Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/3230302e3132352e3134322e302f32342d3234203d3e203238303431.roa
File:                     3230302e3132352e3134322e302f32342d3234203d3e203238303431.roa (raw, json)
Hash identifier:          5mHHuPE0PfJoE86dhU3gRnQEIAbkUqHokbumHQFgp2Q=
Subject key identifier:   E6:08:25:8E:E8:C3:AC:48:77:9E:27:35:C3:93:4E:62:D4:1E:E7:B6
Certificate issuer:       /CN=D2709F777988D8BB9C29DBBB53968812568C616E
Certificate serial:       7592A8D02AFF4312D104F948DB89A4D58FE2AFCB
Authority key identifier: D2:70:9F:77:79:88:D8:BB:9C:29:DB:BB:53:96:88:12:56:8C:61:6E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2709F777988D8BB9C29DBBB53968812568C616E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/3230302e3132352e3134322e302f32342d3234203d3e203238303431.roa
Signing time:             Tue 04 Feb 2025 18:33:24 +0000
ROA not before:           Tue 04 Feb 2025 18:28:24 +0000
ROA not after:            Tue 03 Feb 2026 18:33:24 +0000
asID:                     28041
IP address blocks:        200.125.142.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:92:a8:d0:2a:ff:43:12:d1:04:f9:48:db:89:a4:d5:8f:e2:af:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2709F777988D8BB9C29DBBB53968812568C616E
        Validity
            Not Before: Feb  4 18:28:24 2025 GMT
            Not After : Feb  3 18:33:24 2026 GMT
        Subject: CN=E608258EE8C3AC48779E2735C3934E62D41EE7B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:04:4a:c1:9c:52:88:63:3a:37:ec:be:5d:8d:
                    e0:09:8f:99:2b:6c:3c:6f:b2:74:ca:91:a2:41:e9:
                    aa:d8:64:1e:f1:d6:5f:87:fd:0c:95:74:da:fb:45:
                    d5:7e:09:92:77:2b:2e:a9:b2:11:e5:df:d5:ed:e4:
                    c1:6b:b3:2e:08:59:35:b7:fa:09:86:0e:e2:b5:47:
                    8d:8c:89:04:7d:c2:ef:41:28:64:77:9a:cf:4f:6a:
                    33:54:19:14:c1:10:ab:61:d0:ce:45:3b:4c:37:57:
                    8e:aa:b1:42:15:78:da:2c:45:b8:fa:2f:3f:4b:9e:
                    4e:17:ec:6b:6e:96:f7:d7:eb:4e:15:dc:91:ea:8f:
                    eb:88:fa:6f:be:dd:b8:40:9e:2a:4d:a2:44:b3:b9:
                    c1:c0:aa:2b:b5:8b:03:73:d5:91:33:ca:02:76:0e:
                    78:de:44:13:eb:66:80:d6:2c:97:4d:02:d4:4c:08:
                    90:2f:b7:46:72:8b:b9:d0:f6:04:55:79:c0:a9:a9:
                    df:b0:40:de:90:6b:52:85:54:c3:49:12:1b:8f:22:
                    b3:a3:b4:51:d5:8f:a8:fd:fb:8b:a8:63:f8:e0:1a:
                    0c:34:67:d9:cf:ca:e9:5a:97:d9:36:d0:74:cb:6b:
                    50:d8:a8:02:e7:08:10:b9:f4:ee:77:11:66:4e:86:
                    ea:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:08:25:8E:E8:C3:AC:48:77:9E:27:35:C3:93:4E:62:D4:1E:E7:B6
            X509v3 Authority Key Identifier:
                keyid:D2:70:9F:77:79:88:D8:BB:9C:29:DB:BB:53:96:88:12:56:8C:61:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/D2709F777988D8BB9C29DBBB53968812568C616E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2709F777988D8BB9C29DBBB53968812568C616E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1CBDA3CBE3F94B19EDF009953C0F455D7053B060883FF74AB3FFCA12818F0932/0/3230302e3132352e3134322e302f32342d3234203d3e203238303431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.125.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:3e:ea:08:e0:5b:1a:96:0e:e3:02:fb:b2:f0:12:72:d0:3c:
         3d:2b:8e:7f:16:bc:ab:36:e3:38:d9:a2:f3:a3:ee:c6:4b:b8:
         bf:d3:80:51:53:03:c8:07:02:0c:61:9b:bd:ef:b0:05:09:1b:
         66:f0:05:40:5b:36:d4:6b:ff:d3:50:be:35:b7:9d:a1:08:a4:
         49:7d:0b:e0:d4:2c:98:d2:09:01:fd:1d:7f:b8:72:44:15:50:
         15:df:a9:92:22:8d:6a:6b:77:f5:d8:e9:b7:99:ed:32:82:b5:
         d8:bb:89:86:fb:b8:0c:c3:48:8e:48:87:80:67:e8:ce:3f:9b:
         16:dd:c4:8c:f0:a6:f0:8b:04:14:ae:06:10:d3:6b:f1:8f:83:
         77:d6:86:a7:e0:f3:a4:44:3f:cb:04:29:88:b2:78:74:bc:a4:
         a1:34:2e:c8:ff:b0:59:a4:9d:2a:ab:aa:c9:73:fe:b1:be:ee:
         a1:c4:37:2a:a4:f7:c4:27:b3:f6:67:5a:b8:63:2c:0d:2b:d6:
         7c:49:7b:b1:a6:6f:fd:55:a1:58:7b:a6:eb:94:06:f7:2a:c7:
         c8:9c:26:d6:15:43:de:6e:5c:7b:d1:dd:29:ce:3c:f7:67:c9:
         e5:77:e2:2b:e0:e4:7d:1c:d2:96:75:a7:4e:7d:1e:56:e1:75:
         5c:7b:a7:13
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUdZKo0Cr/QxLRBPlI24mk1Y/ir8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDI3MDlGNzc3OTg4RDhCQjlDMjlEQkJCNTM5Njg4MTI1
NjhDNjE2RTAeFw0yNTAyMDQxODI4MjRaFw0yNjAyMDMxODMzMjRaMDMxMTAvBgNV
BAMTKEU2MDgyNThFRThDM0FDNDg3NzlFMjczNUMzOTM0RTYyRDQxRUU3QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2BErBnFKIYzo37L5djeAJj5kr
bDxvsnTKkaJB6arYZB7x1l+H/QyVdNr7RdV+CZJ3Ky6pshHl39Xt5MFrsy4IWTW3
+gmGDuK1R42MiQR9wu9BKGR3ms9PajNUGRTBEKth0M5FO0w3V46qsUIVeNosRbj6
Lz9Lnk4X7GtulvfX604V3JHqj+uI+m++3bhAnipNokSzucHAqiu1iwNz1ZEzygJ2
DnjeRBPrZoDWLJdNAtRMCJAvt0Zyi7nQ9gRVecCpqd+wQN6Qa1KFVMNJEhuPIrOj
tFHVj6j9+4uoY/jgGgw0Z9nPyulal9k20HTLa1DYqALnCBC59O53EWZOhuqLAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU5ggljujDrEh3nic1w5NOYtQe57YwHwYDVR0j
BBgwFoAU0nCfd3mI2LucKdu7U5aIElaMYW4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQ0JEQTNDQkUzRjk0QjE5RURGMDA5OTUzQzBGNDU1RDcw
NTNCMDYwODgzRkY3NEFCM0ZGQ0ExMjgxOEYwOTMyLzAvRDI3MDlGNzc3OTg4RDhC
QjlDMjlEQkJCNTM5Njg4MTI1NjhDNjE2RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMjcwOUY3Nzc5ODhEOEJCOUMy
OURCQkI1Mzk2ODgxMjU2OEM2MTZFLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUNCREEzQ0JFM0Y5NEIxOUVERjAwOTk1M0MwRjQ1NUQ3MDUzQjA2MDg4
M0ZGNzRBQjNGRkNBMTI4MThGMDkzMi8wLzMyMzAzMDJlMzEzMjM1MmUzMTM0MzIy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM4MzAzNDMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyH2O
MA0GCSqGSIb3DQEBCwUAA4IBAQAUPuoI4Fsalg7jAvuy8BJy0Dw9K45/FryrNuM4
2aLzo+7GS7i/04BRUwPIBwIMYZu977AFCRtm8AVAWzbUa//TUL41t52hCKRJfQvg
1CyY0gkB/R1/uHJEFVAV36mSIo1qa3f12Om3me0ygrXYu4mG+7gMw0iOSIeAZ+jO
P5sW3cSM8KbwiwQUrgYQ02vxj4N31oan4POkRD/LBCmIsnh0vKShNC7I/7BZpJ0q
q6rJc/6xvu6hxDcqpPfEJ7P2Z1q4YywNK9Z8SXuxpm/9VaFYe6brlAb3KsfInCbW
FUPeblx70d0pzjz3Z8nld+Ir4OR9HNKWdadOfR5W4XVce6cT
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:30 2025 by rpki-client