Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5319F2CE31BB1E2A4FF4C757B191FA1D10CE2398239774ECA610A95375C8FE77/0/3136382e39302e37322e302f32342d3234203d3e203532343933.roa
File:                     3136382e39302e37322e302f32342d3234203d3e203532343933.roa (raw, json)
Hash identifier:          TNVYhf8i3Rq+WH9KkEdpKc2iOpSfLYREDDsGuFdbaiU=
Subject key identifier:   87:75:9A:61:47:55:4F:0A:DB:F1:91:58:6E:1A:8E:0C:55:AF:4B:59
Certificate issuer:       /CN=6CD081A4A402C107D88705AFD93558A5645EE0CA
Certificate serial:       6C820174030BF762C12C4B22BAC55D05DD36E11F
Authority key identifier: 6C:D0:81:A4:A4:02:C1:07:D8:87:05:AF:D9:35:58:A5:64:5E:E0:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6CD081A4A402C107D88705AFD93558A5645EE0CA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5319F2CE31BB1E2A4FF4C757B191FA1D10CE2398239774ECA610A95375C8FE77/0/3136382e39302e37322e302f32342d3234203d3e203532343933.roa
Signing time:             Tue 04 Feb 2025 18:13:33 +0000
ROA not before:           Tue 04 Feb 2025 18:08:33 +0000
ROA not after:            Tue 03 Feb 2026 18:13:33 +0000
asID:                     52493
IP address blocks:        168.90.72.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:82:01:74:03:0b:f7:62:c1:2c:4b:22:ba:c5:5d:05:dd:36:e1:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6CD081A4A402C107D88705AFD93558A5645EE0CA
        Validity
            Not Before: Feb  4 18:08:33 2025 GMT
            Not After : Feb  3 18:13:33 2026 GMT
        Subject: CN=87759A6147554F0ADBF191586E1A8E0C55AF4B59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:3b:9e:46:40:37:4e:c6:4b:7e:ac:43:1d:61:
                    f9:8c:92:c8:95:a0:2b:c5:00:4c:56:92:8e:64:9e:
                    f0:a0:32:bf:27:17:23:23:10:d0:07:ba:54:de:64:
                    a3:ac:d7:19:75:e3:59:37:2a:c6:82:f5:f3:80:04:
                    ca:43:0c:0e:11:47:65:8f:21:b8:a5:fb:35:bd:ef:
                    2a:81:a0:1e:97:a2:62:b0:6e:e5:76:33:24:74:e7:
                    9e:f5:29:7e:5a:cf:6c:2f:8e:6d:85:e6:58:13:49:
                    83:73:1a:15:b5:d8:45:67:65:c0:b3:b4:a2:30:51:
                    d7:27:93:0c:56:8e:9f:eb:9c:04:63:b5:77:3c:17:
                    0a:95:c4:e3:7c:a0:c6:c0:be:67:39:0c:46:2d:2f:
                    8d:50:7e:72:e0:d1:c4:26:a7:1c:2f:d5:4f:81:71:
                    b3:a3:e6:ea:ca:85:6b:f5:99:38:f2:25:c9:0d:fc:
                    68:bb:c7:78:a6:68:67:27:df:8d:62:c7:1f:62:44:
                    b7:24:a3:fc:bb:24:e5:e4:15:98:6e:b3:a9:df:ef:
                    12:61:0e:7b:7e:c3:36:4b:87:b7:3d:31:11:2d:a3:
                    f6:c2:8e:c0:0d:24:50:74:7f:48:27:89:47:90:e4:
                    64:03:ee:bc:f3:67:90:f0:bb:5a:78:bd:5c:81:ff:
                    b8:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:75:9A:61:47:55:4F:0A:DB:F1:91:58:6E:1A:8E:0C:55:AF:4B:59
            X509v3 Authority Key Identifier:
                keyid:6C:D0:81:A4:A4:02:C1:07:D8:87:05:AF:D9:35:58:A5:64:5E:E0:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5319F2CE31BB1E2A4FF4C757B191FA1D10CE2398239774ECA610A95375C8FE77/0/6CD081A4A402C107D88705AFD93558A5645EE0CA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6CD081A4A402C107D88705AFD93558A5645EE0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5319F2CE31BB1E2A4FF4C757B191FA1D10CE2398239774ECA610A95375C8FE77/0/3136382e39302e37322e302f32342d3234203d3e203532343933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.90.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:fb:d0:f0:9d:45:89:c2:23:3e:d7:5f:a4:37:b5:7d:17:bc:
         6c:69:c0:dd:6d:dc:8b:79:76:22:7b:26:e1:ca:70:96:ec:38:
         83:30:07:1c:71:84:7f:67:62:10:2b:d3:16:51:f6:d0:70:3b:
         02:ff:fb:ad:b6:17:d2:c4:b1:11:e8:f9:5d:f2:46:ae:20:39:
         57:3c:39:ba:79:dc:23:43:0f:c2:8f:a0:0d:df:c6:80:95:e0:
         e8:3a:79:b0:db:45:ef:e1:8f:98:00:1e:a0:51:a1:7c:40:ac:
         52:8c:72:41:b0:8d:1a:65:84:ed:e2:d6:44:66:0c:22:1a:2c:
         21:b0:e3:bd:d1:65:dc:00:be:c6:b5:4b:08:00:92:73:9d:b2:
         1e:dd:a9:d5:05:3d:94:59:72:a0:29:51:4e:dc:51:ed:3a:9a:
         f9:78:7e:43:ae:13:26:ce:b0:8a:dc:3c:a5:e7:39:27:d5:0b:
         e7:71:0d:c0:9c:51:d2:66:b9:67:89:73:02:c3:8a:78:6f:84:
         f5:a4:f1:a9:23:20:45:36:4c:e2:4e:0f:77:93:e5:b2:53:15:
         e7:08:ac:f0:cd:21:6b:6e:94:68:e7:86:07:c1:c5:15:2c:f1:
         2e:e3:7b:1f:78:fb:48:fa:f7:a9:16:50:22:ac:5a:91:38:06:
         43:ac:54:f2
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUbIIBdAML92LBLEsiusVdBd024R8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkNEMDgxQTRBNDAyQzEwN0Q4ODcwNUFGRDkzNTU4QTU2
NDVFRTBDQTAeFw0yNTAyMDQxODA4MzNaFw0yNjAyMDMxODEzMzNaMDMxMTAvBgNV
BAMTKDg3NzU5QTYxNDc1NTRGMEFEQkYxOTE1ODZFMUE4RTBDNTVBRjRCNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZO55GQDdOxkt+rEMdYfmMksiV
oCvFAExWko5knvCgMr8nFyMjENAHulTeZKOs1xl141k3KsaC9fOABMpDDA4RR2WP
Ibil+zW97yqBoB6XomKwbuV2MyR05571KX5az2wvjm2F5lgTSYNzGhW12EVnZcCz
tKIwUdcnkwxWjp/rnARjtXc8FwqVxON8oMbAvmc5DEYtL41QfnLg0cQmpxwv1U+B
cbOj5urKhWv1mTjyJckN/Gi7x3imaGcn341ixx9iRLcko/y7JOXkFZhus6nf7xJh
Dnt+wzZLh7c9MREto/bCjsANJFB0f0gniUeQ5GQD7rzzZ5Dwu1p4vVyB/7h5AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUh3WaYUdVTwrb8ZFYbhqODFWvS1kwHwYDVR0j
BBgwFoAUbNCBpKQCwQfYhwWv2TVYpWRe4MowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MzE5RjJDRTMxQkIxRTJBNEZGNEM3NTdCMTkxRkExRDEw
Q0UyMzk4MjM5Nzc0RUNBNjEwQTk1Mzc1QzhGRTc3LzAvNkNEMDgxQTRBNDAyQzEw
N0Q4ODcwNUFGRDkzNTU4QTU2NDVFRTBDQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82Q0QwODFBNEE0MDJDMTA3RDg4
NzA1QUZEOTM1NThBNTY0NUVFMENBLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTMxOUYyQ0UzMUJCMUUyQTRGRjRDNzU3QjE5MUZBMUQxMENFMjM5ODIz
OTc3NEVDQTYxMEE5NTM3NUM4RkU3Ny8wLzMxMzYzODJlMzkzMDJlMzczMjJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzIzNDM5MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACoWkgwDQYJ
KoZIhvcNAQELBQADggEBAI370PCdRYnCIz7XX6Q3tX0XvGxpwN1t3It5diJ7JuHK
cJbsOIMwBxxxhH9nYhAr0xZR9tBwOwL/+622F9LEsRHo+V3yRq4gOVc8Obp53CND
D8KPoA3fxoCV4Og6ebDbRe/hj5gAHqBRoXxArFKMckGwjRplhO3i1kRmDCIaLCGw
473RZdwAvsa1SwgAknOdsh7dqdUFPZRZcqApUU7cUe06mvl4fkOuEybOsIrcPKXn
OSfVC+dxDcCcUdJmuWeJcwLDinhvhPWk8akjIEU2TOJOD3eT5bJTFecIrPDNIWtu
lGjnhgfBxRUs8S7jex94+0j696kWUCKsWpE4BkOsVPI=
-----END CERTIFICATE-----