Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/12C706D8E5F0C1624920A74E6287D12F18BC62802FC601B563818C257509F4B8/0/3133322e3235352e3133322e302f32322d3232203d3e203532343835.roa
File:                     3133322e3235352e3133322e302f32322d3232203d3e203532343835.roa (raw, json)
Hash identifier:          MpxwBX1hzKy8ljUgXQF1auyurM+pIS8ZYkYYW4nUeuk=
Subject key identifier:   E8:E6:02:3F:19:BE:F4:72:A6:1A:DF:3E:1F:1F:34:8F:16:7A:90:45
Certificate issuer:       /CN=09E1B154B55FB4F84B47F72DFDDE8D9664B9D212
Certificate serial:       3DE2DF3599925EDB83C0683FC35716202BF24A4B
Authority key identifier: 09:E1:B1:54:B5:5F:B4:F8:4B:47:F7:2D:FD:DE:8D:96:64:B9:D2:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/09E1B154B55FB4F84B47F72DFDDE8D9664B9D212.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/12C706D8E5F0C1624920A74E6287D12F18BC62802FC601B563818C257509F4B8/0/3133322e3235352e3133322e302f32322d3232203d3e203532343835.roa
Signing time:             Tue 04 Feb 2025 18:39:57 +0000
ROA not before:           Tue 04 Feb 2025 18:34:57 +0000
ROA not after:            Tue 03 Feb 2026 18:39:57 +0000
asID:                     52485
IP address blocks:        132.255.132.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:e2:df:35:99:92:5e:db:83:c0:68:3f:c3:57:16:20:2b:f2:4a:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09E1B154B55FB4F84B47F72DFDDE8D9664B9D212
        Validity
            Not Before: Feb  4 18:34:57 2025 GMT
            Not After : Feb  3 18:39:57 2026 GMT
        Subject: CN=E8E6023F19BEF472A61ADF3E1F1F348F167A9045
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:43:45:ef:4f:b2:50:37:08:2f:63:d9:e9:97:
                    a9:64:f9:a0:1e:c9:1d:ae:c4:66:14:40:be:2f:c3:
                    4d:4f:3a:26:e6:e8:f0:1f:fc:7b:eb:7d:46:8a:4a:
                    9b:c3:14:b3:e5:36:e0:d1:0c:7c:70:bc:03:54:e5:
                    61:5c:91:f4:d9:d8:a2:44:26:97:be:46:a5:df:ec:
                    1f:fb:00:f6:67:51:5a:b9:91:dc:fd:e4:5a:1d:f7:
                    5c:9f:29:8d:b7:6c:63:a3:61:1a:d0:1e:24:dd:fc:
                    ff:f9:4d:5e:fd:49:8d:1c:04:f7:da:c1:24:c7:c6:
                    c3:5b:96:ba:53:31:62:92:35:0d:a6:72:0d:6a:48:
                    64:f1:70:ea:8b:0b:30:13:f8:51:5d:27:9f:ee:8c:
                    8c:67:69:b3:3e:96:9e:b3:dc:ed:6c:40:b4:6b:d9:
                    42:88:8f:1b:32:33:87:4c:b9:27:4d:97:92:e1:8c:
                    9b:ba:83:b2:78:35:7f:1e:fe:a5:9c:a2:b5:34:75:
                    b1:a3:f3:ef:5c:3e:e7:cd:ad:26:ca:2b:58:ed:63:
                    81:24:7d:26:13:d3:3e:2d:6a:23:13:f9:3c:98:dc:
                    8c:40:3f:f5:fa:c5:dc:73:7a:36:7e:47:fa:01:78:
                    82:c4:67:30:bf:3b:80:a2:65:1b:c5:58:72:21:2d:
                    6d:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:E6:02:3F:19:BE:F4:72:A6:1A:DF:3E:1F:1F:34:8F:16:7A:90:45
            X509v3 Authority Key Identifier:
                keyid:09:E1:B1:54:B5:5F:B4:F8:4B:47:F7:2D:FD:DE:8D:96:64:B9:D2:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/12C706D8E5F0C1624920A74E6287D12F18BC62802FC601B563818C257509F4B8/0/09E1B154B55FB4F84B47F72DFDDE8D9664B9D212.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/09E1B154B55FB4F84B47F72DFDDE8D9664B9D212.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/12C706D8E5F0C1624920A74E6287D12F18BC62802FC601B563818C257509F4B8/0/3133322e3235352e3133322e302f32322d3232203d3e203532343835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.255.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         cc:d0:55:11:94:ac:03:65:4d:cf:6e:71:b3:d9:c0:44:a0:0a:
         3c:1a:7c:ce:b7:a5:3f:e0:f6:12:d9:4d:c8:f4:af:81:b7:8d:
         89:48:3d:f2:5a:cc:75:65:91:63:76:a8:1c:27:8c:8c:48:31:
         fd:57:f0:34:53:da:97:b0:21:70:3b:53:0d:61:c2:ba:ee:24:
         a5:c5:2c:f0:83:6e:c0:3f:a4:93:54:a9:91:e5:15:96:eb:7a:
         56:d8:76:4b:ec:87:b4:75:a0:c3:9c:13:4a:cb:79:0b:b0:27:
         0d:93:36:f7:ea:1d:5f:bf:57:e9:d7:73:34:3c:cd:69:81:8c:
         96:97:19:a8:0d:1e:c1:ef:4b:ad:83:0e:45:03:3e:7c:83:10:
         f5:0b:8c:cb:f0:bd:6f:04:76:24:12:b5:31:9b:4d:39:0e:94:
         01:50:95:bd:d4:13:94:26:37:47:51:ac:d8:0e:74:1d:c1:fb:
         24:03:a9:d0:ea:e3:92:c9:dd:3a:a8:3d:fb:bd:50:d4:9f:c7:
         e8:1b:f7:a7:30:19:d8:30:0c:c1:b6:bd:2d:fc:2c:fc:93:1a:
         f2:d0:b0:e6:c4:d0:ec:0a:7f:f8:df:9a:bf:bb:55:68:39:ce:
         26:c1:d1:61:3f:33:6f:b4:0e:20:4c:d2:e3:08:d7:0d:f7:87:
         32:bb:60:84
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUPeLfNZmSXtuDwGg/w1cWICvySkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDlFMUIxNTRCNTVGQjRGODRCNDdGNzJERkRERThEOTY2
NEI5RDIxMjAeFw0yNTAyMDQxODM0NTdaFw0yNjAyMDMxODM5NTdaMDMxMTAvBgNV
BAMTKEU4RTYwMjNGMTlCRUY0NzJBNjFBREYzRTFGMUYzNDhGMTY3QTkwNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmQ0XvT7JQNwgvY9npl6lk+aAe
yR2uxGYUQL4vw01POibm6PAf/HvrfUaKSpvDFLPlNuDRDHxwvANU5WFckfTZ2KJE
Jpe+RqXf7B/7APZnUVq5kdz95Fod91yfKY23bGOjYRrQHiTd/P/5TV79SY0cBPfa
wSTHxsNblrpTMWKSNQ2mcg1qSGTxcOqLCzAT+FFdJ5/ujIxnabM+lp6z3O1sQLRr
2UKIjxsyM4dMuSdNl5LhjJu6g7J4NX8e/qWcorU0dbGj8+9cPufNrSbKK1jtY4Ek
fSYT0z4taiMT+TyY3IxAP/X6xdxzejZ+R/oBeILEZzC/O4CiZRvFWHIhLW1zAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU6OYCPxm+9HKmGt8+Hx80jxZ6kEUwHwYDVR0j
BBgwFoAUCeGxVLVftPhLR/ct/d6NlmS50hIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMkM3MDZEOEU1RjBDMTYyNDkyMEE3NEU2Mjg3RDEyRjE4
QkM2MjgwMkZDNjAxQjU2MzgxOEMyNTc1MDlGNEI4LzAvMDlFMUIxNTRCNTVGQjRG
ODRCNDdGNzJERkRERThEOTY2NEI5RDIxMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wOUUxQjE1NEI1NUZCNEY4NEI0
N0Y3MkRGRERFOEQ5NjY0QjlEMjEyLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTJDNzA2RDhFNUYwQzE2MjQ5MjBBNzRFNjI4N0QxMkYxOEJDNjI4MDJG
QzYwMUI1NjM4MThDMjU3NTA5RjRCOC8wLzMxMzMzMjJlMzIzNTM1MmUzMTMzMzIy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNTMyMzQzODM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQChP+E
MA0GCSqGSIb3DQEBCwUAA4IBAQDM0FURlKwDZU3PbnGz2cBEoAo8GnzOt6U/4PYS
2U3I9K+Bt42JSD3yWsx1ZZFjdqgcJ4yMSDH9V/A0U9qXsCFwO1MNYcK67iSlxSzw
g27AP6STVKmR5RWW63pW2HZL7Ie0daDDnBNKy3kLsCcNkzb36h1fv1fp13M0PM1p
gYyWlxmoDR7B70utgw5FAz58gxD1C4zL8L1vBHYkErUxm005DpQBUJW91BOUJjdH
UazYDnQdwfskA6nQ6uOSyd06qD37vVDUn8foG/enMBnYMAzBtr0t/Cz8kxry0LDm
xNDsCn/435q/u1VoOc4mwdFhPzNvtA4gTNLjCNcN94cyu2CE
-----END CERTIFICATE-----