Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/46AA70DCBED89305C56286B2D479399AC5133D09597ACEEF8837E4E6ED78BDB5/0/3230302e3132362e33322e302f32302d3234203d3e20323634373830.roa
File:                     3230302e3132362e33322e302f32302d3234203d3e20323634373830.roa (raw, json)
Hash identifier:          i9zgCnNrq8bcxofN13vAgU1rDNWKcRA2fapKD8mMCSo=
Subject key identifier:   DD:A6:A1:43:CD:78:BB:71:B5:77:34:07:4C:28:7A:58:6B:D0:A1:7E
Certificate issuer:       /CN=20B9C47C5E606454FC314AD7D8CD786FB8049FF1
Certificate serial:       1209A0D7EEB22A033769E516213137AE577AB4B9
Authority key identifier: 20:B9:C4:7C:5E:60:64:54:FC:31:4A:D7:D8:CD:78:6F:B8:04:9F:F1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/20B9C47C5E606454FC314AD7D8CD786FB8049FF1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/46AA70DCBED89305C56286B2D479399AC5133D09597ACEEF8837E4E6ED78BDB5/0/3230302e3132362e33322e302f32302d3234203d3e20323634373830.roa
Signing time:             Tue 04 Feb 2025 18:26:08 +0000
ROA not before:           Tue 04 Feb 2025 18:21:08 +0000
ROA not after:            Tue 03 Feb 2026 18:26:08 +0000
asID:                     264780
IP address blocks:        200.126.32.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:09:a0:d7:ee:b2:2a:03:37:69:e5:16:21:31:37:ae:57:7a:b4:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20B9C47C5E606454FC314AD7D8CD786FB8049FF1
        Validity
            Not Before: Feb  4 18:21:08 2025 GMT
            Not After : Feb  3 18:26:08 2026 GMT
        Subject: CN=DDA6A143CD78BB71B57734074C287A586BD0A17E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:37:dc:10:a4:11:4f:4b:df:ed:70:77:1d:0d:
                    95:bf:22:64:87:f9:19:56:f6:e9:fc:11:d9:ab:59:
                    49:e6:c1:6e:69:85:56:f5:ec:63:27:2e:e1:12:ed:
                    c9:49:42:03:61:a2:7a:7c:f7:05:6f:45:d5:ee:18:
                    04:96:f4:91:2b:7d:f1:fe:21:7f:3f:08:d9:15:a4:
                    ac:fa:1a:2c:45:ca:96:77:d0:d9:d7:ae:3b:17:de:
                    99:91:9f:6f:ba:d3:21:f5:e0:d2:43:74:b8:84:b6:
                    50:f0:fa:4c:be:86:40:99:e3:c5:fe:85:d2:4c:33:
                    fc:1a:7a:d5:86:b2:43:6f:32:06:f8:0b:bb:a4:b4:
                    fc:e9:2a:db:a8:04:16:19:64:63:95:38:5b:8e:7a:
                    61:8f:75:ee:ce:66:57:1a:59:55:53:b9:87:be:59:
                    07:9f:0d:1a:a8:47:9c:dd:2c:33:7e:42:64:5e:02:
                    de:53:75:97:c4:03:29:6d:48:d9:6b:00:8d:9e:cd:
                    9d:1f:4d:0a:b2:ea:55:4c:f7:52:d8:47:a8:67:dd:
                    a8:a2:1a:04:9c:71:ad:95:42:f9:57:78:47:d8:0c:
                    bd:97:9b:45:0d:11:09:52:f2:f5:61:23:43:0f:23:
                    5b:5f:ec:39:17:e6:df:81:7b:1e:02:2c:d3:08:d0:
                    c3:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:A6:A1:43:CD:78:BB:71:B5:77:34:07:4C:28:7A:58:6B:D0:A1:7E
            X509v3 Authority Key Identifier:
                keyid:20:B9:C4:7C:5E:60:64:54:FC:31:4A:D7:D8:CD:78:6F:B8:04:9F:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/46AA70DCBED89305C56286B2D479399AC5133D09597ACEEF8837E4E6ED78BDB5/0/20B9C47C5E606454FC314AD7D8CD786FB8049FF1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/20B9C47C5E606454FC314AD7D8CD786FB8049FF1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/46AA70DCBED89305C56286B2D479399AC5133D09597ACEEF8837E4E6ED78BDB5/0/3230302e3132362e33322e302f32302d3234203d3e20323634373830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.126.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         7b:e8:6a:7f:d6:93:75:1b:e6:51:28:c5:67:22:ea:65:87:47:
         49:33:5d:b4:4d:92:16:31:3e:b9:26:4f:ab:ef:99:2a:42:b8:
         a9:da:5e:8b:c9:b8:c7:c0:5e:1a:9e:a3:71:41:fd:1a:b5:9b:
         26:dd:be:0e:b6:52:3c:89:d6:0a:e2:bb:ed:f9:c3:80:a6:ba:
         fe:9f:8b:2c:13:f9:98:3e:4a:15:c1:3b:c5:27:41:1e:d6:01:
         af:66:18:f2:c3:1f:70:d6:65:b4:9d:db:4c:af:b0:7b:39:05:
         53:24:ff:dd:88:7c:6e:d4:8a:2a:c2:92:69:b2:8d:74:1b:73:
         ba:2e:ec:be:ee:b6:3d:15:79:72:f5:f7:e6:2f:aa:2c:ed:69:
         9d:28:2c:fc:b6:8e:46:11:2a:4d:96:d7:26:22:b5:0a:35:69:
         49:38:b3:82:b3:f1:8e:bc:45:28:90:67:24:bc:a9:dd:ff:95:
         e6:4f:d0:b8:8d:6e:ce:88:ba:c4:df:04:b2:cb:12:3e:65:28:
         3f:0b:23:d3:f2:78:e1:fc:e5:f9:ed:01:f4:cf:97:e8:0b:5b:
         dc:53:33:3f:29:4c:a9:ab:55:73:07:d5:ff:cb:c1:e8:24:1b:
         53:f5:4b:d3:fc:65:5f:5e:1d:d1:14:9e:a3:4d:f9:08:0d:a5:
         df:4f:f8:fb
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUEgmg1+6yKgM3aeUWITE3rld6tLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjBCOUM0N0M1RTYwNjQ1NEZDMzE0QUQ3RDhDRDc4NkZC
ODA0OUZGMTAeFw0yNTAyMDQxODIxMDhaFw0yNjAyMDMxODI2MDhaMDMxMTAvBgNV
BAMTKEREQTZBMTQzQ0Q3OEJCNzFCNTc3MzQwNzRDMjg3QTU4NkJEMEExN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGN9wQpBFPS9/tcHcdDZW/ImSH
+RlW9un8EdmrWUnmwW5phVb17GMnLuES7clJQgNhonp89wVvRdXuGASW9JErffH+
IX8/CNkVpKz6GixFypZ30NnXrjsX3pmRn2+60yH14NJDdLiEtlDw+ky+hkCZ48X+
hdJMM/waetWGskNvMgb4C7uktPzpKtuoBBYZZGOVOFuOemGPde7OZlcaWVVTuYe+
WQefDRqoR5zdLDN+QmReAt5TdZfEAyltSNlrAI2ezZ0fTQqy6lVM91LYR6hn3aii
GgScca2VQvlXeEfYDL2Xm0UNEQlS8vVhI0MPI1tf7DkX5t+Bex4CLNMI0MPXAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU3aahQ814u3G1dzQHTCh6WGvQoX4wHwYDVR0j
BBgwFoAUILnEfF5gZFT8MUrX2M14b7gEn/EwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NkFBNzBEQ0JFRDg5MzA1QzU2Mjg2QjJENDc5Mzk5QUM1
MTMzRDA5NTk3QUNFRUY4ODM3RTRFNkVENzhCREI1LzAvMjBCOUM0N0M1RTYwNjQ1
NEZDMzE0QUQ3RDhDRDc4NkZCODA0OUZGMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMEI5QzQ3QzVFNjA2NDU0RkMz
MTRBRDdEOENENzg2RkI4MDQ5RkYxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDZBQTcwRENCRUQ4OTMwNUM1NjI4NkIyRDQ3OTM5OUFDNTEzM0QwOTU5
N0FDRUVGODgzN0U0RTZFRDc4QkRCNS8wLzMyMzAzMDJlMzEzMjM2MmUzMzMyMmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzIzNjM0MzczODMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEyH4g
MA0GCSqGSIb3DQEBCwUAA4IBAQB76Gp/1pN1G+ZRKMVnIuplh0dJM120TZIWMT65
Jk+r75kqQrip2l6LybjHwF4anqNxQf0atZsm3b4OtlI8idYK4rvt+cOAprr+n4ss
E/mYPkoVwTvFJ0Ee1gGvZhjywx9w1mW0ndtMr7B7OQVTJP/diHxu1IoqwpJpso10
G3O6Luy+7rY9FXly9ffmL6os7WmdKCz8to5GESpNltcmIrUKNWlJOLOCs/GOvEUo
kGckvKnd/5XmT9C4jW7OiLrE3wSyyxI+ZSg/CyPT8njh/OX57QH0z5foC1vcUzM/
KUypq1VzB9X/y8HoJBtT9UvT/GVfXh3RFJ6jTfkIDaXfT/j7
-----END CERTIFICATE-----
Generated at Thu Feb 13 20:28:59 2025 by rpki-client