Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/3137302e3233392e3135342e302f32332d3233203d3e20323637383431.roa
File:                     3137302e3233392e3135342e302f32332d3233203d3e20323637383431.roa (raw, json)
Hash identifier:          s0WjwvY1WNZ9brxIjYFAUIyYIOumLGtMM33WcL7w2dY=
Subject key identifier:   79:5B:33:79:A9:C4:57:16:71:BA:2F:9E:05:28:9E:31:87:A7:C1:9D
Certificate issuer:       /CN=B83212ED5241F8A76D1955EDB09C991FF777815E
Certificate serial:       50FA0CC533034B74FC6F7DE5B21C014A8218EB34
Authority key identifier: B8:32:12:ED:52:41:F8:A7:6D:19:55:ED:B0:9C:99:1F:F7:77:81:5E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B83212ED5241F8A76D1955EDB09C991FF777815E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/3137302e3233392e3135342e302f32332d3233203d3e20323637383431.roa
Signing time:             Tue 04 Feb 2025 19:56:48 +0000
ROA not before:           Tue 04 Feb 2025 19:51:48 +0000
ROA not after:            Tue 03 Feb 2026 19:56:48 +0000
asID:                     267841
IP address blocks:        170.239.154.0/23 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:fa:0c:c5:33:03:4b:74:fc:6f:7d:e5:b2:1c:01:4a:82:18:eb:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B83212ED5241F8A76D1955EDB09C991FF777815E
        Validity
            Not Before: Feb  4 19:51:48 2025 GMT
            Not After : Feb  3 19:56:48 2026 GMT
        Subject: CN=795B3379A9C4571671BA2F9E05289E3187A7C19D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d4:14:38:43:63:74:3b:d5:1e:34:78:fe:55:
                    0a:7a:ce:54:01:22:7d:03:0b:f3:86:91:d7:db:2e:
                    19:41:d2:4f:cf:1e:39:11:88:e1:ce:ff:4c:44:fe:
                    01:24:a4:b0:03:70:65:04:9f:3e:bf:2a:6e:8b:70:
                    0d:f6:fb:46:c0:d1:6e:f1:da:c0:da:32:4f:a7:eb:
                    98:8f:cf:1a:19:53:9f:4d:bd:6c:60:05:70:ab:4d:
                    d6:af:e7:a3:04:56:68:54:3c:42:57:8e:70:d3:81:
                    f9:33:8d:d4:04:02:ba:57:a5:46:84:5f:e8:9d:03:
                    0c:a1:6c:a8:2e:36:f5:74:18:93:47:01:c2:9a:af:
                    c4:a5:af:11:32:69:c5:75:bd:14:3b:c7:4e:7c:53:
                    e3:08:95:f9:31:1b:15:0b:db:6b:1e:93:a8:54:f0:
                    57:92:84:a1:48:c2:6a:d3:d2:8f:fb:8a:b7:fb:25:
                    9e:1d:34:e2:4f:1c:89:5e:2b:2f:d7:e1:a1:d1:2e:
                    c7:a9:8b:71:47:a6:97:0a:3a:b8:a7:66:be:71:a7:
                    22:58:ec:0c:44:22:71:03:55:d3:0f:24:92:9c:a9:
                    eb:cc:56:82:f2:15:2c:80:2a:de:fd:78:1f:65:dd:
                    5c:e1:28:fb:d0:39:0c:6a:85:3f:6e:ae:d7:a8:43:
                    9a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:5B:33:79:A9:C4:57:16:71:BA:2F:9E:05:28:9E:31:87:A7:C1:9D
            X509v3 Authority Key Identifier:
                keyid:B8:32:12:ED:52:41:F8:A7:6D:19:55:ED:B0:9C:99:1F:F7:77:81:5E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/B83212ED5241F8A76D1955EDB09C991FF777815E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B83212ED5241F8A76D1955EDB09C991FF777815E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/3137302e3233392e3135342e302f32332d3233203d3e20323637383431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.239.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         46:5d:b0:10:0b:c3:0d:20:f8:d9:a2:28:38:fe:ea:ac:31:02:
         18:62:87:9a:94:33:93:a2:46:31:e4:7a:e1:a9:08:76:52:12:
         33:85:8f:a9:64:19:e6:dc:52:f2:77:a0:12:fc:ee:b7:67:0d:
         eb:17:0b:49:96:24:6b:32:73:99:b9:2e:9e:7c:09:10:4e:c0:
         81:d2:65:7b:bd:54:f3:8f:e7:2f:8d:01:27:40:70:c7:1f:6f:
         5a:ba:17:e2:52:74:a6:63:04:17:95:f9:92:cb:c7:02:45:79:
         14:f1:af:6b:17:07:7e:14:5c:81:d4:d0:3a:e3:c7:54:6a:2f:
         92:cb:6d:62:9d:00:0d:66:b1:a7:a0:70:f5:fc:c3:b8:5c:a0:
         6d:98:05:3d:eb:06:5f:f8:91:df:fc:d2:5c:ba:95:1a:2c:5f:
         57:73:e4:6f:ab:03:b7:cb:f8:ae:71:21:ae:41:ee:cc:53:32:
         00:d7:43:1f:59:3b:1a:24:ac:f9:a7:fe:75:c6:ee:7c:21:40:
         26:4f:9d:20:b8:2c:ed:9b:fc:90:80:ac:2c:ea:61:f4:6d:be:
         5a:0d:ce:b4:71:a9:5a:cb:d6:89:08:30:e0:1f:fe:09:df:50:
         82:af:42:f9:98:94:1b:69:56:1e:1b:63:13:4e:42:1e:97:47:
         71:98:14:b5
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUUPoMxTMDS3T8b33lshwBSoIY6zQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjgzMjEyRUQ1MjQxRjhBNzZEMTk1NUVEQjA5Qzk5MUZG
Nzc3ODE1RTAeFw0yNTAyMDQxOTUxNDhaFw0yNjAyMDMxOTU2NDhaMDMxMTAvBgNV
BAMTKDc5NUIzMzc5QTlDNDU3MTY3MUJBMkY5RTA1Mjg5RTMxODdBN0MxOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC11BQ4Q2N0O9UeNHj+VQp6zlQB
In0DC/OGkdfbLhlB0k/PHjkRiOHO/0xE/gEkpLADcGUEnz6/Km6LcA32+0bA0W7x
2sDaMk+n65iPzxoZU59NvWxgBXCrTdav56MEVmhUPEJXjnDTgfkzjdQEArpXpUaE
X+idAwyhbKguNvV0GJNHAcKar8SlrxEyacV1vRQ7x058U+MIlfkxGxUL22sek6hU
8FeShKFIwmrT0o/7irf7JZ4dNOJPHIleKy/X4aHRLsepi3FHppcKOrinZr5xpyJY
7AxEInEDVdMPJJKcqevMVoLyFSyAKt79eB9l3VzhKPvQOQxqhT9urteoQ5pxAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUeVszeanEVxZxui+eBSieMYenwZ0wHwYDVR0j
BBgwFoAUuDIS7VJB+KdtGVXtsJyZH/d3gV4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wRUQ1NzBGNzEwNDJFRUI3OUMwNTBFRkI3Njc2NjlEMUM0
QzZBMzFCNEUzNkFENzNGQTc3QUYyRjY1NzdFN0NBLzAvQjgzMjEyRUQ1MjQxRjhB
NzZEMTk1NUVEQjA5Qzk5MUZGNzc3ODE1RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CODMyMTJFRDUyNDFGOEE3NkQx
OTU1RURCMDlDOTkxRkY3Nzc4MTVFLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEVENTcwRjcxMDQyRUVCNzlDMDUwRUZCNzY3NjY5RDFDNEM2QTMxQjRF
MzZBRDczRkE3N0FGMkY2NTc3RTdDQS8wLzMxMzczMDJlMzIzMzM5MmUzMTM1MzQy
ZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM2MzczODM0MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGq
75owDQYJKoZIhvcNAQELBQADggEBAEZdsBALww0g+NmiKDj+6qwxAhhih5qUM5Oi
RjHkeuGpCHZSEjOFj6lkGebcUvJ3oBL87rdnDesXC0mWJGsyc5m5Lp58CRBOwIHS
ZXu9VPOP5y+NASdAcMcfb1q6F+JSdKZjBBeV+ZLLxwJFeRTxr2sXB34UXIHU0Drj
x1RqL5LLbWKdAA1msaegcPX8w7hcoG2YBT3rBl/4kd/80ly6lRosX1dz5G+rA7fL
+K5xIa5B7sxTMgDXQx9ZOxokrPmn/nXG7nwhQCZPnSC4LO2b/JCArCzqYfRtvloN
zrRxqVrL1okIMOAf/gnfUIKvQvmYlBtpVh4bYxNOQh6XR3GYFLU=
-----END CERTIFICATE-----