Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/23B7C697E988C14728015F75AD4BD621755BB39870EA2831B3CD053B988533F1/0/3134382e3230382e3135392e302f32342d3234203d3e20323730313439.roa
File:                     3134382e3230382e3135392e302f32342d3234203d3e20323730313439.roa (raw, json)
Hash identifier:          gwjholR/XFvjlcladaHHx5CUhsNBzGENgDqd9pmNLiY=
Subject key identifier:   76:CA:81:B5:95:66:F6:99:01:6E:62:2F:20:E3:34:A8:7B:B6:40:9E
Certificate issuer:       /CN=8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB
Certificate serial:       3B0E32F7495B3AFA6A4FB6026A14EBD7F592B4F5
Authority key identifier: 8A:12:67:DC:B4:DC:6F:FA:9F:CD:D7:FE:A9:D7:F9:F7:8C:37:91:DB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/23B7C697E988C14728015F75AD4BD621755BB39870EA2831B3CD053B988533F1/0/3134382e3230382e3135392e302f32342d3234203d3e20323730313439.roa
Signing time:             Tue 04 Feb 2025 18:08:41 +0000
ROA not before:           Tue 04 Feb 2025 18:03:41 +0000
ROA not after:            Tue 03 Feb 2026 18:08:41 +0000
asID:                     270149
IP address blocks:        148.208.159.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:0e:32:f7:49:5b:3a:fa:6a:4f:b6:02:6a:14:eb:d7:f5:92:b4:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB
        Validity
            Not Before: Feb  4 18:03:41 2025 GMT
            Not After : Feb  3 18:08:41 2026 GMT
        Subject: CN=76CA81B59566F699016E622F20E334A87BB6409E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:90:03:9f:8c:6c:05:e8:cc:f0:18:5c:a4:29:
                    0d:8e:58:ee:14:dc:7b:67:f0:6f:c3:08:14:5b:74:
                    57:56:1e:12:80:f6:61:62:84:28:03:40:29:8b:f1:
                    8b:0a:07:b2:0f:ea:f4:c8:6c:f5:f7:b5:43:9c:08:
                    6d:70:5c:d0:37:20:8b:f9:c8:9e:c3:f7:03:06:92:
                    cd:07:3e:2a:92:e5:ad:a4:f9:9c:db:91:1f:12:58:
                    3f:8c:53:03:3a:eb:46:72:80:df:33:8a:e4:3a:c1:
                    dc:22:c2:f9:a1:80:5b:57:1d:b7:41:d4:24:d8:3b:
                    87:2a:a3:7e:9c:57:8b:01:54:bd:de:82:32:cd:8a:
                    1e:54:b6:01:fe:17:99:4d:28:99:e6:22:01:83:03:
                    8d:38:dc:38:9d:43:87:90:c8:0e:8e:b6:57:70:3f:
                    0a:9f:fb:be:57:1a:fe:ff:e2:18:e0:19:13:4d:a6:
                    0c:49:bd:39:86:12:32:b0:02:d7:d3:e1:2a:ff:3a:
                    0d:a8:36:62:ad:43:8e:9b:ca:36:bf:6d:a3:a0:0b:
                    d7:0d:0a:a7:42:98:91:67:bd:5e:40:c5:f8:3d:56:
                    38:45:35:e6:54:9f:c9:07:0e:9c:e6:b2:78:9c:27:
                    82:b1:ef:88:62:a1:30:d8:44:b0:a5:07:20:46:70:
                    2e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:CA:81:B5:95:66:F6:99:01:6E:62:2F:20:E3:34:A8:7B:B6:40:9E
            X509v3 Authority Key Identifier:
                keyid:8A:12:67:DC:B4:DC:6F:FA:9F:CD:D7:FE:A9:D7:F9:F7:8C:37:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/23B7C697E988C14728015F75AD4BD621755BB39870EA2831B3CD053B988533F1/0/8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8A1267DCB4DC6FFA9FCDD7FEA9D7F9F78C3791DB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/23B7C697E988C14728015F75AD4BD621755BB39870EA2831B3CD053B988533F1/0/3134382e3230382e3135392e302f32342d3234203d3e20323730313439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.208.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:25:8f:da:10:52:ef:62:15:e7:a0:99:18:65:66:84:41:5c:
         ff:7f:b5:23:1d:15:3f:ec:58:84:d1:42:db:a4:44:c5:60:c2:
         0a:2f:a0:3b:08:56:7a:61:98:7d:25:6b:6f:2c:26:55:c4:46:
         f1:26:9e:8e:44:9a:d4:aa:ca:6e:96:89:35:62:b4:aa:9e:69:
         ab:89:1b:6c:fd:0b:45:67:e5:b4:7a:2c:35:12:b3:56:2d:8f:
         75:57:7e:c3:62:bd:df:51:96:5d:ac:5a:cc:f3:4d:da:0f:b3:
         84:22:a1:ad:6f:af:cf:51:75:10:08:53:75:8f:a4:b5:56:27:
         75:84:6b:15:26:4e:10:3f:56:fc:4c:6d:90:57:ca:7f:b1:04:
         c8:8c:46:db:a3:70:57:3f:a4:8a:8c:ae:e9:c9:fd:3a:48:91:
         35:1b:ad:ab:e6:22:77:ad:1a:e8:98:3f:ee:4b:cd:da:86:bb:
         38:f0:92:8d:96:f3:b8:9e:ea:0b:30:b8:cb:27:ee:da:57:a7:
         e4:ce:c5:8f:80:53:d0:a6:76:e2:6d:47:82:b0:6b:bb:16:68:
         66:e4:38:67:06:4b:ba:e6:07:a0:8c:1a:00:5f:1a:73:f6:8e:
         a1:e9:c5:92:cc:65:f2:f9:2a:6b:93:4d:65:db:28:bc:4f:56:
         86:77:92:69
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUOw4y90lbOvpqT7YCahTr1/WStPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEExMjY3RENCNERDNkZGQTlGQ0REN0ZFQTlEN0Y5Rjc4
QzM3OTFEQjAeFw0yNTAyMDQxODAzNDFaFw0yNjAyMDMxODA4NDFaMDMxMTAvBgNV
BAMTKDc2Q0E4MUI1OTU2NkY2OTkwMTZFNjIyRjIwRTMzNEE4N0JCNjQwOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDykAOfjGwF6MzwGFykKQ2OWO4U
3Htn8G/DCBRbdFdWHhKA9mFihCgDQCmL8YsKB7IP6vTIbPX3tUOcCG1wXNA3IIv5
yJ7D9wMGks0HPiqS5a2k+ZzbkR8SWD+MUwM660ZygN8ziuQ6wdwiwvmhgFtXHbdB
1CTYO4cqo36cV4sBVL3egjLNih5UtgH+F5lNKJnmIgGDA4043DidQ4eQyA6Otldw
Pwqf+75XGv7/4hjgGRNNpgxJvTmGEjKwAtfT4Sr/Og2oNmKtQ46byja/baOgC9cN
CqdCmJFnvV5Axfg9VjhFNeZUn8kHDpzmsnicJ4Kx74hioTDYRLClByBGcC4zAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUdsqBtZVm9pkBbmIvIOM0qHu2QJ4wHwYDVR0j
BBgwFoAUihJn3LTcb/qfzdf+qdf594w3kdswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yM0I3QzY5N0U5ODhDMTQ3MjgwMTVGNzVBRDRCRDYyMTc1
NUJCMzk4NzBFQTI4MzFCM0NEMDUzQjk4ODUzM0YxLzAvOEExMjY3RENCNERDNkZG
QTlGQ0REN0ZFQTlEN0Y5Rjc4QzM3OTFEQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84QTEyNjdEQ0I0REM2RkZBOUZD
REQ3RkVBOUQ3RjlGNzhDMzc5MURCLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjNCN0M2OTdFOTg4QzE0NzI4MDE1Rjc1QUQ0QkQ2MjE3NTVCQjM5ODcw
RUEyODMxQjNDRDA1M0I5ODg1MzNGMS8wLzMxMzQzODJlMzIzMDM4MmUzMTM1Mzky
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzAzMTM0Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACU
0J8wDQYJKoZIhvcNAQELBQADggEBALAlj9oQUu9iFeegmRhlZoRBXP9/tSMdFT/s
WITRQtukRMVgwgovoDsIVnphmH0la28sJlXERvEmno5EmtSqym6WiTVitKqeaauJ
G2z9C0Vn5bR6LDUSs1Ytj3VXfsNivd9Rll2sWszzTdoPs4Qioa1vr89RdRAIU3WP
pLVWJ3WEaxUmThA/VvxMbZBXyn+xBMiMRtujcFc/pIqMrunJ/TpIkTUbravmInet
GuiYP+5LzdqGuzjwko2W87ie6gswuMsn7tpXp+TOxY+AU9CmduJtR4Kwa7sWaGbk
OGcGS7rmB6CMGgBfGnP2jqHpxZLMZfL5KmuTTWXbKLxPVoZ3kmk=
-----END CERTIFICATE-----