Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/04C34B8F1C465869E219A65CA369E023B21FDAB2CC1AD691088B3D88C14DCEB0/0/3136372e3235302e3230352e302f32342d3234203d3e20323632323533.roa
File:                     3136372e3235302e3230352e302f32342d3234203d3e20323632323533.roa (raw, json)
Hash identifier:          vIURkEO71x2PSO0W4c9jggUhAO96hIq3n/lsEueGn68=
Subject key identifier:   49:C7:BE:E1:61:2A:AE:00:B2:BE:76:B3:94:D8:90:1F:33:CA:CF:C7
Certificate issuer:       /CN=D8FC677205B0DA9CA979B6D68B95B49C4B6C3267
Certificate serial:       53DFC43FADAA92CCD7950F111A5E6BE6855D1E61
Authority key identifier: D8:FC:67:72:05:B0:DA:9C:A9:79:B6:D6:8B:95:B4:9C:4B:6C:32:67
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D8FC677205B0DA9CA979B6D68B95B49C4B6C3267.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/04C34B8F1C465869E219A65CA369E023B21FDAB2CC1AD691088B3D88C14DCEB0/0/3136372e3235302e3230352e302f32342d3234203d3e20323632323533.roa
Signing time:             Tue 04 Feb 2025 20:00:28 +0000
ROA not before:           Tue 04 Feb 2025 19:55:28 +0000
ROA not after:            Tue 03 Feb 2026 20:00:28 +0000
asID:                     262253
IP address blocks:        167.250.205.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:df:c4:3f:ad:aa:92:cc:d7:95:0f:11:1a:5e:6b:e6:85:5d:1e:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D8FC677205B0DA9CA979B6D68B95B49C4B6C3267
        Validity
            Not Before: Feb  4 19:55:28 2025 GMT
            Not After : Feb  3 20:00:28 2026 GMT
        Subject: CN=49C7BEE1612AAE00B2BE76B394D8901F33CACFC7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:dc:98:eb:0b:c2:12:cb:cc:81:53:2b:d0:84:
                    8d:23:1e:2e:33:a8:7c:63:65:c1:b5:24:1a:c9:e7:
                    8f:c0:26:68:62:00:19:c3:a0:aa:40:9f:15:d3:f0:
                    43:3a:fa:3e:ce:fa:e9:9c:3e:63:6d:2a:a5:da:cc:
                    74:c4:ed:09:49:44:dd:b6:97:d2:23:f1:99:69:12:
                    19:0f:9f:20:07:9d:4e:ce:f9:fa:31:6a:e1:b6:a4:
                    68:15:c7:ad:bf:8f:70:0b:12:e5:07:09:82:f5:17:
                    e5:50:5f:be:e4:91:9a:1e:91:8e:b9:89:db:89:d8:
                    5c:ef:ed:41:13:b7:ec:83:bc:43:f4:b4:fb:3f:9d:
                    7c:fb:2f:4f:7f:27:f2:c7:3a:ae:cf:0e:7d:00:b2:
                    02:e8:ce:cb:3a:8f:58:bb:db:02:12:d2:3c:29:5e:
                    14:d9:5b:46:05:b3:f4:be:55:86:63:f1:dd:eb:70:
                    c5:8f:a8:ad:96:8a:85:d2:40:0a:4d:8b:38:58:0e:
                    51:5e:9d:fd:59:55:4c:ec:88:5b:6f:b4:ad:84:9c:
                    1b:81:03:4a:de:fd:fe:b1:c5:1b:21:91:16:0e:0e:
                    b6:59:08:16:aa:28:5c:56:9b:7f:c5:c8:f9:62:67:
                    3d:dd:7f:6f:9e:62:df:ef:ef:53:68:51:45:61:47:
                    93:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:C7:BE:E1:61:2A:AE:00:B2:BE:76:B3:94:D8:90:1F:33:CA:CF:C7
            X509v3 Authority Key Identifier:
                keyid:D8:FC:67:72:05:B0:DA:9C:A9:79:B6:D6:8B:95:B4:9C:4B:6C:32:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/04C34B8F1C465869E219A65CA369E023B21FDAB2CC1AD691088B3D88C14DCEB0/0/D8FC677205B0DA9CA979B6D68B95B49C4B6C3267.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D8FC677205B0DA9CA979B6D68B95B49C4B6C3267.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/04C34B8F1C465869E219A65CA369E023B21FDAB2CC1AD691088B3D88C14DCEB0/0/3136372e3235302e3230352e302f32342d3234203d3e20323632323533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.250.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:8a:9f:a0:c1:35:11:32:17:e6:fc:c6:87:49:b8:41:38:61:
         21:d1:78:a7:82:c6:7d:a4:46:26:a6:7c:1b:de:ab:c6:fc:9b:
         a2:ca:d4:18:9a:a7:59:b5:e7:d0:9e:e1:64:04:ab:4f:da:08:
         41:b3:98:3f:47:68:c3:33:8f:c3:89:c7:6c:b3:66:22:f0:87:
         ab:52:7e:c3:d0:50:58:5e:27:b1:b4:02:00:1a:b8:76:ec:32:
         53:f3:d1:cb:a0:99:f1:01:61:2f:7b:b8:f5:5a:85:95:46:a0:
         df:5d:11:6a:ff:4d:a8:d8:3a:cb:10:75:cb:7c:d4:cf:f9:40:
         fc:1d:14:83:aa:97:2b:08:86:76:f2:b1:e8:33:54:ee:f2:35:
         e7:ec:7e:1c:85:ee:14:90:fc:be:ca:40:93:54:1f:90:4d:5e:
         58:0d:66:db:c8:8b:33:f8:f9:6f:40:a5:0b:de:aa:00:28:ed:
         bb:a8:97:b2:86:59:45:6c:0e:21:e7:b7:42:9e:86:8c:af:3e:
         9b:26:03:b8:c1:1b:fb:24:57:34:93:d4:bc:51:67:a9:ad:ee:
         3e:b5:ce:ad:e0:2a:73:1c:73:56:22:a3:f8:08:eb:06:ca:8d:
         a1:a9:08:23:4c:c8:e4:5d:e8:2b:d4:0e:57:91:c6:66:31:99:
         12:5e:dc:5b
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUU9/EP62qkszXlQ8RGl5r5oVdHmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDhGQzY3NzIwNUIwREE5Q0E5NzlCNkQ2OEI5NUI0OUM0
QjZDMzI2NzAeFw0yNTAyMDQxOTU1MjhaFw0yNjAyMDMyMDAwMjhaMDMxMTAvBgNV
BAMTKDQ5QzdCRUUxNjEyQUFFMDBCMkJFNzZCMzk0RDg5MDFGMzNDQUNGQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl3JjrC8ISy8yBUyvQhI0jHi4z
qHxjZcG1JBrJ54/AJmhiABnDoKpAnxXT8EM6+j7O+umcPmNtKqXazHTE7QlJRN22
l9Ij8ZlpEhkPnyAHnU7O+foxauG2pGgVx62/j3ALEuUHCYL1F+VQX77kkZoekY65
iduJ2Fzv7UETt+yDvEP0tPs/nXz7L09/J/LHOq7PDn0AsgLozss6j1i72wIS0jwp
XhTZW0YFs/S+VYZj8d3rcMWPqK2WioXSQApNizhYDlFenf1ZVUzsiFtvtK2EnBuB
A0re/f6xxRshkRYODrZZCBaqKFxWm3/FyPliZz3df2+eYt/v71NoUUVhR5NhAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUSce+4WEqrgCyvnazlNiQHzPKz8cwHwYDVR0j
BBgwFoAU2PxncgWw2pypebbWi5W0nEtsMmcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNEMzNEI4RjFDNDY1ODY5RTIxOUE2NUNBMzY5RTAyM0Iy
MUZEQUIyQ0MxQUQ2OTEwODhCM0Q4OEMxNERDRUIwLzAvRDhGQzY3NzIwNUIwREE5
Q0E5NzlCNkQ2OEI5NUI0OUM0QjZDMzI2Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EOEZDNjc3MjA1QjBEQTlDQTk3
OUI2RDY4Qjk1QjQ5QzRCNkMzMjY3LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDRDMzRCOEYxQzQ2NTg2OUUyMTlBNjVDQTM2OUUwMjNCMjFGREFCMkND
MUFENjkxMDg4QjNEODhDMTREQ0VCMC8wLzMxMzYzNzJlMzIzNTMwMmUzMjMwMzUy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzIzMjM1MzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACn
+s0wDQYJKoZIhvcNAQELBQADggEBAGaKn6DBNREyF+b8xodJuEE4YSHReKeCxn2k
RiamfBveq8b8m6LK1Biap1m159Ce4WQEq0/aCEGzmD9HaMMzj8OJx2yzZiLwh6tS
fsPQUFheJ7G0AgAauHbsMlPz0cugmfEBYS97uPVahZVGoN9dEWr/TajYOssQdct8
1M/5QPwdFIOqlysIhnbysegzVO7yNefsfhyF7hSQ/L7KQJNUH5BNXlgNZtvIizP4
+W9ApQveqgAo7buol7KGWUVsDiHnt0KehoyvPpsmA7jBG/skVzST1LxRZ6mt7j61
zq3gKnMcc1Yio/gI6wbKjaGpCCNMyORd6CvUDleRxmYxmRJe3Fs=
-----END CERTIFICATE-----