Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/197755D50927C6B2F7F5C79484CFBA9D38D2650D628BED80526C685DEB1DEB94/0/3230312e3232312e3132342e302f32332d3234203d3e20323032.roa
File:                     3230312e3232312e3132342e302f32332d3234203d3e20323032.roa (raw, json)
Hash identifier:          FmRJ3oUsNwE3CETFiYWf+9yrsuEvSy6tyFnc5UGDBw4=
Subject key identifier:   CB:42:75:C3:36:C8:34:DF:92:AE:E0:52:78:E8:8C:D7:D1:50:A6:D8
Certificate issuer:       /CN=14330EF1B751531E7A503086E1572BCE2E37D0CC
Certificate serial:       E4DA624D47F419DBE486EBDF885837D8D1345A
Authority key identifier: 14:33:0E:F1:B7:51:53:1E:7A:50:30:86:E1:57:2B:CE:2E:37:D0:CC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/14330EF1B751531E7A503086E1572BCE2E37D0CC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/197755D50927C6B2F7F5C79484CFBA9D38D2650D628BED80526C685DEB1DEB94/0/3230312e3232312e3132342e302f32332d3234203d3e20323032.roa
Signing time:             Tue 04 Feb 2025 18:07:18 +0000
ROA not before:           Tue 04 Feb 2025 18:02:18 +0000
ROA not after:            Tue 03 Feb 2026 18:07:18 +0000
asID:                     202
IP address blocks:        201.221.124.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            e4:da:62:4d:47:f4:19:db:e4:86:eb:df:88:58:37:d8:d1:34:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14330EF1B751531E7A503086E1572BCE2E37D0CC
        Validity
            Not Before: Feb  4 18:02:18 2025 GMT
            Not After : Feb  3 18:07:18 2026 GMT
        Subject: CN=CB4275C336C834DF92AEE05278E88CD7D150A6D8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:fd:6c:5d:f9:ab:bf:01:06:25:3c:32:a3:aa:
                    01:1f:1b:3e:14:3f:23:c8:23:05:e5:af:1e:2e:c0:
                    7d:3f:b3:12:b4:7e:0b:e0:7c:e9:74:de:a2:57:73:
                    99:ab:17:8f:ec:d6:d5:2a:83:23:00:ee:7b:d9:92:
                    4e:f9:7c:1b:0b:7b:54:3e:32:0f:4d:1b:4f:d1:ae:
                    3b:f1:c6:3f:23:15:65:72:ea:df:53:ab:2d:ad:19:
                    51:35:ab:d5:1d:f2:f6:dc:85:e1:14:70:6d:6e:ff:
                    6e:27:7f:f2:42:c2:ec:90:6c:10:74:2e:df:60:80:
                    96:da:1a:c3:2c:24:3e:d8:bc:0c:ca:02:da:bc:41:
                    44:d1:bd:a7:f9:19:01:ca:8d:83:fd:73:6d:4b:22:
                    ba:83:d8:a1:c1:72:53:5e:8c:c7:47:23:cb:72:ea:
                    d3:51:c2:b5:7d:26:bf:f6:4b:61:4e:aa:73:12:aa:
                    5a:43:66:c7:f8:19:5e:7a:65:eb:a9:88:9d:d3:21:
                    06:2c:f9:ea:49:52:84:6c:11:af:5a:dc:92:77:f1:
                    42:98:11:a5:92:1d:6e:87:d8:e4:38:67:80:7b:52:
                    9d:ed:fb:43:4f:f1:a2:96:4f:82:dc:bb:21:3b:27:
                    d8:0c:6b:49:38:31:43:51:14:d9:5e:67:3e:ef:58:
                    88:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:42:75:C3:36:C8:34:DF:92:AE:E0:52:78:E8:8C:D7:D1:50:A6:D8
            X509v3 Authority Key Identifier:
                keyid:14:33:0E:F1:B7:51:53:1E:7A:50:30:86:E1:57:2B:CE:2E:37:D0:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/197755D50927C6B2F7F5C79484CFBA9D38D2650D628BED80526C685DEB1DEB94/0/14330EF1B751531E7A503086E1572BCE2E37D0CC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/14330EF1B751531E7A503086E1572BCE2E37D0CC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/197755D50927C6B2F7F5C79484CFBA9D38D2650D628BED80526C685DEB1DEB94/0/3230312e3232312e3132342e302f32332d3234203d3e20323032.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.221.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:bf:4b:6e:23:75:7c:91:c3:6b:f4:70:e1:73:47:6e:89:c8:
         da:ae:fb:3c:af:00:55:30:aa:e9:07:fd:00:17:6c:a8:53:e7:
         02:ec:ec:a1:1e:d4:db:f6:02:76:3a:64:21:87:a6:77:c4:f0:
         ea:60:0c:9e:bf:26:9e:f1:d3:42:91:9d:aa:d6:72:4c:a5:e3:
         00:dd:75:67:7f:51:83:d3:77:0c:e6:58:37:b5:60:23:d9:30:
         9b:68:52:cc:60:81:ef:4f:ab:12:cd:69:a5:2a:a6:fe:3f:bf:
         41:54:fc:f8:dd:83:f8:69:f2:0b:34:ec:d1:62:98:3b:22:08:
         c4:09:35:25:d2:62:5b:0d:ad:96:99:5f:c2:b3:50:2b:15:a1:
         fd:0a:40:40:82:ec:58:a0:d4:23:3c:44:60:27:ca:ca:99:4d:
         e6:59:28:4f:0c:bc:ac:d3:a8:a4:34:39:6b:bd:61:13:7b:0a:
         34:d1:77:b3:87:17:9b:65:08:07:cf:84:bf:5e:15:4e:d7:19:
         77:0d:61:2a:4d:68:df:e5:63:c8:56:9a:f8:4c:25:ba:9a:d1:
         d4:2b:47:3a:7d:1d:8e:2a:31:48:66:94:f2:fa:ab:d9:c1:21:
         91:2a:26:b6:be:fb:c1:f3:15:03:6e:3a:ed:de:9d:a2:3a:a2:
         ed:52:c1:e1
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUAOTaYk1H9Bnb5Ibr34hYN9jRNFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTQzMzBFRjFCNzUxNTMxRTdBNTAzMDg2RTE1NzJCQ0Uy
RTM3RDBDQzAeFw0yNTAyMDQxODAyMThaFw0yNjAyMDMxODA3MThaMDMxMTAvBgNV
BAMTKENCNDI3NUMzMzZDODM0REY5MkFFRTA1Mjc4RTg4Q0Q3RDE1MEE2RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR/Wxd+au/AQYlPDKjqgEfGz4U
PyPIIwXlrx4uwH0/sxK0fgvgfOl03qJXc5mrF4/s1tUqgyMA7nvZkk75fBsLe1Q+
Mg9NG0/Rrjvxxj8jFWVy6t9Tqy2tGVE1q9Ud8vbcheEUcG1u/24nf/JCwuyQbBB0
Lt9ggJbaGsMsJD7YvAzKAtq8QUTRvaf5GQHKjYP9c21LIrqD2KHBclNejMdHI8ty
6tNRwrV9Jr/2S2FOqnMSqlpDZsf4GV56ZeupiJ3TIQYs+epJUoRsEa9a3JJ38UKY
EaWSHW6H2OQ4Z4B7Up3t+0NP8aKWT4LcuyE7J9gMa0k4MUNRFNleZz7vWIhhAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUy0J1wzbINN+SruBSeOiM19FQptgwHwYDVR0j
BBgwFoAUFDMO8bdRUx56UDCG4Vcrzi430MwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xOTc3NTVENTA5MjdDNkIyRjdGNUM3OTQ4NENGQkE5RDM4
RDI2NTBENjI4QkVEODA1MjZDNjg1REVCMURFQjk0LzAvMTQzMzBFRjFCNzUxNTMx
RTdBNTAzMDg2RTE1NzJCQ0UyRTM3RDBDQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNDMzMEVGMUI3NTE1MzFFN0E1
MDMwODZFMTU3MkJDRTJFMzdEMENDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTk3NzU1RDUwOTI3QzZCMkY3RjVDNzk0ODRDRkJBOUQzOEQyNjUwRDYy
OEJFRDgwNTI2QzY4NURFQjFERUI5NC8wLzMyMzAzMTJlMzIzMjMxMmUzMTMyMzQy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjMwMzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHJ3XwwDQYJ
KoZIhvcNAQELBQADggEBAIm/S24jdXyRw2v0cOFzR26JyNqu+zyvAFUwqukH/QAX
bKhT5wLs7KEe1Nv2AnY6ZCGHpnfE8OpgDJ6/Jp7x00KRnarWckyl4wDddWd/UYPT
dwzmWDe1YCPZMJtoUsxgge9PqxLNaaUqpv4/v0FU/Pjdg/hp8gs07NFimDsiCMQJ
NSXSYlsNrZaZX8KzUCsVof0KQECC7Fig1CM8RGAnysqZTeZZKE8MvKzTqKQ0OWu9
YRN7CjTRd7OHF5tlCAfPhL9eFU7XGXcNYSpNaN/lY8hWmvhMJbqa0dQrRzp9HY4q
MUhmlPL6q9nBIZEqJra++8HzFQNuOu3enaI6ou1SweE=
-----END CERTIFICATE-----