Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/553E915C78B115ED1EF6B8D6134A2D64DB6515223B082FD4FB27AB8146AA88A2/0/3132382e3230312e3137312e302f32342d3234203d3e20323731393439.roa
File:                     3132382e3230312e3137312e302f32342d3234203d3e20323731393439.roa (raw, json)
Hash identifier:          RNu1XIWNIC+LbJyhIQFGQn8HDuwMkjhRDMaR1vBaBa0=
Subject key identifier:   FD:73:B0:7D:E5:54:9F:05:26:6E:58:42:76:6D:B0:F1:D2:C8:04:03
Certificate issuer:       /CN=D5490AC693B00C1BF51582B1691FC2DC46B71FA9
Certificate serial:       4B9E15D0DDF040FDD88C1D6C575A4AA2798976C6
Authority key identifier: D5:49:0A:C6:93:B0:0C:1B:F5:15:82:B1:69:1F:C2:DC:46:B7:1F:A9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D5490AC693B00C1BF51582B1691FC2DC46B71FA9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/553E915C78B115ED1EF6B8D6134A2D64DB6515223B082FD4FB27AB8146AA88A2/0/3132382e3230312e3137312e302f32342d3234203d3e20323731393439.roa
Signing time:             Tue 04 Feb 2025 18:34:36 +0000
ROA not before:           Tue 04 Feb 2025 18:29:36 +0000
ROA not after:            Tue 03 Feb 2026 18:34:36 +0000
asID:                     271949
IP address blocks:        128.201.171.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:9e:15:d0:dd:f0:40:fd:d8:8c:1d:6c:57:5a:4a:a2:79:89:76:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D5490AC693B00C1BF51582B1691FC2DC46B71FA9
        Validity
            Not Before: Feb  4 18:29:36 2025 GMT
            Not After : Feb  3 18:34:36 2026 GMT
        Subject: CN=FD73B07DE5549F05266E5842766DB0F1D2C80403
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:15:48:db:3c:9a:57:97:e2:a5:a4:7a:9b:e3:
                    08:59:ab:10:90:cd:38:34:f3:6a:3c:7a:e7:99:5e:
                    c2:5c:23:c1:a9:81:ee:93:9f:6c:3b:a5:c1:f5:58:
                    fd:c5:88:13:c0:67:c7:65:0c:df:1d:d3:03:bf:db:
                    49:8b:3b:24:59:98:2d:f3:04:c4:79:28:4d:0c:a0:
                    1a:ff:14:03:9a:a5:62:20:0e:df:40:ca:48:0d:5a:
                    71:b4:98:5f:9a:8e:a5:82:50:e4:f2:f2:1b:1e:f4:
                    45:3a:9e:f7:ca:8b:ee:41:12:b6:2e:e6:42:cf:d8:
                    30:3a:18:74:2c:ba:b9:31:7c:06:9b:f0:d8:b3:93:
                    09:52:8c:03:13:ad:e0:86:a1:c0:fd:78:e4:0c:0d:
                    3f:1c:d1:73:7c:e6:41:9d:b7:d5:54:57:7b:9d:26:
                    eb:3a:f7:fe:d9:4c:fd:75:17:e7:5e:d0:5c:b6:34:
                    3a:f0:d4:97:00:67:5a:fd:3f:91:74:b2:8a:81:d6:
                    b4:59:a8:03:99:c7:99:88:40:38:bd:2b:10:d7:4a:
                    e0:dc:3b:22:c9:30:d2:69:ce:d1:17:f3:f4:40:cc:
                    3e:f2:a7:66:aa:03:8e:a3:07:2b:19:6b:01:ee:60:
                    23:9f:37:7a:6f:ae:40:e3:fb:5c:d7:a4:c9:4a:d5:
                    66:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:73:B0:7D:E5:54:9F:05:26:6E:58:42:76:6D:B0:F1:D2:C8:04:03
            X509v3 Authority Key Identifier:
                keyid:D5:49:0A:C6:93:B0:0C:1B:F5:15:82:B1:69:1F:C2:DC:46:B7:1F:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/553E915C78B115ED1EF6B8D6134A2D64DB6515223B082FD4FB27AB8146AA88A2/0/D5490AC693B00C1BF51582B1691FC2DC46B71FA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D5490AC693B00C1BF51582B1691FC2DC46B71FA9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/553E915C78B115ED1EF6B8D6134A2D64DB6515223B082FD4FB27AB8146AA88A2/0/3132382e3230312e3137312e302f32342d3234203d3e20323731393439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.201.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:38:6d:99:2c:34:0e:6e:25:a1:cf:2e:ac:8b:e9:1b:a2:a0:
         1d:67:e9:2e:e2:fc:6e:03:72:2f:0f:5a:2f:1b:19:e4:db:dd:
         11:82:89:5e:c9:65:ed:2a:52:3a:ad:7c:7b:ef:69:25:9c:76:
         e4:2e:f5:62:74:d4:54:8a:d4:d7:73:63:e1:b2:42:fb:65:88:
         ca:0d:e4:84:06:cf:e3:86:a9:3a:6d:b6:20:a9:2f:77:b8:5e:
         74:11:c4:9c:6e:8b:a5:f9:1e:e6:d7:cf:95:fe:b6:94:be:35:
         4b:6d:64:ee:36:50:1e:7e:7b:81:a5:ce:f1:82:5e:c9:6e:fd:
         f0:9f:09:4b:5b:30:f8:f9:36:5c:57:69:df:6f:af:89:bd:c3:
         67:ce:49:85:46:b0:c9:7e:f1:71:d0:10:c7:da:bb:55:2e:d9:
         04:92:37:98:09:ee:8a:fe:1a:38:54:ab:62:66:1c:c7:5c:2c:
         80:6a:db:b0:76:8e:11:45:5c:4d:10:53:a9:d3:fe:3d:35:0c:
         e9:2f:c7:a2:b2:b7:98:11:5a:51:81:e6:51:41:79:f2:53:cd:
         62:ee:92:19:bb:9c:1f:68:14:7d:86:92:3b:18:c5:6d:2d:e6:
         c7:99:29:86:36:2c:69:06:38:98:34:d8:df:61:55:86:7e:45:
         3c:f2:ae:97
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUS54V0N3wQP3YjB1sV1pKonmJdsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDU0OTBBQzY5M0IwMEMxQkY1MTU4MkIxNjkxRkMyREM0
NkI3MUZBOTAeFw0yNTAyMDQxODI5MzZaFw0yNjAyMDMxODM0MzZaMDMxMTAvBgNV
BAMTKEZENzNCMDdERTU1NDlGMDUyNjZFNTg0Mjc2NkRCMEYxRDJDODA0MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMFUjbPJpXl+KlpHqb4whZqxCQ
zTg082o8eueZXsJcI8Gpge6Tn2w7pcH1WP3FiBPAZ8dlDN8d0wO/20mLOyRZmC3z
BMR5KE0MoBr/FAOapWIgDt9AykgNWnG0mF+ajqWCUOTy8hse9EU6nvfKi+5BErYu
5kLP2DA6GHQsurkxfAab8NizkwlSjAMTreCGocD9eOQMDT8c0XN85kGdt9VUV3ud
Jus69/7ZTP11F+de0Fy2NDrw1JcAZ1r9P5F0soqB1rRZqAOZx5mIQDi9KxDXSuDc
OyLJMNJpztEX8/RAzD7yp2aqA46jBysZawHuYCOfN3pvrkDj+1zXpMlK1WZDAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU/XOwfeVUnwUmblhCdm2w8dLIBAMwHwYDVR0j
BBgwFoAU1UkKxpOwDBv1FYKxaR/C3Ea3H6kwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NTNFOTE1Qzc4QjExNUVEMUVGNkI4RDYxMzRBMkQ2NERC
NjUxNTIyM0IwODJGRDRGQjI3QUI4MTQ2QUE4OEEyLzAvRDU0OTBBQzY5M0IwMEMx
QkY1MTU4MkIxNjkxRkMyREM0NkI3MUZBOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENTQ5MEFDNjkzQjAwQzFCRjUx
NTgyQjE2OTFGQzJEQzQ2QjcxRkE5LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTUzRTkxNUM3OEIxMTVFRDFFRjZCOEQ2MTM0QTJENjREQjY1MTUyMjNC
MDgyRkQ0RkIyN0FCODE0NkFBODhBMi8wLzMxMzIzODJlMzIzMDMxMmUzMTM3MzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzEzOTM0Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACA
yaswDQYJKoZIhvcNAQELBQADggEBAEc4bZksNA5uJaHPLqyL6RuioB1n6S7i/G4D
ci8PWi8bGeTb3RGCiV7JZe0qUjqtfHvvaSWcduQu9WJ01FSK1NdzY+GyQvtliMoN
5IQGz+OGqTpttiCpL3e4XnQRxJxui6X5HubXz5X+tpS+NUttZO42UB5+e4GlzvGC
Xslu/fCfCUtbMPj5NlxXad9vr4m9w2fOSYVGsMl+8XHQEMfau1Uu2QSSN5gJ7or+
GjhUq2JmHMdcLIBq27B2jhFFXE0QU6nT/j01DOkvx6Kyt5gRWlGB5lFBefJTzWLu
khm7nB9oFH2GkjsYxW0t5seZKYY2LGkGOJg02N9hVYZ+RTzyrpc=
-----END CERTIFICATE-----