Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CFD39521CB70D37D1DC6CF48E552E2E079697CA08DC58A14FB418BF63263D4B8/0/3136312e32322e33382e302f32342d3234203d3e20323637373839.roa
File:                     3136312e32322e33382e302f32342d3234203d3e20323637373839.roa (raw, json)
Hash identifier:          ICO77hJXp38IBm/4/r4Brfx4YI7uPS0M7LoxVePt6VQ=
Subject key identifier:   39:10:C8:05:EC:07:0D:BD:4D:F8:EC:CF:5C:A4:19:E2:99:D2:92:97
Certificate issuer:       /CN=DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351
Certificate serial:       4818B9C5F5CC6F1C6539C6D6FE5EEA07CD80BD3A
Authority key identifier: DA:10:57:BC:F6:7E:7B:D9:8D:A8:AF:10:B7:1F:56:CC:CD:2D:43:51
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CFD39521CB70D37D1DC6CF48E552E2E079697CA08DC58A14FB418BF63263D4B8/0/3136312e32322e33382e302f32342d3234203d3e20323637373839.roa
Signing time:             Tue 04 Feb 2025 18:42:41 +0000
ROA not before:           Tue 04 Feb 2025 18:37:41 +0000
ROA not after:            Tue 03 Feb 2026 18:42:41 +0000
asID:                     267789
IP address blocks:        161.22.38.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:18:b9:c5:f5:cc:6f:1c:65:39:c6:d6:fe:5e:ea:07:cd:80:bd:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351
        Validity
            Not Before: Feb  4 18:37:41 2025 GMT
            Not After : Feb  3 18:42:41 2026 GMT
        Subject: CN=3910C805EC070DBD4DF8ECCF5CA419E299D29297
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:bc:d7:64:4f:59:6a:80:66:9d:91:5b:53:51:
                    e8:5a:33:2f:bd:3b:c5:70:eb:9b:9d:65:07:7d:38:
                    31:0c:75:cd:b8:5c:e6:06:f6:31:b7:4e:1e:48:16:
                    f3:cb:d8:34:f6:1d:a4:5d:fa:bb:0e:ac:36:4e:fc:
                    a6:83:57:7f:00:ea:ce:4b:c2:43:fc:01:69:3a:0c:
                    5d:99:43:88:13:18:d6:76:b9:30:85:10:09:cf:02:
                    a8:66:f1:87:78:a3:50:50:ab:2d:ce:90:78:cc:57:
                    04:ae:0c:d8:76:75:1e:44:0c:f0:ce:77:a1:e0:57:
                    2e:2d:a8:b5:18:78:88:64:41:08:8a:31:18:84:e6:
                    4b:3e:f9:ad:7b:db:b0:01:27:94:97:4c:65:49:5f:
                    12:6b:f1:d1:9d:0d:14:ae:53:3e:65:64:23:79:bd:
                    51:b0:2c:a1:98:37:97:96:e4:49:ed:e4:4f:e5:c9:
                    30:24:26:7a:6e:e8:74:69:af:ad:85:fa:af:c0:c8:
                    9b:95:21:54:77:5e:e6:76:56:4c:2f:df:9e:98:d2:
                    c5:28:e7:de:78:7d:c8:54:59:54:f7:9c:93:cb:5c:
                    c9:f4:3d:91:0f:40:21:f4:7b:7b:af:ce:5b:7d:bc:
                    e8:79:74:7a:47:e8:0b:08:c9:6a:c1:5c:93:f0:e9:
                    df:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:10:C8:05:EC:07:0D:BD:4D:F8:EC:CF:5C:A4:19:E2:99:D2:92:97
            X509v3 Authority Key Identifier:
                keyid:DA:10:57:BC:F6:7E:7B:D9:8D:A8:AF:10:B7:1F:56:CC:CD:2D:43:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CFD39521CB70D37D1DC6CF48E552E2E079697CA08DC58A14FB418BF63263D4B8/0/DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA1057BCF67E7BD98DA8AF10B71F56CCCD2D4351.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CFD39521CB70D37D1DC6CF48E552E2E079697CA08DC58A14FB418BF63263D4B8/0/3136312e32322e33382e302f32342d3234203d3e20323637373839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.22.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:90:e8:d8:93:95:01:39:5f:a3:e7:b4:27:78:9d:d2:94:97:
         85:b6:e4:ae:c9:74:b4:ae:0b:bb:9e:4f:93:00:ea:2f:45:50:
         16:08:57:ec:d6:dc:2d:98:08:ee:7d:38:93:a1:7c:0c:d0:c2:
         af:10:5e:4e:9e:5c:d5:dc:bd:eb:a3:6e:82:d5:1b:c2:7a:32:
         de:ef:35:e0:51:4f:fe:be:aa:8d:f4:94:45:d8:b4:1a:14:d5:
         80:c4:3c:03:1d:af:a9:36:b3:8a:34:fe:b3:cf:02:42:72:62:
         0c:58:cb:f6:1f:67:49:2a:39:34:4b:00:45:ad:f8:db:23:0f:
         17:78:7c:c3:f8:3c:df:9d:c7:a4:ad:49:c4:dc:1d:75:fb:0d:
         f0:9b:84:7c:26:57:d6:11:ed:d5:6b:a0:08:0d:99:13:31:d0:
         f7:d6:86:dc:1b:09:05:e6:40:a2:30:5d:24:14:b5:17:ba:97:
         8d:9f:17:a0:70:17:97:bc:aa:1f:9b:51:93:96:1b:42:9b:d0:
         b1:98:0d:cc:22:0d:75:31:fd:c6:a0:e0:ff:c8:2b:06:ca:62:
         29:6a:1d:18:2f:a4:49:62:38:f1:cb:23:9a:95:be:45:fd:98:
         15:5c:85:3a:85:d5:38:d7:c1:60:6f:86:2a:de:cd:e1:52:27:
         78:6f:84:86
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUSBi5xfXMbxxlOcbW/l7qB82AvTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREExMDU3QkNGNjdFN0JEOThEQThBRjEwQjcxRjU2Q0ND
RDJENDM1MTAeFw0yNTAyMDQxODM3NDFaFw0yNjAyMDMxODQyNDFaMDMxMTAvBgNV
BAMTKDM5MTBDODA1RUMwNzBEQkQ0REY4RUNDRjVDQTQxOUUyOTlEMjkyOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJvNdkT1lqgGadkVtTUehaMy+9
O8Vw65udZQd9ODEMdc24XOYG9jG3Th5IFvPL2DT2HaRd+rsOrDZO/KaDV38A6s5L
wkP8AWk6DF2ZQ4gTGNZ2uTCFEAnPAqhm8Yd4o1BQqy3OkHjMVwSuDNh2dR5EDPDO
d6HgVy4tqLUYeIhkQQiKMRiE5ks++a1727ABJ5SXTGVJXxJr8dGdDRSuUz5lZCN5
vVGwLKGYN5eW5Ent5E/lyTAkJnpu6HRpr62F+q/AyJuVIVR3XuZ2Vkwv356Y0sUo
5954fchUWVT3nJPLXMn0PZEPQCH0e3uvzlt9vOh5dHpH6AsIyWrBXJPw6d87AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUORDIBewHDb1N+OzPXKQZ4pnSkpcwHwYDVR0j
BBgwFoAU2hBXvPZ+e9mNqK8Qtx9WzM0tQ1EwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DRkQzOTUyMUNCNzBEMzdEMURDNkNGNDhFNTUyRTJFMDc5
Njk3Q0EwOERDNThBMTRGQjQxOEJGNjMyNjNENEI4LzAvREExMDU3QkNGNjdFN0JE
OThEQThBRjEwQjcxRjU2Q0NDRDJENDM1MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQTEwNTdCQ0Y2N0U3QkQ5OERB
OEFGMTBCNzFGNTZDQ0NEMkQ0MzUxLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0ZEMzk1MjFDQjcwRDM3RDFEQzZDRjQ4RTU1MkUyRTA3OTY5N0NBMDhE
QzU4QTE0RkI0MThCRjYzMjYzRDRCOC8wLzMxMzYzMTJlMzIzMjJlMzMzODJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNzM3MzgzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKEWJjAN
BgkqhkiG9w0BAQsFAAOCAQEAj5Do2JOVATlfo+e0J3id0pSXhbbkrsl0tK4Lu55P
kwDqL0VQFghX7NbcLZgI7n04k6F8DNDCrxBeTp5c1dy966NugtUbwnoy3u814FFP
/r6qjfSURdi0GhTVgMQ8Ax2vqTazijT+s88CQnJiDFjL9h9nSSo5NEsARa342yMP
F3h8w/g8353HpK1JxNwddfsN8JuEfCZX1hHt1WugCA2ZEzHQ99aG3BsJBeZAojBd
JBS1F7qXjZ8XoHAXl7yqH5tRk5YbQpvQsZgNzCINdTH9xqDg/8grBspiKWodGC+k
SWI48csjmpW+Rf2YFVyFOoXVONfBYG+GKt7N4VIneG+Ehg==
-----END CERTIFICATE-----