Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1B2F1BAE427909763512B7001E694045B9FAB9477FCCC1EE2B6830E0A0838B1A/0/34352e3138392e36302e302f32342d3234203d3e203532343638.roa
File:                     34352e3138392e36302e302f32342d3234203d3e203532343638.roa (raw, json)
Hash identifier:          QeabBpyqxZBXP7Z4JX/q0XnZiLzTmPo1UtRCIB3z25Y=
Subject key identifier:   0D:93:FC:55:4E:2B:BF:48:98:26:F9:FB:D1:1B:41:CF:20:C1:39:4D
Certificate issuer:       /CN=58C76DEB05E1657B955AB41355B108825D2D69BC
Certificate serial:       2BC70CA19C40F52C24704C580A4C968D11D3D69E
Authority key identifier: 58:C7:6D:EB:05:E1:65:7B:95:5A:B4:13:55:B1:08:82:5D:2D:69:BC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/58C76DEB05E1657B955AB41355B108825D2D69BC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1B2F1BAE427909763512B7001E694045B9FAB9477FCCC1EE2B6830E0A0838B1A/0/34352e3138392e36302e302f32342d3234203d3e203532343638.roa
Signing time:             Tue 04 Feb 2025 20:08:58 +0000
ROA not before:           Tue 04 Feb 2025 20:03:58 +0000
ROA not after:            Tue 03 Feb 2026 20:08:58 +0000
asID:                     52468
IP address blocks:        45.189.60.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:c7:0c:a1:9c:40:f5:2c:24:70:4c:58:0a:4c:96:8d:11:d3:d6:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58C76DEB05E1657B955AB41355B108825D2D69BC
        Validity
            Not Before: Feb  4 20:03:58 2025 GMT
            Not After : Feb  3 20:08:58 2026 GMT
        Subject: CN=0D93FC554E2BBF489826F9FBD11B41CF20C1394D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:6f:fa:0c:3e:28:75:91:14:6e:22:20:e2:73:
                    a8:ec:60:cf:e7:a2:50:38:f9:38:34:89:db:9c:9f:
                    c2:50:81:e4:59:c3:a2:20:9c:67:76:0d:82:2f:85:
                    5d:92:c6:ec:83:d2:cb:ea:fe:e6:57:fc:0d:66:36:
                    5f:9d:4d:c6:e2:f8:21:c4:f5:58:85:2a:cd:81:f0:
                    11:f0:3f:6d:03:42:7a:b8:33:96:cc:f4:7b:52:4e:
                    75:36:bd:10:dd:67:25:34:8e:df:c8:7b:a5:5b:6f:
                    ef:1c:04:56:10:22:de:da:d9:9c:6f:fd:66:1a:9f:
                    a1:3b:c5:a9:01:51:ee:8d:db:ac:4c:dd:5c:94:d4:
                    9d:ae:ca:09:21:b5:66:1c:da:92:d7:00:03:33:33:
                    47:1c:8c:20:a5:30:cb:98:a6:a9:c4:f4:7e:fc:77:
                    4f:a3:84:59:a7:71:9d:d9:35:f1:43:36:ba:a4:8f:
                    79:63:db:ef:71:dd:84:d0:ba:17:50:96:9a:70:6d:
                    60:39:7f:19:ca:02:74:21:50:00:5d:65:6c:59:60:
                    e4:25:73:da:38:d0:0a:91:c8:04:0c:77:15:0d:f5:
                    38:76:39:39:93:b2:18:2b:f2:02:aa:bd:c4:8c:a3:
                    8e:e1:58:39:06:7c:b8:56:10:56:9e:c4:2f:f6:40:
                    10:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:93:FC:55:4E:2B:BF:48:98:26:F9:FB:D1:1B:41:CF:20:C1:39:4D
            X509v3 Authority Key Identifier:
                keyid:58:C7:6D:EB:05:E1:65:7B:95:5A:B4:13:55:B1:08:82:5D:2D:69:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1B2F1BAE427909763512B7001E694045B9FAB9477FCCC1EE2B6830E0A0838B1A/0/58C76DEB05E1657B955AB41355B108825D2D69BC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/58C76DEB05E1657B955AB41355B108825D2D69BC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1B2F1BAE427909763512B7001E694045B9FAB9477FCCC1EE2B6830E0A0838B1A/0/34352e3138392e36302e302f32342d3234203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.189.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:99:ee:63:d9:e4:68:16:a8:14:35:c2:08:38:e1:a2:ad:cc:
         ac:2a:c7:dd:c2:8d:19:b6:d4:ec:03:fe:27:bf:d9:d0:cb:48:
         ae:b3:c4:f3:8d:8d:83:59:89:c9:a9:16:34:7a:0f:1d:cd:dd:
         8e:ce:bc:2e:ca:17:63:22:fe:29:02:ec:eb:fd:15:33:fe:92:
         b2:1c:57:74:98:22:9a:e7:25:39:17:c1:00:c3:ab:56:e4:8f:
         85:43:68:0b:f2:aa:bb:aa:c1:c1:be:8b:ec:eb:40:b6:1c:43:
         5b:58:a2:ae:92:69:fa:77:4a:e9:f1:5d:c9:03:5a:29:73:42:
         3d:89:9f:aa:78:f7:c7:1c:9c:a5:49:43:56:af:0e:c6:a9:5f:
         f6:39:bb:65:5b:63:e8:77:7e:fd:c0:1e:ef:ce:24:73:84:27:
         4e:d1:18:13:57:9c:51:28:b7:ac:19:cc:68:70:76:78:50:1d:
         33:5e:8c:41:46:0c:32:8f:58:dd:a5:c6:e2:3b:ca:c4:0b:1e:
         00:65:a1:71:12:d3:23:98:45:36:1b:e6:7c:7d:ec:f1:e4:35:
         37:c3:a7:3d:04:49:8b:29:98:c2:db:7d:ca:7f:47:e2:60:f2:
         79:6f:69:7e:e6:0f:3e:4b:58:d9:55:2a:20:fb:6d:d3:57:70:
         29:83:ea:bb
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUK8cMoZxA9SwkcExYCkyWjRHT1p4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNThDNzZERUIwNUUxNjU3Qjk1NUFCNDEzNTVCMTA4ODI1
RDJENjlCQzAeFw0yNTAyMDQyMDAzNThaFw0yNjAyMDMyMDA4NThaMDMxMTAvBgNV
BAMTKDBEOTNGQzU1NEUyQkJGNDg5ODI2RjlGQkQxMUI0MUNGMjBDMTM5NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTb/oMPih1kRRuIiDic6jsYM/n
olA4+Tg0iducn8JQgeRZw6IgnGd2DYIvhV2SxuyD0svq/uZX/A1mNl+dTcbi+CHE
9ViFKs2B8BHwP20DQnq4M5bM9HtSTnU2vRDdZyU0jt/Ie6Vbb+8cBFYQIt7a2Zxv
/WYan6E7xakBUe6N26xM3VyU1J2uygkhtWYc2pLXAAMzM0ccjCClMMuYpqnE9H78
d0+jhFmncZ3ZNfFDNrqkj3lj2+9x3YTQuhdQlppwbWA5fxnKAnQhUABdZWxZYOQl
c9o40AqRyAQMdxUN9Th2OTmTshgr8gKqvcSMo47hWDkGfLhWEFaexC/2QBAHAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUDZP8VU4rv0iYJvn70RtBzyDBOU0wHwYDVR0j
BBgwFoAUWMdt6wXhZXuVWrQTVbEIgl0tabwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQjJGMUJBRTQyNzkwOTc2MzUxMkI3MDAxRTY5NDA0NUI5
RkFCOTQ3N0ZDQ0MxRUUyQjY4MzBFMEEwODM4QjFBLzAvNThDNzZERUIwNUUxNjU3
Qjk1NUFCNDEzNTVCMTA4ODI1RDJENjlCQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81OEM3NkRFQjA1RTE2NTdCOTU1
QUI0MTM1NUIxMDg4MjVEMkQ2OUJDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUIyRjFCQUU0Mjc5MDk3NjM1MTJCNzAwMUU2OTQwNDVCOUZBQjk0NzdG
Q0NDMUVFMkI2ODMwRTBBMDgzOEIxQS8wLzM0MzUyZTMxMzgzOTJlMzYzMDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzNDM2Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtvTwwDQYJ
KoZIhvcNAQELBQADggEBAGyZ7mPZ5GgWqBQ1wgg44aKtzKwqx93CjRm21OwD/ie/
2dDLSK6zxPONjYNZicmpFjR6Dx3N3Y7OvC7KF2Mi/ikC7Ov9FTP+krIcV3SYIprn
JTkXwQDDq1bkj4VDaAvyqruqwcG+i+zrQLYcQ1tYoq6Safp3SunxXckDWilzQj2J
n6p498ccnKVJQ1avDsapX/Y5u2VbY+h3fv3AHu/OJHOEJ07RGBNXnFEot6wZzGhw
dnhQHTNejEFGDDKPWN2lxuI7ysQLHgBloXES0yOYRTYb5nx97PHkNTfDpz0ESYsp
mMLbfcp/R+Jg8nlvaX7mDz5LWNlVKiD7bdNXcCmD6rs=
-----END CERTIFICATE-----