Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9521C15C14E4C63699B162B64E86E4BCD170221FF13F62A5D6D1B4DBB78408C2/0/34352e3139312e3139352e302f32342d3234203d3e20323639393333.roa
File:                     34352e3139312e3139352e302f32342d3234203d3e20323639393333.roa (raw, json)
Hash identifier:          2JnT8LngpPtGR3HlKUCN52wxvco9mE6ll2JYf4Ka/Yk=
Subject key identifier:   58:FC:C6:C7:05:2C:F0:E9:90:57:F8:E0:30:83:AB:27:37:E1:3B:EC
Certificate issuer:       /CN=889D0E05D0237E6BC68731B7798A1D62FA3AE791
Certificate serial:       28996A815C47E374B3E8FD0359C816D9E4475F05
Authority key identifier: 88:9D:0E:05:D0:23:7E:6B:C6:87:31:B7:79:8A:1D:62:FA:3A:E7:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/889D0E05D0237E6BC68731B7798A1D62FA3AE791.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9521C15C14E4C63699B162B64E86E4BCD170221FF13F62A5D6D1B4DBB78408C2/0/34352e3139312e3139352e302f32342d3234203d3e20323639393333.roa
Signing time:             Tue 04 Feb 2025 20:08:14 +0000
ROA not before:           Tue 04 Feb 2025 20:03:14 +0000
ROA not after:            Tue 03 Feb 2026 20:08:14 +0000
asID:                     269933
IP address blocks:        45.191.195.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:99:6a:81:5c:47:e3:74:b3:e8:fd:03:59:c8:16:d9:e4:47:5f:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=889D0E05D0237E6BC68731B7798A1D62FA3AE791
        Validity
            Not Before: Feb  4 20:03:14 2025 GMT
            Not After : Feb  3 20:08:14 2026 GMT
        Subject: CN=58FCC6C7052CF0E99057F8E03083AB2737E13BEC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:0f:f7:2d:42:d2:fe:4c:16:6c:6d:72:32:c9:
                    59:27:bd:3f:ba:27:d2:ff:67:f2:5d:af:06:f5:3c:
                    9a:fe:4b:05:ac:34:52:62:bc:2a:3e:63:29:45:ae:
                    9a:9c:18:0a:56:2e:9c:8c:34:87:65:ce:2d:8d:c3:
                    72:8a:93:54:d3:05:0a:a0:1d:5d:ea:bf:2f:3c:b9:
                    48:b7:4b:db:82:98:47:30:70:72:12:b9:a7:33:eb:
                    c4:d4:fe:8c:68:70:72:e2:c0:ed:a6:c0:68:1a:c3:
                    9d:90:27:f6:fb:4b:17:11:4d:0b:59:0b:0b:49:98:
                    a9:51:18:7c:86:45:48:58:8c:b6:2f:b2:a9:dd:d9:
                    73:71:d1:c7:72:e8:f4:92:3f:e0:c3:07:31:36:c3:
                    ee:6d:d3:ab:10:28:9d:37:8d:66:07:a1:c2:95:87:
                    27:c7:08:0b:53:8c:08:d7:16:4f:0d:11:17:af:b8:
                    df:43:c3:5c:46:34:4f:d5:ed:01:ae:2f:52:1d:60:
                    5d:02:fe:a0:bf:dd:c9:b0:86:60:c1:5d:c1:e9:d0:
                    b8:42:52:f1:85:5c:18:d9:87:fc:8d:f5:c1:39:04:
                    ff:c3:ed:00:8b:0e:87:b0:2a:b8:bf:25:93:ea:e9:
                    ef:e7:2c:f6:c3:05:81:30:50:06:29:a0:ab:c3:db:
                    32:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:FC:C6:C7:05:2C:F0:E9:90:57:F8:E0:30:83:AB:27:37:E1:3B:EC
            X509v3 Authority Key Identifier:
                keyid:88:9D:0E:05:D0:23:7E:6B:C6:87:31:B7:79:8A:1D:62:FA:3A:E7:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9521C15C14E4C63699B162B64E86E4BCD170221FF13F62A5D6D1B4DBB78408C2/0/889D0E05D0237E6BC68731B7798A1D62FA3AE791.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/889D0E05D0237E6BC68731B7798A1D62FA3AE791.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9521C15C14E4C63699B162B64E86E4BCD170221FF13F62A5D6D1B4DBB78408C2/0/34352e3139312e3139352e302f32342d3234203d3e20323639393333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.191.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:ec:ca:53:7a:8a:96:7b:17:5b:8c:5d:39:9d:f9:46:c4:f1:
         7c:86:46:01:cb:6b:0c:42:d6:5b:59:e3:54:01:9e:1c:dd:ea:
         ec:d6:72:f5:1d:77:35:cd:63:eb:45:20:84:4d:48:f9:f7:b2:
         16:d4:05:e3:e8:fa:7b:cc:f4:f6:ae:ee:9e:bb:28:04:a6:02:
         96:50:3d:4e:fd:9e:2e:33:e6:0c:d8:06:72:d2:4c:38:69:ac:
         3c:5c:68:b7:42:02:cb:fa:d7:50:06:be:3f:4c:36:da:b5:85:
         73:76:34:f9:bf:4b:18:9a:b7:45:20:05:a5:b3:09:1d:c9:14:
         b0:b8:53:a1:56:92:00:aa:89:e6:79:aa:41:a6:08:59:86:b7:
         9c:44:dc:0f:85:42:9c:56:c3:89:b5:a6:4a:14:39:df:7d:bf:
         83:07:70:6b:9c:04:b1:ee:f9:e4:c7:e3:e9:fc:62:62:39:ee:
         2f:7f:8a:60:5c:23:81:54:b5:a9:d3:24:79:3a:e4:5f:7e:19:
         da:88:c8:8f:3e:8c:23:fa:84:f3:c5:86:f3:06:47:1a:de:99:
         c5:7a:00:35:0d:9e:41:1a:3f:30:7b:8b:f6:ba:70:04:11:b2:
         c6:0d:14:dd:77:82:b1:f3:3e:75:77:5a:0d:07:3c:c4:d9:08:
         b7:d0:df:b7
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUKJlqgVxH43Sz6P0DWcgW2eRHXwUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODg5RDBFMDVEMDIzN0U2QkM2ODczMUI3Nzk4QTFENjJG
QTNBRTc5MTAeFw0yNTAyMDQyMDAzMTRaFw0yNjAyMDMyMDA4MTRaMDMxMTAvBgNV
BAMTKDU4RkNDNkM3MDUyQ0YwRTk5MDU3RjhFMDMwODNBQjI3MzdFMTNCRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVD/ctQtL+TBZsbXIyyVknvT+6
J9L/Z/Jdrwb1PJr+SwWsNFJivCo+YylFrpqcGApWLpyMNIdlzi2Nw3KKk1TTBQqg
HV3qvy88uUi3S9uCmEcwcHISuacz68TU/oxocHLiwO2mwGgaw52QJ/b7SxcRTQtZ
CwtJmKlRGHyGRUhYjLYvsqnd2XNx0cdy6PSSP+DDBzE2w+5t06sQKJ03jWYHocKV
hyfHCAtTjAjXFk8NERevuN9Dw1xGNE/V7QGuL1IdYF0C/qC/3cmwhmDBXcHp0LhC
UvGFXBjZh/yN9cE5BP/D7QCLDoewKri/JZPq6e/nLPbDBYEwUAYpoKvD2zIPAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUWPzGxwUs8OmQV/jgMIOrJzfhO+wwHwYDVR0j
BBgwFoAUiJ0OBdAjfmvGhzG3eYodYvo655EwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85NTIxQzE1QzE0RTRDNjM2OTlCMTYyQjY0RTg2RTRCQ0Qx
NzAyMjFGRjEzRjYyQTVENkQxQjREQkI3ODQwOEMyLzAvODg5RDBFMDVEMDIzN0U2
QkM2ODczMUI3Nzk4QTFENjJGQTNBRTc5MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84ODlEMEUwNUQwMjM3RTZCQzY4
NzMxQjc3OThBMUQ2MkZBM0FFNzkxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTUyMUMxNUMxNEU0QzYzNjk5QjE2MkI2NEU4NkU0QkNEMTcwMjIxRkYx
M0Y2MkE1RDZEMUI0REJCNzg0MDhDMi8wLzM0MzUyZTMxMzkzMTJlMzEzOTM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM5MzkzMzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALb/D
MA0GCSqGSIb3DQEBCwUAA4IBAQAN7MpTeoqWexdbjF05nflGxPF8hkYBy2sMQtZb
WeNUAZ4c3ers1nL1HXc1zWPrRSCETUj597IW1AXj6Pp7zPT2ru6euygEpgKWUD1O
/Z4uM+YM2AZy0kw4aaw8XGi3QgLL+tdQBr4/TDbatYVzdjT5v0sYmrdFIAWlswkd
yRSwuFOhVpIAqonmeapBpghZhrecRNwPhUKcVsOJtaZKFDnffb+DB3BrnASx7vnk
x+Pp/GJiOe4vf4pgXCOBVLWp0yR5OuRffhnaiMiPPowj+oTzxYbzBkca3pnFegA1
DZ5BGj8we4v2unAEEbLGDRTdd4Kx8z51d1oNBzzE2Qi30N+3
-----END CERTIFICATE-----