Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/3230312e3231372e35322e302f32332d3234203d3e203237373638.roa
File:                     3230312e3231372e35322e302f32332d3234203d3e203237373638.roa (raw, json)
Hash identifier:          7Fjtg+ZRKLE1BdhggwY0nfUrcwCqO7cEpyxKGyEmGt8=
Subject key identifier:   44:8C:39:91:4A:92:1D:6D:73:C9:8A:63:1A:91:03:F8:8F:9F:D2:DB
Certificate issuer:       /CN=EC2EAE5BF883D3DFD8B270D082FF89DD81090C53
Certificate serial:       419E632AF1685ED974B5E2A8330D7FBD9FEFADCB
Authority key identifier: EC:2E:AE:5B:F8:83:D3:DF:D8:B2:70:D0:82:FF:89:DD:81:09:0C:53
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC2EAE5BF883D3DFD8B270D082FF89DD81090C53.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/3230312e3231372e35322e302f32332d3234203d3e203237373638.roa
Signing time:             Tue 04 Feb 2025 18:31:18 +0000
ROA not before:           Tue 04 Feb 2025 18:26:18 +0000
ROA not after:            Tue 03 Feb 2026 18:31:18 +0000
asID:                     27768
IP address blocks:        201.217.52.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:9e:63:2a:f1:68:5e:d9:74:b5:e2:a8:33:0d:7f:bd:9f:ef:ad:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EC2EAE5BF883D3DFD8B270D082FF89DD81090C53
        Validity
            Not Before: Feb  4 18:26:18 2025 GMT
            Not After : Feb  3 18:31:18 2026 GMT
        Subject: CN=448C39914A921D6D73C98A631A9103F88F9FD2DB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:cf:59:5f:03:21:d1:8a:98:5b:b1:cd:1c:f1:
                    95:c4:89:5e:18:f7:59:36:33:63:c8:83:8e:8b:e9:
                    b9:5c:99:10:5d:36:27:10:27:87:ad:53:86:d0:87:
                    9f:67:1c:49:1e:94:ec:a1:8b:b6:73:72:cb:ab:e8:
                    a6:9c:b6:83:e0:67:22:74:78:f8:a0:d2:e7:49:97:
                    04:6a:72:85:92:48:c4:e1:d8:11:17:8c:3a:10:39:
                    bb:f9:e0:4c:32:a7:85:75:71:30:1c:d7:46:b0:9d:
                    e8:b2:ff:6f:d9:e0:f6:53:44:41:e9:f5:0f:d0:82:
                    86:d7:b2:c4:32:f8:de:f2:87:31:60:dc:06:63:a5:
                    47:4d:02:3e:90:43:5c:0b:98:f6:3f:56:fe:ac:13:
                    11:99:b7:7a:0d:73:28:14:d1:ff:52:be:31:e8:a9:
                    1e:8e:b0:c5:63:95:77:04:4c:9e:ee:33:da:f9:8b:
                    30:f7:99:95:7e:53:ea:b5:26:46:38:46:45:f4:68:
                    1c:1c:bb:56:fd:49:5f:7a:0d:4e:53:00:c0:01:1f:
                    68:f8:36:fd:bf:7b:39:57:d6:0d:16:8c:71:ff:cb:
                    d1:13:3b:5a:a0:6b:99:57:28:2e:6f:ba:b1:8c:a4:
                    aa:1c:d2:00:8a:7c:35:e5:65:ab:80:0d:2f:8d:27:
                    70:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:8C:39:91:4A:92:1D:6D:73:C9:8A:63:1A:91:03:F8:8F:9F:D2:DB
            X509v3 Authority Key Identifier:
                keyid:EC:2E:AE:5B:F8:83:D3:DF:D8:B2:70:D0:82:FF:89:DD:81:09:0C:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/EC2EAE5BF883D3DFD8B270D082FF89DD81090C53.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC2EAE5BF883D3DFD8B270D082FF89DD81090C53.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/3230312e3231372e35322e302f32332d3234203d3e203237373638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.217.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:a0:69:50:88:1b:c0:f3:21:10:4c:f6:48:33:3e:79:68:a9:
         f0:e8:d9:7c:e8:3c:ef:dc:c8:9c:ed:df:df:2b:74:45:84:b5:
         12:86:18:64:03:24:96:d2:8b:47:8c:00:91:0b:5c:80:78:77:
         ea:fa:13:08:c2:ce:73:2b:f8:5e:53:86:36:88:28:18:78:b2:
         b2:91:cb:33:ec:f0:af:c3:9e:b9:2c:48:d8:cb:ee:a1:1c:f9:
         ac:ce:c6:98:e7:53:bd:61:84:cd:7b:97:78:23:40:53:f7:bd:
         d8:9d:3b:75:12:bb:c1:b3:fa:fc:b0:87:4c:84:e8:a2:eb:dc:
         f5:4a:4c:c6:00:9d:c8:cc:fa:cb:6f:ff:2c:ae:c1:9a:eb:49:
         35:9f:47:04:18:26:f4:f5:a0:25:e3:86:47:83:49:06:d0:a6:
         2b:86:e4:cf:fb:3c:c2:9b:13:98:46:7c:4a:d3:ff:8d:77:2b:
         27:4e:0a:1d:a8:24:06:52:3c:09:25:7d:24:a2:36:05:b9:9c:
         7a:09:2c:3f:9b:96:ee:bf:5f:1d:2e:c8:bb:3d:12:52:5a:93:
         c2:a9:76:98:f6:e4:59:97:9e:db:4a:17:71:5a:50:a7:ca:26:
         47:4d:b9:0d:65:40:f0:43:fc:53:ef:2c:6a:1c:17:f7:7c:f9:
         18:7d:45:74
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUQZ5jKvFoXtl0teKoMw1/vZ/vrcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUMyRUFFNUJGODgzRDNERkQ4QjI3MEQwODJGRjg5REQ4
MTA5MEM1MzAeFw0yNTAyMDQxODI2MThaFw0yNjAyMDMxODMxMThaMDMxMTAvBgNV
BAMTKDQ0OEMzOTkxNEE5MjFENkQ3M0M5OEE2MzFBOTEwM0Y4OEY5RkQyREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCGz1lfAyHRiphbsc0c8ZXEiV4Y
91k2M2PIg46L6blcmRBdNicQJ4etU4bQh59nHEkelOyhi7Zzcsur6KactoPgZyJ0
ePig0udJlwRqcoWSSMTh2BEXjDoQObv54Ewyp4V1cTAc10awneiy/2/Z4PZTREHp
9Q/QgobXssQy+N7yhzFg3AZjpUdNAj6QQ1wLmPY/Vv6sExGZt3oNcygU0f9SvjHo
qR6OsMVjlXcETJ7uM9r5izD3mZV+U+q1JkY4RkX0aBwcu1b9SV96DU5TAMABH2j4
Nv2/ezlX1g0WjHH/y9ETO1qga5lXKC5vurGMpKoc0gCKfDXlZauADS+NJ3BDAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQURIw5kUqSHW1zyYpjGpED+I+f0tswHwYDVR0j
BBgwFoAU7C6uW/iD09/YsnDQgv+J3YEJDFMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BM0E0RTBEMThEOTdEMzlDNTM5MEZGREUyNkZDNzhCRTRB
QjUwNjg5NjdCODg4QUQ5ODhFNEJCMEQ0OEY5ODE5LzAvRUMyRUFFNUJGODgzRDNE
RkQ4QjI3MEQwODJGRjg5REQ4MTA5MEM1My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQzJFQUU1QkY4ODNEM0RGRDhC
MjcwRDA4MkZGODlERDgxMDkwQzUzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTNBNEUwRDE4RDk3RDM5QzUzOTBGRkRFMjZGQzc4QkU0QUI1MDY4OTY3
Qjg4OEFEOTg4RTRCQjBENDhGOTgxOS8wLzMyMzAzMTJlMzIzMTM3MmUzNTMyMmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNzM3MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcnZNDAN
BgkqhkiG9w0BAQsFAAOCAQEACKBpUIgbwPMhEEz2SDM+eWip8OjZfOg879zInO3f
3yt0RYS1EoYYZAMkltKLR4wAkQtcgHh36voTCMLOcyv4XlOGNogoGHiyspHLM+zw
r8OeuSxI2MvuoRz5rM7GmOdTvWGEzXuXeCNAU/e92J07dRK7wbP6/LCHTIToouvc
9UpMxgCdyMz6y2//LK7BmutJNZ9HBBgm9PWgJeOGR4NJBtCmK4bkz/s8wpsTmEZ8
StP/jXcrJ04KHagkBlI8CSV9JKI2BbmcegksP5uW7r9fHS7Iuz0SUlqTwql2mPbk
WZee20oXcVpQp8omR025DWVA8EP8U+8sahwX93z5GH1FdA==
-----END CERTIFICATE-----