Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0D4A27342A7E1849F8AFC489E93CA3DC3F65B9DCD36B04FD2B584CCD2B805C76/0/3137302e3235342e3137362e302f32322d3232203d3e20333934343734.roa
File:                     3137302e3235342e3137362e302f32322d3232203d3e20333934343734.roa (raw, json)
Hash identifier:          qBCnabXDWbZ9uDyYugESmYxwMe+J0veyHHsx8ex8orc=
Subject key identifier:   2D:30:BE:12:F5:AE:4D:27:61:48:3C:DF:9E:9D:65:46:9D:76:A5:C9
Certificate issuer:       /CN=01DFCD969398C7D14FA18E44D1649A0B21C96569
Certificate serial:       02EE1500BEEA6E4DFE057B5B59A6681A18A69174
Authority key identifier: 01:DF:CD:96:93:98:C7:D1:4F:A1:8E:44:D1:64:9A:0B:21:C9:65:69
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/01DFCD969398C7D14FA18E44D1649A0B21C96569.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0D4A27342A7E1849F8AFC489E93CA3DC3F65B9DCD36B04FD2B584CCD2B805C76/0/3137302e3235342e3137362e302f32322d3232203d3e20333934343734.roa
Signing time:             Tue 04 Feb 2025 18:43:31 +0000
ROA not before:           Tue 04 Feb 2025 18:38:31 +0000
ROA not after:            Tue 03 Feb 2026 18:43:31 +0000
asID:                     394474
IP address blocks:        170.254.176.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:ee:15:00:be:ea:6e:4d:fe:05:7b:5b:59:a6:68:1a:18:a6:91:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01DFCD969398C7D14FA18E44D1649A0B21C96569
        Validity
            Not Before: Feb  4 18:38:31 2025 GMT
            Not After : Feb  3 18:43:31 2026 GMT
        Subject: CN=2D30BE12F5AE4D2761483CDF9E9D65469D76A5C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:32:ec:be:31:70:30:c4:91:d4:e6:39:94:0b:
                    47:c4:46:97:c3:d2:aa:f9:38:f9:fd:0d:62:bd:2f:
                    67:6d:8c:ed:68:6e:8a:3b:b0:18:f1:86:37:0b:83:
                    04:de:05:74:96:34:96:33:f0:1f:a5:c5:69:4c:76:
                    19:21:02:d0:6b:05:3d:83:e6:85:01:1e:54:d9:b9:
                    03:8c:a5:26:6f:20:c4:48:85:4a:b3:28:0a:1c:ad:
                    f5:20:af:11:b7:75:58:f2:6a:23:e7:ab:27:31:0a:
                    1a:5d:11:1b:1b:87:aa:5a:ba:86:57:11:e7:3b:b3:
                    e5:28:c4:cf:08:97:8f:d4:45:02:94:e3:d4:90:ec:
                    77:8c:e0:7b:b4:8b:ef:dc:7a:0f:48:d4:5d:14:76:
                    26:6e:7b:14:8f:ec:28:12:23:06:ff:98:08:d7:a5:
                    4d:94:28:93:2d:21:e9:77:bc:c2:d2:c8:dd:3c:a5:
                    d6:2e:9e:4c:38:44:f8:64:ce:29:9f:b8:68:b6:17:
                    bd:63:ea:ee:f6:38:c7:12:e2:24:3d:84:7f:87:35:
                    a8:68:9e:32:48:64:31:24:d3:38:de:7b:7a:44:55:
                    d9:b0:f8:dd:88:84:5a:85:92:25:af:1e:bf:3a:59:
                    c5:5e:fb:7b:12:77:2d:8c:14:45:9c:f4:f7:04:99:
                    6f:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:30:BE:12:F5:AE:4D:27:61:48:3C:DF:9E:9D:65:46:9D:76:A5:C9
            X509v3 Authority Key Identifier:
                keyid:01:DF:CD:96:93:98:C7:D1:4F:A1:8E:44:D1:64:9A:0B:21:C9:65:69

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0D4A27342A7E1849F8AFC489E93CA3DC3F65B9DCD36B04FD2B584CCD2B805C76/0/01DFCD969398C7D14FA18E44D1649A0B21C96569.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/01DFCD969398C7D14FA18E44D1649A0B21C96569.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0D4A27342A7E1849F8AFC489E93CA3DC3F65B9DCD36B04FD2B584CCD2B805C76/0/3137302e3235342e3137362e302f32322d3232203d3e20333934343734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:bd:b4:dc:c7:58:ee:ed:6d:e6:0d:68:ab:46:54:e4:6b:2c:
         af:e7:eb:05:73:c7:0b:64:bf:70:89:28:2e:4e:0c:88:2d:aa:
         74:ac:8b:b9:a6:f0:a2:63:11:3b:9c:5f:b8:0e:26:d0:4d:27:
         bc:ec:22:dc:95:d8:97:11:7c:62:b7:41:d9:cb:d3:1c:4e:c7:
         ca:6e:69:4e:d2:12:26:99:f5:62:e3:2d:12:7a:28:db:7d:da:
         d9:72:15:d5:9b:86:cc:f0:a8:5f:a9:cb:94:5c:a2:92:11:5a:
         ad:d8:38:6f:d6:71:d1:63:f5:f4:86:d3:70:06:40:f8:82:c6:
         50:22:40:60:69:05:1f:95:bd:c6:d0:73:8e:7f:7e:2c:a9:91:
         5b:df:0d:5a:20:26:2d:ac:cd:3a:1e:50:77:23:8d:26:2c:14:
         79:c9:56:15:4c:98:9e:35:37:9a:49:18:fc:db:7e:c1:b3:b0:
         8d:0a:6a:a0:86:7b:67:d9:32:23:5c:3f:f9:96:d1:8d:08:20:
         a6:db:17:32:3b:0d:22:5d:b0:a9:31:b4:e5:60:10:55:e9:d8:
         5f:93:b8:9e:14:c2:27:3a:21:21:76:41:3d:2c:21:24:fc:aa:
         14:27:4d:dd:cb:1a:7b:df:8a:be:dc:d0:de:29:8a:c9:8b:57:
         fe:6e:45:99
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUAu4VAL7qbk3+BXtbWaZoGhimkXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDFERkNEOTY5Mzk4QzdEMTRGQTE4RTQ0RDE2NDlBMEIy
MUM5NjU2OTAeFw0yNTAyMDQxODM4MzFaFw0yNjAyMDMxODQzMzFaMDMxMTAvBgNV
BAMTKDJEMzBCRTEyRjVBRTREMjc2MTQ4M0NERjlFOUQ2NTQ2OUQ3NkE1QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Muy+MXAwxJHU5jmUC0fERpfD
0qr5OPn9DWK9L2dtjO1oboo7sBjxhjcLgwTeBXSWNJYz8B+lxWlMdhkhAtBrBT2D
5oUBHlTZuQOMpSZvIMRIhUqzKAocrfUgrxG3dVjyaiPnqycxChpdERsbh6pauoZX
Eec7s+UoxM8Il4/URQKU49SQ7HeM4Hu0i+/ceg9I1F0UdiZuexSP7CgSIwb/mAjX
pU2UKJMtIel3vMLSyN08pdYunkw4RPhkzimfuGi2F71j6u72OMcS4iQ9hH+HNaho
njJIZDEk0zjee3pEVdmw+N2IhFqFkiWvHr86WcVe+3sSdy2MFEWc9PcEmW/ZAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQULTC+EvWuTSdhSDzfnp1lRp12pckwHwYDVR0j
BBgwFoAUAd/NlpOYx9FPoY5E0WSaCyHJZWkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wRDRBMjczNDJBN0UxODQ5RjhBRkM0ODlFOTNDQTNEQzNG
NjVCOURDRDM2QjA0RkQyQjU4NENDRDJCODA1Qzc2LzAvMDFERkNEOTY5Mzk4QzdE
MTRGQTE4RTQ0RDE2NDlBMEIyMUM5NjU2OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wMURGQ0Q5NjkzOThDN0QxNEZB
MThFNDREMTY0OUEwQjIxQzk2NTY5LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEQ0QTI3MzQyQTdFMTg0OUY4QUZDNDg5RTkzQ0EzREMzRjY1QjlEQ0Qz
NkIwNEZEMkI1ODRDQ0QyQjgwNUM3Ni8wLzMxMzczMDJlMzIzNTM0MmUzMTM3MzYy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMzM5MzQzNDM3MzQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKq
/rAwDQYJKoZIhvcNAQELBQADggEBAHm9tNzHWO7tbeYNaKtGVORrLK/n6wVzxwtk
v3CJKC5ODIgtqnSsi7mm8KJjETucX7gOJtBNJ7zsItyV2JcRfGK3QdnL0xxOx8pu
aU7SEiaZ9WLjLRJ6KNt92tlyFdWbhszwqF+py5RcopIRWq3YOG/WcdFj9fSG03AG
QPiCxlAiQGBpBR+VvcbQc45/fiypkVvfDVogJi2szToeUHcjjSYsFHnJVhVMmJ41
N5pJGPzbfsGzsI0KaqCGe2fZMiNcP/mW0Y0IIKbbFzI7DSJdsKkxtOVgEFXp2F+T
uJ4Uwic6ISF2QT0sIST8qhQnTd3LGnvfir7c0N4pismLV/5uRZk=
-----END CERTIFICATE-----