Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/583869DF9D6A8CD6686F11C2A1040F7FE8AB686AB267D2871BE97291B398F1CA/0/3135372e3130302e36382e302f32332d3234203d3e203532343638.roa
File:                     3135372e3130302e36382e302f32332d3234203d3e203532343638.roa (raw, json)
Hash identifier:          JIj3EmaEn9tsHAuSs0AIhRQ7Zo8BefK6nZACFvQr2ek=
Subject key identifier:   7D:35:29:B2:82:EB:A4:61:16:8F:F5:E4:04:81:89:A3:5C:BE:65:69
Certificate issuer:       /CN=77570511D6CF51E3ABAFB2F756FE17F5291D8648
Certificate serial:       19AC835D6951AC6AA08C09801F1581D6087758CA
Authority key identifier: 77:57:05:11:D6:CF:51:E3:AB:AF:B2:F7:56:FE:17:F5:29:1D:86:48
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/77570511D6CF51E3ABAFB2F756FE17F5291D8648.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/583869DF9D6A8CD6686F11C2A1040F7FE8AB686AB267D2871BE97291B398F1CA/0/3135372e3130302e36382e302f32332d3234203d3e203532343638.roa
Signing time:             Tue 04 Feb 2025 20:08:27 +0000
ROA not before:           Tue 04 Feb 2025 20:03:27 +0000
ROA not after:            Tue 03 Feb 2026 20:08:27 +0000
asID:                     52468
IP address blocks:        157.100.68.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:ac:83:5d:69:51:ac:6a:a0:8c:09:80:1f:15:81:d6:08:77:58:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77570511D6CF51E3ABAFB2F756FE17F5291D8648
        Validity
            Not Before: Feb  4 20:03:27 2025 GMT
            Not After : Feb  3 20:08:27 2026 GMT
        Subject: CN=7D3529B282EBA461168FF5E4048189A35CBE6569
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:e0:ce:28:b5:4e:b2:95:d3:85:3d:d9:50:a2:
                    d5:7c:64:c8:32:d1:47:fc:b5:31:d6:6f:fe:06:94:
                    45:21:f9:7c:f6:42:0a:30:c3:2e:7a:b4:a1:e1:f8:
                    6c:2b:67:12:7f:5d:a3:2a:1e:c8:b2:f6:73:57:34:
                    ce:ef:0a:4a:cd:b4:f9:54:23:19:0c:48:d9:fd:d4:
                    c6:f2:13:b2:5c:54:73:39:e1:ca:e6:bb:2b:1e:90:
                    20:8a:ff:70:b9:2d:15:53:b7:71:f4:20:e1:81:02:
                    38:f8:fe:31:1b:b5:75:26:b8:7e:9f:6a:54:d4:05:
                    da:4d:d7:b1:49:fe:3c:00:03:54:9e:da:6f:d7:b1:
                    5a:4d:d2:61:d2:74:88:41:07:1f:7e:5e:ab:5f:02:
                    f5:ce:a1:8c:dd:ab:50:10:8a:f6:bb:89:71:0b:39:
                    35:78:52:a9:66:5c:08:7e:e7:e8:e3:e9:26:f5:03:
                    e5:99:9b:aa:26:5d:08:85:a7:1b:e9:23:3d:32:9e:
                    80:94:8f:35:08:ae:4f:2e:04:4c:ac:84:26:a7:d0:
                    24:9b:4a:38:ae:0c:fe:47:db:8d:09:4f:24:2e:2e:
                    51:2b:ea:86:9c:d7:ad:95:e8:37:1d:52:ea:3d:23:
                    91:ad:bf:1c:71:a1:96:64:d4:9b:04:cb:d8:68:19:
                    d5:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:35:29:B2:82:EB:A4:61:16:8F:F5:E4:04:81:89:A3:5C:BE:65:69
            X509v3 Authority Key Identifier:
                keyid:77:57:05:11:D6:CF:51:E3:AB:AF:B2:F7:56:FE:17:F5:29:1D:86:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/583869DF9D6A8CD6686F11C2A1040F7FE8AB686AB267D2871BE97291B398F1CA/0/77570511D6CF51E3ABAFB2F756FE17F5291D8648.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/77570511D6CF51E3ABAFB2F756FE17F5291D8648.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/583869DF9D6A8CD6686F11C2A1040F7FE8AB686AB267D2871BE97291B398F1CA/0/3135372e3130302e36382e302f32332d3234203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.100.68.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8f:e7:22:59:86:e6:6f:0f:7b:00:ba:88:ee:5d:b5:37:6c:03:
         ef:19:31:c1:0e:3b:2d:69:ad:d0:73:19:a1:f8:30:d4:48:dd:
         c6:e9:80:4f:5c:c9:be:fd:a8:e4:45:86:09:e7:f0:c1:ed:43:
         5c:e0:08:4d:a7:cb:78:6f:fe:74:5f:51:4c:ab:76:35:7b:81:
         84:a3:0e:47:e3:6c:69:64:1b:fd:8e:86:49:f0:dc:83:36:cb:
         dc:18:11:2f:17:d6:7e:ea:20:6d:09:ae:96:cb:7c:55:e2:ae:
         96:82:39:a3:db:a7:cf:63:23:1b:74:33:43:50:65:13:8f:dd:
         e2:62:5f:7b:b8:5e:d7:f4:f8:76:59:d0:01:a2:5e:09:fd:8a:
         b4:dc:6f:f6:7f:af:4c:d8:a6:d3:8e:26:b4:4c:04:71:32:6e:
         e5:a2:5c:75:a1:a5:70:4f:06:e7:d7:89:32:50:0f:7f:a4:70:
         64:69:a5:bd:d5:cb:0b:05:ea:4b:51:89:f7:21:63:2c:06:46:
         c0:2e:5a:4e:10:ec:22:ff:96:76:5f:be:e2:2d:68:82:c6:21:
         1d:7e:ed:20:d5:9e:c3:8a:3e:de:a1:8d:6a:c5:e6:59:42:14:
         ff:06:51:45:52:cd:da:bd:86:d0:de:5d:95:94:24:7a:4e:7b:
         a0:b5:a5:87
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUGayDXWlRrGqgjAmAHxWB1gh3WMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzc1NzA1MTFENkNGNTFFM0FCQUZCMkY3NTZGRTE3RjUy
OTFEODY0ODAeFw0yNTAyMDQyMDAzMjdaFw0yNjAyMDMyMDA4MjdaMDMxMTAvBgNV
BAMTKDdEMzUyOUIyODJFQkE0NjExNjhGRjVFNDA0ODE4OUEzNUNCRTY1NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR4M4otU6yldOFPdlQotV8ZMgy
0Uf8tTHWb/4GlEUh+Xz2Qgowwy56tKHh+GwrZxJ/XaMqHsiy9nNXNM7vCkrNtPlU
IxkMSNn91MbyE7JcVHM54crmuysekCCK/3C5LRVTt3H0IOGBAjj4/jEbtXUmuH6f
alTUBdpN17FJ/jwAA1Se2m/XsVpN0mHSdIhBBx9+XqtfAvXOoYzdq1AQiva7iXEL
OTV4UqlmXAh+5+jj6Sb1A+WZm6omXQiFpxvpIz0ynoCUjzUIrk8uBEyshCan0CSb
SjiuDP5H240JTyQuLlEr6oac162V6DcdUuo9I5GtvxxxoZZk1JsEy9hoGdUzAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUfTUpsoLrpGEWj/XkBIGJo1y+ZWkwHwYDVR0j
BBgwFoAUd1cFEdbPUeOrr7L3Vv4X9SkdhkgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81ODM4NjlERjlENkE4Q0Q2Njg2RjExQzJBMTA0MEY3RkU4
QUI2ODZBQjI2N0QyODcxQkU5NzI5MUIzOThGMUNBLzAvNzc1NzA1MTFENkNGNTFF
M0FCQUZCMkY3NTZGRTE3RjUyOTFEODY0OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83NzU3MDUxMUQ2Q0Y1MUUzQUJB
RkIyRjc1NkZFMTdGNTI5MUQ4NjQ4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTgzODY5REY5RDZBOENENjY4NkYxMUMyQTEwNDBGN0ZFOEFCNjg2QUIy
NjdEMjg3MUJFOTcyOTFCMzk4RjFDQS8wLzMxMzUzNzJlMzEzMDMwMmUzNjM4MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzUzMjM0MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZ1kRDAN
BgkqhkiG9w0BAQsFAAOCAQEAj+ciWYbmbw97ALqI7l21N2wD7xkxwQ47LWmt0HMZ
ofgw1EjdxumAT1zJvv2o5EWGCefwwe1DXOAITafLeG/+dF9RTKt2NXuBhKMOR+Ns
aWQb/Y6GSfDcgzbL3BgRLxfWfuogbQmulst8VeKuloI5o9unz2MjG3QzQ1BlE4/d
4mJfe7he1/T4dlnQAaJeCf2KtNxv9n+vTNim044mtEwEcTJu5aJcdaGlcE8G59eJ
MlAPf6RwZGmlvdXLCwXqS1GJ9yFjLAZGwC5aThDsIv+Wdl++4i1ogsYhHX7tINWe
w4o+3qGNasXmWUIU/wZRRVLN2r2G0N5dlZQkek57oLWlhw==
-----END CERTIFICATE-----