Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/43D4FF27DFCF4A5EEC5E4CE140231E33157DB51122C105CE1AB5AD6E34DB4332/0/34352e3137342e3137322e302f32322d3234203d3e20323635353738.roa
File:                     34352e3137342e3137322e302f32322d3234203d3e20323635353738.roa (raw, json)
Hash identifier:          edgFkGcxkCm91xM+uyMsNz59LzNDLj7cGSCgYABjhXk=
Subject key identifier:   05:05:E2:71:2E:73:61:5D:95:70:49:CD:5E:13:C1:C0:D3:6F:B3:69
Certificate issuer:       /CN=FA40F4074261959953C6B11359AE13D2C4B837D3
Certificate serial:       39FF786447B2EACF17AAC7971B1E23E08268548C
Authority key identifier: FA:40:F4:07:42:61:95:99:53:C6:B1:13:59:AE:13:D2:C4:B8:37:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FA40F4074261959953C6B11359AE13D2C4B837D3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/43D4FF27DFCF4A5EEC5E4CE140231E33157DB51122C105CE1AB5AD6E34DB4332/0/34352e3137342e3137322e302f32322d3234203d3e20323635353738.roa
Signing time:             Tue 04 Feb 2025 20:02:33 +0000
ROA not before:           Tue 04 Feb 2025 19:57:33 +0000
ROA not after:            Tue 03 Feb 2026 20:02:33 +0000
asID:                     265578
IP address blocks:        45.174.172.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:ff:78:64:47:b2:ea:cf:17:aa:c7:97:1b:1e:23:e0:82:68:54:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FA40F4074261959953C6B11359AE13D2C4B837D3
        Validity
            Not Before: Feb  4 19:57:33 2025 GMT
            Not After : Feb  3 20:02:33 2026 GMT
        Subject: CN=0505E2712E73615D957049CD5E13C1C0D36FB369
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:17:13:d0:f5:63:3f:0b:3a:19:4b:11:73:58:
                    fa:b8:7e:3c:c7:13:bd:64:5f:33:1a:ea:d2:5d:c0:
                    93:92:1a:77:d5:20:8a:24:4b:36:be:27:99:16:00:
                    48:00:c5:b1:01:09:31:37:7f:3f:b2:b1:40:59:be:
                    5b:0f:27:2d:d8:dd:6f:b8:77:b9:b6:c4:93:1b:db:
                    30:d2:19:f0:14:ac:aa:c4:d3:3c:fc:62:dc:0c:ef:
                    ae:07:c3:75:6f:05:76:8a:91:38:0b:24:bc:64:69:
                    1f:5e:a4:fa:33:85:92:81:34:65:1e:89:50:7c:c4:
                    dd:de:32:6d:66:85:a3:c0:45:10:fd:20:d5:af:2f:
                    2a:5e:70:69:32:95:de:cb:5b:90:7a:53:64:3a:9c:
                    cd:4f:34:fe:b9:0c:4a:02:8c:92:8f:1a:58:61:86:
                    93:1a:38:6c:a2:63:db:04:25:92:b2:e7:20:6a:b2:
                    26:f2:c8:fb:71:37:a2:54:08:ab:f1:8c:03:df:68:
                    56:1d:f7:49:5e:5f:9f:33:0a:fa:e0:53:cb:e1:b0:
                    bc:d0:09:a9:f9:e8:67:8a:28:33:84:ab:f4:7a:55:
                    3a:70:c6:23:85:a7:b6:37:17:8b:63:01:ec:5f:34:
                    e4:9e:8f:24:41:54:d6:74:66:e4:90:48:c5:ab:03:
                    d2:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:05:E2:71:2E:73:61:5D:95:70:49:CD:5E:13:C1:C0:D3:6F:B3:69
            X509v3 Authority Key Identifier:
                keyid:FA:40:F4:07:42:61:95:99:53:C6:B1:13:59:AE:13:D2:C4:B8:37:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/43D4FF27DFCF4A5EEC5E4CE140231E33157DB51122C105CE1AB5AD6E34DB4332/0/FA40F4074261959953C6B11359AE13D2C4B837D3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FA40F4074261959953C6B11359AE13D2C4B837D3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/43D4FF27DFCF4A5EEC5E4CE140231E33157DB51122C105CE1AB5AD6E34DB4332/0/34352e3137342e3137322e302f32322d3234203d3e20323635353738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.174.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:9d:9e:5d:a8:28:5f:2a:e7:cb:49:2f:fe:63:1c:e0:d1:4d:
         64:b4:2a:c3:b8:18:c9:5f:f9:7d:f7:e8:4d:f3:b2:14:88:21:
         0a:2c:dd:40:56:fd:ff:00:6d:62:ea:ed:37:57:a7:a8:a6:12:
         45:a3:50:2a:4d:da:a4:44:81:1c:c1:ea:35:fa:4c:c8:db:94:
         2d:96:da:88:27:6d:a6:75:55:9b:c4:f6:e4:73:3f:c8:c9:dd:
         8d:db:4c:8e:5e:81:08:9e:e3:d0:7b:8f:c0:bf:db:73:21:a7:
         e3:81:da:c0:47:00:ec:a6:67:f8:9f:4f:83:02:81:03:38:9d:
         29:0f:60:48:92:06:0d:5b:60:75:90:df:56:52:2d:9b:ac:75:
         46:fb:fe:91:ef:5d:bd:d8:f8:29:5d:c3:26:a4:38:72:84:25:
         6c:d1:ac:d4:59:4d:44:07:64:a7:78:f6:f1:e8:9e:74:eb:43:
         0f:70:8e:7e:59:69:7c:9e:4c:fd:cd:d0:52:84:a1:31:4e:56:
         64:cd:40:95:5a:7c:c4:c0:68:60:cb:59:34:29:a6:6b:65:22:
         fe:bc:4d:8d:88:fe:9e:1a:bd:73:c2:b8:f1:bc:ce:e7:81:bb:
         38:34:6a:a3:71:4b:76:71:17:18:8d:b5:4c:7e:b7:ac:4b:eb:
         45:62:0d:27
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUOf94ZEey6s8XqseXGx4j4IJoVIwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkE0MEY0MDc0MjYxOTU5OTUzQzZCMTEzNTlBRTEzRDJD
NEI4MzdEMzAeFw0yNTAyMDQxOTU3MzNaFw0yNjAyMDMyMDAyMzNaMDMxMTAvBgNV
BAMTKDA1MDVFMjcxMkU3MzYxNUQ5NTcwNDlDRDVFMTNDMUMwRDM2RkIzNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBFxPQ9WM/CzoZSxFzWPq4fjzH
E71kXzMa6tJdwJOSGnfVIIokSza+J5kWAEgAxbEBCTE3fz+ysUBZvlsPJy3Y3W+4
d7m2xJMb2zDSGfAUrKrE0zz8YtwM764Hw3VvBXaKkTgLJLxkaR9epPozhZKBNGUe
iVB8xN3eMm1mhaPARRD9INWvLypecGkyld7LW5B6U2Q6nM1PNP65DEoCjJKPGlhh
hpMaOGyiY9sEJZKy5yBqsibyyPtxN6JUCKvxjAPfaFYd90leX58zCvrgU8vhsLzQ
Can56GeKKDOEq/R6VTpwxiOFp7Y3F4tjAexfNOSejyRBVNZ0ZuSQSMWrA9IdAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUBQXicS5zYV2VcEnNXhPBwNNvs2kwHwYDVR0j
BBgwFoAU+kD0B0JhlZlTxrETWa4T0sS4N9MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80M0Q0RkYyN0RGQ0Y0QTVFRUM1RTRDRTE0MDIzMUUzMzE1
N0RCNTExMjJDMTA1Q0UxQUI1QUQ2RTM0REI0MzMyLzAvRkE0MEY0MDc0MjYxOTU5
OTUzQzZCMTEzNTlBRTEzRDJDNEI4MzdEMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GQTQwRjQwNzQyNjE5NTk5NTND
NkIxMTM1OUFFMTNEMkM0QjgzN0QzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDNENEZGMjdERkNGNEE1RUVDNUU0Q0UxNDAyMzFFMzMxNTdEQjUxMTIy
QzEwNUNFMUFCNUFENkUzNERCNDMzMi8wLzM0MzUyZTMxMzczNDJlMzEzNzMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM1MzUzNzM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLa6s
MA0GCSqGSIb3DQEBCwUAA4IBAQA5nZ5dqChfKufLSS/+Yxzg0U1ktCrDuBjJX/l9
9+hN87IUiCEKLN1AVv3/AG1i6u03V6eophJFo1AqTdqkRIEcweo1+kzI25QtltqI
J22mdVWbxPbkcz/Iyd2N20yOXoEInuPQe4/Av9tzIafjgdrARwDspmf4n0+DAoED
OJ0pD2BIkgYNW2B1kN9WUi2brHVG+/6R71292PgpXcMmpDhyhCVs0azUWU1EB2Sn
ePbx6J5060MPcI5+WWl8nkz9zdBShKExTlZkzUCVWnzEwGhgy1k0KaZrZSL+vE2N
iP6eGr1zwrjxvM7ngbs4NGqjcUt2cRcYjbVMfresS+tFYg0n
-----END CERTIFICATE-----