Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3598EFBC89881EDCCDEC18C59917902169C5E32C148AD93498D65BA31FCB7D34/0/34352e3136342e3134382e302f32322d3232203d3e20323637373133.roa
File:                     34352e3136342e3134382e302f32322d3232203d3e20323637373133.roa (raw, json)
Hash identifier:          fBgChFEB5paUThbBHAjHnuzHNkd5TYXbJ4rzPtBp+cU=
Subject key identifier:   2B:07:54:AD:6A:00:4A:F9:5D:10:FA:18:DB:C2:4C:48:4B:D3:CC:B9
Certificate issuer:       /CN=616110FCE6833EA1E50974D2E8885CBCD8B7D7B2
Certificate serial:       3CA4137BD247ED36AACC77F2F0739F9EEF418B06
Authority key identifier: 61:61:10:FC:E6:83:3E:A1:E5:09:74:D2:E8:88:5C:BC:D8:B7:D7:B2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/616110FCE6833EA1E50974D2E8885CBCD8B7D7B2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3598EFBC89881EDCCDEC18C59917902169C5E32C148AD93498D65BA31FCB7D34/0/34352e3136342e3134382e302f32322d3232203d3e20323637373133.roa
Signing time:             Tue 04 Feb 2025 18:49:22 +0000
ROA not before:           Tue 04 Feb 2025 18:44:22 +0000
ROA not after:            Tue 03 Feb 2026 18:49:22 +0000
asID:                     267713
IP address blocks:        45.164.148.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:a4:13:7b:d2:47:ed:36:aa:cc:77:f2:f0:73:9f:9e:ef:41:8b:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=616110FCE6833EA1E50974D2E8885CBCD8B7D7B2
        Validity
            Not Before: Feb  4 18:44:22 2025 GMT
            Not After : Feb  3 18:49:22 2026 GMT
        Subject: CN=2B0754AD6A004AF95D10FA18DBC24C484BD3CCB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1b:8e:b4:63:3f:95:cb:a6:8a:93:04:c6:f3:
                    96:9f:82:a2:84:15:09:3a:37:cc:d3:61:13:94:8d:
                    32:6c:98:85:6a:fe:76:7d:2d:af:ac:e0:d4:b2:20:
                    96:4d:6b:36:40:be:4b:f5:f6:67:aa:ea:4a:6f:a5:
                    1a:f2:54:1e:e5:b2:6b:f6:5f:1f:e6:ca:1e:4f:47:
                    b0:b4:c7:69:5b:a2:8a:c1:25:16:fd:66:13:99:a1:
                    b2:54:9a:aa:4e:0e:0e:b3:48:48:3d:70:ef:e9:fa:
                    d2:97:23:56:d7:ed:01:db:f8:44:5c:b4:b9:1a:7b:
                    53:b4:c9:a1:e5:dc:8e:85:5e:74:1d:b7:e4:f0:94:
                    24:b0:49:56:8b:5a:81:bd:14:60:6a:8b:cf:54:c4:
                    b6:ab:43:50:ac:ac:72:87:3b:63:5f:89:93:4c:d2:
                    4b:c6:b2:a5:da:64:9f:20:15:99:8e:64:c3:e8:66:
                    91:a1:1e:51:1c:13:f3:a5:19:0c:2c:70:a4:56:e6:
                    e7:18:35:37:c0:96:18:0a:e4:3c:e9:32:27:8e:cb:
                    7d:35:46:88:05:a8:cc:37:c6:7d:11:b7:7e:49:f6:
                    ae:0c:8a:f8:fd:75:f0:29:93:26:39:0d:f9:ac:a8:
                    c4:1f:5a:d4:15:08:72:63:9e:bf:44:e3:65:31:cd:
                    8f:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:07:54:AD:6A:00:4A:F9:5D:10:FA:18:DB:C2:4C:48:4B:D3:CC:B9
            X509v3 Authority Key Identifier:
                keyid:61:61:10:FC:E6:83:3E:A1:E5:09:74:D2:E8:88:5C:BC:D8:B7:D7:B2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3598EFBC89881EDCCDEC18C59917902169C5E32C148AD93498D65BA31FCB7D34/0/616110FCE6833EA1E50974D2E8885CBCD8B7D7B2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/616110FCE6833EA1E50974D2E8885CBCD8B7D7B2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3598EFBC89881EDCCDEC18C59917902169C5E32C148AD93498D65BA31FCB7D34/0/34352e3136342e3134382e302f32322d3232203d3e20323637373133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.164.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1e:5a:cb:0a:58:c6:1f:20:d6:9b:ac:ec:82:f5:6c:43:67:7f:
         f1:9a:c7:90:5e:be:09:5f:c4:4a:95:ec:cd:25:38:cf:04:89:
         0f:f1:f0:0f:45:a0:17:73:61:03:cd:62:4c:e1:cc:4c:05:0a:
         a2:c6:1f:7b:48:c5:bd:31:89:aa:de:6f:db:fb:8e:61:20:c3:
         97:16:22:79:f0:7e:45:06:d1:36:50:df:4d:d3:02:61:9a:8e:
         b8:a6:ca:80:17:05:33:fb:80:70:5f:5a:f2:bd:d9:27:1f:7a:
         55:01:fc:0a:e1:5f:1c:e8:bc:15:6f:81:b1:83:17:d2:3d:2d:
         d1:14:25:9d:c8:fe:7a:06:f5:0e:f8:28:3c:91:be:08:4f:d6:
         57:9d:6c:69:b3:c8:5b:68:b2:a3:30:01:d5:7d:97:70:7e:72:
         2d:91:42:8e:76:74:7b:95:99:ee:ed:57:2d:e2:17:dc:cd:b3:
         d1:a4:00:85:71:61:4e:1a:4f:1f:11:f0:6a:43:62:bf:bc:3a:
         b7:51:4b:b9:03:b5:72:39:8e:72:c5:1f:ad:60:f1:c2:10:94:
         c0:27:59:18:a1:94:80:ad:71:a9:82:e7:e9:d3:c1:b5:36:23:
         08:c2:e6:37:69:4e:9b:93:f8:28:2b:fa:d9:b2:71:dd:73:0d:
         fa:90:13:63
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUPKQTe9JH7TaqzHfy8HOfnu9BiwYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjE2MTEwRkNFNjgzM0VBMUU1MDk3NEQyRTg4ODVDQkNE
OEI3RDdCMjAeFw0yNTAyMDQxODQ0MjJaFw0yNjAyMDMxODQ5MjJaMDMxMTAvBgNV
BAMTKDJCMDc1NEFENkEwMDRBRjk1RDEwRkExOERCQzI0QzQ4NEJEM0NDQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuG460Yz+Vy6aKkwTG85afgqKE
FQk6N8zTYROUjTJsmIVq/nZ9La+s4NSyIJZNazZAvkv19meq6kpvpRryVB7lsmv2
Xx/myh5PR7C0x2lboorBJRb9ZhOZobJUmqpODg6zSEg9cO/p+tKXI1bX7QHb+ERc
tLkae1O0yaHl3I6FXnQdt+TwlCSwSVaLWoG9FGBqi89UxLarQ1CsrHKHO2NfiZNM
0kvGsqXaZJ8gFZmOZMPoZpGhHlEcE/OlGQwscKRW5ucYNTfAlhgK5DzpMieOy301
RogFqMw3xn0Rt35J9q4Mivj9dfApkyY5DfmsqMQfWtQVCHJjnr9E42UxzY8RAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUKwdUrWoASvldEPoY28JMSEvTzLkwHwYDVR0j
BBgwFoAUYWEQ/OaDPqHlCXTS6IhcvNi317IwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNTk4RUZCQzg5ODgxRURDQ0RFQzE4QzU5OTE3OTAyMTY5
QzVFMzJDMTQ4QUQ5MzQ5OEQ2NUJBMzFGQ0I3RDM0LzAvNjE2MTEwRkNFNjgzM0VB
MUU1MDk3NEQyRTg4ODVDQkNEOEI3RDdCMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82MTYxMTBGQ0U2ODMzRUExRTUw
OTc0RDJFODg4NUNCQ0Q4QjdEN0IyLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzU5OEVGQkM4OTg4MUVEQ0NERUMxOEM1OTkxNzkwMjE2OUM1RTMyQzE0
OEFEOTM0OThENjVCQTMxRkNCN0QzNC8wLzM0MzUyZTMxMzYzNDJlMzEzNDM4MmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjM3MzczMTMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLaSU
MA0GCSqGSIb3DQEBCwUAA4IBAQAeWssKWMYfINabrOyC9WxDZ3/xmseQXr4JX8RK
lezNJTjPBIkP8fAPRaAXc2EDzWJM4cxMBQqixh97SMW9MYmq3m/b+45hIMOXFiJ5
8H5FBtE2UN9N0wJhmo64psqAFwUz+4BwX1ryvdknH3pVAfwK4V8c6LwVb4GxgxfS
PS3RFCWdyP56BvUO+Cg8kb4IT9ZXnWxps8hbaLKjMAHVfZdwfnItkUKOdnR7lZnu
7Vct4hfczbPRpACFcWFOGk8fEfBqQ2K/vDq3UUu5A7VyOY5yxR+tYPHCEJTAJ1kY
oZSArXGpgufp08G1NiMIwuY3aU6bk/goK/rZsnHdcw36kBNj
-----END CERTIFICATE-----