Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32332d3233203d3e203532333939.roa
File:                     3230302e372e3135322e302f32332d3233203d3e203532333939.roa (raw, json)
Hash identifier:          V/AAp5ObrWQz4lFvLSFEt6qm5nS9eOZYnMVuZgte0hE=
Subject key identifier:   92:8C:80:AD:74:D5:51:2E:02:7E:AC:CB:F1:12:E4:3C:A5:47:CE:83
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       309B0BB93BA1AD0C66CB4B6FAED9FC28DB441618
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32332d3233203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:36:04 +0000
ROA not before:           Tue 04 Feb 2025 18:31:04 +0000
ROA not after:            Tue 03 Feb 2026 18:36:04 +0000
asID:                     52399
IP address blocks:        200.7.152.0/23 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:9b:0b:b9:3b:a1:ad:0c:66:cb:4b:6f:ae:d9:fc:28:db:44:16:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:31:04 2025 GMT
            Not After : Feb  3 18:36:04 2026 GMT
        Subject: CN=928C80AD74D5512E027EACCBF112E43CA547CE83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:99:47:75:79:aa:a9:41:45:f9:26:31:56:51:
                    17:09:cf:88:31:c4:7e:26:9e:19:a4:46:f1:61:d8:
                    6d:a3:20:57:9a:3e:24:37:e3:4c:ef:11:0a:0b:bc:
                    f9:50:c1:30:c4:7b:07:f9:f9:db:9b:9e:84:d7:52:
                    fd:c0:d2:ae:42:3b:0e:c5:58:27:0e:e1:64:f5:7d:
                    83:0c:11:bd:07:28:92:d4:e7:e8:5d:61:41:26:70:
                    15:17:74:8d:4d:58:61:ee:4d:57:a4:29:b8:ce:24:
                    bd:d2:35:8e:91:94:31:ea:34:a4:2a:d7:c3:7a:01:
                    a2:8e:f8:e9:67:10:d7:19:e0:2d:3b:74:b3:c5:40:
                    b2:3f:77:2d:f1:1c:ba:f5:58:f4:9a:96:b6:a0:d6:
                    48:af:21:ad:e8:d9:87:00:10:03:9d:fb:bd:f6:fc:
                    5f:3d:9c:e4:07:07:f3:f5:92:93:bc:1b:01:96:55:
                    a4:3c:76:60:af:ca:5e:39:80:fa:e6:5b:90:71:01:
                    7a:99:4b:4c:94:34:25:ce:36:22:84:9c:26:02:9a:
                    54:68:88:fc:75:a5:56:b1:b9:d5:8a:57:70:b9:2b:
                    26:38:ac:e3:e1:9a:59:80:83:e9:ae:52:7d:18:b8:
                    ce:20:29:8f:f3:c4:0f:b5:4e:60:71:68:1f:cd:6a:
                    b0:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:8C:80:AD:74:D5:51:2E:02:7E:AC:CB:F1:12:E4:3C:A5:47:CE:83
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/3230302e372e3135322e302f32332d3233203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.152.0/23

    Signature Algorithm: sha256WithRSAEncryption
         95:03:e0:a8:c5:21:fb:d2:a6:b4:71:70:ee:6e:6b:31:cd:08:
         c3:82:5a:f3:55:bd:eb:48:03:cf:74:5a:93:45:b2:6c:27:cd:
         c1:d5:de:f6:cd:14:96:f7:5d:47:a1:67:fe:04:74:82:d5:9a:
         aa:cd:1b:57:48:c1:aa:a7:02:08:86:fe:c8:51:68:80:fa:9d:
         c2:01:59:53:2d:c3:25:d9:3c:fe:86:95:21:f2:3b:06:fa:5d:
         1e:6a:f0:5a:dd:c8:bf:05:98:8c:b3:37:64:8a:39:a3:58:93:
         db:e2:df:2e:bc:4e:a3:2d:54:ee:87:db:ba:21:c5:41:30:0b:
         ec:6a:4a:5c:03:16:b7:b5:99:e2:44:c0:e3:83:64:02:20:bb:
         1f:e2:81:d3:ae:57:d6:df:a6:65:84:24:1d:05:5e:6e:32:bf:
         1b:3c:25:e4:7b:40:2c:ae:b8:7e:9c:7d:fe:54:51:7b:dc:a7:
         c1:ea:5c:69:fb:9e:c1:7b:0a:30:32:97:44:50:48:c4:d7:40:
         24:b6:68:89:e2:64:d3:60:f8:84:2f:c6:2e:43:e0:c3:a3:4e:
         26:be:16:7e:41:b3:8b:d3:11:60:c3:68:48:41:82:e0:6b:5b:
         e7:b8:98:c4:aa:75:b1:20:b3:f1:be:cc:ff:9d:0f:71:34:8c:
         a5:2c:c9:2f
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUMJsLuTuhrQxmy0tvrtn8KNtEFhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMxMDRaFw0yNjAyMDMxODM2MDRaMDMxMTAvBgNV
BAMTKDkyOEM4MEFENzRENTUxMkUwMjdFQUNDQkYxMTJFNDNDQTU0N0NFODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnmUd1eaqpQUX5JjFWURcJz4gx
xH4mnhmkRvFh2G2jIFeaPiQ340zvEQoLvPlQwTDEewf5+dubnoTXUv3A0q5COw7F
WCcO4WT1fYMMEb0HKJLU5+hdYUEmcBUXdI1NWGHuTVekKbjOJL3SNY6RlDHqNKQq
18N6AaKO+OlnENcZ4C07dLPFQLI/dy3xHLr1WPSalrag1kivIa3o2YcAEAOd+732
/F89nOQHB/P1kpO8GwGWVaQ8dmCvyl45gPrmW5BxAXqZS0yUNCXONiKEnCYCmlRo
iPx1pVaxudWKV3C5KyY4rOPhmlmAg+muUn0YuM4gKY/zxA+1TmBxaB/NarDtAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUkoyArXTVUS4CfqzL8RLkPKVHzoMwHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzAzMDJlMzcyZTMxMzUzMjJlMzAy
ZjMyMzMyZDMyMzMyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHIB5gwDQYJ
KoZIhvcNAQELBQADggEBAJUD4KjFIfvSprRxcO5uazHNCMOCWvNVvetIA890WpNF
smwnzcHV3vbNFJb3XUehZ/4EdILVmqrNG1dIwaqnAgiG/shRaID6ncIBWVMtwyXZ
PP6GlSHyOwb6XR5q8FrdyL8FmIyzN2SKOaNYk9vi3y68TqMtVO6H27ohxUEwC+xq
SlwDFre1meJEwOODZAIgux/igdOuV9bfpmWEJB0FXm4yvxs8JeR7QCyuuH6cff5U
UXvcp8HqXGn7nsF7CjAyl0RQSMTXQCS2aIniZNNg+IQvxi5D4MOjTia+Fn5Bs4vT
EWDDaEhBguBrW+e4mMSqdbEgs/G+zP+dD3E0jKUsyS8=
-----END CERTIFICATE-----