Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/07C0096B91EEE14598A448131C1F2250BEC9AE9D2F5809CE4A43201C1092A294/0/34352e37312e33362e302f32322d3234203d3e203532343638.roa
File:                     34352e37312e33362e302f32322d3234203d3e203532343638.roa (raw, json)
Hash identifier:          ZQ/iGIMlrJKCQ3XFKyTv4EdpWvvX1r5Jm5qh/tW8U48=
Subject key identifier:   DE:6D:19:CD:29:2F:72:6B:11:29:03:23:37:41:A1:AD:47:A0:A1:F4
Certificate issuer:       /CN=DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A
Certificate serial:       58282F2BCCD9133B4757324B1150A66B2244EAF3
Authority key identifier: DD:74:39:3A:EC:4E:41:A4:1C:6F:1F:D0:2E:0D:9D:28:06:ED:9D:5A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/07C0096B91EEE14598A448131C1F2250BEC9AE9D2F5809CE4A43201C1092A294/0/34352e37312e33362e302f32322d3234203d3e203532343638.roa
Signing time:             Tue 04 Feb 2025 18:37:28 +0000
ROA not before:           Tue 04 Feb 2025 18:32:28 +0000
ROA not after:            Tue 03 Feb 2026 18:37:28 +0000
asID:                     52468
IP address blocks:        45.71.36.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:28:2f:2b:cc:d9:13:3b:47:57:32:4b:11:50:a6:6b:22:44:ea:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A
        Validity
            Not Before: Feb  4 18:32:28 2025 GMT
            Not After : Feb  3 18:37:28 2026 GMT
        Subject: CN=DE6D19CD292F726B112903233741A1AD47A0A1F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:15:61:28:3b:0a:e2:12:d3:c5:0f:9a:21:81:
                    b6:c8:4a:be:cd:e2:21:da:0e:55:dd:f2:ae:fa:b5:
                    2a:3a:e5:c6:e4:ed:53:53:f5:4c:69:aa:c8:e1:e7:
                    13:e8:72:dc:1b:e6:f2:11:26:17:c8:dd:d4:55:22:
                    13:f1:7c:98:07:44:f4:4d:f8:15:f5:fc:0f:70:da:
                    b6:62:72:ec:cc:ee:6b:49:02:cb:ef:84:d4:74:a3:
                    04:94:c1:73:7e:59:e4:fe:31:89:45:1d:96:e5:bd:
                    0f:ec:27:a9:a1:c1:b1:51:ae:46:48:25:37:fb:df:
                    bd:83:46:dd:7a:e8:4d:15:14:29:26:10:e8:71:8f:
                    35:3f:4b:e4:65:25:29:b1:3b:7b:6c:b5:24:3b:57:
                    cc:08:01:7b:a6:43:0e:3d:2d:fe:04:99:65:2e:7b:
                    54:08:63:6a:34:80:b5:44:1f:86:13:dd:95:7d:0a:
                    90:28:55:ca:92:42:5c:04:31:60:bd:21:4c:58:d0:
                    dc:57:af:4e:b8:04:3c:62:36:79:f0:6e:65:e8:82:
                    67:44:63:fa:de:e8:fb:68:d6:b3:71:7e:0b:3b:20:
                    3d:9f:93:22:91:03:c0:b8:ef:68:bd:03:e1:fe:55:
                    56:ab:b5:db:56:0d:4c:23:7a:19:ab:d2:9d:3a:54:
                    58:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:6D:19:CD:29:2F:72:6B:11:29:03:23:37:41:A1:AD:47:A0:A1:F4
            X509v3 Authority Key Identifier:
                keyid:DD:74:39:3A:EC:4E:41:A4:1C:6F:1F:D0:2E:0D:9D:28:06:ED:9D:5A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/07C0096B91EEE14598A448131C1F2250BEC9AE9D2F5809CE4A43201C1092A294/0/DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DD74393AEC4E41A41C6F1FD02E0D9D2806ED9D5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/07C0096B91EEE14598A448131C1F2250BEC9AE9D2F5809CE4A43201C1092A294/0/34352e37312e33362e302f32322d3234203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.71.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:9b:db:af:d9:9f:24:87:05:61:19:6f:93:7a:ff:af:58:df:
         9e:f3:36:66:10:57:22:63:3c:07:d4:a6:e3:f9:2b:87:fe:ea:
         43:6c:23:7d:ff:58:61:b5:53:4a:c3:0b:df:7a:7f:f4:f6:6e:
         ca:25:4d:9f:6f:02:13:48:59:d7:28:5e:1e:e3:36:ab:1a:1f:
         ca:ec:25:bd:b1:32:86:f4:e2:37:6d:06:25:c2:08:0e:c6:97:
         2c:08:62:66:24:ac:0b:c8:e8:4f:28:68:dc:22:f9:68:3a:2a:
         e7:d1:43:8e:6d:93:30:ab:23:d4:6f:45:d6:be:ef:61:52:86:
         04:59:66:7f:05:17:c6:f3:82:30:c6:0c:3d:17:03:6d:85:c4:
         db:dc:6d:2a:1e:b5:ae:0e:07:c6:30:d5:74:5f:47:00:35:08:
         d3:6c:4c:b5:84:d8:2d:f8:e7:2d:c8:72:a6:a7:e5:df:2d:84:
         f4:46:8e:df:2d:2e:9f:70:d3:3a:b7:b2:16:ea:96:e1:db:d5:
         07:29:50:de:cd:ed:b1:6c:49:f3:2f:c5:bb:2a:4b:21:c1:43:
         dc:dd:db:18:e0:a3:93:b5:54:81:c3:33:80:03:5f:df:17:8c:
         07:9b:de:a2:6c:c0:cc:87:04:d8:fa:3f:a8:8a:3f:f1:cc:f9:
         34:f2:7e:2b
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUWCgvK8zZEztHVzJLEVCmayJE6vMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREQ3NDM5M0FFQzRFNDFBNDFDNkYxRkQwMkUwRDlEMjgw
NkVEOUQ1QTAeFw0yNTAyMDQxODMyMjhaFw0yNjAyMDMxODM3MjhaMDMxMTAvBgNV
BAMTKERFNkQxOUNEMjkyRjcyNkIxMTI5MDMyMzM3NDFBMUFENDdBMEExRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEFWEoOwriEtPFD5ohgbbISr7N
4iHaDlXd8q76tSo65cbk7VNT9Uxpqsjh5xPoctwb5vIRJhfI3dRVIhPxfJgHRPRN
+BX1/A9w2rZicuzM7mtJAsvvhNR0owSUwXN+WeT+MYlFHZblvQ/sJ6mhwbFRrkZI
JTf7372DRt166E0VFCkmEOhxjzU/S+RlJSmxO3tstSQ7V8wIAXumQw49Lf4EmWUu
e1QIY2o0gLVEH4YT3ZV9CpAoVcqSQlwEMWC9IUxY0NxXr064BDxiNnnwbmXogmdE
Y/re6Pto1rNxfgs7ID2fkyKRA8C472i9A+H+VVartdtWDUwjehmr0p06VFhxAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQU3m0ZzSkvcmsRKQMjN0GhrUegofQwHwYDVR0j
BBgwFoAU3XQ5OuxOQaQcbx/QLg2dKAbtnVowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wN0MwMDk2QjkxRUVFMTQ1OThBNDQ4MTMxQzFGMjI1MEJF
QzlBRTlEMkY1ODA5Q0U0QTQzMjAxQzEwOTJBMjk0LzAvREQ3NDM5M0FFQzRFNDFB
NDFDNkYxRkQwMkUwRDlEMjgwNkVEOUQ1QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERDc0MzkzQUVDNEU0MUE0MUM2
RjFGRDAyRTBEOUQyODA2RUQ5RDVBLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDdDMDA5NkI5MUVFRTE0NTk4QTQ0ODEzMUMxRjIyNTBCRUM5QUU5RDJG
NTgwOUNFNEE0MzIwMUMxMDkyQTI5NC8wLzM0MzUyZTM3MzEyZTMzMzYyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzNTMyMzQzNjM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUckMA0GCSqG
SIb3DQEBCwUAA4IBAQA5m9uv2Z8khwVhGW+Tev+vWN+e8zZmEFciYzwH1Kbj+SuH
/upDbCN9/1hhtVNKwwvfen/09m7KJU2fbwITSFnXKF4e4zarGh/K7CW9sTKG9OI3
bQYlwggOxpcsCGJmJKwLyOhPKGjcIvloOirn0UOObZMwqyPUb0XWvu9hUoYEWWZ/
BRfG84Iwxgw9FwNthcTb3G0qHrWuDgfGMNV0X0cANQjTbEy1hNgt+OctyHKmp+Xf
LYT0Ro7fLS6fcNM6t7IW6pbh29UHKVDeze2xbEnzL8W7KkshwUPc3dsY4KOTtVSB
wzOAA1/fF4wHm96ibMDMhwTY+j+oij/xzPk08n4r
-----END CERTIFICATE-----