Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9B4C5EFFD8363B67E9463A586F0FC4ABD4945615AC31DA8D3B065447527EA06B/0/34352e37312e31362e302f32322d3232203d3e20323635383237.roa
File:                     34352e37312e31362e302f32322d3232203d3e20323635383237.roa (raw, json)
Hash identifier:          xlUXainQpDp26xCPQT8TOTeLmVtKklXnx60gtvzntjQ=
Subject key identifier:   51:49:2C:72:E9:6D:81:9B:6A:3B:7B:D7:AF:FF:C8:70:DB:50:16:A6
Certificate issuer:       /CN=6573871E9B3F666876C77FFBBF374043AB7939BA
Certificate serial:       347D6FDB233D4896604743200778AB8E881504DF
Authority key identifier: 65:73:87:1E:9B:3F:66:68:76:C7:7F:FB:BF:37:40:43:AB:79:39:BA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6573871E9B3F666876C77FFBBF374043AB7939BA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9B4C5EFFD8363B67E9463A586F0FC4ABD4945615AC31DA8D3B065447527EA06B/0/34352e37312e31362e302f32322d3232203d3e20323635383237.roa
Signing time:             Tue 04 Feb 2025 18:15:58 +0000
ROA not before:           Tue 04 Feb 2025 18:10:58 +0000
ROA not after:            Tue 03 Feb 2026 18:15:58 +0000
asID:                     265827
IP address blocks:        45.71.16.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:7d:6f:db:23:3d:48:96:60:47:43:20:07:78:ab:8e:88:15:04:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6573871E9B3F666876C77FFBBF374043AB7939BA
        Validity
            Not Before: Feb  4 18:10:58 2025 GMT
            Not After : Feb  3 18:15:58 2026 GMT
        Subject: CN=51492C72E96D819B6A3B7BD7AFFFC870DB5016A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:54:7d:95:ab:cb:45:40:45:13:3b:d9:21:90:
                    25:06:42:26:26:65:0b:1a:dc:1a:4a:dd:17:ae:06:
                    50:a3:a2:12:9a:9d:61:24:23:63:38:79:e0:b8:18:
                    6c:3c:10:4e:98:0f:4b:97:46:ed:92:21:54:26:cb:
                    b5:3d:53:16:78:52:e7:3a:1e:49:10:ef:3c:ba:78:
                    99:98:8b:12:64:d7:df:27:ac:6e:fc:bb:0c:95:66:
                    63:c6:b1:94:e2:98:21:74:58:06:16:43:eb:49:b8:
                    36:3f:7b:e9:97:59:11:bf:41:45:c1:e0:23:01:2c:
                    cd:a5:15:10:b4:21:8b:4a:d8:d2:04:d5:1a:cd:bb:
                    f7:55:44:e4:ca:15:7a:0f:8e:e9:2d:7a:0b:11:e3:
                    6a:ac:40:26:12:66:d3:e4:19:c0:54:c6:7e:32:e2:
                    9d:59:fa:ab:72:a8:33:0f:75:81:88:69:90:1a:b1:
                    2b:19:ed:ec:12:ce:58:0d:1d:0d:b1:ae:75:ac:51:
                    df:c5:ca:32:56:80:a7:35:0e:a4:2d:16:f5:99:d3:
                    a1:fb:04:2c:9d:c3:5d:58:83:26:0a:1e:65:c1:d4:
                    bc:7d:44:54:8a:81:58:e0:29:77:4d:61:9d:68:b9:
                    72:0d:ba:ba:0a:bf:2c:2f:85:9c:06:e0:de:8e:d5:
                    55:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:49:2C:72:E9:6D:81:9B:6A:3B:7B:D7:AF:FF:C8:70:DB:50:16:A6
            X509v3 Authority Key Identifier:
                keyid:65:73:87:1E:9B:3F:66:68:76:C7:7F:FB:BF:37:40:43:AB:79:39:BA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9B4C5EFFD8363B67E9463A586F0FC4ABD4945615AC31DA8D3B065447527EA06B/0/6573871E9B3F666876C77FFBBF374043AB7939BA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6573871E9B3F666876C77FFBBF374043AB7939BA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9B4C5EFFD8363B67E9463A586F0FC4ABD4945615AC31DA8D3B065447527EA06B/0/34352e37312e31362e302f32322d3232203d3e20323635383237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.71.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:b4:67:25:1f:07:b0:4d:2a:4d:8e:4f:bd:d7:9b:f4:4b:3e:
         9b:17:db:a0:b5:76:07:83:09:e7:02:30:74:05:ef:f6:15:17:
         33:be:e4:c4:ae:1c:9f:a4:10:51:ab:6a:a3:6b:1c:47:ec:dc:
         ac:09:1c:cc:91:6d:bd:51:57:de:1f:97:49:63:69:a4:63:49:
         6d:c2:4d:66:5e:af:a8:08:b5:70:43:88:84:98:32:8d:44:d6:
         66:e9:d1:e9:f7:c7:ee:93:ea:e7:f0:dd:61:72:d1:2d:2d:d1:
         ca:89:3f:6b:ac:73:fc:89:39:11:74:bb:f0:56:25:0c:ce:92:
         88:68:a6:3a:aa:a7:81:7e:44:90:49:c3:bd:55:eb:88:44:e3:
         6e:73:ef:8e:35:77:de:bb:90:3a:5a:42:11:b1:47:29:30:d2:
         aa:19:75:36:76:03:be:41:84:b6:0e:4c:73:c7:d7:89:75:44:
         cf:37:fc:f9:6b:a4:6e:cf:25:e5:53:0a:95:ce:b6:70:f9:fe:
         ab:dc:87:3c:18:13:af:44:aa:e7:4b:8d:cd:b3:e9:c0:9b:12:
         dd:93:b9:be:43:f3:2a:bd:43:73:83:f0:3c:ed:6b:b1:ff:37:
         ca:92:2b:70:e7:27:cf:05:3d:e7:4b:2d:fa:5f:36:35:dd:dd:
         b1:01:5f:5a
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUNH1v2yM9SJZgR0MgB3irjogVBN8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjU3Mzg3MUU5QjNGNjY2ODc2Qzc3RkZCQkYzNzQwNDNB
Qjc5MzlCQTAeFw0yNTAyMDQxODEwNThaFw0yNjAyMDMxODE1NThaMDMxMTAvBgNV
BAMTKDUxNDkyQzcyRTk2RDgxOUI2QTNCN0JEN0FGRkZDODcwREI1MDE2QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhVH2Vq8tFQEUTO9khkCUGQiYm
ZQsa3BpK3ReuBlCjohKanWEkI2M4eeC4GGw8EE6YD0uXRu2SIVQmy7U9UxZ4Uuc6
HkkQ7zy6eJmYixJk198nrG78uwyVZmPGsZTimCF0WAYWQ+tJuDY/e+mXWRG/QUXB
4CMBLM2lFRC0IYtK2NIE1RrNu/dVROTKFXoPjuktegsR42qsQCYSZtPkGcBUxn4y
4p1Z+qtyqDMPdYGIaZAasSsZ7ewSzlgNHQ2xrnWsUd/FyjJWgKc1DqQtFvWZ06H7
BCydw11YgyYKHmXB1Lx9RFSKgVjgKXdNYZ1ouXINuroKvywvhZwG4N6O1VVBAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUUUkscultgZtqO3vXr//IcNtQFqYwHwYDVR0j
BBgwFoAUZXOHHps/Zmh2x3/7vzdAQ6t5ObowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85QjRDNUVGRkQ4MzYzQjY3RTk0NjNBNTg2RjBGQzRBQkQ0
OTQ1NjE1QUMzMURBOEQzQjA2NTQ0NzUyN0VBMDZCLzAvNjU3Mzg3MUU5QjNGNjY2
ODc2Qzc3RkZCQkYzNzQwNDNBQjc5MzlCQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NTczODcxRTlCM0Y2NjY4NzZD
NzdGRkJCRjM3NDA0M0FCNzkzOUJBLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOUI0QzVFRkZEODM2M0I2N0U5NDYzQTU4NkYwRkM0QUJENDk0NTYxNUFD
MzFEQThEM0IwNjU0NDc1MjdFQTA2Qi8wLzM0MzUyZTM3MzEyZTMxMzYyZTMwMmYz
MjMyMmQzMjMyMjAzZDNlMjAzMjM2MzUzODMyMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItRxAwDQYJ
KoZIhvcNAQELBQADggEBADq0ZyUfB7BNKk2OT73Xm/RLPpsX26C1dgeDCecCMHQF
7/YVFzO+5MSuHJ+kEFGraqNrHEfs3KwJHMyRbb1RV94fl0ljaaRjSW3CTWZer6gI
tXBDiISYMo1E1mbp0en3x+6T6ufw3WFy0S0t0cqJP2usc/yJORF0u/BWJQzOkoho
pjqqp4F+RJBJw71V64hE425z7441d967kDpaQhGxRykw0qoZdTZ2A75BhLYOTHPH
14l1RM83/PlrpG7PJeVTCpXOtnD5/qvchzwYE69EqudLjc2z6cCbEt2Tub5D8yq9
Q3OD8Dzta7H/N8qSK3DnJ88FPedLLfpfNjXd3bEBX1o=
-----END CERTIFICATE-----