Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/34352e3136332e32392e302f32342d3234203d3e20323637383431.roa
File:                     34352e3136332e32392e302f32342d3234203d3e20323637383431.roa (raw, json)
Hash identifier:          vwODiA1Cq8smezwMRdckY0TBJqek0sawijwpnMuSGQY=
Subject key identifier:   7A:2F:30:E0:F5:DF:53:67:32:E8:82:93:63:8A:6E:2A:1E:DC:3F:3A
Certificate issuer:       /CN=B83212ED5241F8A76D1955EDB09C991FF777815E
Certificate serial:       40DA88D88E334D05F7B12759A442A363326980C2
Authority key identifier: B8:32:12:ED:52:41:F8:A7:6D:19:55:ED:B0:9C:99:1F:F7:77:81:5E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B83212ED5241F8A76D1955EDB09C991FF777815E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/34352e3136332e32392e302f32342d3234203d3e20323637383431.roa
Signing time:             Tue 04 Feb 2025 19:56:48 +0000
ROA not before:           Tue 04 Feb 2025 19:51:48 +0000
ROA not after:            Tue 03 Feb 2026 19:56:48 +0000
asID:                     267841
IP address blocks:        45.163.29.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:da:88:d8:8e:33:4d:05:f7:b1:27:59:a4:42:a3:63:32:69:80:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B83212ED5241F8A76D1955EDB09C991FF777815E
        Validity
            Not Before: Feb  4 19:51:48 2025 GMT
            Not After : Feb  3 19:56:48 2026 GMT
        Subject: CN=7A2F30E0F5DF536732E88293638A6E2A1EDC3F3A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:77:05:44:8a:b0:64:28:93:5e:65:67:ae:a9:
                    8a:9a:26:92:88:d0:77:75:6d:d3:b1:45:e8:95:9f:
                    ec:26:1f:71:1b:48:c8:95:58:11:72:54:fe:57:58:
                    a1:15:bb:16:b8:01:3b:05:e5:2e:9a:59:d9:4f:8b:
                    ef:8c:e3:bd:da:ab:d1:a1:71:75:be:9a:60:83:35:
                    57:8d:3d:3d:ba:de:48:87:97:19:0f:b7:ab:62:d0:
                    25:95:8f:6c:81:71:4f:f7:87:a5:ad:3e:b3:b0:ce:
                    52:01:44:18:bd:5d:4f:8a:51:57:6b:6f:7f:88:06:
                    fe:4e:cf:05:8c:e5:4e:65:ed:34:f8:a0:8d:06:eb:
                    2b:67:6f:dd:25:a0:24:5f:4d:aa:5d:48:a3:67:6b:
                    bf:12:8b:d4:57:51:2a:de:e9:b4:d1:75:15:07:e5:
                    af:d5:e2:d4:80:b6:5b:22:eb:9c:30:da:2a:ae:f7:
                    9a:dd:37:19:e9:8b:42:4c:e1:1e:5b:03:6b:c4:58:
                    fa:c8:66:b3:ca:36:c1:0d:54:ec:14:19:2b:93:be:
                    d9:e3:29:c2:d1:4a:83:0c:a1:34:0e:e0:1c:35:7a:
                    ed:b3:39:96:61:12:77:ab:89:54:3f:47:3c:fb:cc:
                    79:ae:ef:17:8a:49:25:e6:9e:1a:e5:a8:82:d6:8a:
                    e2:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:2F:30:E0:F5:DF:53:67:32:E8:82:93:63:8A:6E:2A:1E:DC:3F:3A
            X509v3 Authority Key Identifier:
                keyid:B8:32:12:ED:52:41:F8:A7:6D:19:55:ED:B0:9C:99:1F:F7:77:81:5E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/B83212ED5241F8A76D1955EDB09C991FF777815E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B83212ED5241F8A76D1955EDB09C991FF777815E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0ED570F71042EEB79C050EFB767669D1C4C6A31B4E36AD73FA77AF2F6577E7CA/0/34352e3136332e32392e302f32342d3234203d3e20323637383431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.163.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:40:3e:4d:eb:e4:26:06:b5:f2:9b:af:fb:c6:01:b0:31:36:
         e9:aa:8c:e5:77:2e:51:ee:bc:51:37:d3:82:4a:41:0f:c2:ae:
         cd:66:c6:bc:37:16:9c:cb:2e:28:11:cc:b4:76:16:b3:72:30:
         b0:d8:f9:0f:22:b1:96:67:67:19:67:bc:b4:d3:1e:dd:4a:95:
         d5:3c:c6:f1:81:06:8a:03:e2:55:c2:bc:c9:3d:ed:d2:cb:92:
         65:10:44:0d:24:a4:53:0e:c2:81:2e:1a:41:81:16:01:e8:be:
         9c:01:e0:5b:a1:49:d7:bd:4e:6c:6e:8d:40:ef:64:82:56:3c:
         00:35:87:7b:fb:60:78:4e:fa:b4:01:aa:85:4e:75:d8:16:0e:
         79:25:fc:8f:ba:d2:c5:02:1b:a7:f8:84:b5:83:17:24:1d:75:
         07:92:38:cf:bc:fa:2a:32:84:5a:28:4c:61:11:28:74:47:75:
         2e:0c:0d:4b:c1:86:a4:f0:fd:38:39:ec:3b:29:3f:bc:22:a6:
         68:d8:e0:3d:e6:49:9d:65:e9:de:8f:2a:75:09:b3:6b:e8:a8:
         b8:33:d8:a7:b5:10:06:90:29:e1:b5:5d:ac:4d:5a:71:5e:bc:
         13:3a:35:78:ab:6c:ba:b8:0a:18:bf:d5:e3:33:5a:b6:1d:40:
         d1:46:fc:5d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUQNqI2I4zTQX3sSdZpEKjYzJpgMIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjgzMjEyRUQ1MjQxRjhBNzZEMTk1NUVEQjA5Qzk5MUZG
Nzc3ODE1RTAeFw0yNTAyMDQxOTUxNDhaFw0yNjAyMDMxOTU2NDhaMDMxMTAvBgNV
BAMTKDdBMkYzMEUwRjVERjUzNjczMkU4ODI5MzYzOEE2RTJBMUVEQzNGM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMdwVEirBkKJNeZWeuqYqaJpKI
0Hd1bdOxReiVn+wmH3EbSMiVWBFyVP5XWKEVuxa4ATsF5S6aWdlPi++M473aq9Gh
cXW+mmCDNVeNPT263kiHlxkPt6ti0CWVj2yBcU/3h6WtPrOwzlIBRBi9XU+KUVdr
b3+IBv5OzwWM5U5l7TT4oI0G6ytnb90loCRfTapdSKNna78Si9RXUSre6bTRdRUH
5a/V4tSAtlsi65ww2iqu95rdNxnpi0JM4R5bA2vEWPrIZrPKNsENVOwUGSuTvtnj
KcLRSoMMoTQO4Bw1eu2zOZZhEneriVQ/Rzz7zHmu7xeKSSXmnhrlqILWiuIHAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUei8w4PXfU2cy6IKTY4puKh7cPzowHwYDVR0j
BBgwFoAUuDIS7VJB+KdtGVXtsJyZH/d3gV4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wRUQ1NzBGNzEwNDJFRUI3OUMwNTBFRkI3Njc2NjlEMUM0
QzZBMzFCNEUzNkFENzNGQTc3QUYyRjY1NzdFN0NBLzAvQjgzMjEyRUQ1MjQxRjhB
NzZEMTk1NUVEQjA5Qzk5MUZGNzc3ODE1RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CODMyMTJFRDUyNDFGOEE3NkQx
OTU1RURCMDlDOTkxRkY3Nzc4MTVFLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEVENTcwRjcxMDQyRUVCNzlDMDUwRUZCNzY3NjY5RDFDNEM2QTMxQjRF
MzZBRDczRkE3N0FGMkY2NTc3RTdDQS8wLzM0MzUyZTMxMzYzMzJlMzIzOTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNzM4MzQzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2jHTAN
BgkqhkiG9w0BAQsFAAOCAQEAfUA+TevkJga18puv+8YBsDE26aqM5XcuUe68UTfT
gkpBD8KuzWbGvDcWnMsuKBHMtHYWs3IwsNj5DyKxlmdnGWe8tNMe3UqV1TzG8YEG
igPiVcK8yT3t0suSZRBEDSSkUw7CgS4aQYEWAei+nAHgW6FJ171ObG6NQO9kglY8
ADWHe/tgeE76tAGqhU512BYOeSX8j7rSxQIbp/iEtYMXJB11B5I4z7z6KjKEWihM
YREodEd1LgwNS8GGpPD9ODnsOyk/vCKmaNjgPeZJnWXp3o8qdQmza+iouDPYp7UQ
BpAp4bVdrE1acV68Ezo1eKtsurgKGL/V4zNath1A0Ub8XQ==
-----END CERTIFICATE-----