Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A970DD402FA25F52B8F8947DD387547A7791A758B092BC2912E98A9D75092A6F/0/34352e3139312e3130382e302f32342d3234203d3e20323639383836.roa
File:                     34352e3139312e3130382e302f32342d3234203d3e20323639383836.roa (raw, json)
Hash identifier:          oLwt4cN5vBy0Yz+mlcIKpg1yZOaygBBPGvedyS3l5uU=
Subject key identifier:   37:BE:7E:61:FA:BC:42:72:EC:27:53:1E:FD:43:D4:C5:C7:93:C6:AC
Certificate issuer:       /CN=C45AC49B8C7461E59C144E0149C60D4F74132A43
Certificate serial:       7D158D3F8EA03CE625B4052848DA9AD6FCE72275
Authority key identifier: C4:5A:C4:9B:8C:74:61:E5:9C:14:4E:01:49:C6:0D:4F:74:13:2A:43
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C45AC49B8C7461E59C144E0149C60D4F74132A43.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A970DD402FA25F52B8F8947DD387547A7791A758B092BC2912E98A9D75092A6F/0/34352e3139312e3130382e302f32342d3234203d3e20323639383836.roa
Signing time:             Tue 04 Feb 2025 19:58:27 +0000
ROA not before:           Tue 04 Feb 2025 19:53:27 +0000
ROA not after:            Tue 03 Feb 2026 19:58:27 +0000
asID:                     269886
IP address blocks:        45.191.108.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:15:8d:3f:8e:a0:3c:e6:25:b4:05:28:48:da:9a:d6:fc:e7:22:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C45AC49B8C7461E59C144E0149C60D4F74132A43
        Validity
            Not Before: Feb  4 19:53:27 2025 GMT
            Not After : Feb  3 19:58:27 2026 GMT
        Subject: CN=37BE7E61FABC4272EC27531EFD43D4C5C793C6AC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a6:43:87:fd:b9:a2:c0:70:6b:f7:d5:96:28:
                    eb:95:f9:b5:62:5e:4d:73:e2:bf:3d:33:ec:2c:e4:
                    53:a3:b1:51:88:45:42:c4:5e:4d:89:65:f7:c0:74:
                    92:fe:e8:1d:93:b7:a9:3a:ef:04:ca:6f:d1:3f:8f:
                    ee:fb:2d:db:0a:38:53:67:79:d3:a1:16:ca:03:20:
                    75:96:de:27:48:55:8e:2d:32:d5:ac:cd:e7:be:80:
                    aa:8c:e0:87:bf:d9:3a:95:5e:28:24:fe:4f:2a:b7:
                    c9:09:7a:29:a2:3c:44:96:ca:ae:cf:18:4a:8e:03:
                    24:31:64:84:6a:3e:24:ac:d4:d8:1a:f3:d9:00:4d:
                    fb:86:8b:82:bf:fc:58:92:99:b1:ae:a4:b9:49:dc:
                    4b:b2:ef:c5:3e:54:4c:53:ce:69:82:2f:98:f6:cc:
                    d6:2e:2e:0c:c0:0b:d4:82:04:32:cd:1f:c4:3a:31:
                    b1:90:ad:db:7f:26:1a:17:77:4f:6f:0c:b6:d0:67:
                    41:03:77:46:d7:d0:f2:f6:7d:d3:3a:b0:ca:05:d0:
                    23:db:74:72:6a:d3:d9:eb:28:16:ac:eb:49:8c:66:
                    73:cb:d9:a9:82:d4:c9:52:ac:fd:f2:8a:dc:3f:d0:
                    56:30:32:f8:dc:04:5c:4a:60:4a:0a:68:0e:00:19:
                    39:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:BE:7E:61:FA:BC:42:72:EC:27:53:1E:FD:43:D4:C5:C7:93:C6:AC
            X509v3 Authority Key Identifier:
                keyid:C4:5A:C4:9B:8C:74:61:E5:9C:14:4E:01:49:C6:0D:4F:74:13:2A:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A970DD402FA25F52B8F8947DD387547A7791A758B092BC2912E98A9D75092A6F/0/C45AC49B8C7461E59C144E0149C60D4F74132A43.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C45AC49B8C7461E59C144E0149C60D4F74132A43.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A970DD402FA25F52B8F8947DD387547A7791A758B092BC2912E98A9D75092A6F/0/34352e3139312e3130382e302f32342d3234203d3e20323639383836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.191.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:5b:a0:f3:4b:58:8a:b3:85:c3:95:3f:fd:f1:bc:a1:d2:2d:
         70:8d:ff:d8:1e:55:99:a6:96:c8:d4:4c:4e:1b:c2:f8:32:9d:
         04:76:9d:95:b2:a7:81:6b:ac:e4:f6:f9:b7:b5:fc:d3:62:23:
         13:9d:a7:28:6e:ea:32:c1:58:e3:59:30:5d:6c:e2:08:3f:23:
         7b:e0:b3:a8:38:0c:f2:8d:a5:22:74:e1:d7:0b:74:49:62:66:
         e4:4d:17:64:c8:79:4f:f0:7c:2c:15:b6:6d:92:0f:83:3d:9d:
         d8:05:29:6b:c0:75:91:98:d7:9d:76:e3:5d:a1:a1:5e:3c:80:
         37:00:bb:a0:7b:bb:ef:96:1a:c7:96:4b:95:cf:c1:0a:d8:b6:
         15:17:b4:5c:d7:b4:9b:20:2d:05:8a:5e:3f:2b:11:25:f0:c9:
         c0:d4:37:94:bd:3e:d1:a0:9f:ea:d7:44:9d:2e:b8:3f:94:73:
         0c:ed:5b:72:1c:ec:f3:3f:dd:62:18:ec:98:da:d5:de:b0:a4:
         44:8b:26:05:0a:3f:9e:dd:d5:ae:a3:f2:f1:a1:64:40:64:4c:
         21:41:8b:08:b2:e7:f4:7c:7c:31:29:0d:3f:33:d1:d2:bc:f2:
         da:a7:f7:8f:fa:81:1d:5b:e4:58:a1:8e:a6:4a:86:cb:bd:41:
         cb:5c:7b:e8
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUfRWNP46gPOYltAUoSNqa1vznInUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzQ1QUM0OUI4Qzc0NjFFNTlDMTQ0RTAxNDlDNjBENEY3
NDEzMkE0MzAeFw0yNTAyMDQxOTUzMjdaFw0yNjAyMDMxOTU4MjdaMDMxMTAvBgNV
BAMTKDM3QkU3RTYxRkFCQzQyNzJFQzI3NTMxRUZENDNENEM1Qzc5M0M2QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCspkOH/bmiwHBr99WWKOuV+bVi
Xk1z4r89M+ws5FOjsVGIRULEXk2JZffAdJL+6B2Tt6k67wTKb9E/j+77LdsKOFNn
edOhFsoDIHWW3idIVY4tMtWszee+gKqM4Ie/2TqVXigk/k8qt8kJeimiPESWyq7P
GEqOAyQxZIRqPiSs1Nga89kATfuGi4K//FiSmbGupLlJ3Euy78U+VExTzmmCL5j2
zNYuLgzAC9SCBDLNH8Q6MbGQrdt/JhoXd09vDLbQZ0EDd0bX0PL2fdM6sMoF0CPb
dHJq09nrKBas60mMZnPL2amC1MlSrP3yitw/0FYwMvjcBFxKYEoKaA4AGTmZAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUN75+Yfq8QnLsJ1Me/UPUxceTxqwwHwYDVR0j
BBgwFoAUxFrEm4x0YeWcFE4BScYNT3QTKkMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BOTcwREQ0MDJGQTI1RjUyQjhGODk0N0REMzg3NTQ3QTc3
OTFBNzU4QjA5MkJDMjkxMkU5OEE5RDc1MDkyQTZGLzAvQzQ1QUM0OUI4Qzc0NjFF
NTlDMTQ0RTAxNDlDNjBENEY3NDEzMkE0My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DNDVBQzQ5QjhDNzQ2MUU1OUMx
NDRFMDE0OUM2MEQ0Rjc0MTMyQTQzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTk3MERENDAyRkEyNUY1MkI4Rjg5NDdERDM4NzU0N0E3NzkxQTc1OEIw
OTJCQzI5MTJFOThBOUQ3NTA5MkE2Ri8wLzM0MzUyZTMxMzkzMTJlMzEzMDM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM5MzgzODM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALb9s
MA0GCSqGSIb3DQEBCwUAA4IBAQA3W6DzS1iKs4XDlT/98byh0i1wjf/YHlWZppbI
1ExOG8L4Mp0Edp2VsqeBa6zk9vm3tfzTYiMTnacobuoywVjjWTBdbOIIPyN74LOo
OAzyjaUidOHXC3RJYmbkTRdkyHlP8HwsFbZtkg+DPZ3YBSlrwHWRmNedduNdoaFe
PIA3ALuge7vvlhrHlkuVz8EK2LYVF7Rc17SbIC0Fil4/KxEl8MnA1DeUvT7RoJ/q
10SdLrg/lHMM7VtyHOzzP91iGOyY2tXesKREiyYFCj+e3dWuo/LxoWRAZEwhQYsI
suf0fHwxKQ0/M9HSvPLap/eP+oEdW+RYoY6mSobLvUHLXHvo
-----END CERTIFICATE-----