Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e35322e302f32342d3234203d3e20323632313636.roa
File:                     3136382e3233342e35322e302f32342d3234203d3e20323632313636.roa (raw, json)
Hash identifier:          ZxR5JfXnEWjoGkXBHx0vpxLXpSCefTWjsXvAwrWUNU8=
Subject key identifier:   D9:3F:64:76:75:13:F2:34:9A:9E:70:13:CE:39:7D:98:42:55:A6:0D
Certificate issuer:       /CN=0D1797043F7F529F13952CEE646AE7365392BBC3
Certificate serial:       5E8985F3A4588DED0B943BF3ACE95C37071044A4
Authority key identifier: 0D:17:97:04:3F:7F:52:9F:13:95:2C:EE:64:6A:E7:36:53:92:BB:C3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D1797043F7F529F13952CEE646AE7365392BBC3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e35322e302f32342d3234203d3e20323632313636.roa
Signing time:             Tue 04 Feb 2025 17:59:42 +0000
ROA not before:           Tue 04 Feb 2025 17:54:42 +0000
ROA not after:            Tue 03 Feb 2026 17:59:42 +0000
asID:                     262166
IP address blocks:        168.234.52.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:89:85:f3:a4:58:8d:ed:0b:94:3b:f3:ac:e9:5c:37:07:10:44:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0D1797043F7F529F13952CEE646AE7365392BBC3
        Validity
            Not Before: Feb  4 17:54:42 2025 GMT
            Not After : Feb  3 17:59:42 2026 GMT
        Subject: CN=D93F64767513F2349A9E7013CE397D984255A60D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:15:3c:61:dd:74:81:0c:65:d1:7a:7f:24:13:
                    9f:ea:b2:ed:9f:1d:aa:24:ce:e5:52:3b:88:1e:b2:
                    f8:d5:0c:48:13:21:9d:cb:e0:59:a1:8d:a8:79:f1:
                    23:f5:d5:ab:be:9c:b6:e6:49:13:07:ad:e9:49:43:
                    9b:9f:ac:1b:07:05:c6:4f:b2:ee:bc:d6:f4:54:39:
                    c1:4d:93:df:86:75:c5:a0:84:26:58:b7:31:fe:8a:
                    a9:3b:c5:9a:61:b5:2b:2b:dd:42:10:94:65:2f:69:
                    0c:1b:ad:2f:66:3c:f8:3c:6a:a9:8a:98:e2:f7:c5:
                    4f:b3:f8:24:82:20:29:b2:a9:d7:72:98:37:4b:01:
                    cd:fe:8f:cf:1f:35:2f:6c:5e:38:f5:23:b1:0a:82:
                    da:4e:94:78:4e:9b:5e:dd:25:7d:ee:09:09:56:1d:
                    13:a8:46:4d:33:72:3e:76:d3:0d:a9:7c:24:e1:7f:
                    55:5a:6c:35:43:f0:7b:00:82:6c:7e:fc:27:6f:97:
                    18:9d:96:c2:12:ef:49:6a:99:04:ab:9d:5c:6e:36:
                    42:1e:d6:0f:67:84:4a:d4:bd:39:e1:19:e0:40:cb:
                    b8:be:46:d9:bf:70:dc:da:93:8b:1d:5b:48:0a:e6:
                    0f:20:cb:d9:63:bd:c9:e6:1c:b2:c2:b8:c1:ce:55:
                    18:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:3F:64:76:75:13:F2:34:9A:9E:70:13:CE:39:7D:98:42:55:A6:0D
            X509v3 Authority Key Identifier:
                keyid:0D:17:97:04:3F:7F:52:9F:13:95:2C:EE:64:6A:E7:36:53:92:BB:C3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/0D1797043F7F529F13952CEE646AE7365392BBC3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0D1797043F7F529F13952CEE646AE7365392BBC3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/36354543D224272CF4722FF4D718198EB8E2FF8CBD6D9B7B97CDA860D9C1CD3B/0/3136382e3233342e35322e302f32342d3234203d3e20323632313636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.234.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:a8:1f:0f:d4:56:22:0a:a3:14:16:3a:1a:e3:ae:1c:cb:55:
         4a:d7:e5:98:d2:65:4c:3e:dd:f3:37:c1:ae:5c:6f:c2:29:9c:
         aa:c7:a1:bb:e8:10:a0:b2:18:72:cb:95:96:7f:68:c1:ce:ec:
         fd:49:f1:4a:7c:f9:30:46:b2:c7:a4:c7:5b:ca:43:d4:40:8d:
         e6:f4:fc:5c:0c:42:f8:ee:d3:d3:27:5c:c2:9d:19:43:44:e9:
         ae:da:c6:4d:ec:89:a7:e3:39:3d:33:f4:45:38:86:50:04:5c:
         4b:f4:e8:7d:fa:8d:bc:85:78:ac:ba:38:b2:d3:c2:a9:7a:ca:
         8f:31:fb:06:11:f4:7e:fa:65:37:5a:27:27:53:fb:d3:a7:b6:
         fe:bb:69:97:48:92:2e:51:0d:2e:87:9f:cd:73:fe:87:91:4d:
         70:7e:af:de:05:d9:ca:2d:3e:6e:c7:d9:af:9e:5f:a7:32:c4:
         78:ad:f4:21:5c:ee:8e:0e:26:32:76:85:7e:0e:e7:8e:43:ed:
         7a:8b:cd:c5:49:a3:81:43:ad:a5:67:c6:2d:ac:2f:cb:80:0c:
         bb:a9:94:4b:5e:b0:23:8a:06:27:be:16:96:24:00:f9:a0:d3:
         3b:8a:df:4c:0a:f0:c9:65:5b:3d:f8:27:ac:b2:01:26:b3:7d:
         8d:75:87:46
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUXomF86RYje0LlDvzrOlcNwcQRKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEQxNzk3MDQzRjdGNTI5RjEzOTUyQ0VFNjQ2QUU3MzY1
MzkyQkJDMzAeFw0yNTAyMDQxNzU0NDJaFw0yNjAyMDMxNzU5NDJaMDMxMTAvBgNV
BAMTKEQ5M0Y2NDc2NzUxM0YyMzQ5QTlFNzAxM0NFMzk3RDk4NDI1NUE2MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYFTxh3XSBDGXRen8kE5/qsu2f
HaokzuVSO4gesvjVDEgTIZ3L4Fmhjah58SP11au+nLbmSRMHrelJQ5ufrBsHBcZP
su681vRUOcFNk9+GdcWghCZYtzH+iqk7xZphtSsr3UIQlGUvaQwbrS9mPPg8aqmK
mOL3xU+z+CSCICmyqddymDdLAc3+j88fNS9sXjj1I7EKgtpOlHhOm17dJX3uCQlW
HROoRk0zcj520w2pfCThf1VabDVD8HsAgmx+/CdvlxidlsIS70lqmQSrnVxuNkIe
1g9nhErUvTnhGeBAy7i+Rtm/cNzak4sdW0gK5g8gy9ljvcnmHLLCuMHOVRj/AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU2T9kdnUT8jSannATzjl9mEJVpg0wHwYDVR0j
BBgwFoAUDReXBD9/Up8TlSzuZGrnNlOSu8MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNjM1NDU0M0QyMjQyNzJDRjQ3MjJGRjRENzE4MTk4RUI4
RTJGRjhDQkQ2RDlCN0I5N0NEQTg2MEQ5QzFDRDNCLzAvMEQxNzk3MDQzRjdGNTI5
RjEzOTUyQ0VFNjQ2QUU3MzY1MzkyQkJDMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wRDE3OTcwNDNGN0Y1MjlGMTM5
NTJDRUU2NDZBRTczNjUzOTJCQkMzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzYzNTQ1NDNEMjI0MjcyQ0Y0NzIyRkY0RDcxODE5OEVCOEUyRkY4Q0JE
NkQ5QjdCOTdDREE4NjBEOUMxQ0QzQi8wLzMxMzYzODJlMzIzMzM0MmUzNTMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMyMzEzNjM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqOo0
MA0GCSqGSIb3DQEBCwUAA4IBAQBCqB8P1FYiCqMUFjoa464cy1VK1+WY0mVMPt3z
N8GuXG/CKZyqx6G76BCgshhyy5WWf2jBzuz9SfFKfPkwRrLHpMdbykPUQI3m9Pxc
DEL47tPTJ1zCnRlDROmu2sZN7Imn4zk9M/RFOIZQBFxL9Oh9+o28hXisujiy08Kp
esqPMfsGEfR++mU3WicnU/vTp7b+u2mXSJIuUQ0uh5/Nc/6HkU1wfq/eBdnKLT5u
x9mvnl+nMsR4rfQhXO6ODiYydoV+DueOQ+16i83FSaOBQ62lZ8YtrC/LgAy7qZRL
XrAjigYnvhaWJAD5oNM7it9MCvDJZVs9+CessgEms32NdYdG
-----END CERTIFICATE-----