Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D5FAD6E6CD7CE551643D04D5DFB81669E35B3ACDD1B9376B37C3245319A0E364/0/3137392e34352e3132382e302f31372d3137203d3e2036333036.roa
File:                     3137392e34352e3132382e302f31372d3137203d3e2036333036.roa (raw, json)
Hash identifier:          snZ4HJyN6ZoWtTkmyMx+mQ5UMe10bZKDfmDhWoih6cY=
Subject key identifier:   CB:17:51:6B:8A:F8:2B:1B:3C:2D:B7:7C:62:2C:68:18:73:85:4C:6A
Certificate issuer:       /CN=35705A9ED706FD45725A72D9D83EF1D9B9A12E9C
Certificate serial:       76949C1D7517653C6343FDB6291A4BBDF68CF2A6
Authority key identifier: 35:70:5A:9E:D7:06:FD:45:72:5A:72:D9:D8:3E:F1:D9:B9:A1:2E:9C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/35705A9ED706FD45725A72D9D83EF1D9B9A12E9C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D5FAD6E6CD7CE551643D04D5DFB81669E35B3ACDD1B9376B37C3245319A0E364/0/3137392e34352e3132382e302f31372d3137203d3e2036333036.roa
Signing time:             Tue 04 Feb 2025 18:32:57 +0000
ROA not before:           Tue 04 Feb 2025 18:27:57 +0000
ROA not after:            Tue 03 Feb 2026 18:32:57 +0000
asID:                     6306
IP address blocks:        179.45.128.0/17 maxlen: 17
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:94:9c:1d:75:17:65:3c:63:43:fd:b6:29:1a:4b:bd:f6:8c:f2:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35705A9ED706FD45725A72D9D83EF1D9B9A12E9C
        Validity
            Not Before: Feb  4 18:27:57 2025 GMT
            Not After : Feb  3 18:32:57 2026 GMT
        Subject: CN=CB17516B8AF82B1B3C2DB77C622C681873854C6A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:84:5c:7a:44:da:e2:0c:b4:d0:f9:f4:0e:60:
                    80:f1:12:61:7c:b0:2c:23:d5:20:43:c4:57:76:6b:
                    95:ff:e6:92:df:aa:5c:59:48:8b:99:2f:a6:92:8e:
                    a8:35:b1:e9:6b:e2:d8:d8:55:9d:55:60:b7:b1:e5:
                    b4:28:68:ad:3b:e3:85:c8:b2:90:33:92:6f:24:01:
                    55:55:f9:9a:c9:4b:65:7c:8e:c5:d0:0f:f4:cc:ab:
                    9d:d5:d5:ca:79:6f:6f:58:ee:35:a4:61:fe:d4:bd:
                    98:22:7f:cb:21:bc:d2:65:80:b6:ea:c2:27:99:a1:
                    f9:dc:8f:b9:68:b1:01:18:8f:40:44:04:56:eb:bb:
                    a1:02:86:3c:e0:22:4c:e1:1a:9f:06:90:6b:81:58:
                    a1:c2:53:bd:b7:77:af:82:54:9a:ee:74:c8:4c:8c:
                    a9:9a:bb:0a:4a:55:53:50:d5:06:f6:dc:69:25:72:
                    b1:8a:a1:6c:51:93:6b:7b:cb:09:bc:81:aa:1d:84:
                    b9:a8:93:a8:d2:fb:e7:5e:9b:d1:c7:54:2b:d0:3c:
                    7d:b8:14:c7:28:c8:11:aa:8a:15:61:50:31:11:26:
                    93:8e:2e:34:1d:8e:53:fe:61:2b:e5:0a:d0:cf:a2:
                    b8:60:5d:81:c5:99:7e:37:4b:25:8b:40:c5:b8:53:
                    2f:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:17:51:6B:8A:F8:2B:1B:3C:2D:B7:7C:62:2C:68:18:73:85:4C:6A
            X509v3 Authority Key Identifier:
                keyid:35:70:5A:9E:D7:06:FD:45:72:5A:72:D9:D8:3E:F1:D9:B9:A1:2E:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D5FAD6E6CD7CE551643D04D5DFB81669E35B3ACDD1B9376B37C3245319A0E364/0/35705A9ED706FD45725A72D9D83EF1D9B9A12E9C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/35705A9ED706FD45725A72D9D83EF1D9B9A12E9C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D5FAD6E6CD7CE551643D04D5DFB81669E35B3ACDD1B9376B37C3245319A0E364/0/3137392e34352e3132382e302f31372d3137203d3e2036333036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.45.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         56:29:46:be:ae:b0:61:1a:c0:da:00:a7:83:62:e1:a6:20:35:
         7a:2a:32:7d:86:be:27:0e:37:c1:32:b8:76:6f:3d:f8:02:12:
         72:56:37:dc:17:db:a7:31:e0:37:83:ef:3d:c1:6b:5b:6a:ed:
         da:df:f0:5e:ff:30:75:62:d6:99:32:90:c9:74:42:e7:4e:cc:
         27:1c:4c:ed:d6:8d:24:7a:5e:e4:3e:40:a7:bb:ef:ee:23:7a:
         5a:15:c7:20:38:cf:cf:f6:5d:a5:75:e6:fa:d8:d1:ff:ef:d0:
         df:00:9c:63:f5:52:85:63:2a:0f:a1:59:2e:1c:70:c7:5d:52:
         0d:6d:0b:20:ac:f0:e0:47:fb:c7:31:b9:06:c1:f6:d2:23:f4:
         ed:31:10:cb:92:d7:96:4f:47:cc:c8:16:c9:c9:dd:98:7a:6a:
         c9:d9:f2:3e:e6:5e:40:8f:24:c1:86:ea:bd:e8:52:a5:b3:c9:
         95:5d:23:16:62:1c:a4:a3:fd:2d:9d:48:bf:20:97:9a:a6:db:
         2a:91:a7:8b:23:ee:e3:02:aa:2a:fe:5d:f9:64:dd:f8:b6:12:
         73:23:1f:85:ae:96:4d:a6:42:d8:e0:27:b7:17:1d:aa:d6:f7:
         25:9f:0f:40:a8:39:1c:be:8f:96:f3:43:22:cd:a7:ac:f7:74:
         2b:78:84:e1
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUdpScHXUXZTxjQ/22KRpLvfaM8qYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU3MDVBOUVENzA2RkQ0NTcyNUE3MkQ5RDgzRUYxRDlC
OUExMkU5QzAeFw0yNTAyMDQxODI3NTdaFw0yNjAyMDMxODMyNTdaMDMxMTAvBgNV
BAMTKENCMTc1MTZCOEFGODJCMUIzQzJEQjc3QzYyMkM2ODE4NzM4NTRDNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3hFx6RNriDLTQ+fQOYIDxEmF8
sCwj1SBDxFd2a5X/5pLfqlxZSIuZL6aSjqg1selr4tjYVZ1VYLex5bQoaK0744XI
spAzkm8kAVVV+ZrJS2V8jsXQD/TMq53V1cp5b29Y7jWkYf7UvZgif8shvNJlgLbq
wieZofncj7losQEYj0BEBFbru6EChjzgIkzhGp8GkGuBWKHCU723d6+CVJrudMhM
jKmauwpKVVNQ1Qb23GklcrGKoWxRk2t7ywm8gaodhLmok6jS++dem9HHVCvQPH24
FMcoyBGqihVhUDERJpOOLjQdjlP+YSvlCtDPorhgXYHFmX43SyWLQMW4Uy+/AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUyxdRa4r4Kxs8Lbd8YixoGHOFTGowHwYDVR0j
BBgwFoAUNXBantcG/UVyWnLZ2D7x2bmhLpwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ENUZBRDZFNkNEN0NFNTUxNjQzRDA0RDVERkI4MTY2OUUz
NUIzQUNERDFCOTM3NkIzN0MzMjQ1MzE5QTBFMzY0LzAvMzU3MDVBOUVENzA2RkQ0
NTcyNUE3MkQ5RDgzRUYxRDlCOUExMkU5Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNTcwNUE5RUQ3MDZGRDQ1NzI1
QTcyRDlEODNFRjFEOUI5QTEyRTlDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDVGQUQ2RTZDRDdDRTU1MTY0M0QwNEQ1REZCODE2NjlFMzVCM0FDREQx
QjkzNzZCMzdDMzI0NTMxOUEwRTM2NC8wLzMxMzczOTJlMzQzNTJlMzEzMjM4MmUz
MDJmMzEzNzJkMzEzNzIwM2QzZTIwMzYzMzMwMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAezLYAwDQYJ
KoZIhvcNAQELBQADggEBAFYpRr6usGEawNoAp4Ni4aYgNXoqMn2GvicON8EyuHZv
PfgCEnJWN9wX26cx4DeD7z3Ba1tq7drf8F7/MHVi1pkykMl0QudOzCccTO3WjSR6
XuQ+QKe77+4jeloVxyA4z8/2XaV15vrY0f/v0N8AnGP1UoVjKg+hWS4ccMddUg1t
CyCs8OBH+8cxuQbB9tIj9O0xEMuS15ZPR8zIFsnJ3Zh6asnZ8j7mXkCPJMGG6r3o
UqWzyZVdIxZiHKSj/S2dSL8gl5qm2yqRp4sj7uMCqir+Xflk3fi2EnMjH4Wulk2m
QtjgJ7cXHarW9yWfD0CoORy+j5bzQyLNp6z3dCt4hOE=
-----END CERTIFICATE-----