Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B2640994DAD0823F46C2F5E1B731C06AA780E636136AFA402B63199EC1364364/0/3137372e37332e3135322e302f32342d3234203d3e20323634363436.roa
File:                     3137372e37332e3135322e302f32342d3234203d3e20323634363436.roa (raw, json)
Hash identifier:          t05kc4GwTSJ+HzpvjlaV8v7CZKHPakItDcr0lS0Cs6w=
Subject key identifier:   77:1E:6C:BC:CB:73:66:BC:D8:8D:3E:76:36:B5:DA:B1:D7:35:7D:29
Certificate issuer:       /CN=1EC7B31A1AB1BBCD343A42B4F1AC4D6EDB3B3DC8
Certificate serial:       444822CE40345F8A8AA6939AE9688CE1C8A5C0E7
Authority key identifier: 1E:C7:B3:1A:1A:B1:BB:CD:34:3A:42:B4:F1:AC:4D:6E:DB:3B:3D:C8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1EC7B31A1AB1BBCD343A42B4F1AC4D6EDB3B3DC8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B2640994DAD0823F46C2F5E1B731C06AA780E636136AFA402B63199EC1364364/0/3137372e37332e3135322e302f32342d3234203d3e20323634363436.roa
Signing time:             Thu 20 Mar 2025 23:12:38 +0000
ROA not before:           Thu 20 Mar 2025 23:07:38 +0000
ROA not after:            Thu 19 Mar 2026 23:12:38 +0000
asID:                     264646
IP address blocks:        177.73.152.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:48:22:ce:40:34:5f:8a:8a:a6:93:9a:e9:68:8c:e1:c8:a5:c0:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1EC7B31A1AB1BBCD343A42B4F1AC4D6EDB3B3DC8
        Validity
            Not Before: Mar 20 23:07:38 2025 GMT
            Not After : Mar 19 23:12:38 2026 GMT
        Subject: CN=771E6CBCCB7366BCD88D3E7636B5DAB1D7357D29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:de:d9:2f:4c:da:ca:ab:5e:1b:87:ca:a1:c8:
                    60:30:f4:93:f1:95:5f:0b:c8:95:65:3b:dc:72:21:
                    36:fc:af:6f:9d:d5:39:c3:c6:6d:38:48:5c:71:a8:
                    7c:61:e0:63:0a:36:a7:cf:cc:88:12:23:f1:36:01:
                    5a:33:3c:cb:c7:53:b6:b4:c9:24:73:d3:3c:8b:f1:
                    67:9e:d6:a2:b9:42:0e:28:cf:bd:40:23:12:7c:1c:
                    9e:95:cd:3e:18:ae:2a:f2:28:48:27:1a:55:45:8c:
                    8f:52:1c:14:5d:3d:42:ba:fa:15:1e:98:e1:fd:d3:
                    2c:b6:f7:87:51:95:32:ab:4b:1e:66:c4:4e:45:c1:
                    1c:b4:45:92:15:39:a9:2e:f2:9a:d4:44:36:bd:ae:
                    7e:3d:64:89:40:88:35:6b:6e:af:5f:94:9d:a5:5a:
                    57:0d:82:cc:3a:23:81:fe:92:3f:68:fa:52:db:b6:
                    92:5c:ca:ab:d7:5c:f6:8c:38:31:af:1e:61:c0:fe:
                    15:7b:84:c1:58:3d:78:f0:dd:70:a7:ff:bc:58:b7:
                    5e:90:b3:97:9f:01:0c:c0:4b:9b:c3:27:e0:61:b1:
                    8c:29:00:9a:4b:ba:a2:ed:cd:95:61:2f:14:73:74:
                    91:ba:95:f3:e0:d8:17:f0:79:2c:94:e4:95:97:f0:
                    9c:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:1E:6C:BC:CB:73:66:BC:D8:8D:3E:76:36:B5:DA:B1:D7:35:7D:29
            X509v3 Authority Key Identifier:
                keyid:1E:C7:B3:1A:1A:B1:BB:CD:34:3A:42:B4:F1:AC:4D:6E:DB:3B:3D:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B2640994DAD0823F46C2F5E1B731C06AA780E636136AFA402B63199EC1364364/0/1EC7B31A1AB1BBCD343A42B4F1AC4D6EDB3B3DC8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1EC7B31A1AB1BBCD343A42B4F1AC4D6EDB3B3DC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B2640994DAD0823F46C2F5E1B731C06AA780E636136AFA402B63199EC1364364/0/3137372e37332e3135322e302f32342d3234203d3e20323634363436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.73.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:4c:1d:04:00:5f:e1:d2:e8:3a:97:d9:98:fc:ef:93:73:ed:
         e1:01:27:59:40:1c:23:2b:0f:11:c4:dc:5d:1d:0d:3d:b2:17:
         76:0b:23:44:c4:4c:7d:31:19:97:3b:b8:bc:6d:81:5f:a3:a9:
         c3:16:07:36:15:8a:34:00:0a:07:44:74:82:4d:5c:51:39:b6:
         63:19:2c:20:10:08:18:c4:ac:65:c2:e2:a4:8a:96:df:ad:cd:
         93:bb:ad:fb:3a:7e:b0:1e:9b:62:72:3a:75:d5:9a:b3:de:6c:
         82:32:33:e7:3c:88:6a:c4:db:26:43:69:69:01:9a:53:74:1c:
         6e:60:72:90:92:6d:e9:bc:af:fa:6c:74:6b:15:6c:d8:df:f7:
         14:ca:bc:d1:da:c7:14:ad:43:e5:28:c1:fb:0e:48:3d:f7:57:
         c3:9a:a2:82:d0:26:3c:c3:03:77:ee:00:e2:dc:2b:0d:2a:e7:
         54:07:eb:80:28:a1:9e:7f:d0:66:ac:33:6c:50:1c:e9:ac:23:
         02:46:46:88:71:28:09:10:5d:68:a0:37:e7:e1:ca:25:68:15:
         89:4d:71:e4:c0:14:6f:6c:bb:18:91:c9:18:66:f7:4d:7f:ae:
         2c:29:5c:49:01:ad:38:ef:b4:07:90:20:61:42:70:8c:25:ab:
         dd:40:39:31
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUREgizkA0X4qKppOa6WiM4cilwOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUVDN0IzMUExQUIxQkJDRDM0M0E0MkI0RjFBQzRENkVE
QjNCM0RDODAeFw0yNTAzMjAyMzA3MzhaFw0yNjAzMTkyMzEyMzhaMDMxMTAvBgNV
BAMTKDc3MUU2Q0JDQ0I3MzY2QkNEODhEM0U3NjM2QjVEQUIxRDczNTdEMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp3tkvTNrKq14bh8qhyGAw9JPx
lV8LyJVlO9xyITb8r2+d1TnDxm04SFxxqHxh4GMKNqfPzIgSI/E2AVozPMvHU7a0
ySRz0zyL8Wee1qK5Qg4oz71AIxJ8HJ6VzT4YriryKEgnGlVFjI9SHBRdPUK6+hUe
mOH90yy294dRlTKrSx5mxE5FwRy0RZIVOaku8prURDa9rn49ZIlAiDVrbq9flJ2l
WlcNgsw6I4H+kj9o+lLbtpJcyqvXXPaMODGvHmHA/hV7hMFYPXjw3XCn/7xYt16Q
s5efAQzAS5vDJ+BhsYwpAJpLuqLtzZVhLxRzdJG6lfPg2BfweSyU5JWX8Jy9AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUdx5svMtzZrzYjT52NrXasdc1fSkwHwYDVR0j
BBgwFoAUHsezGhqxu800OkK08axNbts7PcgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMjY0MDk5NERBRDA4MjNGNDZDMkY1RTFCNzMxQzA2QUE3
ODBFNjM2MTM2QUZBNDAyQjYzMTk5RUMxMzY0MzY0LzAvMUVDN0IzMUExQUIxQkJD
RDM0M0E0MkI0RjFBQzRENkVEQjNCM0RDOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRUM3QjMxQTFBQjFCQkNEMzQz
QTQyQjRGMUFDNEQ2RURCM0IzREM4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjI2NDA5OTREQUQwODIzRjQ2QzJGNUUxQjczMUMwNkFBNzgwRTYzNjEz
NkFGQTQwMkI2MzE5OUVDMTM2NDM2NC8wLzMxMzczNzJlMzczMzJlMzEzNTMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM0MzYzNDM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsUmY
MA0GCSqGSIb3DQEBCwUAA4IBAQBaTB0EAF/h0ug6l9mY/O+Tc+3hASdZQBwjKw8R
xNxdHQ09shd2CyNExEx9MRmXO7i8bYFfo6nDFgc2FYo0AAoHRHSCTVxRObZjGSwg
EAgYxKxlwuKkipbfrc2Tu637On6wHpticjp11Zqz3myCMjPnPIhqxNsmQ2lpAZpT
dBxuYHKQkm3pvK/6bHRrFWzY3/cUyrzR2scUrUPlKMH7Dkg991fDmqKC0CY8wwN3
7gDi3CsNKudUB+uAKKGef9BmrDNsUBzprCMCRkaIcSgJEF1ooDfn4colaBWJTXHk
wBRvbLsYkckYZvdNf64sKVxJAa0477QHkCBhQnCMJavdQDkx
-----END CERTIFICATE-----