Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AFA72A5B4FF392C18B8B85842B5543577E3B0E1F32CDCB12ACF413A7389F6F0D/0/3137302e3233332e3131362e302f32322d3234203d3e20323634373338.roa
File:                     3137302e3233332e3131362e302f32322d3234203d3e20323634373338.roa (raw, json)
Hash identifier:          ugsQe2jsofkJLLUvsztZaDq30zirVyhbus3iN46O6yY=
Subject key identifier:   34:BF:D1:9F:89:C9:C6:3F:20:57:E9:2E:8D:D1:E6:96:EC:4B:46:B9
Certificate issuer:       /CN=B2CC06647FEB4440D4723322EA183C8FFEBA89E4
Certificate serial:       70E9FC65E6B4C999E4D92FF770B2810F7A25A44A
Authority key identifier: B2:CC:06:64:7F:EB:44:40:D4:72:33:22:EA:18:3C:8F:FE:BA:89:E4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B2CC06647FEB4440D4723322EA183C8FFEBA89E4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AFA72A5B4FF392C18B8B85842B5543577E3B0E1F32CDCB12ACF413A7389F6F0D/0/3137302e3233332e3131362e302f32322d3234203d3e20323634373338.roa
Signing time:             Tue 04 Feb 2025 18:21:30 +0000
ROA not before:           Tue 04 Feb 2025 18:16:30 +0000
ROA not after:            Tue 03 Feb 2026 18:21:30 +0000
asID:                     264738
IP address blocks:        170.233.116.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:e9:fc:65:e6:b4:c9:99:e4:d9:2f:f7:70:b2:81:0f:7a:25:a4:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B2CC06647FEB4440D4723322EA183C8FFEBA89E4
        Validity
            Not Before: Feb  4 18:16:30 2025 GMT
            Not After : Feb  3 18:21:30 2026 GMT
        Subject: CN=34BFD19F89C9C63F2057E92E8DD1E696EC4B46B9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:19:4c:10:1c:ea:f7:06:31:71:c6:66:4c:ed:
                    b9:61:3a:c9:c5:32:3f:0e:0b:60:7d:12:fb:ec:28:
                    9b:b8:11:6a:44:19:8f:1f:cc:67:10:b3:e5:a4:f9:
                    63:91:37:8f:5c:d7:ab:3b:32:37:dd:6c:b3:52:23:
                    b9:bd:72:28:fc:19:51:47:18:9b:73:78:4f:c2:9d:
                    96:4a:4b:dd:57:52:2e:68:53:65:f2:9c:f1:cf:b4:
                    f1:ed:33:1c:c2:aa:22:25:9b:21:06:2d:74:2d:e6:
                    e5:df:1a:39:5b:3b:74:ed:28:59:03:bc:d1:7c:63:
                    8f:87:52:35:80:0c:e1:cb:61:55:42:51:86:23:c6:
                    d8:f3:d0:00:f3:fb:7a:da:ca:bb:ac:e5:3b:37:ba:
                    f1:e4:5b:84:52:ff:88:53:a4:54:5f:d5:35:69:6a:
                    b6:45:10:a6:39:dd:66:a5:29:83:82:bf:ad:bc:77:
                    e0:c9:bf:35:c3:65:75:e6:97:18:cf:55:fe:32:46:
                    37:84:12:87:7a:23:08:57:4e:87:32:4a:38:a3:48:
                    13:03:43:51:5e:32:aa:0f:40:f7:ae:8f:1c:29:6c:
                    80:be:27:d8:fc:b7:7f:e0:51:ba:be:57:9b:6d:6d:
                    7b:71:ce:20:67:84:68:7d:04:95:d3:8b:16:1e:5c:
                    e7:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:BF:D1:9F:89:C9:C6:3F:20:57:E9:2E:8D:D1:E6:96:EC:4B:46:B9
            X509v3 Authority Key Identifier:
                keyid:B2:CC:06:64:7F:EB:44:40:D4:72:33:22:EA:18:3C:8F:FE:BA:89:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AFA72A5B4FF392C18B8B85842B5543577E3B0E1F32CDCB12ACF413A7389F6F0D/0/B2CC06647FEB4440D4723322EA183C8FFEBA89E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B2CC06647FEB4440D4723322EA183C8FFEBA89E4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AFA72A5B4FF392C18B8B85842B5543577E3B0E1F32CDCB12ACF413A7389F6F0D/0/3137302e3233332e3131362e302f32322d3234203d3e20323634373338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         cc:e0:00:da:c6:65:ad:28:4c:e6:56:a2:cf:5c:16:c8:4d:d2:
         1e:9e:ba:10:f3:56:53:10:13:42:af:d1:60:d1:9d:4c:7a:77:
         72:45:ee:a9:3e:d0:6c:66:8f:ce:d6:1b:5c:9d:de:37:dc:a5:
         b8:09:f2:25:77:11:63:71:53:6f:f4:cf:ba:dc:5f:a3:48:68:
         5b:ea:8b:dd:66:f9:e1:a9:29:2d:0e:12:fe:48:ea:49:e7:e0:
         f8:f0:cf:47:24:b9:55:48:2e:1f:2e:ab:90:17:c7:25:c1:44:
         8d:c0:8f:e4:03:e4:c1:48:1b:a6:d9:b4:57:f4:f7:9f:f1:19:
         2f:78:f7:df:d5:5e:4c:1e:38:92:fc:28:d9:5c:aa:5b:e7:6f:
         48:67:14:d2:f9:a3:f0:05:4d:8a:fb:5e:83:c6:3e:71:55:41:
         80:b3:7b:1a:3e:d4:98:d7:71:96:20:d9:87:b4:8a:e7:5f:e0:
         93:91:8d:56:4d:a4:6a:14:d5:0d:2a:ca:2a:1c:5b:7e:e8:e9:
         71:cb:77:cd:ed:bb:8d:3e:ba:78:57:0d:23:e2:af:07:7f:c3:
         76:04:eb:43:12:95:aa:76:f5:35:27:b6:2b:c0:38:8d:64:38:
         38:d2:54:76:a0:f0:1c:4c:f8:2d:a6:ba:69:3d:8d:e2:ea:a8:
         75:18:de:22
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUcOn8Zea0yZnk2S/3cLKBD3olpEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjJDQzA2NjQ3RkVCNDQ0MEQ0NzIzMzIyRUExODNDOEZG
RUJBODlFNDAeFw0yNTAyMDQxODE2MzBaFw0yNjAyMDMxODIxMzBaMDMxMTAvBgNV
BAMTKDM0QkZEMTlGODlDOUM2M0YyMDU3RTkyRThERDFFNjk2RUM0QjQ2QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgGUwQHOr3BjFxxmZM7blhOsnF
Mj8OC2B9EvvsKJu4EWpEGY8fzGcQs+Wk+WORN49c16s7MjfdbLNSI7m9cij8GVFH
GJtzeE/CnZZKS91XUi5oU2XynPHPtPHtMxzCqiIlmyEGLXQt5uXfGjlbO3TtKFkD
vNF8Y4+HUjWADOHLYVVCUYYjxtjz0ADz+3rayrus5Ts3uvHkW4RS/4hTpFRf1TVp
arZFEKY53WalKYOCv628d+DJvzXDZXXmlxjPVf4yRjeEEod6IwhXTocySjijSBMD
Q1FeMqoPQPeujxwpbIC+J9j8t3/gUbq+V5ttbXtxziBnhGh9BJXTixYeXOcjAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUNL/Rn4nJxj8gV+kujdHmluxLRrkwHwYDVR0j
BBgwFoAUsswGZH/rREDUcjMi6hg8j/66ieQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BRkE3MkE1QjRGRjM5MkMxOEI4Qjg1ODQyQjU1NDM1NzdF
M0IwRTFGMzJDRENCMTJBQ0Y0MTNBNzM4OUY2RjBELzAvQjJDQzA2NjQ3RkVCNDQ0
MEQ0NzIzMzIyRUExODNDOEZGRUJBODlFNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CMkNDMDY2NDdGRUI0NDQwRDQ3
MjMzMjJFQTE4M0M4RkZFQkE4OUU0LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUZBNzJBNUI0RkYzOTJDMThCOEI4NTg0MkI1NTQzNTc3RTNCMEUxRjMy
Q0RDQjEyQUNGNDEzQTczODlGNkYwRC8wLzMxMzczMDJlMzIzMzMzMmUzMTMxMzYy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzQzNzMzMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKq
6XQwDQYJKoZIhvcNAQELBQADggEBAMzgANrGZa0oTOZWos9cFshN0h6euhDzVlMQ
E0Kv0WDRnUx6d3JF7qk+0Gxmj87WG1yd3jfcpbgJ8iV3EWNxU2/0z7rcX6NIaFvq
i91m+eGpKS0OEv5I6knn4Pjwz0ckuVVILh8uq5AXxyXBRI3Aj+QD5MFIG6bZtFf0
95/xGS9499/VXkweOJL8KNlcqlvnb0hnFNL5o/AFTYr7XoPGPnFVQYCzexo+1JjX
cZYg2Ye0iudf4JORjVZNpGoU1Q0qyiocW37o6XHLd83tu40+unhXDSPirwd/w3YE
60MSlap29TUntivAOI1kODjSVHag8BxM+C2mumk9jeLqqHUY3iI=
-----END CERTIFICATE-----