Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8ABDFF8AC1F52EB03F4F2120204D33DF0617CBD11AF7D961AECA6C66C7BDEE10/0/34352e3138362e32342e302f32322d3232203d3e20323639383134.roa
File:                     34352e3138362e32342e302f32322d3232203d3e20323639383134.roa (raw, json)
Hash identifier:          bxQV78C51Ig8B77GLLRHyAyrn+maap7wnsAXLlIj6p4=
Subject key identifier:   04:75:71:D3:AB:BB:A4:5F:B6:ED:E8:5D:43:3C:FD:9B:FD:7D:1A:8A
Certificate issuer:       /CN=8DA82200D0E6AB11C84BB7FA99D7B0530B02D3F7
Certificate serial:       469CBA97F4D95E5BDF56F9B3D731D9F5014A64ED
Authority key identifier: 8D:A8:22:00:D0:E6:AB:11:C8:4B:B7:FA:99:D7:B0:53:0B:02:D3:F7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8DA82200D0E6AB11C84BB7FA99D7B0530B02D3F7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8ABDFF8AC1F52EB03F4F2120204D33DF0617CBD11AF7D961AECA6C66C7BDEE10/0/34352e3138362e32342e302f32322d3232203d3e20323639383134.roa
Signing time:             Tue 04 Feb 2025 18:08:59 +0000
ROA not before:           Tue 04 Feb 2025 18:03:59 +0000
ROA not after:            Tue 03 Feb 2026 18:08:59 +0000
asID:                     269814
IP address blocks:        45.186.24.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:9c:ba:97:f4:d9:5e:5b:df:56:f9:b3:d7:31:d9:f5:01:4a:64:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8DA82200D0E6AB11C84BB7FA99D7B0530B02D3F7
        Validity
            Not Before: Feb  4 18:03:59 2025 GMT
            Not After : Feb  3 18:08:59 2026 GMT
        Subject: CN=047571D3ABBBA45FB6EDE85D433CFD9BFD7D1A8A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:4f:d1:98:a9:95:2d:55:7b:47:07:1f:2b:a5:
                    14:86:77:da:f1:16:e4:d9:55:1d:6e:a4:9c:6c:98:
                    44:78:90:df:71:b2:ca:51:5a:1b:71:c8:ba:b2:64:
                    98:c9:57:35:1c:b8:c8:27:32:76:0a:c1:05:e9:62:
                    1d:76:66:37:82:7e:b5:da:eb:a4:60:ce:7a:cf:cd:
                    89:73:11:c5:7b:c0:84:f0:0d:c7:d7:47:61:9e:17:
                    58:e6:d1:38:1d:c0:71:c7:7b:f8:2f:54:35:46:24:
                    17:e3:58:e0:9f:f8:3b:67:b6:45:c5:1f:77:98:69:
                    1b:44:45:4a:28:fc:af:96:fd:b8:75:9f:25:54:68:
                    f8:21:00:d2:87:b7:6a:f8:f5:93:22:94:7a:67:27:
                    97:0a:52:db:a8:e1:d5:c5:bc:0d:4b:11:48:f5:f5:
                    9d:72:c7:6b:ef:06:34:a2:7a:1a:cb:a8:aa:6e:f9:
                    f0:2e:42:6d:8d:90:3d:ad:ad:a1:3f:aa:85:95:87:
                    76:ef:76:94:e5:75:2b:e5:8a:86:df:90:6a:f1:0c:
                    dd:f0:32:88:d8:f5:4c:b1:a9:7f:fc:85:d7:84:e3:
                    df:07:5b:b2:6c:ec:83:f4:55:f8:80:8e:ac:e7:bc:
                    15:06:6c:26:72:97:ea:59:50:24:0e:52:50:e7:80:
                    91:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:75:71:D3:AB:BB:A4:5F:B6:ED:E8:5D:43:3C:FD:9B:FD:7D:1A:8A
            X509v3 Authority Key Identifier:
                keyid:8D:A8:22:00:D0:E6:AB:11:C8:4B:B7:FA:99:D7:B0:53:0B:02:D3:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8ABDFF8AC1F52EB03F4F2120204D33DF0617CBD11AF7D961AECA6C66C7BDEE10/0/8DA82200D0E6AB11C84BB7FA99D7B0530B02D3F7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8DA82200D0E6AB11C84BB7FA99D7B0530B02D3F7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8ABDFF8AC1F52EB03F4F2120204D33DF0617CBD11AF7D961AECA6C66C7BDEE10/0/34352e3138362e32342e302f32322d3232203d3e20323639383134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.186.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ab:68:06:47:57:80:cc:23:94:7f:7d:1c:2b:07:8a:a2:ee:7e:
         af:d7:96:57:81:07:1d:fb:67:cd:d1:f3:cc:8d:63:de:9c:57:
         30:9f:a3:18:4b:1f:f2:5f:fe:2d:d4:d7:d2:2b:39:d7:58:ad:
         ea:bd:77:c9:6a:f5:cd:90:2b:81:30:ca:70:9a:a6:87:e8:19:
         dc:45:cd:a6:ed:7f:6c:15:3b:88:8c:42:9c:39:ff:12:bb:a4:
         5f:b0:b2:64:1b:e5:6a:3d:18:35:18:dc:d4:e3:d8:5c:0e:c1:
         b5:2b:09:29:a4:8a:61:17:b9:37:38:d4:25:39:9b:45:b0:97:
         17:11:3e:4a:89:fb:ef:b7:65:36:26:9e:17:00:f6:08:19:62:
         82:b1:84:64:8f:8c:78:f4:d4:bd:6b:75:f1:85:1d:bb:cd:c7:
         24:4b:fd:53:58:98:da:e0:31:b7:0d:b2:77:5e:73:d1:58:c8:
         d3:8d:bb:3f:d3:42:ee:4f:25:63:e3:cd:20:5b:0c:b2:65:c4:
         13:a2:2f:8e:54:ca:f7:3a:c7:d6:31:6e:52:ec:7e:e6:d6:4c:
         35:6c:17:09:41:e0:9d:2d:b4:b0:5e:25:1a:87:24:89:2f:6b:
         69:fb:ed:e7:d9:b4:fb:ea:7a:8f:04:5c:be:cc:57:e6:0b:f5:
         46:cc:e9:67
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIURpy6l/TZXlvfVvmz1zHZ9QFKZO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOERBODIyMDBEMEU2QUIxMUM4NEJCN0ZBOTlEN0IwNTMw
QjAyRDNGNzAeFw0yNTAyMDQxODAzNTlaFw0yNjAyMDMxODA4NTlaMDMxMTAvBgNV
BAMTKDA0NzU3MUQzQUJCQkE0NUZCNkVERTg1RDQzM0NGRDlCRkQ3RDFBOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDT9GYqZUtVXtHBx8rpRSGd9rx
FuTZVR1upJxsmER4kN9xsspRWhtxyLqyZJjJVzUcuMgnMnYKwQXpYh12ZjeCfrXa
66RgznrPzYlzEcV7wITwDcfXR2GeF1jm0TgdwHHHe/gvVDVGJBfjWOCf+DtntkXF
H3eYaRtERUoo/K+W/bh1nyVUaPghANKHt2r49ZMilHpnJ5cKUtuo4dXFvA1LEUj1
9Z1yx2vvBjSiehrLqKpu+fAuQm2NkD2traE/qoWVh3bvdpTldSvliobfkGrxDN3w
MojY9UyxqX/8hdeE498HW7Js7IP0VfiAjqznvBUGbCZyl+pZUCQOUlDngJFrAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUBHVx06u7pF+27ehdQzz9m/19GoowHwYDVR0j
BBgwFoAUjagiANDmqxHIS7f6mdewUwsC0/cwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84QUJERkY4QUMxRjUyRUIwM0Y0RjIxMjAyMDREMzNERjA2
MTdDQkQxMUFGN0Q5NjFBRUNBNkM2NkM3QkRFRTEwLzAvOERBODIyMDBEMEU2QUIx
MUM4NEJCN0ZBOTlEN0IwNTMwQjAyRDNGNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84REE4MjIwMEQwRTZBQjExQzg0
QkI3RkE5OUQ3QjA1MzBCMDJEM0Y3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEFCREZGOEFDMUY1MkVCMDNGNEYyMTIwMjA0RDMzREYwNjE3Q0JEMTFB
RjdEOTYxQUVDQTZDNjZDN0JERUUxMC8wLzM0MzUyZTMxMzgzNjJlMzIzNDJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzYzOTM4MzEzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi26GDAN
BgkqhkiG9w0BAQsFAAOCAQEAq2gGR1eAzCOUf30cKweKou5+r9eWV4EHHftnzdHz
zI1j3pxXMJ+jGEsf8l/+LdTX0is511it6r13yWr1zZArgTDKcJqmh+gZ3EXNpu1/
bBU7iIxCnDn/ErukX7CyZBvlaj0YNRjc1OPYXA7BtSsJKaSKYRe5NzjUJTmbRbCX
FxE+Son777dlNiaeFwD2CBligrGEZI+MePTUvWt18YUdu83HJEv9U1iY2uAxtw2y
d15z0VjI0427P9NC7k8lY+PNIFsMsmXEE6IvjlTK9zrH1jFuUux+5tZMNWwXCUHg
nS20sF4lGockiS9rafvt59m0++p6jwRcvsxX5gv1RszpZw==
-----END CERTIFICATE-----