Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32342d3234203d3e203233323436.roa
File:                     36362e3233312e36342e302f32342d3234203d3e203233323436.roa (raw, json)
Hash identifier:          rTZ9WYpx3U7oIM2j2/smaPN7p2CCY4M1UdPpCokwGYA=
Subject key identifier:   91:DF:FD:84:14:74:5B:19:59:B4:E3:25:81:4D:50:4F:99:4D:5D:CA
Certificate issuer:       /CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
Certificate serial:       38A3FCB27ABCDB00B1D8ADDDAEFA6F455704D62B
Authority key identifier: C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32342d3234203d3e203233323436.roa
Signing time:             Mon 08 Jul 2024 23:55:00 +0000
ROA not before:           Mon 08 Jul 2024 23:50:00 +0000
ROA not after:            Mon 07 Jul 2025 23:55:00 +0000
asID:                     23246
IP address blocks:        66.231.64.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:a3:fc:b2:7a:bc:db:00:b1:d8:ad:dd:ae:fa:6f:45:57:04:d6:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
        Validity
            Not Before: Jul  8 23:50:00 2024 GMT
            Not After : Jul  7 23:55:00 2025 GMT
        Subject: CN=91DFFD8414745B1959B4E325814D504F994D5DCA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:82:58:f1:41:41:70:9d:16:5f:e9:c3:18:a4:
                    66:24:ee:ee:3c:24:fd:a2:8d:63:14:65:78:4e:eb:
                    3f:a3:09:08:ca:24:ce:99:ad:b9:e8:4d:45:11:a7:
                    f5:4f:e6:36:ab:2a:53:20:2d:27:55:bb:63:d8:b0:
                    6e:4f:d9:5e:ed:2a:82:80:43:39:fe:76:c9:d6:20:
                    f5:fa:f3:8e:bc:2c:e3:2e:f8:e6:83:14:45:ac:05:
                    66:db:23:5a:53:32:c7:7f:16:52:5b:ba:dc:99:63:
                    05:10:e7:78:13:fa:77:d5:e2:e1:d8:43:58:35:e3:
                    ac:41:23:10:b5:f7:d2:31:96:48:7e:cd:e4:f2:8a:
                    da:5d:4e:36:12:c3:3f:46:e5:f2:81:35:e7:c6:56:
                    3e:36:ef:57:a5:72:2a:93:9b:8b:c0:ce:c1:76:7f:
                    e5:e4:7d:98:7d:c8:92:39:09:ff:cc:80:8c:fb:99:
                    74:97:e8:9a:1c:0c:a6:15:ac:14:1c:d5:17:5f:47:
                    5c:c1:42:01:e4:80:cd:fe:fe:d4:6d:5d:58:e3:35:
                    19:ff:56:2d:92:8b:d3:93:54:f4:d5:7f:ed:2d:23:
                    aa:cc:38:9e:10:0c:30:c1:ac:a7:ed:35:a1:07:98:
                    9f:25:6b:ee:ea:2e:7c:88:cd:6a:6f:c0:10:44:3e:
                    b1:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:DF:FD:84:14:74:5B:19:59:B4:E3:25:81:4D:50:4F:99:4D:5D:CA
            X509v3 Authority Key Identifier:
                keyid:C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e36342e302f32342d3234203d3e203233323436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.231.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:cd:41:92:14:fa:c5:6a:87:0f:a4:60:a7:98:50:fd:8e:fb:
         06:65:31:1a:7d:f3:99:22:8a:b8:bf:7b:ac:58:6c:8d:aa:45:
         67:6b:a2:d3:16:22:5b:2e:f7:f6:ce:ac:4e:4a:b9:ee:f4:c8:
         6e:d2:b4:ef:7a:40:82:7e:75:f7:cf:b0:79:b4:02:d6:9e:9a:
         85:06:b0:b1:bc:8e:d4:5c:57:a9:28:51:f0:82:3d:43:d9:fb:
         89:12:7d:66:e3:de:a0:94:46:5d:5e:f0:a3:c5:a5:80:50:d8:
         81:72:c3:14:f7:b0:64:3a:cc:82:cd:78:04:90:bb:fd:a2:53:
         c3:53:5f:91:74:5b:46:79:eb:0b:ca:48:79:cd:c6:38:a6:50:
         e9:68:a3:b5:47:f1:5a:30:12:1f:6d:04:28:b4:b9:8b:f4:0f:
         b9:17:b1:e5:9b:89:d0:a9:af:d9:4e:fa:9e:34:bd:51:d8:8c:
         e2:39:58:9e:9b:a7:34:ed:d4:95:f6:e7:85:a8:7d:14:1a:a1:
         40:ef:70:91:dd:39:cc:a3:da:c4:8f:40:4a:2e:9f:e3:a3:c1:
         de:59:de:55:cd:69:da:19:7c:5c:7b:62:ac:d3:c3:9b:28:e4:
         7d:15:ec:e3:61:a6:57:e0:01:d0:eb:71:55:59:26:5a:e4:c2:
         d0:fe:57:a2
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUOKP8snq82wCx2K3drvpvRVcE1iswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzI5NjdGRjMxMDlFMEFBN0VFNUVDMUM2NDAzMDBENUEw
MEZGNDFCMDAeFw0yNDA3MDgyMzUwMDBaFw0yNTA3MDcyMzU1MDBaMDMxMTAvBgNV
BAMTKDkxREZGRDg0MTQ3NDVCMTk1OUI0RTMyNTgxNEQ1MDRGOTk0RDVEQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkgljxQUFwnRZf6cMYpGYk7u48
JP2ijWMUZXhO6z+jCQjKJM6ZrbnoTUURp/VP5jarKlMgLSdVu2PYsG5P2V7tKoKA
Qzn+dsnWIPX68468LOMu+OaDFEWsBWbbI1pTMsd/FlJbutyZYwUQ53gT+nfV4uHY
Q1g146xBIxC199Ixlkh+zeTyitpdTjYSwz9G5fKBNefGVj4271elciqTm4vAzsF2
f+XkfZh9yJI5Cf/MgIz7mXSX6JocDKYVrBQc1RdfR1zBQgHkgM3+/tRtXVjjNRn/
Vi2Si9OTVPTVf+0tI6rMOJ4QDDDBrKftNaEHmJ8la+7qLnyIzWpvwBBEPrG1AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUkd/9hBR0WxlZtOMlgU1QT5lNXcowHwYDVR0j
BBgwFoAUwpZ/8xCeCqfuXsHGQDANWgD/QbAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQTEwNEQ3Nzc3QjAyOUVEQTc4MkRBQTZBNkY3NDM0RkRC
Nzc3Q0U2OEEwOTQ5Nzk3ODE0NjRFQzU5RkY4QTlBLzAvQzI5NjdGRjMxMDlFMEFB
N0VFNUVDMUM2NDAzMDBENUEwMEZGNDFCMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMjk2N0ZGMzEwOUUwQUE3RUU1
RUMxQzY0MDMwMEQ1QTAwRkY0MUIwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREExMDRENzc3N0IwMjlFREE3ODJEQUE2QTZGNzQzNEZEQjc3N0NFNjhB
MDk0OTc5NzgxNDY0RUM1OUZGOEE5QS8wLzM2MzYyZTMyMzMzMTJlMzYzNDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzMzMjM0MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC50AwDQYJ
KoZIhvcNAQELBQADggEBAJrNQZIU+sVqhw+kYKeYUP2O+wZlMRp985kiiri/e6xY
bI2qRWdrotMWIlsu9/bOrE5Kue70yG7StO96QIJ+dffPsHm0AtaemoUGsLG8jtRc
V6koUfCCPUPZ+4kSfWbj3qCURl1e8KPFpYBQ2IFywxT3sGQ6zILNeASQu/2iU8NT
X5F0W0Z56wvKSHnNxjimUOloo7VH8VowEh9tBCi0uYv0D7kXseWbidCpr9lO+p40
vVHYjOI5WJ6bpzTt1JX254WofRQaoUDvcJHdOcyj2sSPQEoun+Ojwd5Z3lXNadoZ
fFx7YqzTw5so5H0V7ONhplfgAdDrcVVZJlrkwtD+V6I=
-----END CERTIFICATE-----