Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/272C1702EE191F4B4CB2BCA9C049F86AE871E9E3E473075F49404FB24D8F7B4E/0/3135382e3137302e302e302f31362d3137203d3e203237383937.roa
File:                     3135382e3137302e302e302f31362d3137203d3e203237383937.roa (raw, json)
Hash identifier:          kbk0LH8GJsTiqY6bgc/+LVzyBwVpj1YhYmKW+BGKww4=
Subject key identifier:   FC:34:F2:D9:1B:77:E7:05:38:80:7E:11:33:91:86:0D:5C:80:F2:C6
Certificate issuer:       /CN=A51CC7F03D5195F5ACE580797D8454B8AF89B02D
Certificate serial:       6729C465E40052D387E1E864EBC30E66BE980E8F
Authority key identifier: A5:1C:C7:F0:3D:51:95:F5:AC:E5:80:79:7D:84:54:B8:AF:89:B0:2D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A51CC7F03D5195F5ACE580797D8454B8AF89B02D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/272C1702EE191F4B4CB2BCA9C049F86AE871E9E3E473075F49404FB24D8F7B4E/0/3135382e3137302e302e302f31362d3137203d3e203237383937.roa
Signing time:             Tue 04 Feb 2025 18:22:58 +0000
ROA not before:           Tue 04 Feb 2025 18:17:58 +0000
ROA not after:            Tue 03 Feb 2026 18:22:58 +0000
asID:                     27897
IP address blocks:        158.170.0.0/16 maxlen: 17
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:29:c4:65:e4:00:52:d3:87:e1:e8:64:eb:c3:0e:66:be:98:0e:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A51CC7F03D5195F5ACE580797D8454B8AF89B02D
        Validity
            Not Before: Feb  4 18:17:58 2025 GMT
            Not After : Feb  3 18:22:58 2026 GMT
        Subject: CN=FC34F2D91B77E70538807E113391860D5C80F2C6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:5b:91:e3:b0:09:cf:a5:b0:d5:5d:dd:a7:e1:
                    bc:62:85:ae:d3:70:e5:0d:0d:a4:6c:b5:5c:52:c6:
                    7c:ca:cd:b6:29:e8:cd:87:fe:f5:b5:51:3b:81:8f:
                    81:f1:27:ed:46:45:2c:ae:5b:15:8d:af:14:a2:0c:
                    d9:e1:a0:6a:c7:7a:e9:ae:ec:b8:fe:01:03:29:da:
                    55:06:23:97:30:f4:99:16:f8:f9:ee:ea:d4:b4:e8:
                    c3:2e:73:76:b0:14:3a:bb:e3:7e:77:cf:65:9f:b3:
                    48:3d:a2:07:93:63:bb:43:71:22:d2:b4:b5:23:01:
                    fd:1e:d6:0f:37:3d:10:61:40:37:02:14:43:ad:0a:
                    ef:c3:10:e6:25:dc:aa:22:36:1c:e4:ee:74:0e:46:
                    0b:e5:da:04:e6:21:02:60:da:eb:50:dc:e6:e9:cb:
                    dc:2e:aa:b6:a2:be:28:d5:ab:c5:25:96:5a:e7:9f:
                    66:2a:02:58:31:51:77:b9:0e:46:26:7b:fc:f6:26:
                    12:e5:ed:ec:bb:74:d9:9d:67:c5:17:f0:8e:d8:75:
                    5d:65:62:01:d1:73:de:9c:f8:6f:3a:37:09:09:a1:
                    1e:a1:d7:f8:ae:cf:da:81:ef:33:3f:c9:81:2b:d2:
                    d8:99:11:55:54:e0:f3:9d:f7:5a:7b:16:a8:44:97:
                    a8:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:34:F2:D9:1B:77:E7:05:38:80:7E:11:33:91:86:0D:5C:80:F2:C6
            X509v3 Authority Key Identifier:
                keyid:A5:1C:C7:F0:3D:51:95:F5:AC:E5:80:79:7D:84:54:B8:AF:89:B0:2D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/272C1702EE191F4B4CB2BCA9C049F86AE871E9E3E473075F49404FB24D8F7B4E/0/A51CC7F03D5195F5ACE580797D8454B8AF89B02D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A51CC7F03D5195F5ACE580797D8454B8AF89B02D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/272C1702EE191F4B4CB2BCA9C049F86AE871E9E3E473075F49404FB24D8F7B4E/0/3135382e3137302e302e302f31362d3137203d3e203237383937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.170.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         24:4c:94:fa:d2:a7:cc:fe:44:49:f4:2c:5d:62:99:56:2a:3d:
         6e:ba:d8:ab:a6:5d:da:83:77:ca:9b:a4:81:8c:2c:b6:cd:c1:
         83:55:d2:84:29:4f:be:a8:45:d9:aa:89:be:0e:73:0d:63:af:
         f3:08:f9:c3:7b:87:fa:f6:ba:2d:22:be:89:3c:33:ca:ca:bd:
         41:81:88:9d:13:b6:37:7d:a7:7e:0e:90:2a:9d:88:a8:18:e5:
         72:f5:d3:19:b9:a2:0b:97:bc:c7:68:e0:f7:54:ff:b4:0f:19:
         9b:93:27:c7:e5:3d:82:b4:20:f7:9c:1f:ae:92:84:5a:f6:ea:
         cb:2c:cc:ff:b5:60:5a:b4:ab:53:46:f0:ff:a1:31:31:21:17:
         65:f4:64:a3:63:99:b6:da:73:5c:00:a9:d3:fe:b5:28:c4:4d:
         20:b6:df:65:4e:33:8e:df:43:3f:fd:a4:1f:a2:df:01:3b:5d:
         1a:48:da:da:0c:1a:20:fe:1f:81:d5:b0:5c:bf:97:9d:8d:ea:
         53:15:00:90:5e:96:18:98:39:4c:6f:a7:3c:5a:1b:72:92:7a:
         0f:d8:cc:c0:fa:49:cc:69:e3:2a:35:68:4d:cf:99:0b:ed:63:
         d8:ac:d4:be:43:5b:0a:a1:17:09:8d:73:51:ce:5b:cc:75:dd:
         d2:ed:48:f9
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUZynEZeQAUtOH4ehk68MOZr6YDo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTUxQ0M3RjAzRDUxOTVGNUFDRTU4MDc5N0Q4NDU0QjhB
Rjg5QjAyRDAeFw0yNTAyMDQxODE3NThaFw0yNjAyMDMxODIyNThaMDMxMTAvBgNV
BAMTKEZDMzRGMkQ5MUI3N0U3MDUzODgwN0UxMTMzOTE4NjBENUM4MEYyQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnW5HjsAnPpbDVXd2n4bxiha7T
cOUNDaRstVxSxnzKzbYp6M2H/vW1UTuBj4HxJ+1GRSyuWxWNrxSiDNnhoGrHeumu
7Lj+AQMp2lUGI5cw9JkW+Pnu6tS06MMuc3awFDq74353z2Wfs0g9ogeTY7tDcSLS
tLUjAf0e1g83PRBhQDcCFEOtCu/DEOYl3KoiNhzk7nQORgvl2gTmIQJg2utQ3Obp
y9wuqraivijVq8Ulllrnn2YqAlgxUXe5DkYme/z2JhLl7ey7dNmdZ8UX8I7YdV1l
YgHRc96c+G86NwkJoR6h1/iuz9qB7zM/yYEr0tiZEVVU4POd91p7FqhEl6j3AgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQU/DTy2Rt35wU4gH4RM5GGDVyA8sYwHwYDVR0j
BBgwFoAUpRzH8D1RlfWs5YB5fYRUuK+JsC0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yNzJDMTcwMkVFMTkxRjRCNENCMkJDQTlDMDQ5Rjg2QUU4
NzFFOUUzRTQ3MzA3NUY0OTQwNEZCMjREOEY3QjRFLzAvQTUxQ0M3RjAzRDUxOTVG
NUFDRTU4MDc5N0Q4NDU0QjhBRjg5QjAyRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNTFDQzdGMDNENTE5NUY1QUNF
NTgwNzk3RDg0NTRCOEFGODlCMDJELmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjcyQzE3MDJFRTE5MUY0QjRDQjJCQ0E5QzA0OUY4NkFFODcxRTlFM0U0
NzMwNzVGNDk0MDRGQjI0RDhGN0I0RS8wLzMxMzUzODJlMzEzNzMwMmUzMDJlMzAy
ZjMxMzYyZDMxMzcyMDNkM2UyMDMyMzczODM5Mzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwCeqjANBgkq
hkiG9w0BAQsFAAOCAQEAJEyU+tKnzP5ESfQsXWKZVio9brrYq6Zd2oN3ypukgYws
ts3Bg1XShClPvqhF2aqJvg5zDWOv8wj5w3uH+va6LSK+iTwzysq9QYGInRO2N32n
fg6QKp2IqBjlcvXTGbmiC5e8x2jg91T/tA8Zm5Mnx+U9grQg95wfrpKEWvbqyyzM
/7VgWrSrU0bw/6ExMSEXZfRko2OZttpzXACp0/61KMRNILbfZU4zjt9DP/2kH6Lf
ATtdGkja2gwaIP4fgdWwXL+XnY3qUxUAkF6WGJg5TG+nPFobcpJ6D9jMwPpJzGnj
KjVoTc+ZC+1j2KzUvkNbCqEXCY1zUc5bzHXd0u1I+Q==
-----END CERTIFICATE-----