Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D074091ABD4AC0C45CE98A084B2572D23DA224081356C9D61467810DBB6180CD/0/34352e36382e32302e302f32332d3234203d3e20323732313336.roa
File:                     34352e36382e32302e302f32332d3234203d3e20323732313336.roa (raw, json)
Hash identifier:          uyYEBSfGkIr7LduFvufwBendL9oOQGSwTo5/hryNtzo=
Subject key identifier:   79:87:6F:62:10:A0:C3:C1:BD:86:E3:86:51:2D:DB:BE:95:63:52:87
Certificate issuer:       /CN=03CA54765F0951D369734386CF982D71F5CB5403
Certificate serial:       6D49B6F15C1F79A3F1522A0CE1C46BCB20AF4DE1
Authority key identifier: 03:CA:54:76:5F:09:51:D3:69:73:43:86:CF:98:2D:71:F5:CB:54:03
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/03CA54765F0951D369734386CF982D71F5CB5403.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D074091ABD4AC0C45CE98A084B2572D23DA224081356C9D61467810DBB6180CD/0/34352e36382e32302e302f32332d3234203d3e20323732313336.roa
Signing time:             Tue 04 Feb 2025 18:46:37 +0000
ROA not before:           Tue 04 Feb 2025 18:41:37 +0000
ROA not after:            Tue 03 Feb 2026 18:46:37 +0000
asID:                     272136
IP address blocks:        45.68.20.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:49:b6:f1:5c:1f:79:a3:f1:52:2a:0c:e1:c4:6b:cb:20:af:4d:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03CA54765F0951D369734386CF982D71F5CB5403
        Validity
            Not Before: Feb  4 18:41:37 2025 GMT
            Not After : Feb  3 18:46:37 2026 GMT
        Subject: CN=79876F6210A0C3C1BD86E386512DDBBE95635287
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:11:ef:2d:e6:a0:de:0f:f2:a5:e2:c9:8a:7f:
                    97:93:de:8c:f6:ed:c9:b8:cd:3b:72:84:18:1f:c3:
                    72:d8:51:ce:3b:81:92:83:89:6a:c8:5c:89:9f:d4:
                    6f:66:15:bf:e9:be:35:c9:b4:ee:34:6d:8a:d0:ab:
                    c2:07:db:91:e6:15:08:f8:36:11:bb:78:9c:ee:e4:
                    66:31:33:6d:0c:7e:6f:90:24:48:34:bd:16:a2:ee:
                    de:82:74:b5:7d:93:72:d1:f0:84:b1:d4:d0:a1:6f:
                    ec:10:82:91:a2:e1:4a:7c:f6:92:c9:65:c0:76:e2:
                    fa:2f:c7:f6:c7:c8:78:89:5e:bb:ac:ab:9e:c4:56:
                    79:bf:90:f3:3c:db:94:78:0d:d6:93:08:57:cf:7e:
                    9f:61:03:bf:da:65:f3:dc:3d:20:9d:36:5c:e5:d9:
                    04:13:57:66:36:35:c9:34:05:cb:e4:12:e0:2d:91:
                    fc:15:09:60:06:b6:41:cd:28:34:65:2a:ac:50:ff:
                    95:17:78:02:c7:78:b2:fa:a1:29:b5:7c:dc:a4:0f:
                    87:f2:89:ae:e2:50:7b:76:20:ac:5f:37:18:6d:ee:
                    8c:2a:e4:9a:4d:cf:db:2c:cc:bf:b5:be:49:bc:90:
                    f7:54:20:97:6a:e6:27:f4:fc:22:99:e9:ca:55:62:
                    99:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:87:6F:62:10:A0:C3:C1:BD:86:E3:86:51:2D:DB:BE:95:63:52:87
            X509v3 Authority Key Identifier:
                keyid:03:CA:54:76:5F:09:51:D3:69:73:43:86:CF:98:2D:71:F5:CB:54:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D074091ABD4AC0C45CE98A084B2572D23DA224081356C9D61467810DBB6180CD/0/03CA54765F0951D369734386CF982D71F5CB5403.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/03CA54765F0951D369734386CF982D71F5CB5403.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D074091ABD4AC0C45CE98A084B2572D23DA224081356C9D61467810DBB6180CD/0/34352e36382e32302e302f32332d3234203d3e20323732313336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.68.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d1:18:ff:b3:cc:03:56:80:76:73:bd:01:9d:09:27:9a:b6:c9:
         00:48:14:57:1c:64:79:21:20:54:45:e9:14:05:f0:e0:28:28:
         f9:c3:55:a0:4c:57:bf:c2:04:9d:0c:88:23:0f:16:44:c8:af:
         80:08:d2:29:40:ce:e6:f0:6a:5f:f8:02:b7:1f:ba:94:37:f5:
         3e:9c:ac:a3:2e:5e:c5:d1:dd:dc:05:d9:ad:0a:6f:31:29:70:
         55:ed:ba:2a:a6:d3:c6:d5:10:db:8b:9a:42:d4:6a:02:ac:59:
         9e:db:25:a1:eb:84:ea:14:73:32:bb:34:b5:88:da:e3:3b:d9:
         2a:a3:8f:d6:f6:6e:e0:47:9a:6c:72:90:8d:fc:ec:06:ed:f4:
         ae:b9:ea:b3:a1:dc:46:c0:9b:eb:29:b3:7f:a6:9b:3f:38:28:
         42:fb:55:d3:a5:39:7c:b7:c9:da:33:41:9b:4d:c5:4b:35:6e:
         a9:e9:34:09:45:34:3d:bc:e7:28:37:a8:bf:bb:9d:d6:e7:c5:
         93:83:cc:5b:cd:56:43:64:67:dd:7d:66:2c:3c:e2:5d:e1:54:
         69:ac:bd:de:83:9e:a0:ef:a9:af:c8:37:de:9e:f5:f3:bd:42:
         0c:27:8c:b4:fb:bc:d6:40:1d:62:b4:20:4a:06:0e:bc:6f:15:
         b9:97:55:c7
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUbUm28VwfeaPxUioM4cRryyCvTeEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNDQTU0NzY1RjA5NTFEMzY5NzM0Mzg2Q0Y5ODJENzFG
NUNCNTQwMzAeFw0yNTAyMDQxODQxMzdaFw0yNjAyMDMxODQ2MzdaMDMxMTAvBgNV
BAMTKDc5ODc2RjYyMTBBMEMzQzFCRDg2RTM4NjUxMkREQkJFOTU2MzUyODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCDEe8t5qDeD/Kl4smKf5eT3oz2
7cm4zTtyhBgfw3LYUc47gZKDiWrIXImf1G9mFb/pvjXJtO40bYrQq8IH25HmFQj4
NhG7eJzu5GYxM20Mfm+QJEg0vRai7t6CdLV9k3LR8ISx1NChb+wQgpGi4Up89pLJ
ZcB24vovx/bHyHiJXrusq57EVnm/kPM825R4DdaTCFfPfp9hA7/aZfPcPSCdNlzl
2QQTV2Y2Nck0BcvkEuAtkfwVCWAGtkHNKDRlKqxQ/5UXeALHeLL6oSm1fNykD4fy
ia7iUHt2IKxfNxht7owq5JpNz9sszL+1vkm8kPdUIJdq5if0/CKZ6cpVYplrAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUeYdvYhCgw8G9huOGUS3bvpVjUocwHwYDVR0j
BBgwFoAUA8pUdl8JUdNpc0OGz5gtcfXLVAMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMDc0MDkxQUJENEFDMEM0NUNFOThBMDg0QjI1NzJEMjNE
QTIyNDA4MTM1NkM5RDYxNDY3ODEwREJCNjE4MENELzAvMDNDQTU0NzY1RjA5NTFE
MzY5NzM0Mzg2Q0Y5ODJENzFGNUNCNTQwMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wM0NBNTQ3NjVGMDk1MUQzNjk3
MzQzODZDRjk4MkQ3MUY1Q0I1NDAzLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDA3NDA5MUFCRDRBQzBDNDVDRTk4QTA4NEIyNTcyRDIzREEyMjQwODEz
NTZDOUQ2MTQ2NzgxMERCQjYxODBDRC8wLzM0MzUyZTM2MzgyZTMyMzAyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMjM3MzIzMTMzMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtRBQwDQYJ
KoZIhvcNAQELBQADggEBANEY/7PMA1aAdnO9AZ0JJ5q2yQBIFFccZHkhIFRF6RQF
8OAoKPnDVaBMV7/CBJ0MiCMPFkTIr4AI0ilAzubwal/4ArcfupQ39T6crKMuXsXR
3dwF2a0KbzEpcFXtuiqm08bVENuLmkLUagKsWZ7bJaHrhOoUczK7NLWI2uM72Sqj
j9b2buBHmmxykI387Abt9K656rOh3EbAm+sps3+mmz84KEL7VdOlOXy3ydozQZtN
xUs1bqnpNAlFND285yg3qL+7ndbnxZODzFvNVkNkZ919Ziw84l3hVGmsvd6DnqDv
qa/IN96e9fO9QgwnjLT7vNZAHWK0IEoGDrxvFbmXVcc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:59:53 2025 by rpki-client