Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5ED84AD638AFA0E6AA91AA69FD49C6043E9010D59CA1477EC5E4222073D7642A/0/34352e3232352e3232342e302f32322d3234203d3e20323635383535.roa
File:                     34352e3232352e3232342e302f32322d3234203d3e20323635383535.roa (raw, json)
Hash identifier:          LUBJL9j2eYUewvPAdfZ/zJC1iFpdZrKM+8hR/f475/E=
Subject key identifier:   D9:AC:AB:B6:68:7C:F2:34:FA:1D:E9:9A:99:04:9F:C3:1F:72:D8:AF
Certificate issuer:       /CN=F341739AE08457A031B734E9D432A5F3E22893FE
Certificate serial:       07F84A397A0D70D1B603495575BC51B6A5639A54
Authority key identifier: F3:41:73:9A:E0:84:57:A0:31:B7:34:E9:D4:32:A5:F3:E2:28:93:FE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F341739AE08457A031B734E9D432A5F3E22893FE.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5ED84AD638AFA0E6AA91AA69FD49C6043E9010D59CA1477EC5E4222073D7642A/0/34352e3232352e3232342e302f32322d3234203d3e20323635383535.roa
Signing time:             Tue 04 Feb 2025 18:05:45 +0000
ROA not before:           Tue 04 Feb 2025 18:00:45 +0000
ROA not after:            Tue 03 Feb 2026 18:05:45 +0000
asID:                     265855
IP address blocks:        45.225.224.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:f8:4a:39:7a:0d:70:d1:b6:03:49:55:75:bc:51:b6:a5:63:9a:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F341739AE08457A031B734E9D432A5F3E22893FE
        Validity
            Not Before: Feb  4 18:00:45 2025 GMT
            Not After : Feb  3 18:05:45 2026 GMT
        Subject: CN=D9ACABB6687CF234FA1DE99A99049FC31F72D8AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:46:44:24:1d:89:2c:b2:bf:34:fd:b0:e4:47:
                    bf:18:cf:00:7d:ee:ec:fa:99:d8:c3:60:5f:a4:ef:
                    be:ba:16:85:59:38:5e:99:0a:f1:6e:56:31:45:af:
                    91:6d:d9:b1:1c:bb:1d:c3:95:d9:90:2c:a6:fc:b2:
                    8c:9b:3e:16:87:6d:c3:f3:34:b1:52:07:2d:dc:74:
                    79:6b:00:3b:17:aa:89:d7:93:a3:69:02:b4:4c:3c:
                    88:e5:15:89:32:94:17:b5:79:91:ad:61:70:f8:2d:
                    b1:2c:08:85:49:49:fb:25:91:fa:b6:8a:2d:b3:5c:
                    f5:59:62:c4:2c:e0:f4:81:a5:c5:95:e0:6c:56:fd:
                    8d:67:d2:96:91:96:31:c2:c6:f6:9f:a7:53:21:93:
                    d2:32:f7:d1:b3:f8:3f:7f:11:49:d7:61:f8:f0:39:
                    76:76:78:a2:9b:41:7a:71:9f:cf:e3:74:39:92:60:
                    4c:41:b6:75:d6:94:7b:e5:42:83:88:08:97:a7:38:
                    d4:fc:e4:e9:d8:ff:81:1f:9b:dc:4f:eb:ff:b7:89:
                    15:5e:bc:96:8f:d2:d8:8a:51:1e:e5:53:61:33:45:
                    e3:d6:5e:21:98:58:60:c6:5f:74:cd:b9:46:da:28:
                    76:11:28:46:be:8c:4c:eb:ee:df:88:93:08:98:49:
                    a7:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:AC:AB:B6:68:7C:F2:34:FA:1D:E9:9A:99:04:9F:C3:1F:72:D8:AF
            X509v3 Authority Key Identifier:
                keyid:F3:41:73:9A:E0:84:57:A0:31:B7:34:E9:D4:32:A5:F3:E2:28:93:FE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5ED84AD638AFA0E6AA91AA69FD49C6043E9010D59CA1477EC5E4222073D7642A/0/F341739AE08457A031B734E9D432A5F3E22893FE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F341739AE08457A031B734E9D432A5F3E22893FE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5ED84AD638AFA0E6AA91AA69FD49C6043E9010D59CA1477EC5E4222073D7642A/0/34352e3232352e3232342e302f32322d3234203d3e20323635383535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.225.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:d2:47:02:10:c2:09:d9:9a:08:e5:e8:f1:3c:2c:2f:50:11:
         ba:3c:2c:8c:15:f4:97:d1:2c:d6:6a:45:a0:8e:5f:11:a6:f7:
         dc:75:cc:2c:89:18:18:11:e6:3b:77:9c:91:d3:d7:04:7b:d3:
         e9:56:c8:a1:30:d4:18:3d:60:d3:30:ba:79:88:23:b6:61:95:
         24:31:dd:24:77:e4:08:dc:87:ce:71:3e:ec:3a:6a:72:49:f9:
         a0:81:b5:3e:96:18:50:24:75:75:98:b5:1e:c5:7b:19:c4:cd:
         66:fc:fe:b1:c8:9f:db:63:ad:0c:71:06:d1:2b:9b:c3:40:07:
         fc:1d:3e:ae:8b:76:0c:20:36:f5:d4:81:c6:08:db:ca:b7:b6:
         f6:ef:04:5e:0c:e3:02:08:bb:73:d1:a5:2c:3f:4e:7c:25:1a:
         b7:fa:62:a0:d8:7e:72:77:52:7b:ba:d8:82:5c:5d:58:69:2f:
         a5:a7:c4:c5:e8:62:56:63:7e:4d:ab:96:57:e6:73:16:80:f8:
         e4:03:5a:1a:c3:85:df:d3:70:30:85:47:bb:62:43:43:1c:c7:
         ff:c8:54:ac:bc:60:76:0e:bb:c3:5b:3e:4f:5e:2b:a0:e6:c6:
         af:68:a3:4d:4c:7a:62:da:61:ae:58:7d:a9:56:b2:46:7d:bb:
         98:5c:3e:f9
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUB/hKOXoNcNG2A0lVdbxRtqVjmlQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjM0MTczOUFFMDg0NTdBMDMxQjczNEU5RDQzMkE1RjNF
MjI4OTNGRTAeFw0yNTAyMDQxODAwNDVaFw0yNjAyMDMxODA1NDVaMDMxMTAvBgNV
BAMTKEQ5QUNBQkI2Njg3Q0YyMzRGQTFERTk5QTk5MDQ5RkMzMUY3MkQ4QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/RkQkHYkssr80/bDkR78YzwB9
7uz6mdjDYF+k7766FoVZOF6ZCvFuVjFFr5Ft2bEcux3DldmQLKb8soybPhaHbcPz
NLFSBy3cdHlrADsXqonXk6NpArRMPIjlFYkylBe1eZGtYXD4LbEsCIVJSfslkfq2
ii2zXPVZYsQs4PSBpcWV4GxW/Y1n0paRljHCxvafp1Mhk9Iy99Gz+D9/EUnXYfjw
OXZ2eKKbQXpxn8/jdDmSYExBtnXWlHvlQoOICJenONT85OnY/4Efm9xP6/+3iRVe
vJaP0tiKUR7lU2EzRePWXiGYWGDGX3TNuUbaKHYRKEa+jEzr7t+IkwiYSaeZAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU2ayrtmh88jT6HemamQSfwx9y2K8wHwYDVR0j
BBgwFoAU80FzmuCEV6AxtzTp1DKl8+Iok/4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81RUQ4NEFENjM4QUZBMEU2QUE5MUFBNjlGRDQ5QzYwNDNF
OTAxMEQ1OUNBMTQ3N0VDNUU0MjIyMDczRDc2NDJBLzAvRjM0MTczOUFFMDg0NTdB
MDMxQjczNEU5RDQzMkE1RjNFMjI4OTNGRS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMzQxNzM5QUUwODQ1N0EwMzFC
NzM0RTlENDMyQTVGM0UyMjg5M0ZFLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUVEODRBRDYzOEFGQTBFNkFBOTFBQTY5RkQ0OUM2MDQzRTkwMTBENTlD
QTE0NzdFQzVFNDIyMjA3M0Q3NjQyQS8wLzM0MzUyZTMyMzIzNTJlMzIzMjM0MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM1MzgzNTM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLeHg
MA0GCSqGSIb3DQEBCwUAA4IBAQAc0kcCEMIJ2ZoI5ejxPCwvUBG6PCyMFfSX0SzW
akWgjl8RpvfcdcwsiRgYEeY7d5yR09cEe9PpVsihMNQYPWDTMLp5iCO2YZUkMd0k
d+QI3IfOcT7sOmpySfmggbU+lhhQJHV1mLUexXsZxM1m/P6xyJ/bY60McQbRK5vD
QAf8HT6ui3YMIDb11IHGCNvKt7b27wReDOMCCLtz0aUsP058JRq3+mKg2H5yd1J7
utiCXF1YaS+lp8TF6GJWY35Nq5ZX5nMWgPjkA1oaw4Xf03AwhUe7YkNDHMf/yFSs
vGB2DrvDWz5PXiug5savaKNNTHpi2mGuWH2pVrJGfbuYXD75
-----END CERTIFICATE-----