Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/907D6F0A1C369D4C316005D40D6E3525F7340818EAA9C54D4D044983A856EC1C/0/34352e3137312e36342e302f32322d3234203d3e203232383639.roa
File:                     34352e3137312e36342e302f32322d3234203d3e203232383639.roa (raw, json)
Hash identifier:          OFT4ivmGcKx7NCuZOz0UiXWjCCiRsIdquQl1wknkgZE=
Subject key identifier:   30:BD:CE:D4:D6:A0:3C:41:69:D5:D1:77:3D:3B:33:92:CA:23:F6:D7
Certificate issuer:       /CN=A13EC63C03A8AF9A0F734B23F295EB410E196959
Certificate serial:       6540D81BC45830004988EC501772366609C8C823
Authority key identifier: A1:3E:C6:3C:03:A8:AF:9A:0F:73:4B:23:F2:95:EB:41:0E:19:69:59
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A13EC63C03A8AF9A0F734B23F295EB410E196959.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/907D6F0A1C369D4C316005D40D6E3525F7340818EAA9C54D4D044983A856EC1C/0/34352e3137312e36342e302f32322d3234203d3e203232383639.roa
Signing time:             Tue 04 Feb 2025 18:17:05 +0000
ROA not before:           Tue 04 Feb 2025 18:12:05 +0000
ROA not after:            Tue 03 Feb 2026 18:17:05 +0000
asID:                     22869
IP address blocks:        45.171.64.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:40:d8:1b:c4:58:30:00:49:88:ec:50:17:72:36:66:09:c8:c8:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A13EC63C03A8AF9A0F734B23F295EB410E196959
        Validity
            Not Before: Feb  4 18:12:05 2025 GMT
            Not After : Feb  3 18:17:05 2026 GMT
        Subject: CN=30BDCED4D6A03C4169D5D1773D3B3392CA23F6D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a3:bb:06:08:99:82:5d:9d:b2:8d:9a:7d:b0:
                    9a:50:eb:96:e4:86:84:62:f8:c6:9f:b0:c0:70:bb:
                    36:d4:b7:0f:59:26:6e:e8:8d:6f:8a:c4:7c:9e:5d:
                    de:05:20:cb:7a:de:49:81:ff:9e:3e:57:c7:a8:5a:
                    34:ad:97:31:72:6d:ee:01:35:17:24:4c:2e:17:93:
                    4f:bc:d1:23:77:18:69:25:4f:4c:e8:c6:9c:6a:d7:
                    92:4e:76:f1:e7:2d:01:d2:a6:ae:68:66:3e:58:77:
                    c8:69:64:84:e5:43:ec:d1:0c:e1:2e:5e:e6:bd:52:
                    6a:98:77:e3:1f:3d:3f:bf:a3:77:9a:86:ce:8e:ae:
                    35:72:c8:ff:1d:45:f2:90:64:af:32:dd:46:09:72:
                    11:79:84:fd:ee:e6:9a:85:63:0d:d3:77:1c:28:25:
                    7e:bc:47:b4:8b:3e:72:c5:b3:4f:2a:93:29:7f:53:
                    d5:2c:51:39:6f:84:ca:99:19:ec:a4:9f:c3:65:87:
                    6f:f3:5e:60:94:e6:ba:f1:53:08:c8:97:90:af:a0:
                    b9:2a:d4:6f:f5:7a:02:bb:8d:7f:e0:17:77:f3:98:
                    8e:17:1e:60:a0:d5:5b:9f:ee:60:21:16:11:46:58:
                    d5:2a:ed:11:a3:1f:4e:5a:f6:d0:83:93:98:89:74:
                    93:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:BD:CE:D4:D6:A0:3C:41:69:D5:D1:77:3D:3B:33:92:CA:23:F6:D7
            X509v3 Authority Key Identifier:
                keyid:A1:3E:C6:3C:03:A8:AF:9A:0F:73:4B:23:F2:95:EB:41:0E:19:69:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/907D6F0A1C369D4C316005D40D6E3525F7340818EAA9C54D4D044983A856EC1C/0/A13EC63C03A8AF9A0F734B23F295EB410E196959.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A13EC63C03A8AF9A0F734B23F295EB410E196959.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/907D6F0A1C369D4C316005D40D6E3525F7340818EAA9C54D4D044983A856EC1C/0/34352e3137312e36342e302f32322d3234203d3e203232383639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.171.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:98:5f:d6:6e:97:f9:b8:4f:5a:fa:55:57:18:8b:cc:cb:d6:
         63:92:6e:44:2c:02:03:74:15:e2:12:03:e7:2d:67:f4:5e:85:
         27:7a:a6:91:bb:64:2d:a7:dd:21:d3:7b:58:50:b2:66:ea:0f:
         f0:59:36:c7:20:7c:2f:2a:ed:61:57:6a:94:b7:8b:2a:d9:13:
         5c:9e:26:c2:6f:5e:87:c5:eb:bc:e3:0b:da:4a:ea:b0:6b:e4:
         13:82:cd:19:3b:81:f8:d3:6d:1f:7c:19:17:0b:a5:d5:8d:d7:
         58:95:63:94:83:33:8e:b9:89:f2:30:4b:8b:a5:fd:8c:b7:2f:
         8d:16:88:38:32:bf:8d:c8:71:37:4d:16:a1:0e:bd:cc:8a:71:
         08:cf:72:d6:b0:eb:dc:fc:ad:1c:de:47:e2:bc:ed:ae:98:a6:
         2e:1b:10:37:2c:8d:93:d6:37:ae:38:02:64:4e:d9:1a:87:7a:
         9e:d7:44:0c:0d:8e:d3:c6:2b:a1:4c:ae:f7:13:36:e9:8f:6d:
         ad:60:44:46:d8:ed:75:58:26:c4:2a:c9:8e:c1:aa:6c:cb:b6:
         1a:d4:5f:09:e8:74:8a:e9:a3:f0:65:79:08:26:92:03:e7:9a:
         09:cb:74:51:6f:7e:4f:6a:d7:39:ba:ef:9a:20:70:f7:c8:98:
         0f:df:fa:95
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUZUDYG8RYMABJiOxQF3I2ZgnIyCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTEzRUM2M0MwM0E4QUY5QTBGNzM0QjIzRjI5NUVCNDEw
RTE5Njk1OTAeFw0yNTAyMDQxODEyMDVaFw0yNjAyMDMxODE3MDVaMDMxMTAvBgNV
BAMTKDMwQkRDRUQ0RDZBMDNDNDE2OUQ1RDE3NzNEM0IzMzkyQ0EyM0Y2RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqo7sGCJmCXZ2yjZp9sJpQ65bk
hoRi+MafsMBwuzbUtw9ZJm7ojW+KxHyeXd4FIMt63kmB/54+V8eoWjStlzFybe4B
NRckTC4Xk0+80SN3GGklT0zoxpxq15JOdvHnLQHSpq5oZj5Yd8hpZITlQ+zRDOEu
Xua9UmqYd+MfPT+/o3eahs6OrjVyyP8dRfKQZK8y3UYJchF5hP3u5pqFYw3Tdxwo
JX68R7SLPnLFs08qkyl/U9UsUTlvhMqZGeykn8Nlh2/zXmCU5rrxUwjIl5CvoLkq
1G/1egK7jX/gF3fzmI4XHmCg1Vuf7mAhFhFGWNUq7RGjH05a9tCDk5iJdJOfAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUML3O1NagPEFp1dF3PTszksoj9tcwHwYDVR0j
BBgwFoAUoT7GPAOor5oPc0sj8pXrQQ4ZaVkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85MDdENkYwQTFDMzY5RDRDMzE2MDA1RDQwRDZFMzUyNUY3
MzQwODE4RUFBOUM1NEQ0RDA0NDk4M0E4NTZFQzFDLzAvQTEzRUM2M0MwM0E4QUY5
QTBGNzM0QjIzRjI5NUVCNDEwRTE5Njk1OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMTNFQzYzQzAzQThBRjlBMEY3
MzRCMjNGMjk1RUI0MTBFMTk2OTU5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTA3RDZGMEExQzM2OUQ0QzMxNjAwNUQ0MEQ2RTM1MjVGNzM0MDgxOEVB
QTlDNTRENEQwNDQ5ODNBODU2RUMxQy8wLzM0MzUyZTMxMzczMTJlMzYzNDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzIzODM2Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItq0AwDQYJ
KoZIhvcNAQELBQADggEBACeYX9Zul/m4T1r6VVcYi8zL1mOSbkQsAgN0FeISA+ct
Z/RehSd6ppG7ZC2n3SHTe1hQsmbqD/BZNscgfC8q7WFXapS3iyrZE1yeJsJvXofF
67zjC9pK6rBr5BOCzRk7gfjTbR98GRcLpdWN11iVY5SDM465ifIwS4ul/Yy3L40W
iDgyv43IcTdNFqEOvcyKcQjPctaw69z8rRzeR+K87a6Ypi4bEDcsjZPWN644AmRO
2RqHep7XRAwNjtPGK6FMrvcTNumPba1gREbY7XVYJsQqyY7BqmzLthrUXwnodIrp
o/BleQgmkgPnmgnLdFFvfk9q1zm675ogcPfImA/f+pU=
-----END CERTIFICATE-----