Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/27398380AECE8AE806AB7EE97252E19FB82F33478AF33C804F4818C98AF62DAB/0/34352e3136362e3137362e302f32322d3234203d3e20323637373330.roa
File:                     34352e3136362e3137362e302f32322d3234203d3e20323637373330.roa (raw, json)
Hash identifier:          AHvurBmKbsGk+iz2BihXgXJPBi02Chka7n5NfHDxZ5U=
Subject key identifier:   06:C2:63:B9:F5:7F:F7:BC:A4:BB:BB:18:AE:BD:58:D7:D3:5E:2C:B9
Certificate issuer:       /CN=2D7718438FB232639075F3BB0E7DE54CD20AA91D
Certificate serial:       2DE694820D47A0277AD1640D15E5BC734768F65F
Authority key identifier: 2D:77:18:43:8F:B2:32:63:90:75:F3:BB:0E:7D:E5:4C:D2:0A:A9:1D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2D7718438FB232639075F3BB0E7DE54CD20AA91D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/27398380AECE8AE806AB7EE97252E19FB82F33478AF33C804F4818C98AF62DAB/0/34352e3136362e3137362e302f32322d3234203d3e20323637373330.roa
Signing time:             Tue 04 Feb 2025 18:10:06 +0000
ROA not before:           Tue 04 Feb 2025 18:05:06 +0000
ROA not after:            Tue 03 Feb 2026 18:10:06 +0000
asID:                     267730
IP address blocks:        45.166.176.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:e6:94:82:0d:47:a0:27:7a:d1:64:0d:15:e5:bc:73:47:68:f6:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D7718438FB232639075F3BB0E7DE54CD20AA91D
        Validity
            Not Before: Feb  4 18:05:06 2025 GMT
            Not After : Feb  3 18:10:06 2026 GMT
        Subject: CN=06C263B9F57FF7BCA4BBBB18AEBD58D7D35E2CB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:49:77:10:05:8f:a0:c2:5e:4d:d7:b8:46:5d:
                    25:e1:85:31:9f:ff:81:38:bf:a6:48:93:4d:83:d4:
                    ae:2c:8a:a5:57:a5:99:fc:19:03:13:ee:a9:82:6b:
                    de:6e:f6:bb:a3:92:87:8b:ef:2f:94:47:d4:29:d0:
                    ab:49:7c:44:bd:21:1a:f6:c5:c1:1b:5a:77:02:8f:
                    83:43:79:e8:0c:34:f0:bc:64:b8:c1:4e:16:88:5e:
                    11:54:b4:b4:a0:30:a0:06:81:51:75:42:51:d5:03:
                    d7:4f:7d:6b:83:b6:ae:7b:63:3f:84:3f:1c:13:98:
                    89:a8:58:b5:6c:11:7e:b5:f6:8d:ff:fd:74:8b:74:
                    23:5d:54:d0:bb:0e:25:8c:fc:1b:3e:b2:9d:0f:75:
                    62:4d:e1:ea:54:5c:03:16:44:c0:00:ae:7f:cb:5b:
                    d5:24:65:de:74:ab:4f:76:33:3a:1d:2d:4b:f8:40:
                    05:c1:33:e0:43:c5:fc:5b:48:47:17:70:3a:c6:79:
                    33:8f:52:9f:06:ba:bb:2a:96:0a:20:10:cd:cb:b8:
                    64:f6:4d:23:61:a7:1f:84:24:c3:80:82:36:61:cb:
                    73:fe:13:c7:43:b5:44:e9:b7:87:48:5d:b0:5c:67:
                    64:13:4c:1f:5b:07:b2:2a:90:26:39:76:aa:de:ee:
                    79:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:C2:63:B9:F5:7F:F7:BC:A4:BB:BB:18:AE:BD:58:D7:D3:5E:2C:B9
            X509v3 Authority Key Identifier:
                keyid:2D:77:18:43:8F:B2:32:63:90:75:F3:BB:0E:7D:E5:4C:D2:0A:A9:1D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/27398380AECE8AE806AB7EE97252E19FB82F33478AF33C804F4818C98AF62DAB/0/2D7718438FB232639075F3BB0E7DE54CD20AA91D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2D7718438FB232639075F3BB0E7DE54CD20AA91D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/27398380AECE8AE806AB7EE97252E19FB82F33478AF33C804F4818C98AF62DAB/0/34352e3136362e3137362e302f32322d3234203d3e20323637373330.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.166.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:9d:e1:62:aa:cb:d2:91:03:53:8f:b5:13:5b:61:e5:21:6a:
         c9:19:65:d0:26:2d:19:f7:61:8d:c5:b4:05:43:09:01:28:5c:
         41:8a:6e:f9:07:8b:a6:ce:2e:fe:b8:5d:4e:79:9a:ea:cb:fe:
         19:83:a1:30:8c:e7:fd:dd:87:65:b5:7a:e6:24:e4:18:5e:09:
         61:83:46:6b:40:a6:a6:b3:c8:e7:a3:55:7a:f5:a2:31:5b:71:
         f8:61:4b:97:ca:dc:60:60:e6:26:ba:15:cc:6c:fe:8d:c3:a5:
         b4:dc:85:96:39:b4:1d:8c:a4:1f:19:60:65:c9:73:48:76:1e:
         11:20:27:df:50:4b:23:80:6c:b8:a6:d0:ad:d5:d0:52:27:c1:
         f0:bf:73:a7:85:00:83:c3:e0:19:73:ac:c1:ec:a9:c0:d4:73:
         8c:00:2d:b6:ea:b4:37:d3:17:5a:e5:0c:22:6c:1b:e3:be:7b:
         c9:22:2a:f5:06:a0:3a:53:e8:53:13:b7:b5:2b:1b:b7:08:ef:
         b4:df:47:c9:c3:6d:77:45:d3:ea:66:04:8d:08:b1:04:1d:00:
         68:26:e3:0f:fe:8c:e9:3d:a7:f6:f0:ff:bc:bd:58:ae:d9:21:
         6a:ef:5a:fa:9b:78:66:9c:4f:a1:df:5f:97:20:ca:cf:81:92:
         c9:bf:95:4b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIULeaUgg1HoCd60WQNFeW8c0do9l8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkQ3NzE4NDM4RkIyMzI2MzkwNzVGM0JCMEU3REU1NENE
MjBBQTkxRDAeFw0yNTAyMDQxODA1MDZaFw0yNjAyMDMxODEwMDZaMDMxMTAvBgNV
BAMTKDA2QzI2M0I5RjU3RkY3QkNBNEJCQkIxOEFFQkQ1OEQ3RDM1RTJDQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWSXcQBY+gwl5N17hGXSXhhTGf
/4E4v6ZIk02D1K4siqVXpZn8GQMT7qmCa95u9rujkoeL7y+UR9Qp0KtJfES9IRr2
xcEbWncCj4NDeegMNPC8ZLjBThaIXhFUtLSgMKAGgVF1QlHVA9dPfWuDtq57Yz+E
PxwTmImoWLVsEX619o3//XSLdCNdVNC7DiWM/Bs+sp0PdWJN4epUXAMWRMAArn/L
W9UkZd50q092MzodLUv4QAXBM+BDxfxbSEcXcDrGeTOPUp8GursqlgogEM3LuGT2
TSNhpx+EJMOAgjZhy3P+E8dDtUTpt4dIXbBcZ2QTTB9bB7IqkCY5dqre7nk5AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUBsJjufV/97yku7sYrr1Y19NeLLkwHwYDVR0j
BBgwFoAULXcYQ4+yMmOQdfO7Dn3lTNIKqR0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yNzM5ODM4MEFFQ0U4QUU4MDZBQjdFRTk3MjUyRTE5RkI4
MkYzMzQ3OEFGMzNDODA0RjQ4MThDOThBRjYyREFCLzAvMkQ3NzE4NDM4RkIyMzI2
MzkwNzVGM0JCMEU3REU1NENEMjBBQTkxRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yRDc3MTg0MzhGQjIzMjYzOTA3
NUYzQkIwRTdERTU0Q0QyMEFBOTFELmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjczOTgzODBBRUNFOEFFODA2QUI3RUU5NzI1MkUxOUZCODJGMzM0NzhB
RjMzQzgwNEY0ODE4Qzk4QUY2MkRBQi8wLzM0MzUyZTMxMzYzNjJlMzEzNzM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM3MzczMzMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLaaw
MA0GCSqGSIb3DQEBCwUAA4IBAQBhneFiqsvSkQNTj7UTW2HlIWrJGWXQJi0Z92GN
xbQFQwkBKFxBim75B4umzi7+uF1OeZrqy/4Zg6EwjOf93YdltXrmJOQYXglhg0Zr
QKams8jno1V69aIxW3H4YUuXytxgYOYmuhXMbP6Nw6W03IWWObQdjKQfGWBlyXNI
dh4RICffUEsjgGy4ptCt1dBSJ8Hwv3OnhQCDw+AZc6zB7KnA1HOMAC226rQ30xda
5QwibBvjvnvJIir1BqA6U+hTE7e1Kxu3CO+030fJw213RdPqZgSNCLEEHQBoJuMP
/ozpPaf28P+8vViu2SFq71r6m3hmnE+h31+XIMrPgZLJv5VL
-----END CERTIFICATE-----