Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1C7C36DCB6F18C2C66F0A4D3589CFD1F0951B1CC300D7BB482FAEAF95E951F16/0/34352e3137312e3131322e302f32322d3234203d3e203532343635.roa
File:                     34352e3137312e3131322e302f32322d3234203d3e203532343635.roa (raw, json)
Hash identifier:          +FXIeg+2hjGf/yen/pVt57sHDYyS3nU7f2vKRbg29Zk=
Subject key identifier:   1D:CD:94:47:49:0E:67:CC:18:2A:D7:EB:DA:BE:CA:EE:67:FA:32:CF
Certificate issuer:       /CN=4F53112E85AD3BA5456323CC85F3FD8B078B8EAA
Certificate serial:       6A268A99FFCA5EE3F05D1DA559B9B8BE009D17A7
Authority key identifier: 4F:53:11:2E:85:AD:3B:A5:45:63:23:CC:85:F3:FD:8B:07:8B:8E:AA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4F53112E85AD3BA5456323CC85F3FD8B078B8EAA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1C7C36DCB6F18C2C66F0A4D3589CFD1F0951B1CC300D7BB482FAEAF95E951F16/0/34352e3137312e3131322e302f32322d3234203d3e203532343635.roa
Signing time:             Tue 02 Jul 2024 14:25:00 +0000
ROA not before:           Tue 02 Jul 2024 14:20:00 +0000
ROA not after:            Tue 01 Jul 2025 14:25:00 +0000
asID:                     52465
IP address blocks:        45.171.112.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:26:8a:99:ff:ca:5e:e3:f0:5d:1d:a5:59:b9:b8:be:00:9d:17:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4F53112E85AD3BA5456323CC85F3FD8B078B8EAA
        Validity
            Not Before: Jul  2 14:20:00 2024 GMT
            Not After : Jul  1 14:25:00 2025 GMT
        Subject: CN=1DCD9447490E67CC182AD7EBDABECAEE67FA32CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:85:a6:4e:98:81:40:1f:9b:9b:f6:b3:18:41:
                    6c:ea:70:25:bd:16:77:56:a7:6d:08:ac:89:88:08:
                    da:56:f1:df:49:8b:38:72:b4:16:0c:c5:be:52:07:
                    da:85:1e:78:4e:ef:9c:ad:1c:5f:ea:4e:dc:fd:a8:
                    00:6b:60:46:60:e1:d1:30:95:06:17:32:7d:74:41:
                    29:98:87:c5:ac:ba:7a:54:c9:71:d5:eb:80:6e:c1:
                    60:b9:43:57:97:48:a2:87:e0:77:ae:11:9c:d0:a3:
                    1e:65:80:2d:bb:1f:9c:cb:65:d1:90:88:ad:26:7a:
                    0d:2c:9e:e5:c1:0a:9d:f2:7d:89:90:3b:57:a4:87:
                    f3:8d:c9:bd:26:86:2c:ff:2a:88:35:0b:32:19:dd:
                    df:4c:01:dd:09:0e:d3:b5:1b:39:2b:d1:ab:a0:d1:
                    dc:58:79:3c:bf:ee:4c:4e:34:28:1e:05:e2:f8:2b:
                    48:45:14:b7:dc:ec:83:bb:8a:d8:52:c3:22:1b:02:
                    a4:2c:df:90:bb:28:55:de:f0:26:39:50:5d:dc:c8:
                    d8:8b:16:e7:d9:43:7d:ed:57:77:5c:16:89:6a:a5:
                    66:bc:ae:f2:2c:cf:ac:af:9a:ad:1e:52:9a:9a:8f:
                    90:df:64:92:01:62:81:c1:11:40:b5:1d:a6:9d:16:
                    26:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:CD:94:47:49:0E:67:CC:18:2A:D7:EB:DA:BE:CA:EE:67:FA:32:CF
            X509v3 Authority Key Identifier:
                keyid:4F:53:11:2E:85:AD:3B:A5:45:63:23:CC:85:F3:FD:8B:07:8B:8E:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1C7C36DCB6F18C2C66F0A4D3589CFD1F0951B1CC300D7BB482FAEAF95E951F16/0/4F53112E85AD3BA5456323CC85F3FD8B078B8EAA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4F53112E85AD3BA5456323CC85F3FD8B078B8EAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1C7C36DCB6F18C2C66F0A4D3589CFD1F0951B1CC300D7BB482FAEAF95E951F16/0/34352e3137312e3131322e302f32322d3234203d3e203532343635.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.171.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:3d:56:96:9a:bc:03:5d:17:68:27:df:db:f3:b1:51:45:0d:
         3e:30:e8:64:61:7a:d1:4d:9e:4d:5f:d1:ad:e2:16:18:1f:ea:
         5b:49:15:5e:e3:df:6f:78:f3:bb:86:f4:7e:37:34:75:20:36:
         75:84:8a:19:21:8f:1e:35:28:9f:02:6b:63:f4:16:d1:1b:a0:
         9b:df:84:e6:bd:5e:21:13:69:81:15:d2:ee:e6:b9:03:69:71:
         f2:40:bd:fc:7a:2b:1f:59:94:63:5b:ab:0a:e1:39:c7:03:51:
         17:e5:6e:10:b2:47:c7:4f:41:34:9f:2b:69:c2:ea:64:4e:55:
         5c:14:3b:c0:10:a9:55:54:a8:06:b3:bb:f1:d0:86:f4:1b:3a:
         8e:52:61:27:cc:74:c9:29:6a:db:89:65:69:ab:fc:a2:88:54:
         d3:f9:c3:6f:e8:c6:dc:4a:3a:9a:7f:ce:6d:41:1d:48:d8:1e:
         37:31:b7:f8:5a:09:50:42:75:03:10:95:4b:ff:5e:e2:ce:f6:
         57:57:a8:fa:b2:39:ff:64:47:a6:88:b4:cc:72:16:8b:ff:fd:
         38:5e:0b:91:da:49:63:50:92:f0:e5:5c:e5:c4:d0:c2:14:9c:
         d2:f8:ac:a3:3b:ed:c9:3d:21:f1:00:6d:6e:cf:18:49:94:4f:
         cf:33:74:36
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUaiaKmf/KXuPwXR2lWbm4vgCdF6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEY1MzExMkU4NUFEM0JBNTQ1NjMyM0NDODVGM0ZEOEIw
NzhCOEVBQTAeFw0yNDA3MDIxNDIwMDBaFw0yNTA3MDExNDI1MDBaMDMxMTAvBgNV
BAMTKDFEQ0Q5NDQ3NDkwRTY3Q0MxODJBRDdFQkRBQkVDQUVFNjdGQTMyQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbhaZOmIFAH5ub9rMYQWzqcCW9
FndWp20IrImICNpW8d9JizhytBYMxb5SB9qFHnhO75ytHF/qTtz9qABrYEZg4dEw
lQYXMn10QSmYh8WsunpUyXHV64BuwWC5Q1eXSKKH4HeuEZzQox5lgC27H5zLZdGQ
iK0meg0snuXBCp3yfYmQO1ekh/ONyb0mhiz/Kog1CzIZ3d9MAd0JDtO1Gzkr0aug
0dxYeTy/7kxONCgeBeL4K0hFFLfc7IO7ithSwyIbAqQs35C7KFXe8CY5UF3cyNiL
FufZQ33tV3dcFolqpWa8rvIsz6yvmq0eUpqaj5DfZJIBYoHBEUC1HaadFiY9AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUHc2UR0kOZ8wYKtfr2r7K7mf6Ms8wHwYDVR0j
BBgwFoAUT1MRLoWtO6VFYyPMhfP9iweLjqowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQzdDMzZEQ0I2RjE4QzJDNjZGMEE0RDM1ODlDRkQxRjA5
NTFCMUNDMzAwRDdCQjQ4MkZBRUFGOTVFOTUxRjE2LzAvNEY1MzExMkU4NUFEM0JB
NTQ1NjMyM0NDODVGM0ZEOEIwNzhCOEVBQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80RjUzMTEyRTg1QUQzQkE1NDU2
MzIzQ0M4NUYzRkQ4QjA3OEI4RUFBLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUM3QzM2RENCNkYxOEMyQzY2RjBBNEQzNTg5Q0ZEMUYwOTUxQjFDQzMw
MEQ3QkI0ODJGQUVBRjk1RTk1MUYxNi8wLzM0MzUyZTMxMzczMTJlMzEzMTMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzUzMjM0MzYzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2rcDAN
BgkqhkiG9w0BAQsFAAOCAQEAkT1Wlpq8A10XaCff2/OxUUUNPjDoZGF60U2eTV/R
reIWGB/qW0kVXuPfb3jzu4b0fjc0dSA2dYSKGSGPHjUonwJrY/QW0Rugm9+E5r1e
IRNpgRXS7ua5A2lx8kC9/HorH1mUY1urCuE5xwNRF+VuELJHx09BNJ8racLqZE5V
XBQ7wBCpVVSoBrO78dCG9Bs6jlJhJ8x0ySlq24llaav8oohU0/nDb+jG3Eo6mn/O
bUEdSNgeNzG3+FoJUEJ1AxCVS/9e4s72V1eo+rI5/2RHpoi0zHIWi//9OF4LkdpJ
Y1CS8OVc5cTQwhSc0visozvtyT0h8QBtbs8YSZRPzzN0Ng==
-----END CERTIFICATE-----