Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5ED81E3C41EC842A2DCCA01F3F27C3D303FE9AB92540B9A025C9015D06A59906/0/34352e3136372e3136382e302f32322d3232203d3e20323637373338.roa
File:                     34352e3136372e3136382e302f32322d3232203d3e20323637373338.roa (raw, json)
Hash identifier:          venZBu/ZEalnYrDS7HLPIEcr7lgqZIusgCiYacph1N4=
Subject key identifier:   19:63:B0:7E:45:FE:8C:1C:B3:91:33:6C:93:38:48:95:C8:F2:D7:BD
Certificate issuer:       /CN=8731934F50EFF6B6DBAA4DFB4F709849DE02FFB1
Certificate serial:       BEEF81EB04D362AFBC76CCF3F45A842C4BD680
Authority key identifier: 87:31:93:4F:50:EF:F6:B6:DB:AA:4D:FB:4F:70:98:49:DE:02:FF:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8731934F50EFF6B6DBAA4DFB4F709849DE02FFB1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5ED81E3C41EC842A2DCCA01F3F27C3D303FE9AB92540B9A025C9015D06A59906/0/34352e3136372e3136382e302f32322d3232203d3e20323637373338.roa
Signing time:             Tue 04 Feb 2025 19:57:14 +0000
ROA not before:           Tue 04 Feb 2025 19:52:14 +0000
ROA not after:            Tue 03 Feb 2026 19:57:14 +0000
asID:                     267738
IP address blocks:        45.167.168.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            be:ef:81:eb:04:d3:62:af:bc:76:cc:f3:f4:5a:84:2c:4b:d6:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8731934F50EFF6B6DBAA4DFB4F709849DE02FFB1
        Validity
            Not Before: Feb  4 19:52:14 2025 GMT
            Not After : Feb  3 19:57:14 2026 GMT
        Subject: CN=1963B07E45FE8C1CB391336C93384895C8F2D7BD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:6d:35:1d:a0:19:4c:70:08:5e:ec:13:51:d9:
                    a7:f3:ee:6c:3b:d7:51:e6:cd:f8:28:c7:00:53:28:
                    fa:c9:f8:07:ef:81:87:a3:df:34:75:d6:37:c7:00:
                    66:9b:e8:73:bc:96:1e:bd:19:ca:42:c3:19:51:f9:
                    d2:44:bc:12:f5:74:72:28:de:65:cf:4a:8a:0b:08:
                    db:51:27:1a:ce:c5:77:19:c1:ea:d2:5f:6d:01:a5:
                    a3:df:ac:8e:be:e7:df:52:35:9f:c0:39:61:8f:80:
                    b7:04:7a:b3:7d:ef:65:bd:2e:d6:39:ec:45:78:e9:
                    d1:e3:53:2a:c9:34:bb:ef:99:95:3b:37:14:cc:6a:
                    18:cf:13:b0:4f:ca:44:db:0f:d5:94:d3:13:5a:9a:
                    75:3d:9e:a0:ed:e6:51:75:46:3c:54:b6:84:05:43:
                    2c:3c:85:66:69:ff:24:4f:ed:65:90:80:69:6b:d3:
                    f2:8a:6b:d6:9e:0c:9f:d4:b1:3b:21:60:23:3e:6a:
                    05:6b:fa:60:37:83:07:3d:12:19:d5:0b:02:23:38:
                    2f:76:fa:e1:ca:4c:cd:b5:57:b0:37:25:85:e9:1f:
                    4d:ca:53:92:b2:38:ef:3e:1d:87:c0:96:e2:ad:d1:
                    20:5b:df:7c:ff:d3:c1:2f:01:6f:2b:9f:97:d0:2f:
                    30:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:63:B0:7E:45:FE:8C:1C:B3:91:33:6C:93:38:48:95:C8:F2:D7:BD
            X509v3 Authority Key Identifier:
                keyid:87:31:93:4F:50:EF:F6:B6:DB:AA:4D:FB:4F:70:98:49:DE:02:FF:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5ED81E3C41EC842A2DCCA01F3F27C3D303FE9AB92540B9A025C9015D06A59906/0/8731934F50EFF6B6DBAA4DFB4F709849DE02FFB1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8731934F50EFF6B6DBAA4DFB4F709849DE02FFB1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5ED81E3C41EC842A2DCCA01F3F27C3D303FE9AB92540B9A025C9015D06A59906/0/34352e3136372e3136382e302f32322d3232203d3e20323637373338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.167.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         12:34:06:73:a9:15:aa:53:e6:6c:13:ca:46:df:7b:5e:63:da:
         58:76:1b:e5:a4:29:99:82:f5:98:b7:b6:20:8f:ff:b2:10:c0:
         ee:93:8b:b1:00:83:f4:db:62:09:58:6c:6d:f5:0d:f9:2f:a5:
         fe:c8:81:0d:44:6d:25:c2:58:e1:fb:4d:11:b5:8a:c5:4d:33:
         c3:7a:1c:33:ad:9d:c1:87:dd:31:7c:b2:e5:65:cf:ed:ea:56:
         40:f0:0a:dc:e9:9d:cf:28:5d:fc:0b:b9:a8:88:85:37:c5:84:
         ac:8e:1c:c9:dd:33:49:df:a3:84:f4:c2:13:24:93:91:e0:7a:
         0f:e8:5e:79:1a:40:e5:f0:f6:e5:e3:b1:41:16:8e:58:4a:18:
         f8:93:ce:b4:e7:29:89:44:1d:8e:df:a7:37:c9:ae:d0:86:1c:
         00:ff:fe:1c:7b:c9:4b:94:32:cd:69:a2:91:36:2d:67:06:64:
         b7:a6:cb:f4:17:f3:29:83:85:c3:ef:ca:b5:62:75:04:cc:8c:
         32:55:80:c7:20:35:45:a5:13:cd:59:80:a9:cd:21:60:c8:22:
         e0:ea:d3:d8:41:a6:f8:60:e6:4a:0a:ee:2f:55:39:c9:ad:95:
         47:7a:9b:21:c9:62:ae:d9:0c:67:73:f2:12:4c:86:5b:8c:33:
         d4:4e:5f:c1
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUAL7vgesE02KvvHbM8/RahCxL1oAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODczMTkzNEY1MEVGRjZCNkRCQUE0REZCNEY3MDk4NDlE
RTAyRkZCMTAeFw0yNTAyMDQxOTUyMTRaFw0yNjAyMDMxOTU3MTRaMDMxMTAvBgNV
BAMTKDE5NjNCMDdFNDVGRThDMUNCMzkxMzM2QzkzMzg0ODk1QzhGMkQ3QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9bTUdoBlMcAhe7BNR2afz7mw7
11HmzfgoxwBTKPrJ+AfvgYej3zR11jfHAGab6HO8lh69GcpCwxlR+dJEvBL1dHIo
3mXPSooLCNtRJxrOxXcZwerSX20BpaPfrI6+599SNZ/AOWGPgLcEerN972W9LtY5
7EV46dHjUyrJNLvvmZU7NxTMahjPE7BPykTbD9WU0xNamnU9nqDt5lF1RjxUtoQF
Qyw8hWZp/yRP7WWQgGlr0/KKa9aeDJ/UsTshYCM+agVr+mA3gwc9EhnVCwIjOC92
+uHKTM21V7A3JYXpH03KU5KyOO8+HYfAluKt0SBb33z/08EvAW8rn5fQLzCbAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUGWOwfkX+jByzkTNskzhIlcjy170wHwYDVR0j
BBgwFoAUhzGTT1Dv9rbbqk37T3CYSd4C/7EwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81RUQ4MUUzQzQxRUM4NDJBMkRDQ0EwMUYzRjI3QzNEMzAz
RkU5QUI5MjU0MEI5QTAyNUM5MDE1RDA2QTU5OTA2LzAvODczMTkzNEY1MEVGRjZC
NkRCQUE0REZCNEY3MDk4NDlERTAyRkZCMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NzMxOTM0RjUwRUZGNkI2REJB
QTRERkI0RjcwOTg0OURFMDJGRkIxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUVEODFFM0M0MUVDODQyQTJEQ0NBMDFGM0YyN0MzRDMwM0ZFOUFCOTI1
NDBCOUEwMjVDOTAxNUQwNkE1OTkwNi8wLzM0MzUyZTMxMzYzNzJlMzEzNjM4MmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjM3MzczMzM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLaeo
MA0GCSqGSIb3DQEBCwUAA4IBAQASNAZzqRWqU+ZsE8pG33teY9pYdhvlpCmZgvWY
t7Ygj/+yEMDuk4uxAIP022IJWGxt9Q35L6X+yIENRG0lwljh+00RtYrFTTPDehwz
rZ3Bh90xfLLlZc/t6lZA8Arc6Z3PKF38C7moiIU3xYSsjhzJ3TNJ36OE9MITJJOR
4HoP6F55GkDl8Pbl47FBFo5YShj4k8605ymJRB2O36c3ya7QhhwA//4ce8lLlDLN
aaKRNi1nBmS3psv0F/Mpg4XD78q1YnUEzIwyVYDHIDVFpRPNWYCpzSFgyCLg6tPY
Qab4YOZKCu4vVTnJrZVHepshyWKu2Qxnc/ISTIZbjDPUTl/B
-----END CERTIFICATE-----