Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3230302e3130362e3233372e302f32342d3234203d3e203532323632.roa
File:                     3230302e3130362e3233372e302f32342d3234203d3e203532323632.roa (raw, json)
Hash identifier:          23IqQIh55B+mzBaGoZWi82idTKRyiJ8pf5LDjx643vY=
Subject key identifier:   9B:BF:52:F5:75:E8:17:4E:60:F1:8A:A3:B9:25:07:EA:F6:C0:13:93
Certificate issuer:       /CN=9BCCBD68EB22C37B886D81BDFC8BA77CD7312208
Certificate serial:       5694660223F57D071B990E8ECB3374DBB96D6410
Authority key identifier: 9B:CC:BD:68:EB:22:C3:7B:88:6D:81:BD:FC:8B:A7:7C:D7:31:22:08
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3230302e3130362e3233372e302f32342d3234203d3e203532323632.roa
Signing time:             Tue 04 Feb 2025 20:02:15 +0000
ROA not before:           Tue 04 Feb 2025 19:57:15 +0000
ROA not after:            Tue 03 Feb 2026 20:02:15 +0000
asID:                     52262
IP address blocks:        200.106.237.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:94:66:02:23:f5:7d:07:1b:99:0e:8e:cb:33:74:db:b9:6d:64:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9BCCBD68EB22C37B886D81BDFC8BA77CD7312208
        Validity
            Not Before: Feb  4 19:57:15 2025 GMT
            Not After : Feb  3 20:02:15 2026 GMT
        Subject: CN=9BBF52F575E8174E60F18AA3B92507EAF6C01393
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d4:cb:5e:23:bb:03:15:a8:a7:72:ac:23:0b:
                    b9:d7:67:5b:a1:13:eb:44:b5:2a:1b:2b:6a:00:61:
                    9f:d2:8e:6b:b7:d4:d9:6a:94:f5:c2:07:5d:65:c6:
                    22:10:3e:02:6e:1d:e2:8c:c3:e5:f2:79:2c:03:36:
                    33:da:97:c5:c9:50:00:17:c0:bc:3d:68:7f:af:cf:
                    ef:37:a4:c2:63:be:25:a6:91:6b:fe:54:f4:33:de:
                    03:1e:57:64:b3:53:4f:13:c1:6c:5f:02:98:3f:a4:
                    3d:57:6b:f0:c7:4b:1d:dc:09:af:28:13:93:c4:c6:
                    20:c8:33:6b:3d:7a:7d:06:60:93:99:12:dd:d7:1f:
                    a6:b0:c2:f1:9d:79:0f:34:18:22:4f:7a:86:5e:a8:
                    d2:cc:68:30:2f:62:4e:e9:43:b2:b4:74:f1:4f:62:
                    81:17:49:13:f8:fd:e2:aa:4a:bd:98:ad:c2:bd:66:
                    7a:07:5c:44:b2:f6:32:15:65:41:a8:6c:95:1a:0c:
                    3a:63:ae:cc:56:dd:57:8e:b3:8b:c4:5e:76:ab:85:
                    6c:1c:d7:cf:f0:5a:51:b3:6b:df:68:5f:d9:d9:0f:
                    33:a0:cf:43:76:2c:37:7a:6e:30:42:5a:0d:3b:a5:
                    e4:cb:25:b6:ad:33:ab:f3:9b:d2:ae:7e:64:89:9d:
                    3a:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:BF:52:F5:75:E8:17:4E:60:F1:8A:A3:B9:25:07:EA:F6:C0:13:93
            X509v3 Authority Key Identifier:
                keyid:9B:CC:BD:68:EB:22:C3:7B:88:6D:81:BD:FC:8B:A7:7C:D7:31:22:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3230302e3130362e3233372e302f32342d3234203d3e203532323632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.106.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:2a:4b:31:64:d7:86:2f:ab:0a:d8:2a:6c:2d:4d:71:e8:7d:
         10:bf:0a:de:51:92:3c:e0:99:da:a3:c2:b2:18:35:78:b6:26:
         df:1e:d7:04:bc:03:e9:40:c1:f1:14:55:03:76:76:43:2e:55:
         8a:a7:e5:60:1f:59:48:bd:62:7f:c3:5e:35:78:b0:ee:b9:22:
         25:ed:77:6a:45:b7:3b:31:a5:15:ca:3e:dc:58:ca:09:f6:84:
         15:4d:dc:68:ae:38:d3:7c:3e:a2:79:38:c8:a8:b2:62:19:52:
         5c:fd:b2:5b:e5:a7:74:6f:72:e3:e8:fc:2b:d8:9a:31:65:e1:
         f4:81:2a:a5:d3:25:e9:80:22:cd:8f:0a:75:ea:b3:84:a6:98:
         be:df:0c:ca:b2:49:c2:de:3f:06:15:95:21:37:24:aa:14:e7:
         cb:5c:80:ed:8d:36:07:ba:b4:fd:b5:57:86:e6:ff:80:fd:ac:
         cf:07:9d:19:33:89:de:e3:45:8f:fe:4a:7c:0c:80:9b:8a:de:
         d1:10:46:99:a9:12:ce:5a:b7:cc:0e:7b:eb:03:6d:4d:25:ac:
         24:09:84:fb:3f:e4:90:a2:54:56:c9:2e:f8:e5:a3:7d:db:ab:
         99:a0:06:b7:58:7f:52:56:40:e9:34:20:60:fa:79:79:e9:94:
         cf:36:3d:c8
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUVpRmAiP1fQcbmQ6OyzN027ltZBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUJDQ0JENjhFQjIyQzM3Qjg4NkQ4MUJERkM4QkE3N0NE
NzMxMjIwODAeFw0yNTAyMDQxOTU3MTVaFw0yNjAyMDMyMDAyMTVaMDMxMTAvBgNV
BAMTKDlCQkY1MkY1NzVFODE3NEU2MEYxOEFBM0I5MjUwN0VBRjZDMDEzOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG1MteI7sDFaincqwjC7nXZ1uh
E+tEtSobK2oAYZ/Sjmu31NlqlPXCB11lxiIQPgJuHeKMw+XyeSwDNjPal8XJUAAX
wLw9aH+vz+83pMJjviWmkWv+VPQz3gMeV2SzU08TwWxfApg/pD1Xa/DHSx3cCa8o
E5PExiDIM2s9en0GYJOZEt3XH6awwvGdeQ80GCJPeoZeqNLMaDAvYk7pQ7K0dPFP
YoEXSRP4/eKqSr2YrcK9ZnoHXESy9jIVZUGobJUaDDpjrsxW3VeOs4vEXnarhWwc
18/wWlGza99oX9nZDzOgz0N2LDd6bjBCWg07peTLJbatM6vzm9KufmSJnTrBAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUm79S9XXoF05g8YqjuSUH6vbAE5MwHwYDVR0j
BBgwFoAUm8y9aOsiw3uIbYG9/IunfNcxIggwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQTVGMkY4N0QxMTc4NkZCM0ZDQURBQTA0MzQzMUVCMDEz
Q0RCQUQwMDI0N0VEQjdBNjUwMkJGRkQ4QjRDQzI0LzAvOUJDQ0JENjhFQjIyQzM3
Qjg4NkQ4MUJERkM4QkE3N0NENzMxMjIwOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QkNDQkQ2OEVCMjJDMzdCODg2
RDgxQkRGQzhCQTc3Q0Q3MzEyMjA4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E1RjJGODdEMTE3ODZGQjNGQ0FEQUEwNDM0MzFFQjAxM0NEQkFEMDAy
NDdFREI3QTY1MDJCRkZEOEI0Q0MyNC8wLzMyMzAzMDJlMzEzMDM2MmUzMjMzMzcy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzIzNjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyGrt
MA0GCSqGSIb3DQEBCwUAA4IBAQBMKksxZNeGL6sK2CpsLU1x6H0QvwreUZI84Jna
o8KyGDV4tibfHtcEvAPpQMHxFFUDdnZDLlWKp+VgH1lIvWJ/w141eLDuuSIl7Xdq
Rbc7MaUVyj7cWMoJ9oQVTdxorjjTfD6ieTjIqLJiGVJc/bJb5ad0b3Lj6Pwr2Jox
ZeH0gSql0yXpgCLNjwp16rOEppi+3wzKsknC3j8GFZUhNySqFOfLXIDtjTYHurT9
tVeG5v+A/azPB50ZM4ne40WP/kp8DICbit7REEaZqRLOWrfMDnvrA21NJawkCYT7
P+SQolRWyS745aN926uZoAa3WH9SVkDpNCBg+nl56ZTPNj3I
-----END CERTIFICATE-----
Generated at Thu Feb 13 18:51:13 2025 by rpki-client