Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130372e302f32342d3234203d3e20323633373530.roa
File:                     34352e3137302e3130372e302f32342d3234203d3e20323633373530.roa (raw, json)
Hash identifier:          SYs6zcIrNttAUAOgI4nXQsIv525h2zx/WZ9Khbkg2/4=
Subject key identifier:   E7:7D:46:32:6A:38:90:E5:A5:03:87:A1:24:51:29:F4:37:3B:5F:B6
Certificate issuer:       /CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
Certificate serial:       04090CA225C8744D95B2687B268AFEAA0EC98955
Authority key identifier: 1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130372e302f32342d3234203d3e20323633373530.roa
Signing time:             Fri 28 Jun 2024 19:50:02 +0000
ROA not before:           Fri 28 Jun 2024 19:45:02 +0000
ROA not after:            Fri 27 Jun 2025 19:50:02 +0000
asID:                     263750
IP address blocks:        45.170.107.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:09:0c:a2:25:c8:74:4d:95:b2:68:7b:26:8a:fe:aa:0e:c9:89:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
        Validity
            Not Before: Jun 28 19:45:02 2024 GMT
            Not After : Jun 27 19:50:02 2025 GMT
        Subject: CN=E77D46326A3890E5A50387A1245129F4373B5FB6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ed:2d:72:14:a5:2e:c8:fe:f7:56:5f:75:7c:
                    4e:52:c8:da:ff:58:8d:e5:aa:1a:9f:23:c2:1e:94:
                    b6:60:93:19:51:41:75:35:79:ca:fa:ba:2a:7d:e4:
                    54:52:86:bc:3d:51:60:73:10:f4:1a:b8:57:5a:cb:
                    ce:22:b7:27:cb:ba:32:51:a3:61:4e:c8:96:3f:87:
                    ea:59:76:f9:e6:6a:e6:5d:26:27:80:86:86:25:65:
                    c6:e3:6c:b2:b0:1c:41:46:2e:45:0b:3e:85:a3:d4:
                    07:13:2c:46:82:5f:96:b6:ad:cb:5f:61:e8:78:c1:
                    ce:5e:65:4c:38:02:ee:f1:4d:77:bc:66:44:19:7d:
                    52:f5:3d:13:96:07:97:bb:85:93:2f:41:4e:be:df:
                    4d:21:f6:61:40:ab:6c:1a:c2:cf:4f:86:49:75:db:
                    60:63:ec:fc:39:d6:7d:8b:11:75:ec:f7:a7:1d:6f:
                    77:40:ec:52:1a:0e:f8:a6:5b:eb:92:c2:ff:47:6b:
                    3a:83:e4:b5:2a:92:8d:71:ad:f6:85:9c:19:8e:4c:
                    09:a8:ed:0e:00:94:99:a4:50:c4:53:66:6c:b7:93:
                    ec:75:12:a7:62:56:53:3d:d9:b3:07:53:98:34:45:
                    f2:e8:d4:4a:49:1f:a1:5c:7e:fb:5c:fd:fd:6f:b5:
                    4e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:7D:46:32:6A:38:90:E5:A5:03:87:A1:24:51:29:F4:37:3B:5F:B6
            X509v3 Authority Key Identifier:
                keyid:1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130372e302f32342d3234203d3e20323633373530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.170.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:5b:73:13:5b:8e:26:49:c2:58:14:de:1d:7c:e6:2b:5f:49:
         79:d9:b8:a8:4f:19:c8:80:e1:ff:78:eb:86:73:f6:b1:16:b1:
         2a:53:6b:59:be:fb:22:28:22:98:ce:8a:92:4a:95:97:c5:7f:
         76:42:0b:6f:12:3d:1f:3d:c5:ea:02:42:76:d4:4a:1e:b0:84:
         4d:8a:7b:b2:e1:43:ea:56:91:86:8a:03:84:a1:10:f7:9e:e2:
         80:67:cc:69:c3:a2:7f:6c:b3:90:8b:1f:7d:14:42:d9:4f:75:
         75:40:01:cc:ac:ec:b9:15:0a:d5:06:bf:98:cb:4b:a7:fb:85:
         9c:d8:70:74:18:41:77:7b:32:b6:59:1b:0e:dd:2f:a2:7d:09:
         e3:9e:b5:51:8c:b4:e6:a5:7a:6a:12:07:4f:3e:01:41:07:d3:
         6a:98:6e:67:c0:5d:f1:1b:8e:c7:09:b0:03:2d:af:77:e6:89:
         17:57:88:08:de:a4:69:f3:5e:a5:8e:66:3d:50:04:36:d4:4a:
         59:59:da:40:37:7c:e7:50:1d:c2:ab:40:c9:ac:2e:83:19:f7:
         5f:c7:80:61:d9:0c:a3:06:f0:e0:c2:0d:fb:39:80:b0:9f:e6:
         20:13:4f:26:75:b6:91:02:82:49:e1:08:ba:55:70:fa:4f:d5:
         70:f1:43:85
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUBAkMoiXIdE2Vsmh7Jor+qg7JiVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUU4N0YzNDMzRkRERjIzRERDNUZDMkVDOTA4NzZGNDkw
QjYwM0Q3NDAeFw0yNDA2MjgxOTQ1MDJaFw0yNTA2MjcxOTUwMDJaMDMxMTAvBgNV
BAMTKEU3N0Q0NjMyNkEzODkwRTVBNTAzODdBMTI0NTEyOUY0MzczQjVGQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC67S1yFKUuyP73Vl91fE5SyNr/
WI3lqhqfI8IelLZgkxlRQXU1ecr6uip95FRShrw9UWBzEPQauFday84ityfLujJR
o2FOyJY/h+pZdvnmauZdJieAhoYlZcbjbLKwHEFGLkULPoWj1AcTLEaCX5a2rctf
Yeh4wc5eZUw4Au7xTXe8ZkQZfVL1PROWB5e7hZMvQU6+300h9mFAq2waws9Phkl1
22Bj7Pw51n2LEXXs96cdb3dA7FIaDvimW+uSwv9HazqD5LUqko1xrfaFnBmOTAmo
7Q4AlJmkUMRTZmy3k+x1EqdiVlM92bMHU5g0RfLo1EpJH6Fcfvtc/f1vtU4zAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU531GMmo4kOWlA4ehJFEp9Dc7X7YwHwYDVR0j
BBgwFoAUHofzQz/d8j3cX8LskIdvSQtgPXQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzhEOUYxQzg3MUJCOEQxMEJFRjQ1NTgxRTk1MEJCODEz
MzFFQzREM0ZFMzg4RkUxRjQ3NDZBRUEzM0FDQjhGLzAvMUU4N0YzNDMzRkRERjIz
RERDNUZDMkVDOTA4NzZGNDkwQjYwM0Q3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRTg3RjM0MzNGRERGMjNEREM1
RkMyRUM5MDg3NkY0OTBCNjAzRDc0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjM4RDlGMUM4NzFCQjhEMTBCRUY0NTU4MUU5NTBCQjgxMzMxRUM0RDNG
RTM4OEZFMUY0NzQ2QUVBMzNBQ0I4Ri8wLzM0MzUyZTMxMzczMDJlMzEzMDM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMzMzczNTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALapr
MA0GCSqGSIb3DQEBCwUAA4IBAQBwW3MTW44mScJYFN4dfOYrX0l52bioTxnIgOH/
eOuGc/axFrEqU2tZvvsiKCKYzoqSSpWXxX92QgtvEj0fPcXqAkJ21EoesIRNinuy
4UPqVpGGigOEoRD3nuKAZ8xpw6J/bLOQix99FELZT3V1QAHMrOy5FQrVBr+Yy0un
+4Wc2HB0GEF3ezK2WRsO3S+ifQnjnrVRjLTmpXpqEgdPPgFBB9NqmG5nwF3xG47H
CbADLa935okXV4gI3qRp816ljmY9UAQ21EpZWdpAN3znUB3Cq0DJrC6DGfdfx4Bh
2QyjBvDgwg37OYCwn+YgE08mdbaRAoJJ4Qi6VXD6T9Vw8UOF
-----END CERTIFICATE-----