Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/583869DF9D6A8CD6686F11C2A1040F7FE8AB686AB267D2871BE97291B398F1CA/0/3135372e3130302e35322e302f32322d3234203d3e20323634363638.roa
File:                     3135372e3130302e35322e302f32322d3234203d3e20323634363638.roa (raw, json)
Hash identifier:          /HJ1rifzkqdoNeuqGn2oObixszqCTmhywHKx2WGs4bE=
Subject key identifier:   74:B9:06:1B:07:58:6D:9D:D8:E0:99:2F:66:46:0A:53:0E:15:55:A8
Certificate issuer:       /CN=77570511D6CF51E3ABAFB2F756FE17F5291D8648
Certificate serial:       6A56B0B7773CECBFC6A75E95563963A9DCF79A8F
Authority key identifier: 77:57:05:11:D6:CF:51:E3:AB:AF:B2:F7:56:FE:17:F5:29:1D:86:48
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/77570511D6CF51E3ABAFB2F756FE17F5291D8648.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/583869DF9D6A8CD6686F11C2A1040F7FE8AB686AB267D2871BE97291B398F1CA/0/3135372e3130302e35322e302f32322d3234203d3e20323634363638.roa
Signing time:             Tue 04 Feb 2025 20:08:28 +0000
ROA not before:           Tue 04 Feb 2025 20:03:28 +0000
ROA not after:            Tue 03 Feb 2026 20:08:28 +0000
asID:                     264668
IP address blocks:        157.100.52.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:56:b0:b7:77:3c:ec:bf:c6:a7:5e:95:56:39:63:a9:dc:f7:9a:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77570511D6CF51E3ABAFB2F756FE17F5291D8648
        Validity
            Not Before: Feb  4 20:03:28 2025 GMT
            Not After : Feb  3 20:08:28 2026 GMT
        Subject: CN=74B9061B07586D9DD8E0992F66460A530E1555A8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ed:d7:82:34:b4:ec:ff:ef:0a:45:ef:82:88:
                    cc:d5:93:ba:f0:4c:00:e2:4a:ed:e2:62:38:22:9e:
                    a9:3f:45:8e:fa:87:09:2c:fd:fe:e4:9f:8c:5d:84:
                    b1:eb:24:d3:da:95:d9:52:f2:46:f1:85:ca:df:ff:
                    ce:4f:40:ae:36:c6:c5:b1:9d:b6:5e:13:8c:55:82:
                    7b:ac:b6:db:fb:4a:4c:b6:04:79:e5:fb:b3:6a:d6:
                    1e:04:2f:17:a2:72:d6:54:02:90:cb:de:80:ac:26:
                    b7:17:f6:3f:53:73:72:79:e2:dc:4a:57:bf:7a:a3:
                    fe:13:38:9d:0b:1a:58:f3:21:09:3b:5f:1d:ce:28:
                    01:0e:fe:0d:72:00:04:32:4e:dc:3f:b9:47:0b:91:
                    39:90:9e:7a:87:eb:10:59:bd:00:ee:3f:4c:51:82:
                    97:75:16:d0:2b:59:b7:c7:aa:0d:9f:d9:7a:d5:6f:
                    db:09:2f:82:81:b1:5c:40:e8:0c:31:bd:4b:9a:ec:
                    81:3a:80:a7:b6:49:9c:2d:f0:c3:8c:c0:7c:9b:b6:
                    96:71:ad:2c:fe:ea:e3:44:22:82:a6:f7:70:8f:10:
                    99:26:c4:a8:74:fd:fc:e8:8b:a8:42:e0:ab:fa:ed:
                    97:c9:3a:00:c9:29:4e:61:3a:01:77:6c:c9:1c:9a:
                    db:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:B9:06:1B:07:58:6D:9D:D8:E0:99:2F:66:46:0A:53:0E:15:55:A8
            X509v3 Authority Key Identifier:
                keyid:77:57:05:11:D6:CF:51:E3:AB:AF:B2:F7:56:FE:17:F5:29:1D:86:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/583869DF9D6A8CD6686F11C2A1040F7FE8AB686AB267D2871BE97291B398F1CA/0/77570511D6CF51E3ABAFB2F756FE17F5291D8648.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/77570511D6CF51E3ABAFB2F756FE17F5291D8648.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/583869DF9D6A8CD6686F11C2A1040F7FE8AB686AB267D2871BE97291B398F1CA/0/3135372e3130302e35322e302f32322d3234203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.100.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ae:9f:b8:a6:b1:4f:df:c0:b6:a4:1c:6e:2a:44:7b:d8:a6:e6:
         74:fa:e7:cb:75:22:2c:1e:78:cd:26:26:6a:76:75:b4:61:dd:
         2a:b7:19:1e:8e:6e:c4:e1:12:97:d5:be:fc:a7:4a:1f:ee:4a:
         75:9b:82:3b:78:72:19:a4:36:5b:d4:7b:03:bc:f8:91:08:ad:
         38:eb:4a:66:f0:7e:ed:22:81:8c:77:38:db:f0:f8:45:c2:34:
         ed:16:fe:9e:91:eb:79:da:9a:b6:70:50:13:b3:90:e1:5d:91:
         63:17:f1:fa:eb:ec:8e:ec:7a:28:dd:7d:89:66:73:74:d2:9b:
         ed:a2:75:68:19:97:d5:93:0e:30:21:23:18:a9:85:e5:17:9e:
         03:d3:a3:c2:6d:04:aa:c6:ed:5a:f5:f8:01:73:26:48:09:a4:
         df:1a:67:e0:91:18:9b:ca:1d:cc:95:0d:47:4e:5e:e1:fb:fe:
         df:5d:57:fb:82:ac:6e:7c:d4:12:3f:7c:c1:26:a6:bd:a4:41:
         c5:52:61:08:a2:40:7b:b4:19:d0:1d:d3:8a:aa:d9:ac:8d:1c:
         fd:dd:ab:f7:86:91:fa:67:0b:75:a1:8b:fd:fe:19:e9:37:7e:
         8b:e1:fd:74:03:6f:56:87:29:96:65:df:f4:c8:68:aa:1b:35:
         f2:92:47:90
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUalawt3c87L/Gp16VVjljqdz3mo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzc1NzA1MTFENkNGNTFFM0FCQUZCMkY3NTZGRTE3RjUy
OTFEODY0ODAeFw0yNTAyMDQyMDAzMjhaFw0yNjAyMDMyMDA4MjhaMDMxMTAvBgNV
BAMTKDc0QjkwNjFCMDc1ODZEOUREOEUwOTkyRjY2NDYwQTUzMEUxNTU1QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ7deCNLTs/+8KRe+CiMzVk7rw
TADiSu3iYjginqk/RY76hwks/f7kn4xdhLHrJNPaldlS8kbxhcrf/85PQK42xsWx
nbZeE4xVgnusttv7Sky2BHnl+7Nq1h4ELxeictZUApDL3oCsJrcX9j9Tc3J54txK
V796o/4TOJ0LGljzIQk7Xx3OKAEO/g1yAAQyTtw/uUcLkTmQnnqH6xBZvQDuP0xR
gpd1FtArWbfHqg2f2XrVb9sJL4KBsVxA6AwxvUua7IE6gKe2SZwt8MOMwHybtpZx
rSz+6uNEIoKm93CPEJkmxKh0/fzoi6hC4Kv67ZfJOgDJKU5hOgF3bMkcmtubAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUdLkGGwdYbZ3Y4JkvZkYKUw4VVagwHwYDVR0j
BBgwFoAUd1cFEdbPUeOrr7L3Vv4X9SkdhkgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81ODM4NjlERjlENkE4Q0Q2Njg2RjExQzJBMTA0MEY3RkU4
QUI2ODZBQjI2N0QyODcxQkU5NzI5MUIzOThGMUNBLzAvNzc1NzA1MTFENkNGNTFF
M0FCQUZCMkY3NTZGRTE3RjUyOTFEODY0OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83NzU3MDUxMUQ2Q0Y1MUUzQUJB
RkIyRjc1NkZFMTdGNTI5MUQ4NjQ4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTgzODY5REY5RDZBOENENjY4NkYxMUMyQTEwNDBGN0ZFOEFCNjg2QUIy
NjdEMjg3MUJFOTcyOTFCMzk4RjFDQS8wLzMxMzUzNzJlMzEzMDMwMmUzNTMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM0MzYzNjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnWQ0
MA0GCSqGSIb3DQEBCwUAA4IBAQCun7imsU/fwLakHG4qRHvYpuZ0+ufLdSIsHnjN
JiZqdnW0Yd0qtxkejm7E4RKX1b78p0of7kp1m4I7eHIZpDZb1HsDvPiRCK0460pm
8H7tIoGMdzjb8PhFwjTtFv6eket52pq2cFATs5DhXZFjF/H66+yO7Hoo3X2JZnN0
0pvtonVoGZfVkw4wISMYqYXlF54D06PCbQSqxu1a9fgBcyZICaTfGmfgkRibyh3M
lQ1HTl7h+/7fXVf7gqxufNQSP3zBJqa9pEHFUmEIokB7tBnQHdOKqtmsjRz93av3
hpH6Zwt1oYv9/hnpN36L4f10A29WhymWZd/0yGiqGzXykkeQ
-----END CERTIFICATE-----