Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/3230302e36392e33322e302f32312d3234203d3e203130363137.roa
File:                     3230302e36392e33322e302f32312d3234203d3e203130363137.roa (raw, json)
Hash identifier:          UpnVBLKxfPgfPjbmSRr10ZC6CXeh4OBAR55MM10+wcM=
Subject key identifier:   92:D0:9D:6F:ED:08:A6:B6:AE:D8:E5:17:36:C6:BD:AB:37:6F:A6:E6
Certificate issuer:       /CN=16D6DAFBF5511C53569330FFFD2E9E564974D14D
Certificate serial:       29D5F6B7A73D80BEBDE702A0D0010170F4435343
Authority key identifier: 16:D6:DA:FB:F5:51:1C:53:56:93:30:FF:FD:2E:9E:56:49:74:D1:4D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/3230302e36392e33322e302f32312d3234203d3e203130363137.roa
Signing time:             Tue 04 Feb 2025 18:48:45 +0000
ROA not before:           Tue 04 Feb 2025 18:43:45 +0000
ROA not after:            Tue 03 Feb 2026 18:48:45 +0000
asID:                     10617
IP address blocks:        200.69.32.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:d5:f6:b7:a7:3d:80:be:bd:e7:02:a0:d0:01:01:70:f4:43:53:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16D6DAFBF5511C53569330FFFD2E9E564974D14D
        Validity
            Not Before: Feb  4 18:43:45 2025 GMT
            Not After : Feb  3 18:48:45 2026 GMT
        Subject: CN=92D09D6FED08A6B6AED8E51736C6BDAB376FA6E6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:27:a6:e9:40:37:ae:83:25:bb:37:0f:1d:87:
                    bc:60:6c:ea:48:92:da:9c:67:70:43:8b:b8:59:77:
                    60:84:6a:66:7c:9e:dc:94:4c:f5:0a:06:f6:61:57:
                    f5:80:2e:5f:21:d6:58:b1:4a:71:e0:83:be:6e:a9:
                    24:60:88:29:d5:1f:a2:63:5e:8b:c3:f1:03:24:1a:
                    22:aa:be:4a:e6:01:93:12:63:ff:e9:eb:e1:ba:32:
                    96:be:46:12:84:95:e6:56:1d:ec:26:87:54:8e:f8:
                    57:56:8c:71:09:50:b4:05:17:28:ba:95:fa:9e:d7:
                    bb:54:6e:e3:71:5a:f3:e6:74:29:d1:7e:7a:1c:2c:
                    8b:de:a5:5f:fa:b5:a3:87:a8:90:1f:c8:bb:af:9c:
                    81:ec:dc:09:ea:af:a1:5d:21:83:b1:a3:3e:41:ac:
                    09:8e:7f:4a:21:2d:6e:b2:44:e4:1d:90:f3:99:85:
                    55:59:78:99:f7:2b:72:9b:04:74:f5:50:a5:91:e2:
                    00:70:02:4c:4f:15:4e:98:c2:01:8e:88:9a:74:ce:
                    0c:88:08:2d:01:65:c7:fc:a5:87:99:ef:78:ed:92:
                    1a:68:3f:b7:51:3b:a7:cd:84:74:13:20:d5:ce:d9:
                    93:f6:79:36:df:66:34:a3:d8:83:c7:ea:e3:c8:92:
                    45:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:D0:9D:6F:ED:08:A6:B6:AE:D8:E5:17:36:C6:BD:AB:37:6F:A6:E6
            X509v3 Authority Key Identifier:
                keyid:16:D6:DA:FB:F5:51:1C:53:56:93:30:FF:FD:2E:9E:56:49:74:D1:4D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/3230302e36392e33322e302f32312d3234203d3e203130363137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.69.32.0/21

    Signature Algorithm: sha256WithRSAEncryption
         8f:c6:63:49:b3:72:e3:b4:36:2a:3b:32:b9:1a:1a:a2:a1:90:
         ed:b9:bc:9d:08:5b:04:ad:99:26:58:3e:a3:d3:f1:bc:97:94:
         d0:0f:d3:50:7f:82:aa:ae:31:1f:98:3d:ae:bc:f6:a3:c6:39:
         71:5c:ec:ca:c4:64:7a:96:e3:ad:93:4d:24:f5:f2:2d:a0:35:
         12:d8:b2:60:df:81:45:01:f9:c3:35:3a:ff:cc:dc:50:9c:0e:
         f3:da:8b:83:da:c8:14:22:d8:47:59:f8:6c:c1:b0:5c:28:17:
         4e:e8:ca:62:c0:54:7a:d9:c0:7d:cd:53:80:0d:9e:42:65:01:
         55:1d:bd:af:16:4e:b8:bb:1e:f0:9c:c3:cd:29:a1:07:4f:41:
         a9:9b:27:7c:10:7f:0a:27:8a:e2:5a:c8:ec:e1:31:57:b8:53:
         60:64:38:9b:3a:50:4c:c6:3e:6b:8e:b8:90:ea:a4:6d:00:44:
         8c:11:44:00:1f:0f:19:0b:a0:e5:4e:67:da:1e:2b:36:09:6a:
         bc:9f:af:7b:43:ba:aa:2c:f0:ad:69:19:f9:48:ce:f1:39:1e:
         50:af:b9:8f:b8:21:43:7d:f0:7b:e7:a5:5b:56:69:68:41:4e:
         a5:92:c4:b4:62:ac:86:20:21:7e:44:7b:a1:df:f0:2f:44:7c:
         2f:7e:0d:76
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUKdX2t6c9gL695wKg0AEBcPRDU0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTZENkRBRkJGNTUxMUM1MzU2OTMzMEZGRkQyRTlFNTY0
OTc0RDE0RDAeFw0yNTAyMDQxODQzNDVaFw0yNjAyMDMxODQ4NDVaMDMxMTAvBgNV
BAMTKDkyRDA5RDZGRUQwOEE2QjZBRUQ4RTUxNzM2QzZCREFCMzc2RkE2RTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJ6bpQDeugyW7Nw8dh7xgbOpI
ktqcZ3BDi7hZd2CEamZ8ntyUTPUKBvZhV/WALl8h1lixSnHgg75uqSRgiCnVH6Jj
XovD8QMkGiKqvkrmAZMSY//p6+G6Mpa+RhKEleZWHewmh1SO+FdWjHEJULQFFyi6
lfqe17tUbuNxWvPmdCnRfnocLIvepV/6taOHqJAfyLuvnIHs3Anqr6FdIYOxoz5B
rAmOf0ohLW6yROQdkPOZhVVZeJn3K3KbBHT1UKWR4gBwAkxPFU6YwgGOiJp0zgyI
CC0BZcf8pYeZ73jtkhpoP7dRO6fNhHQTINXO2ZP2eTbfZjSj2IPH6uPIkkWbAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUktCdb+0Iprau2OUXNsa9qzdvpuYwHwYDVR0j
BBgwFoAUFtba+/VRHFNWkzD//S6eVkl00U0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83NkE0ODNDODQwQjU5RDVBMzg2Q0MzNUZFODkxNzc0RjA3
Qzk0MEMyQTQ3M0EwQzgwOEZGNzlFOUQ2NzNBQzAxLzAvMTZENkRBRkJGNTUxMUM1
MzU2OTMzMEZGRkQyRTlFNTY0OTc0RDE0RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNkQ2REFGQkY1NTExQzUzNTY5
MzMwRkZGRDJFOUU1NjQ5NzREMTRELmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzZBNDgzQzg0MEI1OUQ1QTM4NkNDMzVGRTg5MTc3NEYwN0M5NDBDMkE0
NzNBMEM4MDhGRjc5RTlENjczQUMwMS8wLzMyMzAzMDJlMzYzOTJlMzMzMjJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDMxMzAzNjMxMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPIRSAwDQYJ
KoZIhvcNAQELBQADggEBAI/GY0mzcuO0Nio7MrkaGqKhkO25vJ0IWwStmSZYPqPT
8byXlNAP01B/gqquMR+YPa689qPGOXFc7MrEZHqW462TTST18i2gNRLYsmDfgUUB
+cM1Ov/M3FCcDvPai4PayBQi2EdZ+GzBsFwoF07oymLAVHrZwH3NU4ANnkJlAVUd
va8WTri7HvCcw80poQdPQambJ3wQfwoniuJayOzhMVe4U2BkOJs6UEzGPmuOuJDq
pG0ARIwRRAAfDxkLoOVOZ9oeKzYJaryfr3tDuqos8K1pGflIzvE5HlCvuY+4IUN9
8HvnpVtWaWhBTqWSxLRirIYgIX5Ee6Hf8C9EfC9+DXY=
-----END CERTIFICATE-----
Generated at Thu Feb 13 19:46:56 2025 by rpki-client