Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B6B5E4684BEE1F7763249A49CBAB846BE8CF475056C8D564BFF46B3996938AB6/0/3133322e3235352e36382e302f32322d3232203d3e20323633373030.roa
File:                     3133322e3235352e36382e302f32322d3232203d3e20323633373030.roa (raw, json)
Hash identifier:          fFMfy5y9pEXKXRrQXfGuYKgIJONCH/WwtogE1ZR/jNA=
Subject key identifier:   FE:6A:33:55:48:25:20:73:DA:C6:EE:6F:C8:22:A8:BA:4A:2C:99:8F
Certificate issuer:       /CN=B57B438CFF3F02CD31FFA267CFD03FC2140E1C17
Certificate serial:       37F2A5645A204A01EAB98D9DA6E20A64F082764C
Authority key identifier: B5:7B:43:8C:FF:3F:02:CD:31:FF:A2:67:CF:D0:3F:C2:14:0E:1C:17
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B57B438CFF3F02CD31FFA267CFD03FC2140E1C17.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B6B5E4684BEE1F7763249A49CBAB846BE8CF475056C8D564BFF46B3996938AB6/0/3133322e3235352e36382e302f32322d3232203d3e20323633373030.roa
Signing time:             Tue 04 Feb 2025 18:21:53 +0000
ROA not before:           Tue 04 Feb 2025 18:16:53 +0000
ROA not after:            Tue 03 Feb 2026 18:21:53 +0000
asID:                     263700
IP address blocks:        132.255.68.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:f2:a5:64:5a:20:4a:01:ea:b9:8d:9d:a6:e2:0a:64:f0:82:76:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B57B438CFF3F02CD31FFA267CFD03FC2140E1C17
        Validity
            Not Before: Feb  4 18:16:53 2025 GMT
            Not After : Feb  3 18:21:53 2026 GMT
        Subject: CN=FE6A335548252073DAC6EE6FC822A8BA4A2C998F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4f:e6:53:66:16:99:df:d1:43:9c:a5:93:10:
                    5e:ae:f5:a3:c1:46:a9:b6:43:22:83:d0:ba:fd:1c:
                    65:6d:b2:63:4b:65:79:34:24:ba:71:69:15:50:51:
                    8f:66:90:fc:e4:54:5a:27:d1:42:80:3f:b4:4f:9f:
                    fe:64:9c:4a:60:51:81:76:5f:0d:82:f3:93:5c:fc:
                    0a:b8:1c:50:16:f0:14:4a:a6:1d:2c:25:ef:82:34:
                    ce:2a:10:a0:de:41:a0:1c:6f:23:c8:de:f8:7a:cc:
                    e9:bc:2b:af:87:67:e8:59:6a:65:74:15:54:7c:64:
                    79:29:d1:b5:4c:e6:ab:89:3f:44:08:9a:07:92:7d:
                    c7:8d:e0:8d:50:34:1f:dd:19:12:d6:4a:4d:2a:b8:
                    f1:19:68:67:b6:e3:50:c2:e9:64:18:d2:16:6d:35:
                    91:19:39:13:1f:3a:dc:a6:7b:29:bf:9b:d2:9f:ba:
                    b3:8a:b4:8e:d4:a0:f2:93:bc:8b:1c:ea:07:72:08:
                    05:77:1c:03:93:a6:7b:d8:a5:e4:61:c1:da:fc:6f:
                    60:1d:b0:7d:9f:20:c1:9c:5b:97:00:ec:2d:74:4c:
                    39:da:be:f9:45:41:98:b7:10:fa:78:7c:39:d2:39:
                    35:c5:f6:1e:34:f6:74:51:14:68:0d:2b:a5:c6:3b:
                    20:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:6A:33:55:48:25:20:73:DA:C6:EE:6F:C8:22:A8:BA:4A:2C:99:8F
            X509v3 Authority Key Identifier:
                keyid:B5:7B:43:8C:FF:3F:02:CD:31:FF:A2:67:CF:D0:3F:C2:14:0E:1C:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B6B5E4684BEE1F7763249A49CBAB846BE8CF475056C8D564BFF46B3996938AB6/0/B57B438CFF3F02CD31FFA267CFD03FC2140E1C17.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B57B438CFF3F02CD31FFA267CFD03FC2140E1C17.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B6B5E4684BEE1F7763249A49CBAB846BE8CF475056C8D564BFF46B3996938AB6/0/3133322e3235352e36382e302f32322d3232203d3e20323633373030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.255.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:d5:d0:67:fa:2f:fa:c1:ae:c5:ef:51:bc:69:86:1d:ff:d3:
         d9:e0:91:a9:4c:b9:44:13:17:df:06:1b:42:55:6d:fe:81:b6:
         0d:d5:e6:09:99:dd:f0:e0:6d:08:9e:80:58:59:e1:40:ee:45:
         40:48:fa:4d:2d:ac:0d:5d:be:0b:65:de:0c:c8:62:d0:e3:ef:
         06:e5:b3:fa:21:03:c2:96:fa:1e:0a:a3:a0:83:78:01:fd:93:
         68:e4:8c:5b:1f:97:9b:44:bb:a8:ad:1c:72:f2:f7:d1:36:4a:
         4d:b0:51:df:b3:78:28:9e:87:b1:3e:8f:32:a4:01:fa:1f:a8:
         f4:72:32:6e:93:4d:48:46:4a:59:a9:16:cd:f3:7d:4d:32:b0:
         25:e8:06:20:97:ad:fb:f0:a0:78:1d:7a:0d:7d:43:76:6f:8d:
         b4:b9:06:e5:b0:f9:12:39:c8:79:50:85:0a:bb:58:8d:00:6f:
         d6:cc:35:8f:d0:65:86:32:74:9f:e4:c1:5f:eb:b1:ec:15:b0:
         3d:3b:08:0d:ff:d1:d5:65:85:b1:ef:c9:31:96:3e:33:06:1b:
         cb:00:4d:e6:79:5f:80:1b:4e:f0:6b:fe:50:64:20:5a:ee:3a:
         dc:6c:f3:e8:ed:51:c5:15:89:0e:2b:0b:c8:26:0b:b2:1b:8f:
         eb:08:30:c7
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUN/KlZFogSgHquY2dpuIKZPCCdkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjU3QjQzOENGRjNGMDJDRDMxRkZBMjY3Q0ZEMDNGQzIx
NDBFMUMxNzAeFw0yNTAyMDQxODE2NTNaFw0yNjAyMDMxODIxNTNaMDMxMTAvBgNV
BAMTKEZFNkEzMzU1NDgyNTIwNzNEQUM2RUU2RkM4MjJBOEJBNEEyQzk5OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnT+ZTZhaZ39FDnKWTEF6u9aPB
Rqm2QyKD0Lr9HGVtsmNLZXk0JLpxaRVQUY9mkPzkVFon0UKAP7RPn/5knEpgUYF2
Xw2C85Nc/Aq4HFAW8BRKph0sJe+CNM4qEKDeQaAcbyPI3vh6zOm8K6+HZ+hZamV0
FVR8ZHkp0bVM5quJP0QImgeSfceN4I1QNB/dGRLWSk0quPEZaGe241DC6WQY0hZt
NZEZORMfOtymeym/m9KfurOKtI7UoPKTvIsc6gdyCAV3HAOTpnvYpeRhwdr8b2Ad
sH2fIMGcW5cA7C10TDnavvlFQZi3EPp4fDnSOTXF9h409nRRFGgNK6XGOyADAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU/mozVUglIHPaxu5vyCKoukosmY8wHwYDVR0j
BBgwFoAUtXtDjP8/As0x/6Jnz9A/whQOHBcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CNkI1RTQ2ODRCRUUxRjc3NjMyNDlBNDlDQkFCODQ2QkU4
Q0Y0NzUwNTZDOEQ1NjRCRkY0NkIzOTk2OTM4QUI2LzAvQjU3QjQzOENGRjNGMDJD
RDMxRkZBMjY3Q0ZEMDNGQzIxNDBFMUMxNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNTdCNDM4Q0ZGM0YwMkNEMzFG
RkEyNjdDRkQwM0ZDMjE0MEUxQzE3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjZCNUU0Njg0QkVFMUY3NzYzMjQ5QTQ5Q0JBQjg0NkJFOENGNDc1MDU2
QzhENTY0QkZGNDZCMzk5NjkzOEFCNi8wLzMxMzMzMjJlMzIzNTM1MmUzNjM4MmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjMzMzczMDMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQChP9E
MA0GCSqGSIb3DQEBCwUAA4IBAQBq1dBn+i/6wa7F71G8aYYd/9PZ4JGpTLlEExff
BhtCVW3+gbYN1eYJmd3w4G0InoBYWeFA7kVASPpNLawNXb4LZd4MyGLQ4+8G5bP6
IQPClvoeCqOgg3gB/ZNo5IxbH5ebRLuorRxy8vfRNkpNsFHfs3gonoexPo8ypAH6
H6j0cjJuk01IRkpZqRbN831NMrAl6AYgl6378KB4HXoNfUN2b420uQblsPkSOch5
UIUKu1iNAG/WzDWP0GWGMnSf5MFf67HsFbA9OwgN/9HVZYWx78kxlj4zBhvLAE3m
eV+AG07wa/5QZCBa7jrcbPPo7VHFFYkOKwvIJguyG4/rCDDH
-----END CERTIFICATE-----