Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/114524E86CBEDB1BBBA6B5568E97599EC02601B8263BBE3C6132E9D787321E00/0/34352e37312e3131342e302f32342d3234203d3e203237393437.roa
File:                     34352e37312e3131342e302f32342d3234203d3e203237393437.roa (raw, json)
Hash identifier:          AD6Omirudq4MrdnTfG90WdjbL5kA+6hteJPkoKt0laQ=
Subject key identifier:   8D:67:B1:DB:E3:0B:FB:19:0D:40:CD:52:42:3F:4C:AA:40:F7:33:E3
Certificate issuer:       /CN=BC6522E3C11015B5E5613800EF79B4EAC428C2BA
Certificate serial:       34A3AB044F8C1A7B8DB2D2F19500D140CF0BE9FA
Authority key identifier: BC:65:22:E3:C1:10:15:B5:E5:61:38:00:EF:79:B4:EA:C4:28:C2:BA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BC6522E3C11015B5E5613800EF79B4EAC428C2BA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/114524E86CBEDB1BBBA6B5568E97599EC02601B8263BBE3C6132E9D787321E00/0/34352e37312e3131342e302f32342d3234203d3e203237393437.roa
Signing time:             Tue 04 Feb 2025 18:56:15 +0000
ROA not before:           Tue 04 Feb 2025 18:51:15 +0000
ROA not after:            Tue 03 Feb 2026 18:56:15 +0000
asID:                     27947
IP address blocks:        45.71.114.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:a3:ab:04:4f:8c:1a:7b:8d:b2:d2:f1:95:00:d1:40:cf:0b:e9:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BC6522E3C11015B5E5613800EF79B4EAC428C2BA
        Validity
            Not Before: Feb  4 18:51:15 2025 GMT
            Not After : Feb  3 18:56:15 2026 GMT
        Subject: CN=8D67B1DBE30BFB190D40CD52423F4CAA40F733E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:5e:f0:ef:a6:40:17:b7:b0:f2:9e:3d:64:95:
                    76:18:b0:57:e4:7b:c5:ca:51:e8:70:93:70:99:a9:
                    04:4d:d2:a7:32:f7:22:c5:88:4d:6a:bc:ec:41:b2:
                    39:c0:e1:78:b1:84:1c:c5:cc:84:99:a3:6a:16:2b:
                    b9:8b:76:40:48:23:cf:df:fe:9e:65:cd:41:ac:81:
                    63:de:e2:47:cd:d8:c6:87:93:58:57:3b:ba:b0:dc:
                    d2:6f:15:68:e1:1e:8b:55:70:28:b0:e3:aa:d7:e9:
                    83:ff:5f:82:15:76:01:12:37:ee:21:ba:f0:e6:2a:
                    81:34:8b:f2:00:d3:7e:e7:4c:a8:e7:df:2b:7a:c1:
                    99:a8:0a:e2:99:f1:e1:d0:8e:2e:f5:05:cd:d0:f7:
                    c1:4a:cf:ec:b7:5c:f8:c1:54:6c:28:83:43:2d:ef:
                    bc:5d:38:52:26:93:e7:d1:4b:ef:2b:32:04:95:76:
                    d2:25:14:53:f5:d6:92:32:57:38:1f:9b:1f:dd:cb:
                    ad:6b:01:2a:f7:f7:2b:e3:01:a6:6d:c9:da:a7:d0:
                    9e:cd:ea:40:b7:58:b5:31:29:25:a3:3f:cb:6b:b0:
                    92:b9:51:64:5e:ae:d5:e7:ca:dd:a0:11:ee:68:14:
                    98:80:65:a6:8e:fe:0d:3f:f8:07:99:ee:11:33:31:
                    46:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:67:B1:DB:E3:0B:FB:19:0D:40:CD:52:42:3F:4C:AA:40:F7:33:E3
            X509v3 Authority Key Identifier:
                keyid:BC:65:22:E3:C1:10:15:B5:E5:61:38:00:EF:79:B4:EA:C4:28:C2:BA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/114524E86CBEDB1BBBA6B5568E97599EC02601B8263BBE3C6132E9D787321E00/0/BC6522E3C11015B5E5613800EF79B4EAC428C2BA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BC6522E3C11015B5E5613800EF79B4EAC428C2BA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/114524E86CBEDB1BBBA6B5568E97599EC02601B8263BBE3C6132E9D787321E00/0/34352e37312e3131342e302f32342d3234203d3e203237393437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.71.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:bc:41:8a:49:d3:be:00:32:a7:60:c8:cb:81:70:c0:07:61:
         13:60:43:ad:44:43:50:e1:2a:9d:43:51:32:d3:58:5d:63:d1:
         d1:eb:50:ee:43:03:3b:a5:45:07:06:51:9a:92:61:fd:2f:e3:
         2a:70:d0:c7:ba:2c:9d:f2:cc:90:24:cc:21:a4:eb:d4:20:70:
         4c:4e:ec:79:f2:04:c1:1d:a1:3b:f8:15:5b:2e:d2:72:49:f5:
         86:9f:eb:4f:88:18:58:ab:92:11:54:6d:95:2e:e3:79:9f:6c:
         99:1a:d2:ec:ab:00:0a:70:72:99:22:c8:5f:dd:a2:70:09:90:
         50:a4:84:98:45:50:1e:3a:49:dd:0d:4b:9e:39:c0:2e:a8:2e:
         8d:f7:73:ee:7b:67:8e:7b:d7:28:34:ad:4a:db:84:20:0e:98:
         24:e6:14:46:ac:a1:b3:2a:9b:b0:d0:4c:42:83:b1:a4:57:39:
         82:a3:03:25:5e:85:e3:23:53:15:0c:b3:37:16:5c:da:12:65:
         19:fb:ed:5c:11:a8:84:24:14:04:65:ca:41:e0:7c:4e:65:08:
         a3:01:10:c9:84:ab:32:24:f0:d1:f2:90:42:5c:71:fb:62:70:
         d0:8a:48:75:95:8c:fe:ae:88:b0:89:d9:17:fe:83:8e:f8:81:
         b2:c3:50:f1
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUNKOrBE+MGnuNstLxlQDRQM8L6fowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkM2NTIyRTNDMTEwMTVCNUU1NjEzODAwRUY3OUI0RUFD
NDI4QzJCQTAeFw0yNTAyMDQxODUxMTVaFw0yNjAyMDMxODU2MTVaMDMxMTAvBgNV
BAMTKDhENjdCMURCRTMwQkZCMTkwRDQwQ0Q1MjQyM0Y0Q0FBNDBGNzMzRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEXvDvpkAXt7Dynj1klXYYsFfk
e8XKUehwk3CZqQRN0qcy9yLFiE1qvOxBsjnA4XixhBzFzISZo2oWK7mLdkBII8/f
/p5lzUGsgWPe4kfN2MaHk1hXO7qw3NJvFWjhHotVcCiw46rX6YP/X4IVdgESN+4h
uvDmKoE0i/IA037nTKjn3yt6wZmoCuKZ8eHQji71Bc3Q98FKz+y3XPjBVGwog0Mt
77xdOFImk+fRS+8rMgSVdtIlFFP11pIyVzgfmx/dy61rASr39yvjAaZtydqn0J7N
6kC3WLUxKSWjP8trsJK5UWRertXnyt2gEe5oFJiAZaaO/g0/+AeZ7hEzMUY7AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUjWex2+ML+xkNQM1SQj9MqkD3M+MwHwYDVR0j
BBgwFoAUvGUi48EQFbXlYTgA73m06sQowrowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMTQ1MjRFODZDQkVEQjFCQkJBNkI1NTY4RTk3NTk5RUMw
MjYwMUI4MjYzQkJFM0M2MTMyRTlENzg3MzIxRTAwLzAvQkM2NTIyRTNDMTEwMTVC
NUU1NjEzODAwRUY3OUI0RUFDNDI4QzJCQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CQzY1MjJFM0MxMTAxNUI1RTU2
MTM4MDBFRjc5QjRFQUM0MjhDMkJBLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTE0NTI0RTg2Q0JFREIxQkJCQTZCNTU2OEU5NzU5OUVDMDI2MDFCODI2
M0JCRTNDNjEzMkU5RDc4NzMyMUUwMC8wLzM0MzUyZTM3MzEyZTMxMzEzNDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczOTM0Mzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtR3IwDQYJ
KoZIhvcNAQELBQADggEBAB+8QYpJ074AMqdgyMuBcMAHYRNgQ61EQ1DhKp1DUTLT
WF1j0dHrUO5DAzulRQcGUZqSYf0v4ypw0Me6LJ3yzJAkzCGk69QgcExO7HnyBMEd
oTv4FVsu0nJJ9Yaf60+IGFirkhFUbZUu43mfbJka0uyrAApwcpkiyF/donAJkFCk
hJhFUB46Sd0NS545wC6oLo33c+57Z4571yg0rUrbhCAOmCTmFEasobMqm7DQTEKD
saRXOYKjAyVeheMjUxUMszcWXNoSZRn77VwRqIQkFARlykHgfE5lCKMBEMmEqzIk
8NHykEJccfticNCKSHWVjP6uiLCJ2Rf+g474gbLDUPE=
-----END CERTIFICATE-----