Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A115815F39AB3B661CE8D33DC635EC7326A4AD9FB203D8396D5666ED67BA6F76/0/34352e352e3136342e302f32322d3234203d3e20323635363936.roa
File:                     34352e352e3136342e302f32322d3234203d3e20323635363936.roa (raw, json)
Hash identifier:          Yz6/3Mc8arLnsFv0WYEgRYVh91y62LRkFt/TgY8mWew=
Subject key identifier:   C3:FD:90:77:46:F6:37:D9:86:A8:F2:55:78:61:BB:05:2E:50:F5:14
Certificate issuer:       /CN=1D745EBF35F5EB9C70C42D5392DC9776A7ED2FC2
Certificate serial:       079794E956DB071223F9B87F448D7173AC91DAF6
Authority key identifier: 1D:74:5E:BF:35:F5:EB:9C:70:C4:2D:53:92:DC:97:76:A7:ED:2F:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1D745EBF35F5EB9C70C42D5392DC9776A7ED2FC2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A115815F39AB3B661CE8D33DC635EC7326A4AD9FB203D8396D5666ED67BA6F76/0/34352e352e3136342e302f32322d3234203d3e20323635363936.roa
Signing time:             Tue 04 Feb 2025 18:48:37 +0000
ROA not before:           Tue 04 Feb 2025 18:43:37 +0000
ROA not after:            Tue 03 Feb 2026 18:48:37 +0000
asID:                     265696
IP address blocks:        45.5.164.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:97:94:e9:56:db:07:12:23:f9:b8:7f:44:8d:71:73:ac:91:da:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1D745EBF35F5EB9C70C42D5392DC9776A7ED2FC2
        Validity
            Not Before: Feb  4 18:43:37 2025 GMT
            Not After : Feb  3 18:48:37 2026 GMT
        Subject: CN=C3FD907746F637D986A8F2557861BB052E50F514
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:71:36:ca:ff:ba:5d:23:b2:d8:69:12:a7:c5:
                    1b:1d:38:30:25:1e:09:0f:12:04:d9:0b:1d:e7:37:
                    d5:4a:2e:75:b1:85:76:06:97:6c:9f:52:1f:70:3b:
                    79:e5:41:dc:bc:41:32:9f:b9:5f:5d:0e:7c:25:67:
                    77:33:2b:e4:f8:fe:5e:02:1b:03:74:0c:8d:1f:ee:
                    70:5c:eb:fa:42:45:ae:53:fe:e8:d5:14:f2:d7:cb:
                    53:02:24:4e:0f:de:03:39:e1:50:e3:d3:f3:05:28:
                    98:f7:20:d3:81:d5:0e:92:6d:b4:4c:6c:c3:b8:ca:
                    0d:b1:db:7e:aa:e9:1c:98:5c:0a:0a:ac:6d:d5:9c:
                    31:9d:90:42:11:0d:6b:18:b1:d8:e7:b9:1b:6a:af:
                    3b:00:25:2d:11:cc:5b:10:29:4f:62:8e:d6:b9:ab:
                    30:c4:f8:1c:c0:3c:f8:b2:05:6b:60:54:7b:05:be:
                    34:bd:56:61:f7:e2:e5:b2:15:26:7a:ae:9c:df:8f:
                    02:b7:1a:45:cd:a2:a4:85:99:cd:6c:bc:a8:c0:93:
                    19:4f:b5:14:8e:27:26:18:58:3d:a2:9d:1a:c9:69:
                    7c:7b:fa:fa:79:be:07:5c:b7:71:1f:66:f2:3d:c4:
                    ad:9b:78:70:4c:bc:0a:91:29:23:99:71:b5:31:11:
                    96:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:FD:90:77:46:F6:37:D9:86:A8:F2:55:78:61:BB:05:2E:50:F5:14
            X509v3 Authority Key Identifier:
                keyid:1D:74:5E:BF:35:F5:EB:9C:70:C4:2D:53:92:DC:97:76:A7:ED:2F:C2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A115815F39AB3B661CE8D33DC635EC7326A4AD9FB203D8396D5666ED67BA6F76/0/1D745EBF35F5EB9C70C42D5392DC9776A7ED2FC2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1D745EBF35F5EB9C70C42D5392DC9776A7ED2FC2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A115815F39AB3B661CE8D33DC635EC7326A4AD9FB203D8396D5666ED67BA6F76/0/34352e352e3136342e302f32322d3234203d3e20323635363936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.5.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:57:c2:3e:86:bd:64:02:bb:2b:a3:80:e8:85:6e:d5:f2:f8:
         d5:b6:51:8c:7f:dc:50:41:30:f3:88:74:37:55:71:0a:e3:96:
         43:1b:de:9b:4b:53:25:5f:5f:05:b9:8e:b3:fd:45:49:e2:53:
         c0:55:96:60:a0:25:f3:13:60:6d:15:ce:78:c9:af:5f:9d:a2:
         8b:85:b6:30:fb:98:97:f1:7e:13:8b:ea:d3:31:f3:ab:96:ed:
         71:1b:40:8f:5e:b1:33:bf:ab:b4:81:6f:b0:41:0f:64:85:79:
         d7:d4:47:17:54:81:13:20:f9:2a:10:c4:2f:55:cb:0a:7d:cd:
         d0:c1:45:8a:9c:e3:d5:be:a2:2c:b7:36:77:c6:ae:0b:4e:1a:
         46:57:50:5c:a0:d2:87:66:ee:fc:f9:61:81:56:24:27:a0:1e:
         e1:f8:8f:04:28:31:5e:0b:53:20:7f:86:22:2f:d5:2b:b2:35:
         0a:2f:c6:8f:43:44:df:7a:b1:a0:b2:db:7a:bd:f3:a5:c6:6a:
         6c:27:c5:95:9a:de:9c:9c:59:6c:27:dd:ae:32:5c:77:99:2d:
         1a:7a:9f:4e:64:90:ab:62:19:a5:27:fe:07:20:f4:a0:74:02:
         b2:e9:d7:53:6e:65:8c:ae:38:f1:7d:7d:c5:53:bb:00:31:ad:
         d0:8c:fe:a8
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUB5eU6VbbBxIj+bh/RI1xc6yR2vYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUQ3NDVFQkYzNUY1RUI5QzcwQzQyRDUzOTJEQzk3NzZB
N0VEMkZDMjAeFw0yNTAyMDQxODQzMzdaFw0yNjAyMDMxODQ4MzdaMDMxMTAvBgNV
BAMTKEMzRkQ5MDc3NDZGNjM3RDk4NkE4RjI1NTc4NjFCQjA1MkU1MEY1MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDucTbK/7pdI7LYaRKnxRsdODAl
HgkPEgTZCx3nN9VKLnWxhXYGl2yfUh9wO3nlQdy8QTKfuV9dDnwlZ3czK+T4/l4C
GwN0DI0f7nBc6/pCRa5T/ujVFPLXy1MCJE4P3gM54VDj0/MFKJj3INOB1Q6SbbRM
bMO4yg2x236q6RyYXAoKrG3VnDGdkEIRDWsYsdjnuRtqrzsAJS0RzFsQKU9ijta5
qzDE+BzAPPiyBWtgVHsFvjS9VmH34uWyFSZ6rpzfjwK3GkXNoqSFmc1svKjAkxlP
tRSOJyYYWD2inRrJaXx7+vp5vgdct3EfZvI9xK2beHBMvAqRKSOZcbUxEZa7AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUw/2Qd0b2N9mGqPJVeGG7BS5Q9RQwHwYDVR0j
BBgwFoAUHXRevzX165xwxC1TktyXdqftL8IwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMTE1ODE1RjM5QUIzQjY2MUNFOEQzM0RDNjM1RUM3MzI2
QTRBRDlGQjIwM0Q4Mzk2RDU2NjZFRDY3QkE2Rjc2LzAvMUQ3NDVFQkYzNUY1RUI5
QzcwQzQyRDUzOTJEQzk3NzZBN0VEMkZDMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRDc0NUVCRjM1RjVFQjlDNzBD
NDJENTM5MkRDOTc3NkE3RUQyRkMyLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTExNTgxNUYzOUFCM0I2NjFDRThEMzNEQzYzNUVDNzMyNkE0QUQ5RkIy
MDNEODM5NkQ1NjY2RUQ2N0JBNkY3Ni8wLzM0MzUyZTM1MmUzMTM2MzQyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMjM2MzUzNjM5MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItBaQwDQYJ
KoZIhvcNAQELBQADggEBADhXwj6GvWQCuyujgOiFbtXy+NW2UYx/3FBBMPOIdDdV
cQrjlkMb3ptLUyVfXwW5jrP9RUniU8BVlmCgJfMTYG0VznjJr1+doouFtjD7mJfx
fhOL6tMx86uW7XEbQI9esTO/q7SBb7BBD2SFedfURxdUgRMg+SoQxC9Vywp9zdDB
RYqc49W+oiy3NnfGrgtOGkZXUFyg0odm7vz5YYFWJCegHuH4jwQoMV4LUyB/hiIv
1SuyNQovxo9DRN96saCy23q986XGamwnxZWa3pycWWwn3a4yXHeZLRp6n05kkKti
GaUn/gcg9KB0ArLp11NuZYyuOPF9fcVTuwAxrdCM/qg=
-----END CERTIFICATE-----