Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8B1815EAB5FB4E95B361E0B16E012767B7D8844F8F6A480D57EC28AAED1545B7/0/3137302e3233332e3135322e302f32342d3234203d3e20313938393439.roa
File:                     3137302e3233332e3135322e302f32342d3234203d3e20313938393439.roa (raw, json)
Hash identifier:          CjJ5MdlM2moKO3Bq8JAMahP4cISv7YnTwKmqNM5WK5k=
Subject key identifier:   D8:25:82:6D:DB:9B:06:BB:D8:63:DD:00:48:63:60:96:20:43:9C:39
Certificate issuer:       /CN=2ED47C2FB75D2367E01C76EF5BD93642FE56F051
Certificate serial:       21271AF9E875BC47A4D557236D6D0332DE328EB2
Authority key identifier: 2E:D4:7C:2F:B7:5D:23:67:E0:1C:76:EF:5B:D9:36:42:FE:56:F0:51
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2ED47C2FB75D2367E01C76EF5BD93642FE56F051.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8B1815EAB5FB4E95B361E0B16E012767B7D8844F8F6A480D57EC28AAED1545B7/0/3137302e3233332e3135322e302f32342d3234203d3e20313938393439.roa
Signing time:             Tue 25 Mar 2025 18:40:00 +0000
ROA not before:           Tue 25 Mar 2025 18:35:00 +0000
ROA not after:            Tue 24 Mar 2026 18:40:00 +0000
asID:                     198949
IP address blocks:        170.233.152.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:27:1a:f9:e8:75:bc:47:a4:d5:57:23:6d:6d:03:32:de:32:8e:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ED47C2FB75D2367E01C76EF5BD93642FE56F051
        Validity
            Not Before: Mar 25 18:35:00 2025 GMT
            Not After : Mar 24 18:40:00 2026 GMT
        Subject: CN=D825826DDB9B06BBD863DD004863609620439C39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:96:6f:21:63:3d:65:b0:5b:5a:20:8d:be:b0:
                    48:44:b9:69:47:34:f2:df:32:e5:ea:c5:f9:a9:e9:
                    9e:cd:36:93:c0:cc:6e:75:86:c4:aa:db:9d:9d:36:
                    b5:3d:07:f5:08:79:8d:e0:b3:6f:ac:bb:61:dd:4b:
                    6e:7d:1d:4b:c9:0a:51:c7:95:7f:f2:a3:b7:b8:5b:
                    da:1a:2e:7d:9f:a3:d6:52:d7:9b:13:da:42:8f:04:
                    64:f7:5b:df:53:02:18:22:95:17:d9:0b:fe:35:e6:
                    0d:fe:2f:9a:fd:1e:3a:20:2c:7d:59:6c:6f:f0:9d:
                    de:fc:97:50:dd:12:62:74:d9:88:8c:dc:12:d2:4d:
                    7a:ed:92:f3:66:88:47:9e:b6:1e:05:f2:75:03:dd:
                    72:c2:d2:41:cd:a0:9b:f3:fd:47:7b:86:69:4c:a4:
                    19:08:fa:99:12:9e:ae:c5:a1:b8:91:8a:26:39:d4:
                    2c:b1:a3:7f:90:99:df:9b:48:10:c7:1b:4a:44:f8:
                    d0:b5:ca:bd:c6:2e:12:12:34:65:08:74:48:af:de:
                    07:26:84:e8:cb:67:63:61:3c:72:d9:4e:90:ad:68:
                    83:d1:84:d6:c7:38:9b:e2:45:ac:bd:f9:e8:10:47:
                    9b:9d:e0:9b:c2:e5:68:5a:81:b4:d2:eb:3a:21:d0:
                    41:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:25:82:6D:DB:9B:06:BB:D8:63:DD:00:48:63:60:96:20:43:9C:39
            X509v3 Authority Key Identifier:
                keyid:2E:D4:7C:2F:B7:5D:23:67:E0:1C:76:EF:5B:D9:36:42:FE:56:F0:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8B1815EAB5FB4E95B361E0B16E012767B7D8844F8F6A480D57EC28AAED1545B7/0/2ED47C2FB75D2367E01C76EF5BD93642FE56F051.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2ED47C2FB75D2367E01C76EF5BD93642FE56F051.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8B1815EAB5FB4E95B361E0B16E012767B7D8844F8F6A480D57EC28AAED1545B7/0/3137302e3233332e3135322e302f32342d3234203d3e20313938393439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:a4:ed:b0:b5:b2:89:b1:e3:f6:74:72:4e:38:67:d2:a1:7a:
         eb:a2:46:53:39:bc:6f:cf:a5:6f:d9:cd:6b:5f:19:da:7e:25:
         36:71:9d:5a:72:c7:85:de:38:c3:64:9b:ad:04:51:e9:43:95:
         99:26:09:37:7d:9c:6a:9e:0e:89:af:bb:a9:ae:a1:60:c2:ea:
         05:6b:05:8e:29:c0:37:79:a1:1c:23:b0:41:a7:17:01:3d:59:
         b8:86:c7:88:88:4d:c6:0a:4b:79:22:a3:11:f0:df:8d:9c:fe:
         b8:f3:5f:9f:d9:32:70:32:8b:f7:7e:3e:d3:43:48:d4:17:e6:
         8c:d8:9e:29:f0:e9:e8:74:aa:4b:d2:31:2b:e5:92:1e:ba:b1:
         3f:e7:e6:dd:aa:dc:57:f9:95:15:02:92:d9:e7:52:4c:5a:5e:
         ed:8a:c7:4d:2c:9e:f6:b3:a4:60:77:d2:4d:cd:16:c9:5e:2e:
         81:3c:dc:e2:b2:4f:79:51:6d:fd:12:d9:48:c6:08:b1:c3:09:
         fd:1a:f4:7a:a5:6c:a1:a7:40:45:bf:62:e5:36:2e:1f:36:5b:
         83:1a:a0:4a:9a:d4:a3:9b:d7:af:d3:d9:7b:4d:63:be:eb:9d:
         6a:90:73:f8:d6:a6:d2:e1:b4:d1:82:25:87:84:54:52:af:71:
         3c:c5:a7:b0
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUISca+eh1vEek1VcjbW0DMt4yjrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkVENDdDMkZCNzVEMjM2N0UwMUM3NkVGNUJEOTM2NDJG
RTU2RjA1MTAeFw0yNTAzMjUxODM1MDBaFw0yNjAzMjQxODQwMDBaMDMxMTAvBgNV
BAMTKEQ4MjU4MjZEREI5QjA2QkJEODYzREQwMDQ4NjM2MDk2MjA0MzlDMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjlm8hYz1lsFtaII2+sEhEuWlH
NPLfMuXqxfmp6Z7NNpPAzG51hsSq252dNrU9B/UIeY3gs2+su2HdS259HUvJClHH
lX/yo7e4W9oaLn2fo9ZS15sT2kKPBGT3W99TAhgilRfZC/415g3+L5r9HjogLH1Z
bG/wnd78l1DdEmJ02YiM3BLSTXrtkvNmiEeeth4F8nUD3XLC0kHNoJvz/Ud7hmlM
pBkI+pkSnq7FobiRiiY51Cyxo3+Qmd+bSBDHG0pE+NC1yr3GLhISNGUIdEiv3gcm
hOjLZ2NhPHLZTpCtaIPRhNbHOJviRay9+egQR5ud4JvC5WhagbTS6zoh0EFjAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU2CWCbdubBrvYY90ASGNgliBDnDkwHwYDVR0j
BBgwFoAULtR8L7ddI2fgHHbvW9k2Qv5W8FEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84QjE4MTVFQUI1RkI0RTk1QjM2MUUwQjE2RTAxMjc2N0I3
RDg4NDRGOEY2QTQ4MEQ1N0VDMjhBQUVEMTU0NUI3LzAvMkVENDdDMkZCNzVEMjM2
N0UwMUM3NkVGNUJEOTM2NDJGRTU2RjA1MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yRUQ0N0MyRkI3NUQyMzY3RTAx
Qzc2RUY1QkQ5MzY0MkZFNTZGMDUxLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEIxODE1RUFCNUZCNEU5NUIzNjFFMEIxNkUwMTI3NjdCN0Q4ODQ0RjhG
NkE0ODBENTdFQzI4QUFFRDE1NDVCNy8wLzMxMzczMDJlMzIzMzMzMmUzMTM1MzIy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzOTM0Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACq
6ZgwDQYJKoZIhvcNAQELBQADggEBAAOk7bC1somx4/Z0ck44Z9KheuuiRlM5vG/P
pW/ZzWtfGdp+JTZxnVpyx4XeOMNkm60EUelDlZkmCTd9nGqeDomvu6muoWDC6gVr
BY4pwDd5oRwjsEGnFwE9WbiGx4iITcYKS3kioxHw342c/rjzX5/ZMnAyi/d+PtND
SNQX5ozYninw6eh0qkvSMSvlkh66sT/n5t2q3Ff5lRUCktnnUkxaXu2Kx00snvaz
pGB30k3NFsleLoE83OKyT3lRbf0S2UjGCLHDCf0a9HqlbKGnQEW/YuU2Lh82W4Ma
oEqa1KOb16/T2XtNY77rnWqQc/jWptLhtNGCJYeEVFKvcTzFp7A=
-----END CERTIFICATE-----