76:91:68:c2:
                    9d:c2:e2:93:51:4b:44:31:45:5c:f8:de:6c:72:bd:
                    c6:77:04:f9:aa:0b:8b:a3:f3:c9:c3:ba:77:16:82:
                    8e:d7:72:bd:61:46:6b:b7:59:86:c0:4e:08:d7:e2:
                    ee:12:34:23:71:f4:3a:89:25:77:97:09:89:3b:13:
                    00:cc:d6:b1:0d:db:73:d7:24:53:f6:c6:bc:eb:95:
                    e0:99:f3:56:2a:9b:d0:76:d7:cd:35:85:aa:8b:b3:
                    b4:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:1F:59:94:95:E6:1D:1C:A8:C5:9F:1F:15:EF:5C:F2:88:A1:00:5E
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e39392e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:24:11:59:eb:ff:2b:7a:50:6a:00:6c:76:f6:7c:b1:40:a3:
         91:92:6a:f2:f3:f6:6d:d5:67:64:d1:15:f7:b3:3b:b7:43:71:
         3c:dd:7c:66:ce:ef:ce:e0:5c:ae:dd:dc:4a:6b:96:25:39:a2:
         ac:e0:a3:1c:2c:6b:12:83:52:19:2d:35:dc:c8:52:3b:56:37:
         80:1e:c7:7f:4a:80:70:1e:20:c3:d8:4f:07:77:fd:c5:1a:a8:
         a3:6a:c5:89:9f:ae:9a:50:6d:eb:8d:63:28:6e:35:da:fd:ee:
         63:27:35:45:45:47:8c:f7:5d:75:0d:fb:fe:62:18:7c:07:8e:
         fd:00:80:30:4d:d9:f7:10:31:96:af:1f:7b:b1:ae:ee:4b:33:
         9e:3f:c0:e0:b6:61:2e:3a:1e:4e:c8:26:8e:12:88:10:5c:da:
         c6:b2:4a:ba:56:65:d4:32:13:88:50:ff:f3:9e:0d:7f:e3:fa:
         20:fc:e6:bc:bf:eb:97:ed:a0:bc:2c:26:72:51:0a:88:2a:b2:
         ee:45:90:8b:28:a6:81:ee:87:ae:6b:74:e9:b4:f1:ec:72:c8:
         04:ce:62:30:75:dc:ca:e0:e6:a4:08:c2:24:dc:c7:b7:d4:01:
         ec:84:3a:42:ac:78:75:09:5d:1a:f7:1e:45:7d:c9:be:8e:37:
         75:60:fe:2f
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIULMRvwYr/t5t2EfrUHPDJMBUt0R8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMjRaFw0yNjAyMDMxODA4MjRaMDMxMTAvBgNV
BAMTKEVEMUY1OTk0OTVFNjFEMUNBOEM1OUYxRjE1RUY1Q0YyODhBMTAwNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDv0WKn1P6jvaCl5SWz0oGHKViL
z//bMHyYqqC2IXumFi2m7atlkkJgCtXfMMSn3c11mR/NV4QxBanEDRVy83gvOQNh
djnMTblQkj+xJF4D9zJ6Q+dSosGXiHNuaqhM7VI7+2yXhT5SPO+SE08hRW0+mobC
JkRvSL5ixXwQxie3l1uriFYHb8dAM38j69m5Ds3VarmC05IQkRC80yRYVDNNdpFo
wp3C4pNRS0QxRVz43mxyvcZ3BPmqC4uj88nDuncWgo7Xcr1hRmu3WYbATgjX4u4S
NCNx9DqJJXeXCYk7EwDM1rEN23PXJFP2xrzrleCZ81Yqm9B21801haqLs7QdAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU7R9ZlJXmHRyoxZ8fFe9c8oihAF4wHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzkzOTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczODMyMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIOmMwDQYJ
KoZIhvcNAQELBQADggEBAIYkEVnr/yt6UGoAbHb2fLFAo5GSavLz9m3VZ2TRFfez
O7dDcTzdfGbO787gXK7d3EprliU5oqzgoxwsaxKDUhktNdzIUjtWN4Aex39KgHAe
IMPYTwd3/cUaqKNqxYmfrppQbeuNYyhuNdr97mMnNUVFR4z3XXUN+/5iGHwHjv0A
gDBN2fcQMZavH3uxru5LM54/wOC2YS46Hk7IJo4SiBBc2saySrpWZdQyE4hQ//Oe
DX/j+iD85ry/65ftoLwsJnJRCogqsu5FkIsopoHuh65rdOm08exyyATOYjB13Mrg
5qQIwiTcx7fUAeyEOkKseHUJXRr3HkV9yb6ON3Vg/i8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:51 2025 by rpki-client