Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/841A1D6C56D9A2431ED62D8750469F5B37A27ECFF512D14BC177814101F49D12/0/34352e3232382e35322e302f32342d3234203d3e20323639383338.roa
File:                     34352e3232382e35322e302f32342d3234203d3e20323639383338.roa (raw, json)
Hash identifier:          qeOApN/GoSEng/zyvepvpLqKX/PIN+eOjP84y57GmOA=
Subject key identifier:   15:A1:3A:D9:68:DD:2F:18:8C:C8:5D:D3:90:66:B5:54:15:19:B7:C0
Certificate issuer:       /CN=A8F348342236CEF0874883E7673551354708EDDE
Certificate serial:       50416887982C9368B858FEB81C22D89703C85FAC
Authority key identifier: A8:F3:48:34:22:36:CE:F0:87:48:83:E7:67:35:51:35:47:08:ED:DE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A8F348342236CEF0874883E7673551354708EDDE.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/841A1D6C56D9A2431ED62D8750469F5B37A27ECFF512D14BC177814101F49D12/0/34352e3232382e35322e302f32342d3234203d3e20323639383338.roa
Signing time:             Tue 04 Feb 2025 20:04:05 +0000
ROA not before:           Tue 04 Feb 2025 19:59:05 +0000
ROA not after:            Tue 03 Feb 2026 20:04:05 +0000
asID:                     269838
IP address blocks:        45.228.52.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:41:68:87:98:2c:93:68:b8:58:fe:b8:1c:22:d8:97:03:c8:5f:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A8F348342236CEF0874883E7673551354708EDDE
        Validity
            Not Before: Feb  4 19:59:05 2025 GMT
            Not After : Feb  3 20:04:05 2026 GMT
        Subject: CN=15A13AD968DD2F188CC85DD39066B5541519B7C0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:67:2f:b3:32:e1:c3:0a:e9:31:6a:de:cb:1b:
                    5e:3b:c7:e5:94:c8:f7:55:86:24:ea:c5:dd:ec:9e:
                    d4:ae:19:f1:65:26:db:84:a8:ee:fd:ca:2b:84:61:
                    28:0f:ad:9a:0d:22:bd:f9:4c:b7:f4:3d:56:1a:e3:
                    a0:82:3e:fe:e1:7c:57:10:70:a7:b4:36:59:ea:8a:
                    55:2f:10:35:aa:8f:1e:e8:1f:e8:49:b8:36:18:bc:
                    17:3f:fd:8a:dd:07:42:ab:73:b8:b8:83:94:73:0f:
                    16:bb:69:01:43:0c:cb:77:9a:54:c8:e6:57:30:bb:
                    08:d7:9d:c4:d9:1c:1c:1b:51:94:ed:f8:14:c7:4b:
                    ac:ca:f2:81:67:67:21:56:57:31:e8:59:1b:6d:99:
                    35:b2:4c:d4:ca:be:53:80:ad:39:5b:91:9b:45:66:
                    ae:de:82:f9:43:66:5d:27:e4:a3:80:10:2d:ad:c8:
                    19:b7:80:7a:54:3b:7f:4f:77:62:3d:89:18:d0:2d:
                    2e:1e:d1:a7:01:cb:4c:c1:02:73:e1:3d:e6:33:bc:
                    a7:ab:44:02:69:6e:06:00:a4:ea:c0:f3:4a:f0:05:
                    a4:f3:51:32:b9:65:be:da:01:86:11:e7:56:c5:a1:
                    10:ca:67:9d:06:b4:c4:b1:9c:bc:8d:fc:a9:25:47:
                    e0:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:A1:3A:D9:68:DD:2F:18:8C:C8:5D:D3:90:66:B5:54:15:19:B7:C0
            X509v3 Authority Key Identifier:
                keyid:A8:F3:48:34:22:36:CE:F0:87:48:83:E7:67:35:51:35:47:08:ED:DE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/841A1D6C56D9A2431ED62D8750469F5B37A27ECFF512D14BC177814101F49D12/0/A8F348342236CEF0874883E7673551354708EDDE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A8F348342236CEF0874883E7673551354708EDDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/841A1D6C56D9A2431ED62D8750469F5B37A27ECFF512D14BC177814101F49D12/0/34352e3232382e35322e302f32342d3234203d3e20323639383338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.228.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:80:68:71:50:d7:b9:12:c8:d1:6a:de:9d:c8:6f:7b:c4:e6:
         7a:67:c7:a6:b3:38:7b:aa:ca:7f:4b:b4:89:f1:38:ae:08:2a:
         d8:89:72:e6:72:e4:af:71:44:61:69:85:03:1b:72:4a:a6:a8:
         7a:f4:53:71:65:e6:32:e8:40:aa:72:97:e1:e4:24:c0:c1:f3:
         4c:aa:b8:c3:87:3d:1c:a3:53:0e:49:bf:58:d9:48:a5:35:37:
         f4:88:d5:4a:9a:7f:08:c1:b6:31:4d:27:7e:5c:3a:4b:94:8f:
         85:48:36:8e:fd:0d:05:b1:09:88:d4:b9:8a:1a:30:cd:12:5a:
         16:22:1a:c1:91:a2:3e:78:eb:2c:4b:0c:ae:8e:b7:f3:d6:af:
         9d:3a:ab:21:45:23:06:1c:93:e2:45:f3:dd:1c:da:77:75:00:
         aa:69:52:26:c5:40:9a:f9:71:28:e8:44:d1:e1:c6:0f:80:ed:
         74:fe:b6:c6:62:82:21:18:5a:91:96:54:6f:c9:5e:fe:74:16:
         d8:0a:bc:dc:5f:6c:7e:b1:6e:1e:7d:f4:ec:29:f6:9b:4b:fe:
         17:e2:aa:a4:2a:73:36:79:0b:9c:f2:aa:e1:82:e7:10:e5:73:
         36:b3:3e:e7:0b:58:23:62:7d:bf:ed:28:27:76:35:b5:ac:9e:
         0a:f3:e4:b5
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUEFoh5gsk2i4WP64HCLYlwPIX6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQThGMzQ4MzQyMjM2Q0VGMDg3NDg4M0U3NjczNTUxMzU0
NzA4RURERTAeFw0yNTAyMDQxOTU5MDVaFw0yNjAyMDMyMDA0MDVaMDMxMTAvBgNV
BAMTKDE1QTEzQUQ5NjhERDJGMTg4Q0M4NUREMzkwNjZCNTU0MTUxOUI3QzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaZy+zMuHDCukxat7LG147x+WU
yPdVhiTqxd3sntSuGfFlJtuEqO79yiuEYSgPrZoNIr35TLf0PVYa46CCPv7hfFcQ
cKe0NlnqilUvEDWqjx7oH+hJuDYYvBc//YrdB0Krc7i4g5RzDxa7aQFDDMt3mlTI
5lcwuwjXncTZHBwbUZTt+BTHS6zK8oFnZyFWVzHoWRttmTWyTNTKvlOArTlbkZtF
Zq7egvlDZl0n5KOAEC2tyBm3gHpUO39Pd2I9iRjQLS4e0acBy0zBAnPhPeYzvKer
RAJpbgYApOrA80rwBaTzUTK5Zb7aAYYR51bFoRDKZ50GtMSxnLyN/KklR+DzAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUFaE62WjdLxiMyF3TkGa1VBUZt8AwHwYDVR0j
BBgwFoAUqPNINCI2zvCHSIPnZzVRNUcI7d4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NDFBMUQ2QzU2RDlBMjQzMUVENjJEODc1MDQ2OUY1QjM3
QTI3RUNGRjUxMkQxNEJDMTc3ODE0MTAxRjQ5RDEyLzAvQThGMzQ4MzQyMjM2Q0VG
MDg3NDg4M0U3NjczNTUxMzU0NzA4RURERS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BOEYzNDgzNDIyMzZDRUYwODc0
ODgzRTc2NzM1NTEzNTQ3MDhFRERFLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODQxQTFENkM1NkQ5QTI0MzFFRDYyRDg3NTA0NjlGNUIzN0EyN0VDRkY1
MTJEMTRCQzE3NzgxNDEwMUY0OUQxMi8wLzM0MzUyZTMyMzIzODJlMzUzMjJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzOTM4MzMzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC3kNDAN
BgkqhkiG9w0BAQsFAAOCAQEAWIBocVDXuRLI0Wrenchve8TmemfHprM4e6rKf0u0
ifE4rggq2Ily5nLkr3FEYWmFAxtySqaoevRTcWXmMuhAqnKX4eQkwMHzTKq4w4c9
HKNTDkm/WNlIpTU39IjVSpp/CMG2MU0nflw6S5SPhUg2jv0NBbEJiNS5ihowzRJa
FiIawZGiPnjrLEsMro6389avnTqrIUUjBhyT4kXz3Rzad3UAqmlSJsVAmvlxKOhE
0eHGD4DtdP62xmKCIRhakZZUb8le/nQW2Aq83F9sfrFuHn307Cn2m0v+F+KqpCpz
NnkLnPKq4YLnEOVzNrM+5wtYI2J9v+0oJ3Y1tayeCvPktQ==
-----END CERTIFICATE-----