Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS27968.roa
File:                     AS27968.roa (raw, json)
Hash identifier:          DdjMeHnCIe6Z273qjt6yQvNEQeIh9C3hsCRE1M0wcyk=
Subject key identifier:   48:64:0E:1C:1C:FB:BE:93:56:9A:61:53:A7:DE:05:8C:7D:F9:86:4D
Certificate issuer:       /CN=B6F8E7D0BF951583E0959B2A92A8920330CEBE59
Certificate serial:       4E248252F9F57D71115E9915E127F01D5F0619C2
Authority key identifier: B6:F8:E7:D0:BF:95:15:83:E0:95:9B:2A:92:A8:92:03:30:CE:BE:59
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS27968.roa
Signing time:             Tue 04 Feb 2025 18:44:15 +0000
ROA not before:           Tue 04 Feb 2025 18:39:15 +0000
ROA not after:            Tue 03 Feb 2026 18:44:15 +0000
asID:                     27968
IP address blocks:        186.178.8.0/24 maxlen: 24
                          200.125.192.0/19 maxlen: 24
                          200.125.192.0/24 maxlen: 24
                          200.125.224.0/19 maxlen: 24
                          200.125.224.0/24 maxlen: 24
                          200.125.255.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:24:82:52:f9:f5:7d:71:11:5e:99:15:e1:27:f0:1d:5f:06:19:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B6F8E7D0BF951583E0959B2A92A8920330CEBE59
        Validity
            Not Before: Feb  4 18:39:15 2025 GMT
            Not After : Feb  3 18:44:15 2026 GMT
        Subject: CN=48640E1C1CFBBE93569A6153A7DE058C7DF9864D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:64:76:94:77:1e:33:0d:2f:a4:71:24:0c:96:
                    83:ee:42:c6:5f:d1:0c:92:96:a6:e1:71:7e:44:4b:
                    3c:5f:a0:97:be:cd:ec:73:e9:71:5f:66:30:12:e4:
                    4e:11:20:e5:fa:5e:ad:7a:68:a3:b5:aa:89:e1:84:
                    5e:f2:16:a7:d0:0a:b7:6d:ee:ee:0e:01:8d:bb:d4:
                    d9:c2:ac:33:6c:15:34:3b:7e:a0:85:38:43:30:1c:
                    57:df:bc:ab:43:3b:37:12:e9:f2:da:2e:cb:b6:66:
                    89:6f:1e:44:ae:8e:49:5f:3d:58:e7:96:b2:d2:90:
                    2d:46:49:aa:d6:37:12:f0:3d:77:88:ba:6a:54:44:
                    24:bf:41:74:47:62:86:22:7b:0b:97:99:74:ba:2f:
                    8d:46:69:16:27:f8:9d:1c:44:fb:70:bd:6f:cf:99:
                    10:c9:7c:73:c6:06:cc:95:3a:40:b3:39:f0:88:1d:
                    2c:9d:75:2c:01:73:1a:9c:e6:46:6a:59:41:89:7e:
                    f3:c8:41:4f:59:6b:e0:f5:9d:16:0f:23:2a:55:09:
                    8e:75:72:cb:f5:e7:07:46:dd:f6:49:02:b3:b2:4f:
                    89:cd:52:bc:29:70:23:7b:2c:cf:8e:dc:bc:d2:ac:
                    ec:e4:4a:2c:b0:89:7d:d9:db:28:9b:5e:d5:d1:13:
                    43:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:64:0E:1C:1C:FB:BE:93:56:9A:61:53:A7:DE:05:8C:7D:F9:86:4D
            X509v3 Authority Key Identifier:
                keyid:B6:F8:E7:D0:BF:95:15:83:E0:95:9B:2A:92:A8:92:03:30:CE:BE:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B6F8E7D0BF951583E0959B2A92A8920330CEBE59.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/73B6868E56B12C35C63B0AB763023F2508123C311CD7EF4F5161EF6D0A55299E/0/AS27968.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.178.8.0/24
                  200.125.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         31:f2:7b:aa:54:82:57:18:ad:0b:13:f4:22:c4:78:a4:c4:f5:
         dd:7d:9a:66:40:d0:5a:c4:d6:71:4e:b1:16:e1:7a:bf:fe:12:
         eb:d6:b7:a5:0a:c1:0b:d7:ec:72:34:c0:0e:13:25:b2:c3:7e:
         d8:11:f6:82:f5:5c:8b:3c:4c:1a:9d:7e:ec:a9:44:5d:b4:c3:
         6c:60:2e:d2:fa:c2:b5:dd:ed:d5:de:af:d8:68:95:41:67:02:
         b3:b2:72:cf:b3:6e:25:f4:df:20:23:8a:2d:a0:54:5d:d8:43:
         13:2d:a5:2c:4a:b1:2d:27:16:2f:96:b4:32:cf:74:dc:82:38:
         03:f1:50:f1:69:9a:7a:d0:0d:e7:c4:b6:5e:50:7c:64:89:d5:
         89:30:e3:88:a3:55:98:a7:bc:62:d5:91:36:13:20:41:7c:5b:
         2c:13:66:2f:32:9e:da:e7:11:44:58:96:38:de:cf:62:83:98:
         d0:14:9d:66:ca:b7:81:b2:c8:11:b2:5d:61:e5:44:47:01:c2:
         0d:b5:ee:e4:b7:16:c3:1e:12:89:5f:6c:35:65:4a:5b:49:13:
         39:20:e2:2e:17:ce:5b:4e:b2:2a:e4:96:1a:2c:fb:ea:c1:b7:
         e1:cf:b8:aa:35:e6:3f:ae:ae:70:dc:0d:82:f9:06:61:51:ad:
         a8:37:2b:19
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIUTiSCUvn1fXERXpkV4SfwHV8GGcIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjZGOEU3RDBCRjk1MTU4M0UwOTU5QjJBOTJBODkyMDMz
MENFQkU1OTAeFw0yNTAyMDQxODM5MTVaFw0yNjAyMDMxODQ0MTVaMDMxMTAvBgNV
BAMTKDQ4NjQwRTFDMUNGQkJFOTM1NjlBNjE1M0E3REUwNThDN0RGOTg2NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCFZHaUdx4zDS+kcSQMloPuQsZf
0QySlqbhcX5ESzxfoJe+zexz6XFfZjAS5E4RIOX6Xq16aKO1qonhhF7yFqfQCrdt
7u4OAY271NnCrDNsFTQ7fqCFOEMwHFffvKtDOzcS6fLaLsu2ZolvHkSujklfPVjn
lrLSkC1GSarWNxLwPXeIumpURCS/QXRHYoYiewuXmXS6L41GaRYn+J0cRPtwvW/P
mRDJfHPGBsyVOkCzOfCIHSyddSwBcxqc5kZqWUGJfvPIQU9Za+D1nRYPIypVCY51
csv15wdG3fZJArOyT4nNUrwpcCN7LM+O3LzSrOzkSiywiX3Z2yibXtXRE0OHAgMB
AAGjggKeMIICmjAdBgNVHQ4EFgQUSGQOHBz7vpNWmmFTp94FjH35hk0wHwYDVR0j
BBgwFoAUtvjn0L+VFYPglZsqkqiSAzDOvlkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83M0I2ODY4RTU2QjEyQzM1QzYzQjBBQjc2MzAyM0YyNTA4
MTIzQzMxMUNEN0VGNEY1MTYxRUY2RDBBNTUyOTlFLzAvQjZGOEU3RDBCRjk1MTU4
M0UwOTU5QjJBOTJBODkyMDMzMENFQkU1OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNkY4RTdEMEJGOTUxNTgzRTA5
NTlCMkE5MkE4OTIwMzMwQ0VCRTU5LmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG
CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy83M0I2ODY4RTU2QjEyQzM1QzYzQjBBQjc2MzAyM0YyNTA4MTIzQzMxMUNE
N0VGNEY1MTYxRUY2RDBBNTUyOTlFLzAvQVMyNzk2OC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALqyCAME
Bsh9wDANBgkqhkiG9w0BAQsFAAOCAQEAMfJ7qlSCVxitCxP0IsR4pMT13X2aZkDQ
WsTWcU6xFuF6v/4S69a3pQrBC9fscjTADhMlssN+2BH2gvVcizxMGp1+7KlEXbTD
bGAu0vrCtd3t1d6v2GiVQWcCs7Jyz7NuJfTfICOKLaBUXdhDEy2lLEqxLScWL5a0
Ms903II4A/FQ8WmaetAN58S2XlB8ZInViTDjiKNVmKe8YtWRNhMgQXxbLBNmLzKe
2ucRRFiWON7PYoOY0BSdZsq3gbLIEbJdYeVERwHCDbXu5LcWwx4SiV9sNWVKW0kT
OSDiLhfOW06yKuSWGiz76sG34c+4qjXmP66ucNwNgvkGYVGtqDcrGQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:05:00 2025 by rpki-client