Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B5C3B87C146B5E5FF576E642A7C7C977FBE99D2AFD4069C50CCFE6A97886549F/0/3230302e31362e3132352e302f32342d3234203d3e203237383236.roa
File:                     3230302e31362e3132352e302f32342d3234203d3e203237383236.roa (raw, json)
Hash identifier:          Dxw731f9WnPcy715Xu8Y2IE6anXq8S8rpYxLQFUwuXA=
Subject key identifier:   89:D2:69:97:4B:FE:7E:A5:D5:4C:0F:5F:96:46:6D:44:1F:14:3D:E3
Certificate issuer:       /CN=B5AA5B1E5B800556A5B79F997E1B0C88020C13B9
Certificate serial:       04E7D6AF3BE58407B823BB99DEE8BB3D0473AD15
Authority key identifier: B5:AA:5B:1E:5B:80:05:56:A5:B7:9F:99:7E:1B:0C:88:02:0C:13:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B5AA5B1E5B800556A5B79F997E1B0C88020C13B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B5C3B87C146B5E5FF576E642A7C7C977FBE99D2AFD4069C50CCFE6A97886549F/0/3230302e31362e3132352e302f32342d3234203d3e203237383236.roa
Signing time:             Tue 04 Feb 2025 18:26:43 +0000
ROA not before:           Tue 04 Feb 2025 18:21:43 +0000
ROA not after:            Tue 03 Feb 2026 18:26:43 +0000
asID:                     27826
IP address blocks:        200.16.125.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:e7:d6:af:3b:e5:84:07:b8:23:bb:99:de:e8:bb:3d:04:73:ad:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B5AA5B1E5B800556A5B79F997E1B0C88020C13B9
        Validity
            Not Before: Feb  4 18:21:43 2025 GMT
            Not After : Feb  3 18:26:43 2026 GMT
        Subject: CN=89D269974BFE7EA5D54C0F5F96466D441F143DE3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:a8:29:97:a2:ab:18:34:66:72:f0:7d:1a:67:
                    8d:fb:d7:96:f5:0c:f4:dd:dd:82:76:b3:9d:e1:d9:
                    b5:d9:c7:30:f7:65:e9:9b:2d:97:a3:aa:00:71:6d:
                    7b:77:92:14:71:9c:89:80:a4:c8:89:2f:3b:2e:de:
                    01:ad:5c:11:37:a4:02:97:49:f5:a1:71:b4:d5:15:
                    46:6b:3e:59:b1:a1:81:08:8e:86:35:d6:b6:1a:77:
                    d6:08:b6:5b:b3:27:d7:99:f1:1a:be:fd:85:d2:40:
                    67:dc:b9:e5:74:21:7d:1e:2b:9c:38:96:d4:02:fb:
                    0c:81:03:55:7c:8a:23:29:e8:c9:de:31:5c:d7:11:
                    3e:46:9e:62:ef:28:0a:2f:7b:f6:25:63:48:ed:20:
                    7f:bc:d4:fc:aa:e5:07:9e:07:46:06:b7:d4:fe:4a:
                    0e:ea:78:2b:7d:61:3c:c6:39:ed:e6:7a:ba:47:d6:
                    bd:bd:4f:9e:69:a8:53:c8:da:65:42:de:c9:8e:70:
                    d9:b1:bc:78:5a:b7:7d:f2:03:3d:d9:d8:e9:15:24:
                    8d:21:14:1e:fa:d4:4a:93:dd:ee:ec:9d:39:51:0e:
                    54:5a:ba:51:fd:59:7e:6e:12:65:36:7e:35:99:6c:
                    a2:2b:aa:a1:a6:bc:b5:6e:41:05:45:64:8d:80:1d:
                    0c:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:D2:69:97:4B:FE:7E:A5:D5:4C:0F:5F:96:46:6D:44:1F:14:3D:E3
            X509v3 Authority Key Identifier:
                keyid:B5:AA:5B:1E:5B:80:05:56:A5:B7:9F:99:7E:1B:0C:88:02:0C:13:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B5C3B87C146B5E5FF576E642A7C7C977FBE99D2AFD4069C50CCFE6A97886549F/0/B5AA5B1E5B800556A5B79F997E1B0C88020C13B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B5AA5B1E5B800556A5B79F997E1B0C88020C13B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B5C3B87C146B5E5FF576E642A7C7C977FBE99D2AFD4069C50CCFE6A97886549F/0/3230302e31362e3132352e302f32342d3234203d3e203237383236.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.16.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:ab:60:34:df:a2:83:21:52:ad:21:38:4c:67:b8:79:70:3c:
         6c:9d:43:17:5f:c1:57:e2:e4:72:90:c4:36:10:a5:be:bf:d6:
         63:4b:6c:bc:c6:56:8f:94:fc:aa:93:f0:10:78:af:35:64:68:
         7a:5c:21:36:f0:90:e0:f8:4c:10:34:cc:9c:39:98:99:37:5f:
         d0:25:5c:c1:88:fa:42:f1:f3:77:4e:84:35:ad:f3:b9:b0:56:
         6a:c8:06:96:a6:f9:bc:6d:18:b4:fa:62:94:c1:f3:2e:1e:59:
         db:35:a9:1e:e4:ca:a5:33:ce:12:24:75:ec:d8:35:54:b1:9b:
         c8:86:67:91:0a:dd:59:20:3a:75:cb:6d:82:ec:9a:bf:14:7a:
         4a:1d:13:3c:d1:ec:b3:f3:a2:7b:8e:88:cc:f9:44:77:a3:a6:
         9c:f6:fa:5c:de:1d:f8:6c:13:c5:00:4d:87:3d:0b:60:db:a0:
         1c:e3:ce:ec:15:bd:2c:58:97:f1:fd:10:51:0e:13:5f:82:66:
         94:f2:77:7e:d5:cc:6f:a9:e2:ea:fe:fd:91:aa:26:66:43:4b:
         a4:51:0f:99:dd:7f:46:b1:54:94:03:64:47:de:17:ca:f8:11:
         c8:90:2c:33:8d:14:a3:be:8b:9f:cf:41:fa:75:6b:2e:e6:89:
         8b:46:ae:2b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUBOfWrzvlhAe4I7uZ3ui7PQRzrRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjVBQTVCMUU1QjgwMDU1NkE1Qjc5Rjk5N0UxQjBDODgw
MjBDMTNCOTAeFw0yNTAyMDQxODIxNDNaFw0yNjAyMDMxODI2NDNaMDMxMTAvBgNV
BAMTKDg5RDI2OTk3NEJGRTdFQTVENTRDMEY1Rjk2NDY2RDQ0MUYxNDNERTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxqCmXoqsYNGZy8H0aZ43715b1
DPTd3YJ2s53h2bXZxzD3ZembLZejqgBxbXt3khRxnImApMiJLzsu3gGtXBE3pAKX
SfWhcbTVFUZrPlmxoYEIjoY11rYad9YItluzJ9eZ8Rq+/YXSQGfcueV0IX0eK5w4
ltQC+wyBA1V8iiMp6MneMVzXET5GnmLvKAove/YlY0jtIH+81Pyq5QeeB0YGt9T+
Sg7qeCt9YTzGOe3merpH1r29T55pqFPI2mVC3smOcNmxvHhat33yAz3Z2OkVJI0h
FB761EqT3e7snTlRDlRaulH9WX5uEmU2fjWZbKIrqqGmvLVuQQVFZI2AHQyBAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUidJpl0v+fqXVTA9flkZtRB8UPeMwHwYDVR0j
BBgwFoAUtapbHluABValt5+ZfhsMiAIME7kwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CNUMzQjg3QzE0NkI1RTVGRjU3NkU2NDJBN0M3Qzk3N0ZC
RTk5RDJBRkQ0MDY5QzUwQ0NGRTZBOTc4ODY1NDlGLzAvQjVBQTVCMUU1QjgwMDU1
NkE1Qjc5Rjk5N0UxQjBDODgwMjBDMTNCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNUFBNUIxRTVCODAwNTU2QTVC
NzlGOTk3RTFCMEM4ODAyMEMxM0I5LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjVDM0I4N0MxNDZCNUU1RkY1NzZFNjQyQTdDN0M5NzdGQkU5OUQyQUZE
NDA2OUM1MENDRkU2QTk3ODg2NTQ5Ri8wLzMyMzAzMDJlMzEzNjJlMzEzMjM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgQfTAN
BgkqhkiG9w0BAQsFAAOCAQEAqKtgNN+igyFSrSE4TGe4eXA8bJ1DF1/BV+LkcpDE
NhClvr/WY0tsvMZWj5T8qpPwEHivNWRoelwhNvCQ4PhMEDTMnDmYmTdf0CVcwYj6
QvHzd06ENa3zubBWasgGlqb5vG0YtPpilMHzLh5Z2zWpHuTKpTPOEiR17Ng1VLGb
yIZnkQrdWSA6dcttguyavxR6Sh0TPNHss/Oie46IzPlEd6OmnPb6XN4d+GwTxQBN
hz0LYNugHOPO7BW9LFiX8f0QUQ4TX4JmlPJ3ftXMb6ni6v79kaomZkNLpFEPmd1/
RrFUlANkR94XyvgRyJAsM40Uo76Ln89B+nVrLuaJi0auKw==
-----END CERTIFICATE-----