Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A683DB2EBE484C7A3536C34C158206B843D3CEF91146C49CF97FC4668FAD41C/0/34352e3232342e32332e302f32342d3234203d3e20323634363638.roa
File:                     34352e3232342e32332e302f32342d3234203d3e20323634363638.roa (raw, json)
Hash identifier:          75EJ7IoAIEnDV1AU+FAb2fq/PDA8RovvhzzWZkK2GEI=
Subject key identifier:   B3:97:44:B1:28:0B:BB:04:82:14:D3:CF:1F:AE:7E:ED:4A:2D:5B:B2
Certificate issuer:       /CN=665E210B6EA50ABEA68925B6683D57E0A94D5CCF
Certificate serial:       5B435623186A86F8AF343E9802F8C596335582C1
Authority key identifier: 66:5E:21:0B:6E:A5:0A:BE:A6:89:25:B6:68:3D:57:E0:A9:4D:5C:CF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/665E210B6EA50ABEA68925B6683D57E0A94D5CCF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A683DB2EBE484C7A3536C34C158206B843D3CEF91146C49CF97FC4668FAD41C/0/34352e3232342e32332e302f32342d3234203d3e20323634363638.roa
Signing time:             Tue 04 Feb 2025 18:16:50 +0000
ROA not before:           Tue 04 Feb 2025 18:11:50 +0000
ROA not after:            Tue 03 Feb 2026 18:16:50 +0000
asID:                     264668
IP address blocks:        45.224.23.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:43:56:23:18:6a:86:f8:af:34:3e:98:02:f8:c5:96:33:55:82:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=665E210B6EA50ABEA68925B6683D57E0A94D5CCF
        Validity
            Not Before: Feb  4 18:11:50 2025 GMT
            Not After : Feb  3 18:16:50 2026 GMT
        Subject: CN=B39744B1280BBB048214D3CF1FAE7EED4A2D5BB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:fc:e6:00:d5:3c:2d:87:2b:0f:7f:72:b3:1c:
                    95:2e:07:8e:6d:b9:3e:88:f7:60:26:09:4d:3f:83:
                    9b:eb:da:4f:e6:29:1a:86:11:c8:d1:19:89:77:ab:
                    a7:bc:57:76:16:0c:55:f3:f7:f7:1f:4f:12:ad:17:
                    47:3c:4e:49:87:9a:cf:35:b2:1e:96:03:f7:89:26:
                    c6:66:56:7c:a6:b6:4f:a6:28:81:f7:b6:6a:e0:26:
                    c3:e7:b7:bc:a2:c1:01:40:6c:2b:11:af:b7:92:60:
                    74:41:bc:a3:de:6a:ae:82:28:26:90:b6:ee:de:5c:
                    a0:57:26:4b:55:16:c7:85:09:0a:9f:73:35:e0:a0:
                    8e:89:4e:c6:17:a8:b5:91:b1:ef:8b:8a:04:1c:48:
                    17:d3:92:c1:c7:ec:50:5d:ae:23:c2:53:d0:3e:52:
                    d2:59:67:92:1b:5c:e4:d5:8b:31:63:09:61:6c:9e:
                    f6:6c:15:f1:ca:1f:21:49:e6:30:b2:1d:ea:9e:de:
                    42:0d:c8:5a:11:c7:b3:0c:46:1c:7e:08:e8:d3:7a:
                    50:27:f4:4b:5d:15:ec:40:4d:1c:17:d4:a4:b4:b4:
                    8a:92:9d:2f:82:8e:6f:2a:d3:e5:8e:e6:4b:7b:91:
                    87:9b:4f:6c:f3:a0:1b:e4:d6:7d:a4:b1:51:ea:a9:
                    78:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:97:44:B1:28:0B:BB:04:82:14:D3:CF:1F:AE:7E:ED:4A:2D:5B:B2
            X509v3 Authority Key Identifier:
                keyid:66:5E:21:0B:6E:A5:0A:BE:A6:89:25:B6:68:3D:57:E0:A9:4D:5C:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A683DB2EBE484C7A3536C34C158206B843D3CEF91146C49CF97FC4668FAD41C/0/665E210B6EA50ABEA68925B6683D57E0A94D5CCF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/665E210B6EA50ABEA68925B6683D57E0A94D5CCF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A683DB2EBE484C7A3536C34C158206B843D3CEF91146C49CF97FC4668FAD41C/0/34352e3232342e32332e302f32342d3234203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.224.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:e4:2e:60:44:4b:98:b7:78:51:65:eb:f5:b3:8c:4f:60:0e:
         cb:b5:cd:9a:6e:7e:4e:b7:92:a2:61:6d:bd:d2:29:cd:90:e1:
         80:a3:2b:42:dd:12:71:6f:3a:82:5e:f2:86:9f:8f:3f:6a:16:
         0f:93:2d:49:23:f0:67:1e:16:ca:5e:ea:ba:d6:08:4a:7f:7e:
         3d:e3:c5:4c:04:61:ac:ff:ca:18:f4:5c:d3:53:39:b9:2e:82:
         64:42:9f:36:1b:f6:c5:69:72:7c:0a:84:5a:63:58:7c:2f:87:
         06:65:63:b9:84:c3:dc:cd:cf:ff:57:36:03:a1:b9:70:76:2b:
         a0:11:87:dd:c7:86:49:c9:b4:19:26:1d:51:d1:ba:6f:9e:13:
         6f:d7:06:1e:1e:eb:fd:9d:e4:d7:8b:2d:59:91:d9:88:b6:9a:
         25:55:55:56:fc:85:d6:3c:7c:5b:46:3a:41:21:41:3e:ae:b8:
         22:7a:cb:a0:60:9a:43:91:bf:9f:cf:7b:28:23:2b:c9:0e:de:
         74:87:44:1d:fb:1a:1c:47:77:bf:2f:75:85:31:58:84:71:f8:
         cc:f0:61:75:d2:a8:81:dd:8d:56:8b:87:2d:b2:b9:21:17:80:
         90:0e:8b:83:a7:3d:02:01:e0:47:0a:4d:1f:96:02:7b:b2:f4:
         cb:ad:4c:74
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUW0NWIxhqhvivND6YAvjFljNVgsEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjY1RTIxMEI2RUE1MEFCRUE2ODkyNUI2NjgzRDU3RTBB
OTRENUNDRjAeFw0yNTAyMDQxODExNTBaFw0yNjAyMDMxODE2NTBaMDMxMTAvBgNV
BAMTKEIzOTc0NEIxMjgwQkJCMDQ4MjE0RDNDRjFGQUU3RUVENEEyRDVCQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0/OYA1TwthysPf3KzHJUuB45t
uT6I92AmCU0/g5vr2k/mKRqGEcjRGYl3q6e8V3YWDFXz9/cfTxKtF0c8TkmHms81
sh6WA/eJJsZmVnymtk+mKIH3tmrgJsPnt7yiwQFAbCsRr7eSYHRBvKPeaq6CKCaQ
tu7eXKBXJktVFseFCQqfczXgoI6JTsYXqLWRse+LigQcSBfTksHH7FBdriPCU9A+
UtJZZ5IbXOTVizFjCWFsnvZsFfHKHyFJ5jCyHeqe3kINyFoRx7MMRhx+COjTelAn
9EtdFexATRwX1KS0tIqSnS+Cjm8q0+WO5kt7kYebT2zzoBvk1n2ksVHqqXgBAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUs5dEsSgLuwSCFNPPH65+7UotW7IwHwYDVR0j
BBgwFoAUZl4hC26lCr6miSW2aD1X4KlNXM8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQTY4M0RCMkVCRTQ4NEM3QTM1MzZDMzRDMTU4MjA2Qjg0
M0QzQ0VGOTExNDZDNDlDRjk3RkM0NjY4RkFENDFDLzAvNjY1RTIxMEI2RUE1MEFC
RUE2ODkyNUI2NjgzRDU3RTBBOTRENUNDRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NjVFMjEwQjZFQTUwQUJFQTY4
OTI1QjY2ODNENTdFMEE5NEQ1Q0NGLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E2ODNEQjJFQkU0ODRDN0EzNTM2QzM0QzE1ODIwNkI4NDNEM0NFRjkx
MTQ2QzQ5Q0Y5N0ZDNDY2OEZBRDQxQy8wLzM0MzUyZTMyMzIzNDJlMzIzMzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNDM2MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC3gFzAN
BgkqhkiG9w0BAQsFAAOCAQEAaOQuYERLmLd4UWXr9bOMT2AOy7XNmm5+TreSomFt
vdIpzZDhgKMrQt0ScW86gl7yhp+PP2oWD5MtSSPwZx4Wyl7qutYISn9+PePFTARh
rP/KGPRc01M5uS6CZEKfNhv2xWlyfAqEWmNYfC+HBmVjuYTD3M3P/1c2A6G5cHYr
oBGH3ceGScm0GSYdUdG6b54Tb9cGHh7r/Z3k14stWZHZiLaaJVVVVvyF1jx8W0Y6
QSFBPq64InrLoGCaQ5G/n897KCMryQ7edIdEHfsaHEd3vy91hTFYhHH4zPBhddKo
gd2NVouHLbK5IReAkA6Lg6c9AgHgRwpNH5YCe7L0y61MdA==
-----END CERTIFICATE-----