Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C5A669E66E0226898970860795E838DAFA0421E6969F99415AB8BD789BF07A8A/0/34352e37302e3233362e302f32322d3234203d3e20323634363638.roa
File:                     34352e37302e3233362e302f32322d3234203d3e20323634363638.roa (raw, json)
Hash identifier:          I9E91g2GOzmlJRsJTyUsRvZalExRLnqhEUs5aZnH1F8=
Subject key identifier:   5C:6C:82:62:5F:7A:C0:FE:93:94:4C:2F:64:69:AA:D7:82:A3:08:A7
Certificate issuer:       /CN=5CB5BC2178578E05EB3BA17A1C805009B3BB65EB
Certificate serial:       2EDB761D489935661EBF7FFB0D675F4ACC7AACED
Authority key identifier: 5C:B5:BC:21:78:57:8E:05:EB:3B:A1:7A:1C:80:50:09:B3:BB:65:EB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5CB5BC2178578E05EB3BA17A1C805009B3BB65EB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C5A669E66E0226898970860795E838DAFA0421E6969F99415AB8BD789BF07A8A/0/34352e37302e3233362e302f32322d3234203d3e20323634363638.roa
Signing time:             Tue 04 Feb 2025 18:22:29 +0000
ROA not before:           Tue 04 Feb 2025 18:17:29 +0000
ROA not after:            Tue 03 Feb 2026 18:22:29 +0000
asID:                     264668
IP address blocks:        45.70.236.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:db:76:1d:48:99:35:66:1e:bf:7f:fb:0d:67:5f:4a:cc:7a:ac:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5CB5BC2178578E05EB3BA17A1C805009B3BB65EB
        Validity
            Not Before: Feb  4 18:17:29 2025 GMT
            Not After : Feb  3 18:22:29 2026 GMT
        Subject: CN=5C6C82625F7AC0FE93944C2F6469AAD782A308A7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:6a:13:e5:87:73:78:90:79:e6:3e:12:57:5e:
                    ad:cf:7a:aa:f8:90:b3:d7:59:1e:8c:0a:46:00:cc:
                    cf:dd:ed:40:f0:f6:f8:cf:81:c7:84:a4:36:5e:b5:
                    9f:5c:a3:52:a5:32:12:78:2a:47:82:1c:59:8b:19:
                    fe:54:dc:d6:e1:72:fb:8d:4b:d3:1d:8e:f7:17:47:
                    93:00:da:64:c1:51:b2:53:d2:18:11:e9:44:3e:12:
                    55:15:51:df:37:32:cd:64:6a:64:24:06:5d:0d:77:
                    44:04:2a:fc:bf:ae:fc:a0:cd:4a:f9:cd:44:de:9a:
                    dc:b1:5c:65:5e:1a:e3:84:63:b8:76:87:5c:1e:31:
                    46:79:44:ae:b7:ff:4a:d7:89:94:2d:49:aa:ab:12:
                    9b:32:01:c7:6c:ac:cf:b5:a2:f0:ce:9a:78:b4:4f:
                    1d:f1:79:60:a6:d8:50:9f:b1:6c:80:9a:f5:2c:64:
                    57:98:59:c0:be:b6:cb:e1:2b:83:ae:35:a5:f1:57:
                    7e:d6:84:c5:a1:d0:87:9b:7e:e1:d7:2b:6a:49:f1:
                    3c:0d:3e:ed:34:67:64:ca:7b:5a:e1:1d:e4:3e:91:
                    c1:60:e8:04:98:1e:5e:33:24:23:04:30:88:5e:bf:
                    c1:fa:c0:c2:e3:c0:db:7c:e7:f2:0f:61:21:ca:de:
                    2d:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:6C:82:62:5F:7A:C0:FE:93:94:4C:2F:64:69:AA:D7:82:A3:08:A7
            X509v3 Authority Key Identifier:
                keyid:5C:B5:BC:21:78:57:8E:05:EB:3B:A1:7A:1C:80:50:09:B3:BB:65:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C5A669E66E0226898970860795E838DAFA0421E6969F99415AB8BD789BF07A8A/0/5CB5BC2178578E05EB3BA17A1C805009B3BB65EB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5CB5BC2178578E05EB3BA17A1C805009B3BB65EB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C5A669E66E0226898970860795E838DAFA0421E6969F99415AB8BD789BF07A8A/0/34352e37302e3233362e302f32322d3234203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.70.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         52:27:87:5a:fe:94:e9:07:b8:80:26:e1:19:aa:52:a1:c3:51:
         2e:38:47:05:42:39:1e:4d:95:47:7b:2d:73:71:ed:2f:5d:21:
         4d:14:01:b3:02:d1:f3:d9:0a:16:ef:64:66:f9:89:13:87:68:
         bb:eb:53:03:76:bd:ab:fc:cd:79:d8:7a:e9:c1:82:3f:f9:1d:
         a1:4d:3e:69:a1:35:32:20:60:d7:93:1d:f6:e7:1a:17:14:b7:
         76:ed:6e:fc:d3:34:1c:35:24:43:89:29:ce:b7:bb:ac:a4:54:
         ed:5b:5e:e2:86:d3:27:07:67:6d:39:d5:02:77:d6:36:0c:02:
         8e:9d:e1:03:2d:a0:50:6c:ae:92:32:7c:b9:dd:5e:0d:d8:25:
         9e:b3:a4:a9:80:85:75:fd:95:ab:46:e6:b4:ef:72:ce:df:1b:
         08:c8:f0:c3:18:22:65:f9:d8:2a:9a:4e:a7:12:8a:f6:f0:d6:
         30:a4:6c:e0:b0:f1:25:c9:f6:07:01:af:a5:71:6b:3e:b7:76:
         5d:0b:3c:29:a7:6e:c9:af:02:7f:61:21:62:38:3e:02:45:32:
         8f:73:58:2d:60:69:5a:e8:8d:b4:36:6d:6c:c0:5a:93:aa:42:
         dd:04:46:c1:f4:31:3c:5c:c7:bd:c0:2d:bf:03:4a:0e:fd:e2:
         49:e3:a3:b3
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIULtt2HUiZNWYev3/7DWdfSsx6rO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUNCNUJDMjE3ODU3OEUwNUVCM0JBMTdBMUM4MDUwMDlC
M0JCNjVFQjAeFw0yNTAyMDQxODE3MjlaFw0yNjAyMDMxODIyMjlaMDMxMTAvBgNV
BAMTKDVDNkM4MjYyNUY3QUMwRkU5Mzk0NEMyRjY0NjlBQUQ3ODJBMzA4QTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAahPlh3N4kHnmPhJXXq3Peqr4
kLPXWR6MCkYAzM/d7UDw9vjPgceEpDZetZ9co1KlMhJ4KkeCHFmLGf5U3NbhcvuN
S9MdjvcXR5MA2mTBUbJT0hgR6UQ+ElUVUd83Ms1kamQkBl0Nd0QEKvy/rvygzUr5
zUTemtyxXGVeGuOEY7h2h1weMUZ5RK63/0rXiZQtSaqrEpsyAcdsrM+1ovDOmni0
Tx3xeWCm2FCfsWyAmvUsZFeYWcC+tsvhK4OuNaXxV37WhMWh0IebfuHXK2pJ8TwN
Pu00Z2TKe1rhHeQ+kcFg6ASYHl4zJCMEMIhev8H6wMLjwNt85/IPYSHK3i0jAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUXGyCYl96wP6TlEwvZGmq14KjCKcwHwYDVR0j
BBgwFoAUXLW8IXhXjgXrO6F6HIBQCbO7ZeswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DNUE2NjlFNjZFMDIyNjg5ODk3MDg2MDc5NUU4MzhEQUZB
MDQyMUU2OTY5Rjk5NDE1QUI4QkQ3ODlCRjA3QThBLzAvNUNCNUJDMjE3ODU3OEUw
NUVCM0JBMTdBMUM4MDUwMDlCM0JCNjVFQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81Q0I1QkMyMTc4NTc4RTA1RUIz
QkExN0ExQzgwNTAwOUIzQkI2NUVCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzVBNjY5RTY2RTAyMjY4OTg5NzA4NjA3OTVFODM4REFGQTA0MjFFNjk2
OUY5OTQxNUFCOEJENzg5QkYwN0E4QS8wLzM0MzUyZTM3MzAyZTMyMzMzNjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNDM2MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1G7DAN
BgkqhkiG9w0BAQsFAAOCAQEAUieHWv6U6Qe4gCbhGapSocNRLjhHBUI5Hk2VR3st
c3HtL10hTRQBswLR89kKFu9kZvmJE4dou+tTA3a9q/zNedh66cGCP/kdoU0+aaE1
MiBg15Md9ucaFxS3du1u/NM0HDUkQ4kpzre7rKRU7Vte4obTJwdnbTnVAnfWNgwC
jp3hAy2gUGyukjJ8ud1eDdglnrOkqYCFdf2Vq0bmtO9yzt8bCMjwwxgiZfnYKppO
pxKK9vDWMKRs4LDxJcn2BwGvpXFrPrd2XQs8Kaduya8Cf2EhYjg+AkUyj3NYLWBp
WuiNtDZtbMBak6pC3QRGwfQxPFzHvcAtvwNKDv3iSeOjsw==
-----END CERTIFICATE-----