Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3144A0A2AD5BDBDA223163B480EC00357E2B7E758218CE9AEC9D37D3C6C1F20F/0/34352e3137332e37322e302f32322d3234203d3e20323637383135.roa
File:                     34352e3137332e37322e302f32322d3234203d3e20323637383135.roa (raw, json)
Hash identifier:          6YF07Obex3n9fe7+9odbteOKcwypKMJPceKCe8kb4SI=
Subject key identifier:   72:DD:2E:CC:CC:9C:93:64:43:30:EC:41:53:8C:32:4A:63:FB:AB:DA
Certificate issuer:       /CN=253884FEB4F65EB5E046241A1ECA6B109C3621EC
Certificate serial:       4DF74675BCBE3EA0AC6C2F44EA51107835F97F7C
Authority key identifier: 25:38:84:FE:B4:F6:5E:B5:E0:46:24:1A:1E:CA:6B:10:9C:36:21:EC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/253884FEB4F65EB5E046241A1ECA6B109C3621EC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3144A0A2AD5BDBDA223163B480EC00357E2B7E758218CE9AEC9D37D3C6C1F20F/0/34352e3137332e37322e302f32322d3234203d3e20323637383135.roa
Signing time:             Tue 04 Feb 2025 18:46:21 +0000
ROA not before:           Tue 04 Feb 2025 18:41:21 +0000
ROA not after:            Tue 03 Feb 2026 18:46:21 +0000
asID:                     267815
IP address blocks:        45.173.72.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:f7:46:75:bc:be:3e:a0:ac:6c:2f:44:ea:51:10:78:35:f9:7f:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253884FEB4F65EB5E046241A1ECA6B109C3621EC
        Validity
            Not Before: Feb  4 18:41:21 2025 GMT
            Not After : Feb  3 18:46:21 2026 GMT
        Subject: CN=72DD2ECCCC9C93644330EC41538C324A63FBABDA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:02:70:6b:1f:ff:a9:fa:5f:fa:84:07:52:26:
                    c9:4b:ae:53:51:83:55:e7:b9:a2:2a:3b:30:38:32:
                    0c:f4:6c:0d:35:c7:7f:5b:30:7d:ad:f3:ff:11:2d:
                    a1:ce:13:2b:9e:d0:81:ae:d9:b5:e5:0a:fe:f7:3b:
                    12:f8:c0:f7:bc:bb:69:84:a1:e6:42:04:7c:49:06:
                    75:d6:07:6f:91:23:c9:fd:fc:77:f7:fa:31:b1:a4:
                    95:77:3e:3c:f6:8a:4a:2f:a1:73:9f:94:1a:c6:ef:
                    30:60:e4:6e:9c:0d:2b:ba:e7:8c:f2:18:11:4d:44:
                    44:74:1e:b8:81:9d:c3:2f:c4:20:f0:f1:9f:73:62:
                    e0:ab:e4:54:ee:12:4c:44:67:3e:ce:9f:66:d6:dc:
                    6a:75:de:66:92:ad:46:b5:d3:87:6e:ad:65:82:eb:
                    e6:28:86:72:81:54:0b:2c:4d:61:2f:26:90:24:9b:
                    7e:35:fb:6b:fb:97:56:fd:0a:b8:e7:1b:86:0f:3b:
                    02:bc:7a:07:01:2c:f5:52:14:09:68:48:89:55:c4:
                    c3:d9:fb:af:e3:2d:bd:00:22:11:ed:a4:12:40:7f:
                    f6:2b:f0:17:96:66:b8:dd:2b:d2:08:b1:4c:dd:68:
                    e4:b1:be:52:cf:b2:c6:34:79:1d:6f:c1:26:33:2b:
                    ba:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:DD:2E:CC:CC:9C:93:64:43:30:EC:41:53:8C:32:4A:63:FB:AB:DA
            X509v3 Authority Key Identifier:
                keyid:25:38:84:FE:B4:F6:5E:B5:E0:46:24:1A:1E:CA:6B:10:9C:36:21:EC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3144A0A2AD5BDBDA223163B480EC00357E2B7E758218CE9AEC9D37D3C6C1F20F/0/253884FEB4F65EB5E046241A1ECA6B109C3621EC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/253884FEB4F65EB5E046241A1ECA6B109C3621EC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3144A0A2AD5BDBDA223163B480EC00357E2B7E758218CE9AEC9D37D3C6C1F20F/0/34352e3137332e37322e302f32322d3234203d3e20323637383135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a5:b1:fd:af:de:f2:cd:b5:8e:ba:96:59:41:03:b3:2e:d1:6c:
         18:7d:da:7e:c4:75:29:3b:61:f3:76:35:d6:c7:14:20:21:8f:
         58:9a:08:81:81:c4:57:7a:4c:3d:ff:89:07:a4:6a:01:19:c4:
         da:74:bb:b4:70:b3:b3:64:76:15:6f:6e:ce:26:e6:72:ea:11:
         f7:3d:01:c5:16:51:d7:5f:2f:fd:28:12:0a:3e:54:c7:71:2d:
         13:35:31:7f:fc:ce:31:4d:0d:5d:ef:80:68:2a:87:14:2c:64:
         cd:67:e2:c7:c9:5b:bf:e2:5e:20:60:3d:7e:a9:1e:7d:6b:d4:
         9b:ee:9a:b8:a9:0a:38:c7:39:03:b0:d8:07:e7:a7:98:9c:58:
         24:1e:bc:b1:89:66:86:9b:7e:c5:d2:fc:a5:4e:37:7a:f5:83:
         80:12:c3:2a:9d:3e:e4:fb:94:34:3c:4a:5e:0a:1b:53:d8:5a:
         a6:56:f4:04:6c:9e:d2:89:ca:00:0f:3e:23:89:81:58:d3:1d:
         db:40:8f:df:b2:46:d7:b1:f6:40:d0:d1:5e:d8:03:dc:46:50:
         09:c1:57:b1:fa:7d:3d:45:8d:3d:6c:ad:7e:78:7f:82:be:25:
         eb:00:ac:8c:35:db:91:ee:ba:f3:26:93:89:df:cb:c2:84:f8:
         99:b6:01:01
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUTfdGdby+PqCsbC9E6lEQeDX5f3wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjUzODg0RkVCNEY2NUVCNUUwNDYyNDFBMUVDQTZCMTA5
QzM2MjFFQzAeFw0yNTAyMDQxODQxMjFaFw0yNjAyMDMxODQ2MjFaMDMxMTAvBgNV
BAMTKDcyREQyRUNDQ0M5QzkzNjQ0MzMwRUM0MTUzOEMzMjRBNjNGQkFCREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3AnBrH/+p+l/6hAdSJslLrlNR
g1XnuaIqOzA4Mgz0bA01x39bMH2t8/8RLaHOEyue0IGu2bXlCv73OxL4wPe8u2mE
oeZCBHxJBnXWB2+RI8n9/Hf3+jGxpJV3Pjz2ikovoXOflBrG7zBg5G6cDSu654zy
GBFNRER0HriBncMvxCDw8Z9zYuCr5FTuEkxEZz7On2bW3Gp13maSrUa104durWWC
6+YohnKBVAssTWEvJpAkm341+2v7l1b9CrjnG4YPOwK8egcBLPVSFAloSIlVxMPZ
+6/jLb0AIhHtpBJAf/Yr8BeWZrjdK9IIsUzdaOSxvlLPssY0eR1vwSYzK7rdAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUct0uzMyck2RDMOxBU4wySmP7q9owHwYDVR0j
BBgwFoAUJTiE/rT2XrXgRiQaHsprEJw2IewwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zMTQ0QTBBMkFENUJEQkRBMjIzMTYzQjQ4MEVDMDAzNTdF
MkI3RTc1ODIxOENFOUFFQzlEMzdEM0M2QzFGMjBGLzAvMjUzODg0RkVCNEY2NUVC
NUUwNDYyNDFBMUVDQTZCMTA5QzM2MjFFQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNTM4ODRGRUI0RjY1RUI1RTA0
NjI0MUExRUNBNkIxMDlDMzYyMUVDLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzE0NEEwQTJBRDVCREJEQTIyMzE2M0I0ODBFQzAwMzU3RTJCN0U3NTgy
MThDRTlBRUM5RDM3RDNDNkMxRjIwRi8wLzM0MzUyZTMxMzczMzJlMzczMjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNzM4MzEzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2tSDAN
BgkqhkiG9w0BAQsFAAOCAQEApbH9r97yzbWOupZZQQOzLtFsGH3afsR1KTth83Y1
1scUICGPWJoIgYHEV3pMPf+JB6RqARnE2nS7tHCzs2R2FW9uzibmcuoR9z0BxRZR
118v/SgSCj5Ux3EtEzUxf/zOMU0NXe+AaCqHFCxkzWfix8lbv+JeIGA9fqkefWvU
m+6auKkKOMc5A7DYB+enmJxYJB68sYlmhpt+xdL8pU43evWDgBLDKp0+5PuUNDxK
XgobU9haplb0BGye0onKAA8+I4mBWNMd20CP37JG17H2QNDRXtgD3EZQCcFXsfp9
PUWNPWytfnh/gr4l6wCsjDXbke668yaTid/LwoT4mbYBAQ==
-----END CERTIFICATE-----