Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0B7BB5C8963C2B6230FEEB8DE9F4A614C00E08EBF254B41A8E98EB267AC6B706/0/34352e3137362e3130382e302f32322d3234203d3e203532333633.roa
File:                     34352e3137362e3130382e302f32322d3234203d3e203532333633.roa (raw, json)
Hash identifier:          DZjgpYnzBuTnEqlbogM1w5lnL7uxhLNnI9Mf2tUuxpw=
Subject key identifier:   EC:C7:FD:ED:66:2D:04:A2:5B:E2:45:FA:78:69:49:5D:F5:94:F9:51
Certificate issuer:       /CN=E4DD02F783A1562385FCD20BEA3443AA69EBE6AD
Certificate serial:       059C75372F580EE60F834EA7D1601DD3D32DEBD6
Authority key identifier: E4:DD:02:F7:83:A1:56:23:85:FC:D2:0B:EA:34:43:AA:69:EB:E6:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E4DD02F783A1562385FCD20BEA3443AA69EBE6AD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0B7BB5C8963C2B6230FEEB8DE9F4A614C00E08EBF254B41A8E98EB267AC6B706/0/34352e3137362e3130382e302f32322d3234203d3e203532333633.roa
Signing time:             Tue 04 Feb 2025 18:33:49 +0000
ROA not before:           Tue 04 Feb 2025 18:28:49 +0000
ROA not after:            Tue 03 Feb 2026 18:33:49 +0000
asID:                     52363
IP address blocks:        45.176.108.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:9c:75:37:2f:58:0e:e6:0f:83:4e:a7:d1:60:1d:d3:d3:2d:eb:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E4DD02F783A1562385FCD20BEA3443AA69EBE6AD
        Validity
            Not Before: Feb  4 18:28:49 2025 GMT
            Not After : Feb  3 18:33:49 2026 GMT
        Subject: CN=ECC7FDED662D04A25BE245FA7869495DF594F951
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e0:66:83:f5:4d:7e:34:f7:ac:61:f4:07:2e:
                    df:d7:3d:cc:68:5f:7e:48:f1:ff:af:a8:07:1a:d3:
                    cb:0b:96:c7:28:0e:b7:8c:09:a7:32:a2:58:09:37:
                    00:15:1d:2e:6f:a4:f5:03:84:e7:35:67:d8:6a:40:
                    fb:a0:bd:b7:28:e6:a9:33:3f:47:a1:cf:4e:be:dc:
                    3c:98:a0:ce:60:81:62:1b:6c:62:2f:89:4c:53:69:
                    0b:45:fe:29:f5:0e:08:93:3e:ee:1b:46:dc:b3:5a:
                    67:80:c2:0a:52:06:8e:e9:d7:be:bf:f6:1e:31:06:
                    19:b9:fb:58:f0:63:fd:6e:29:72:9c:31:44:a7:ed:
                    62:b4:9d:3d:ed:5b:ac:6c:90:e7:f7:ab:1f:7f:9b:
                    57:e3:f2:ae:a1:77:eb:54:70:cc:0f:7b:1a:ab:e0:
                    b9:ba:ce:e3:20:17:7a:f8:70:6d:db:8d:47:ab:25:
                    03:83:b8:5e:2c:64:58:2a:18:96:da:57:a9:d6:a2:
                    4e:62:68:6d:7b:b5:48:f8:64:c5:87:f9:24:08:4c:
                    32:17:c1:75:fe:49:ad:1b:95:0d:02:20:67:b6:e1:
                    2b:0a:be:32:b5:8b:bf:77:93:ae:3f:e9:cc:55:be:
                    90:bb:32:d9:2e:8c:d6:93:85:b6:1e:7a:1b:77:52:
                    8d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:C7:FD:ED:66:2D:04:A2:5B:E2:45:FA:78:69:49:5D:F5:94:F9:51
            X509v3 Authority Key Identifier:
                keyid:E4:DD:02:F7:83:A1:56:23:85:FC:D2:0B:EA:34:43:AA:69:EB:E6:AD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0B7BB5C8963C2B6230FEEB8DE9F4A614C00E08EBF254B41A8E98EB267AC6B706/0/E4DD02F783A1562385FCD20BEA3443AA69EBE6AD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E4DD02F783A1562385FCD20BEA3443AA69EBE6AD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0B7BB5C8963C2B6230FEEB8DE9F4A614C00E08EBF254B41A8E98EB267AC6B706/0/34352e3137362e3130382e302f32322d3234203d3e203532333633.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.176.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:b1:b6:61:2f:30:f0:e8:ad:eb:8b:d3:82:0e:78:bb:c3:30:
         88:03:24:dd:17:31:5c:03:54:c6:3f:ed:44:80:76:a1:35:c3:
         93:82:eb:74:59:76:5e:5d:1d:40:9f:94:28:b2:93:df:75:70:
         de:ef:a8:11:ac:02:52:72:6a:01:15:40:f5:ed:55:c6:d8:18:
         04:15:2b:74:dc:86:df:a5:da:1d:b8:57:a0:58:4d:c9:9a:0a:
         07:08:1c:b0:cc:1b:6f:0e:ba:8e:f8:89:43:32:ac:71:ee:4e:
         97:d8:9c:52:ae:1f:be:5e:2e:38:14:98:59:4d:92:73:b7:64:
         76:74:3c:25:27:dd:2b:5c:95:ce:8e:cd:bd:08:69:40:d4:11:
         19:8d:8f:1d:ae:fa:3b:3b:bd:1a:59:df:4a:74:d9:d7:47:bd:
         ed:c8:b4:cb:24:0b:4d:b3:2c:cb:41:a2:3c:d9:04:e5:0c:1e:
         93:92:ec:ef:eb:18:c4:96:88:02:a2:9c:95:f1:72:05:f6:f4:
         57:53:13:52:a4:e2:ec:f8:b6:d1:1a:6b:a4:bf:e9:33:60:07:
         59:35:11:bb:69:a8:7d:d7:15:3e:09:98:11:fc:c7:ee:e9:2f:
         d9:f1:07:7a:46:eb:c0:6e:78:26:9c:4d:d2:1b:e9:4a:13:65:
         5f:b3:e3:28
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUBZx1Ny9YDuYPg06n0WAd09Mt69YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTRERDAyRjc4M0ExNTYyMzg1RkNEMjBCRUEzNDQzQUE2
OUVCRTZBRDAeFw0yNTAyMDQxODI4NDlaFw0yNjAyMDMxODMzNDlaMDMxMTAvBgNV
BAMTKEVDQzdGREVENjYyRDA0QTI1QkUyNDVGQTc4Njk0OTVERjU5NEY5NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe4GaD9U1+NPesYfQHLt/XPcxo
X35I8f+vqAca08sLlscoDreMCacyolgJNwAVHS5vpPUDhOc1Z9hqQPugvbco5qkz
P0ehz06+3DyYoM5ggWIbbGIviUxTaQtF/in1DgiTPu4bRtyzWmeAwgpSBo7p176/
9h4xBhm5+1jwY/1uKXKcMUSn7WK0nT3tW6xskOf3qx9/m1fj8q6hd+tUcMwPexqr
4Lm6zuMgF3r4cG3bjUerJQODuF4sZFgqGJbaV6nWok5iaG17tUj4ZMWH+SQITDIX
wXX+Sa0blQ0CIGe24SsKvjK1i793k64/6cxVvpC7MtkujNaThbYeeht3Uo2tAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU7Mf97WYtBKJb4kX6eGlJXfWU+VEwHwYDVR0j
BBgwFoAU5N0C94OhViOF/NIL6jRDqmnr5q0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wQjdCQjVDODk2M0MyQjYyMzBGRUVCOERFOUY0QTYxNEMw
MEUwOEVCRjI1NEI0MUE4RTk4RUIyNjdBQzZCNzA2LzAvRTRERDAyRjc4M0ExNTYy
Mzg1RkNEMjBCRUEzNDQzQUE2OUVCRTZBRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FNEREMDJGNzgzQTE1NjIzODVG
Q0QyMEJFQTM0NDNBQTY5RUJFNkFELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEI3QkI1Qzg5NjNDMkI2MjMwRkVFQjhERTlGNEE2MTRDMDBFMDhFQkYy
NTRCNDFBOEU5OEVCMjY3QUM2QjcwNi8wLzM0MzUyZTMxMzczNjJlMzEzMDM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzUzMjMzMzYzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2wbDAN
BgkqhkiG9w0BAQsFAAOCAQEAo7G2YS8w8Oit64vTgg54u8MwiAMk3RcxXANUxj/t
RIB2oTXDk4LrdFl2Xl0dQJ+UKLKT33Vw3u+oEawCUnJqARVA9e1VxtgYBBUrdNyG
36XaHbhXoFhNyZoKBwgcsMwbbw66jviJQzKsce5Ol9icUq4fvl4uOBSYWU2Sc7dk
dnQ8JSfdK1yVzo7NvQhpQNQRGY2PHa76Ozu9GlnfSnTZ10e97ci0yyQLTbMsy0Gi
PNkE5Qwek5Ls7+sYxJaIAqKclfFyBfb0V1MTUqTi7Pi20RprpL/pM2AHWTURu2mo
fdcVPgmYEfzH7ukv2fEHekbrwG54JpxN0hvpShNlX7PjKA==
-----END CERTIFICATE-----