Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0C636A1E47A2EA41D574CCAC3AF4962C1CC62538C4C56D9DB43DC13125DBD7B6/0/34352e3232392e3136382e302f32332d3234203d3e20323636363934.roa
File:                     34352e3232392e3136382e302f32332d3234203d3e20323636363934.roa (raw, json)
Hash identifier:          3L/Ma6/TyQTNwnocVzgIrdsn/hAVjNabDkwp2snd3Os=
Subject key identifier:   49:CA:95:A1:F0:CD:0E:6D:14:03:34:92:AD:A3:C1:F5:EC:2B:31:79
Certificate issuer:       /CN=F16271A6D5A5968361D977B117B0281F2D2B08AE
Certificate serial:       251A52C832667175AA90032C82C79787FA1ACA69
Authority key identifier: F1:62:71:A6:D5:A5:96:83:61:D9:77:B1:17:B0:28:1F:2D:2B:08:AE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F16271A6D5A5968361D977B117B0281F2D2B08AE.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0C636A1E47A2EA41D574CCAC3AF4962C1CC62538C4C56D9DB43DC13125DBD7B6/0/34352e3232392e3136382e302f32332d3234203d3e20323636363934.roa
Signing time:             Tue 28 May 2024 17:35:00 +0000
ROA not before:           Tue 28 May 2024 17:30:00 +0000
ROA not after:            Tue 27 May 2025 17:35:00 +0000
asID:                     266694
IP address blocks:        45.229.168.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:1a:52:c8:32:66:71:75:aa:90:03:2c:82:c7:97:87:fa:1a:ca:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F16271A6D5A5968361D977B117B0281F2D2B08AE
        Validity
            Not Before: May 28 17:30:00 2024 GMT
            Not After : May 27 17:35:00 2025 GMT
        Subject: CN=49CA95A1F0CD0E6D14033492ADA3C1F5EC2B3179
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:9d:a6:a8:e8:18:22:0b:af:23:0e:87:30:41:
                    e0:73:a2:6b:bd:f1:cb:31:11:d7:cb:95:d7:25:94:
                    5f:05:ae:bf:b6:02:e5:2c:dd:d6:6a:3a:09:d2:fe:
                    b2:69:c9:ca:c0:44:3d:31:4b:2b:36:93:e4:79:94:
                    6b:61:d6:aa:4a:5e:62:b5:fc:79:23:ab:53:e3:a2:
                    b7:b1:a8:c6:09:4c:e1:84:ea:87:2f:25:19:71:a1:
                    98:5a:af:f0:dc:47:bd:75:be:7c:ba:d8:76:a5:95:
                    ef:84:b3:50:78:dd:1e:81:a2:6b:d1:cf:ee:18:14:
                    4b:37:db:ed:db:a8:f0:37:8d:26:d7:c8:ff:48:1a:
                    dc:ef:4e:5a:66:6d:02:4c:60:ab:39:24:18:92:2d:
                    1d:bd:0b:ad:a7:16:10:a4:a7:d3:37:00:99:84:98:
                    11:78:4d:5e:03:ad:7c:d0:10:ba:a4:43:85:2e:70:
                    52:98:29:40:07:36:3c:59:cf:08:29:b4:16:04:64:
                    d1:94:15:2b:6a:ae:8c:f9:ab:ee:5d:63:b5:17:0e:
                    78:eb:3d:c1:2a:5a:0f:d4:65:3b:cc:38:75:a8:cd:
                    dc:3d:a2:af:ed:5b:0d:85:6c:0f:24:66:95:78:ef:
                    32:5b:91:d2:24:e5:2c:6c:61:02:29:e1:38:c5:95:
                    2a:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:CA:95:A1:F0:CD:0E:6D:14:03:34:92:AD:A3:C1:F5:EC:2B:31:79
            X509v3 Authority Key Identifier:
                keyid:F1:62:71:A6:D5:A5:96:83:61:D9:77:B1:17:B0:28:1F:2D:2B:08:AE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0C636A1E47A2EA41D574CCAC3AF4962C1CC62538C4C56D9DB43DC13125DBD7B6/0/F16271A6D5A5968361D977B117B0281F2D2B08AE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F16271A6D5A5968361D977B117B0281F2D2B08AE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0C636A1E47A2EA41D574CCAC3AF4962C1CC62538C4C56D9DB43DC13125DBD7B6/0/34352e3232392e3136382e302f32332d3234203d3e20323636363934.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.229.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6d:b3:46:1d:87:bc:a1:92:3e:db:a5:4c:74:3d:1f:b4:21:9e:
         b4:7b:ee:8c:21:0e:6d:ca:9c:7d:98:a0:50:07:d0:2d:a7:b7:
         e5:8d:7f:f0:db:eb:cf:52:9e:d9:1a:db:8f:58:cf:63:a5:bb:
         44:45:37:9c:63:d9:09:8f:e4:34:0f:b3:bd:8d:bc:2e:86:0e:
         c5:f0:54:e6:2b:26:4f:7e:b8:a5:18:28:ba:c7:00:55:45:e2:
         02:92:b1:ed:f6:a4:58:32:41:7e:6b:c4:0f:c7:e6:d3:66:c4:
         7e:a6:ea:98:72:9e:37:e9:08:77:dc:26:82:9b:bf:a0:26:0c:
         1a:a1:2d:0d:a7:01:68:5f:c8:fa:53:a6:f1:c3:66:ec:24:7c:
         c0:72:91:27:55:b0:88:8d:a0:df:ca:d5:f7:18:64:4b:68:c8:
         e5:e5:bc:9f:22:c6:05:6b:c6:1b:16:8c:c7:d2:52:df:16:12:
         ce:cc:51:69:a2:9f:54:2b:58:51:6a:d9:db:ae:e8:18:f1:ca:
         3f:33:c2:a7:3c:c8:9e:f3:7a:0a:28:90:70:05:52:0b:38:3f:
         50:90:e1:ee:2f:0d:8e:05:18:8e:d3:c2:07:9b:13:a1:fa:d1:
         a5:2a:67:a3:32:72:e9:60:5e:e8:e4:20:a6:cf:e2:f3:8d:3c:
         c2:e7:ae:8a
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUJRpSyDJmcXWqkAMsgseXh/oaymkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjE2MjcxQTZENUE1OTY4MzYxRDk3N0IxMTdCMDI4MUYy
RDJCMDhBRTAeFw0yNDA1MjgxNzMwMDBaFw0yNTA1MjcxNzM1MDBaMDMxMTAvBgNV
BAMTKDQ5Q0E5NUExRjBDRDBFNkQxNDAzMzQ5MkFEQTNDMUY1RUMyQjMxNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbnaao6BgiC68jDocwQeBzomu9
8csxEdfLldcllF8Frr+2AuUs3dZqOgnS/rJpycrARD0xSys2k+R5lGth1qpKXmK1
/Hkjq1PjorexqMYJTOGE6ocvJRlxoZhar/DcR711vny62Halle+Es1B43R6BomvR
z+4YFEs32+3bqPA3jSbXyP9IGtzvTlpmbQJMYKs5JBiSLR29C62nFhCkp9M3AJmE
mBF4TV4DrXzQELqkQ4UucFKYKUAHNjxZzwgptBYEZNGUFStqroz5q+5dY7UXDnjr
PcEqWg/UZTvMOHWozdw9oq/tWw2FbA8kZpV47zJbkdIk5SxsYQIp4TjFlSplAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUScqVofDNDm0UAzSSraPB9ewrMXkwHwYDVR0j
BBgwFoAU8WJxptWlloNh2XexF7AoHy0rCK4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wQzYzNkExRTQ3QTJFQTQxRDU3NENDQUMzQUY0OTYyQzFD
QzYyNTM4QzRDNTZEOURCNDNEQzEzMTI1REJEN0I2LzAvRjE2MjcxQTZENUE1OTY4
MzYxRDk3N0IxMTdCMDI4MUYyRDJCMDhBRS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMTYyNzFBNkQ1QTU5NjgzNjFE
OTc3QjExN0IwMjgxRjJEMkIwOEFFLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEM2MzZBMUU0N0EyRUE0MUQ1NzRDQ0FDM0FGNDk2MkMxQ0M2MjUzOEM0
QzU2RDlEQjQzREMxMzEyNURCRDdCNi8wLzM0MzUyZTMyMzIzOTJlMzEzNjM4MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNjM2MzYzOTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLeWo
MA0GCSqGSIb3DQEBCwUAA4IBAQBts0Ydh7yhkj7bpUx0PR+0IZ60e+6MIQ5typx9
mKBQB9Atp7fljX/w2+vPUp7ZGtuPWM9jpbtERTecY9kJj+Q0D7O9jbwuhg7F8FTm
KyZPfrilGCi6xwBVReICkrHt9qRYMkF+a8QPx+bTZsR+puqYcp436Qh33CaCm7+g
JgwaoS0NpwFoX8j6U6bxw2bsJHzAcpEnVbCIjaDfytX3GGRLaMjl5byfIsYFa8Yb
FozH0lLfFhLOzFFpop9UK1hRatnbrugY8co/M8KnPMie83oKKJBwBVILOD9QkOHu
Lw2OBRiO08IHmxOh+tGlKmejMnLpYF7o5CCmz+LzjTzC566K
-----END CERTIFICATE-----