Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/460853EAAA676F37C89BE8840FD41F02F5FE23FC8E3B18B8635BC0582814F77B/0/3136382e3232382e3134342e302f32322d3234203d3e20323633383334.roa
File:                     3136382e3232382e3134342e302f32322d3234203d3e20323633383334.roa (raw, json)
Hash identifier:          aldmXtT7iLDru6reGKp+3WlApKimLKC04Qet1EQrWlg=
Subject key identifier:   B1:E9:5B:0A:EC:D4:36:6E:A2:95:80:BD:16:C5:18:69:71:49:CA:BF
Certificate issuer:       /CN=E699A4077A87114A3532FD22E5C0F78AD30312E4
Certificate serial:       4E46586E63D45D3ED3EC98F89A026BE41B09FF03
Authority key identifier: E6:99:A4:07:7A:87:11:4A:35:32:FD:22:E5:C0:F7:8A:D3:03:12:E4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E699A4077A87114A3532FD22E5C0F78AD30312E4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/460853EAAA676F37C89BE8840FD41F02F5FE23FC8E3B18B8635BC0582814F77B/0/3136382e3232382e3134342e302f32322d3234203d3e20323633383334.roa
Signing time:             Tue 04 Feb 2025 18:19:05 +0000
ROA not before:           Tue 04 Feb 2025 18:14:05 +0000
ROA not after:            Tue 03 Feb 2026 18:19:05 +0000
asID:                     263834
IP address blocks:        168.228.144.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:46:58:6e:63:d4:5d:3e:d3:ec:98:f8:9a:02:6b:e4:1b:09:ff:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E699A4077A87114A3532FD22E5C0F78AD30312E4
        Validity
            Not Before: Feb  4 18:14:05 2025 GMT
            Not After : Feb  3 18:19:05 2026 GMT
        Subject: CN=B1E95B0AECD4366EA29580BD16C518697149CABF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:40:64:ed:f1:7b:59:4f:e2:fb:0a:ff:24:1c:
                    1c:25:a7:60:b7:5c:50:ee:08:da:b4:d7:ec:76:51:
                    b5:e3:72:98:b2:09:a2:ca:7f:ea:2e:50:4f:43:f1:
                    f7:f4:e8:6b:91:27:14:c2:81:d1:96:99:f9:c2:e3:
                    3f:f7:37:b1:1c:30:89:14:04:9e:3c:dc:a9:82:fb:
                    46:ad:d4:b0:ae:4e:e1:f0:ff:18:af:c7:79:6c:f2:
                    c6:7a:5d:02:a5:8f:5d:1f:c7:c9:06:34:b0:2c:cc:
                    4c:79:a1:c4:46:b1:70:ba:00:c1:36:fd:43:7c:23:
                    96:a0:a2:a6:11:ac:0d:ae:25:7b:37:58:ac:0e:14:
                    66:28:e1:11:0f:6c:5a:86:fa:6e:c1:f9:cf:13:3d:
                    5c:dc:9a:c7:fc:57:cd:65:12:04:ff:71:48:76:07:
                    88:1a:1d:7a:60:22:91:a8:0f:54:72:b9:b9:b6:7c:
                    39:17:8b:e3:77:0b:ec:55:2e:50:f5:34:ce:5d:9c:
                    a9:8f:d6:08:55:21:af:40:e9:45:66:3f:0b:48:e5:
                    f7:82:b9:9d:90:f3:45:18:60:7b:8c:38:ab:5e:e0:
                    82:72:07:95:02:9c:fb:9e:2e:6d:22:b9:f1:20:b8:
                    2f:95:4b:d3:ca:0f:2e:3f:df:bb:ef:48:6f:47:1d:
                    7c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:E9:5B:0A:EC:D4:36:6E:A2:95:80:BD:16:C5:18:69:71:49:CA:BF
            X509v3 Authority Key Identifier:
                keyid:E6:99:A4:07:7A:87:11:4A:35:32:FD:22:E5:C0:F7:8A:D3:03:12:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/460853EAAA676F37C89BE8840FD41F02F5FE23FC8E3B18B8635BC0582814F77B/0/E699A4077A87114A3532FD22E5C0F78AD30312E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E699A4077A87114A3532FD22E5C0F78AD30312E4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/460853EAAA676F37C89BE8840FD41F02F5FE23FC8E3B18B8635BC0582814F77B/0/3136382e3232382e3134342e302f32322d3234203d3e20323633383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.228.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         78:1a:80:ce:14:3f:b5:23:24:35:ae:8a:e6:39:a5:07:b4:2a:
         35:a0:12:21:02:f1:8d:8b:bc:04:7b:e2:fc:14:d0:c7:26:3f:
         d0:f5:68:14:7f:0a:3d:15:46:3c:58:31:0e:29:6e:e9:95:00:
         5b:b8:c7:6a:51:ac:42:43:f5:e7:97:71:e8:6b:c7:cb:83:f4:
         79:d6:9a:d6:be:af:ee:ae:9b:b4:9b:46:4a:1a:ee:c4:85:ea:
         3b:e1:b6:fe:62:53:ad:29:29:2b:b3:02:61:3b:48:ae:f5:f3:
         22:5c:0e:c5:49:bd:e3:5d:25:da:92:d3:b5:88:ea:64:5a:4b:
         9d:ff:85:12:f6:f4:df:c8:79:e0:2c:43:76:4b:ec:29:4f:21:
         15:1c:70:67:a0:48:e3:0d:e0:38:45:85:35:5c:87:53:ad:a6:
         23:ad:52:e3:af:8a:50:b4:bb:7d:0e:12:3d:2a:40:40:10:30:
         18:ef:37:ee:f4:85:c1:21:d8:e0:92:e1:70:a9:44:6e:7d:4c:
         52:25:a4:f7:82:c9:9a:7f:00:b9:8a:68:76:83:1a:74:05:63:
         71:e6:bb:2c:94:8f:79:b0:f8:fc:62:1d:9b:d4:c7:1d:22:43:
         17:21:db:10:25:19:bb:3d:46:27:7b:9f:23:d8:5f:1e:6a:5f:
         2f:99:c9:df
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUTkZYbmPUXT7T7Jj4mgJr5BsJ/wMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTY5OUE0MDc3QTg3MTE0QTM1MzJGRDIyRTVDMEY3OEFE
MzAzMTJFNDAeFw0yNTAyMDQxODE0MDVaFw0yNjAyMDMxODE5MDVaMDMxMTAvBgNV
BAMTKEIxRTk1QjBBRUNENDM2NkVBMjk1ODBCRDE2QzUxODY5NzE0OUNBQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyQGTt8XtZT+L7Cv8kHBwlp2C3
XFDuCNq01+x2UbXjcpiyCaLKf+ouUE9D8ff06GuRJxTCgdGWmfnC4z/3N7EcMIkU
BJ483KmC+0at1LCuTuHw/xivx3ls8sZ6XQKlj10fx8kGNLAszEx5ocRGsXC6AME2
/UN8I5agoqYRrA2uJXs3WKwOFGYo4REPbFqG+m7B+c8TPVzcmsf8V81lEgT/cUh2
B4gaHXpgIpGoD1Ryubm2fDkXi+N3C+xVLlD1NM5dnKmP1ghVIa9A6UVmPwtI5feC
uZ2Q80UYYHuMOKte4IJyB5UCnPueLm0iufEguC+VS9PKDy4/37vvSG9HHXyPAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUselbCuzUNm6ilYC9FsUYaXFJyr8wHwYDVR0j
BBgwFoAU5pmkB3qHEUo1Mv0i5cD3itMDEuQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NjA4NTNFQUFBNjc2RjM3Qzg5QkU4ODQwRkQ0MUYwMkY1
RkUyM0ZDOEUzQjE4Qjg2MzVCQzA1ODI4MTRGNzdCLzAvRTY5OUE0MDc3QTg3MTE0
QTM1MzJGRDIyRTVDMEY3OEFEMzAzMTJFNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FNjk5QTQwNzdBODcxMTRBMzUz
MkZEMjJFNUMwRjc4QUQzMDMxMkU0LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDYwODUzRUFBQTY3NkYzN0M4OUJFODg0MEZENDFGMDJGNUZFMjNGQzhF
M0IxOEI4NjM1QkMwNTgyODE0Rjc3Qi8wLzMxMzYzODJlMzIzMjM4MmUzMTM0MzQy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzMzODMzMzQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKo
5JAwDQYJKoZIhvcNAQELBQADggEBAHgagM4UP7UjJDWuiuY5pQe0KjWgEiEC8Y2L
vAR74vwU0McmP9D1aBR/Cj0VRjxYMQ4pbumVAFu4x2pRrEJD9eeXcehrx8uD9HnW
mta+r+6um7SbRkoa7sSF6jvhtv5iU60pKSuzAmE7SK718yJcDsVJveNdJdqS07WI
6mRaS53/hRL29N/IeeAsQ3ZL7ClPIRUccGegSOMN4DhFhTVch1OtpiOtUuOvilC0
u30OEj0qQEAQMBjvN+70hcEh2OCS4XCpRG59TFIlpPeCyZp/ALmKaHaDGnQFY3Hm
uyyUj3mw+PxiHZvUxx0iQxch2xAlGbs9Rid7nyPYXx5qXy+Zyd8=
-----END CERTIFICATE-----