Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e37322e302f32342d3234203d3e20323730303439.roa
File:                     36362e3233312e37322e302f32342d3234203d3e20323730303439.roa (raw, json)
Hash identifier:          46aZ7VRbwWXlWLHQMIJku2sr6y+FmpZlg3KLsX/pbGE=
Subject key identifier:   30:10:12:9E:CE:63:6A:19:30:E5:3F:31:9E:F7:E8:C9:3A:88:94:B5
Certificate issuer:       /CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
Certificate serial:       15D436A9956143A189631F3047A386865542C8D7
Authority key identifier: C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e37322e302f32342d3234203d3e20323730303439.roa
Signing time:             Tue 04 Feb 2025 18:39:39 +0000
ROA not before:           Tue 04 Feb 2025 18:34:39 +0000
ROA not after:            Tue 03 Feb 2026 18:39:39 +0000
asID:                     270049
IP address blocks:        66.231.72.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:d4:36:a9:95:61:43:a1:89:63:1f:30:47:a3:86:86:55:42:c8:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0
        Validity
            Not Before: Feb  4 18:34:39 2025 GMT
            Not After : Feb  3 18:39:39 2026 GMT
        Subject: CN=3010129ECE636A1930E53F319EF7E8C93A8894B5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:b6:08:b0:71:9c:41:4f:e6:aa:68:81:7c:4d:
                    cb:9a:33:3b:3b:79:f4:ce:12:bf:d7:7c:5b:00:0b:
                    85:49:a8:4e:07:92:92:09:f7:f7:fc:9b:df:6d:c0:
                    20:08:f9:d0:e2:fb:54:17:f5:82:39:4e:11:30:6e:
                    34:23:b1:16:7f:b8:d3:7a:a4:86:15:f3:37:33:4b:
                    15:d6:a0:61:51:ad:37:75:f4:5d:c5:cf:ae:09:50:
                    77:2d:f6:35:50:55:2a:c4:a7:26:3c:27:0f:29:c2:
                    c2:78:99:bb:78:07:46:c8:04:b9:b6:cd:9f:dd:4c:
                    99:d8:94:a9:fa:12:18:84:2e:04:1e:73:f5:82:67:
                    01:e7:6b:ab:a7:a3:63:af:96:17:44:2d:17:d7:d5:
                    7d:2a:75:52:17:78:e3:ae:c9:c9:03:01:cd:de:03:
                    1b:52:7f:f0:6d:8b:dc:d6:65:34:d2:e0:97:73:c9:
                    b7:86:c8:92:b8:c5:40:4a:2c:f3:26:da:4a:58:88:
                    87:0d:9e:d1:0f:67:46:f4:aa:91:ea:97:3f:d1:ee:
                    16:2a:ec:61:2c:43:05:2d:0d:c8:f4:43:b2:e9:99:
                    88:8f:aa:7a:fd:77:00:1f:7b:fd:13:d2:0e:71:24:
                    b7:87:1e:e1:bc:21:1c:12:f9:81:df:bc:b6:09:fe:
                    56:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:10:12:9E:CE:63:6A:19:30:E5:3F:31:9E:F7:E8:C9:3A:88:94:B5
            X509v3 Authority Key Identifier:
                keyid:C2:96:7F:F3:10:9E:0A:A7:EE:5E:C1:C6:40:30:0D:5A:00:FF:41:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2967FF3109E0AA7EE5EC1C640300D5A00FF41B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DA104D7777B029EDA782DAA6A6F7434FDB777CE68A094979781464EC59FF8A9A/0/36362e3233312e37322e302f32342d3234203d3e20323730303439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.231.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:75:41:7b:a2:9f:e2:cf:b0:00:9a:25:87:6b:8f:43:02:fc:
         a6:9f:a8:c5:c4:50:eb:9b:61:ea:54:3b:7a:fd:09:c5:42:f1:
         3a:f9:ce:cb:02:5c:d2:ef:5a:58:ca:26:eb:7f:06:a9:60:5e:
         4b:46:fd:79:17:94:ee:75:de:e0:d5:59:d7:2f:52:ba:4b:d8:
         5d:d4:27:58:cf:3f:ca:c8:66:91:35:53:dc:6b:bb:1d:68:b7:
         c6:45:a7:8f:28:1a:74:44:b3:8a:28:82:f6:ac:ce:b7:c9:06:
         c4:ca:5c:18:ac:08:ee:09:90:c9:d1:0c:4f:79:8f:60:5f:39:
         ea:18:be:39:c7:55:9e:e9:f7:74:7d:71:65:48:54:7f:55:1b:
         18:fa:12:1c:cd:f0:8a:71:ae:83:2b:b4:a9:29:cb:c6:43:7c:
         ea:66:82:77:20:b5:08:5e:8f:d1:13:cf:1a:a0:bd:c8:21:a5:
         2d:30:f8:b7:b1:4f:24:f5:4f:90:51:0a:c2:29:ee:6f:72:b0:
         4e:8c:c7:77:f0:29:c8:a3:28:31:74:9a:47:3c:75:1f:44:8d:
         0e:32:4b:a3:81:95:24:a7:22:f2:d2:2b:1c:9b:17:49:2c:70:
         72:bd:0b:6d:fc:65:55:1e:53:b7:06:a9:53:97:b3:ee:6a:ef:
         72:f7:01:93
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUFdQ2qZVhQ6GJYx8wR6OGhlVCyNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzI5NjdGRjMxMDlFMEFBN0VFNUVDMUM2NDAzMDBENUEw
MEZGNDFCMDAeFw0yNTAyMDQxODM0MzlaFw0yNjAyMDMxODM5MzlaMDMxMTAvBgNV
BAMTKDMwMTAxMjlFQ0U2MzZBMTkzMEU1M0YzMTlFRjdFOEM5M0E4ODk0QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjtgiwcZxBT+aqaIF8TcuaMzs7
efTOEr/XfFsAC4VJqE4HkpIJ9/f8m99twCAI+dDi+1QX9YI5ThEwbjQjsRZ/uNN6
pIYV8zczSxXWoGFRrTd19F3Fz64JUHct9jVQVSrEpyY8Jw8pwsJ4mbt4B0bIBLm2
zZ/dTJnYlKn6EhiELgQec/WCZwHna6uno2OvlhdELRfX1X0qdVIXeOOuyckDAc3e
AxtSf/Bti9zWZTTS4JdzybeGyJK4xUBKLPMm2kpYiIcNntEPZ0b0qpHqlz/R7hYq
7GEsQwUtDcj0Q7LpmYiPqnr9dwAfe/0T0g5xJLeHHuG8IRwS+YHfvLYJ/lZLAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUMBASns5jahkw5T8xnvfoyTqIlLUwHwYDVR0j
BBgwFoAUwpZ/8xCeCqfuXsHGQDANWgD/QbAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQTEwNEQ3Nzc3QjAyOUVEQTc4MkRBQTZBNkY3NDM0RkRC
Nzc3Q0U2OEEwOTQ5Nzk3ODE0NjRFQzU5RkY4QTlBLzAvQzI5NjdGRjMxMDlFMEFB
N0VFNUVDMUM2NDAzMDBENUEwMEZGNDFCMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMjk2N0ZGMzEwOUUwQUE3RUU1
RUMxQzY0MDMwMEQ1QTAwRkY0MUIwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREExMDRENzc3N0IwMjlFREE3ODJEQUE2QTZGNzQzNEZEQjc3N0NFNjhB
MDk0OTc5NzgxNDY0RUM1OUZGOEE5QS8wLzM2MzYyZTMyMzMzMTJlMzczMjJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczMDMwMzQzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAELnSDAN
BgkqhkiG9w0BAQsFAAOCAQEApnVBe6Kf4s+wAJolh2uPQwL8pp+oxcRQ65th6lQ7
ev0JxULxOvnOywJc0u9aWMom638GqWBeS0b9eReU7nXe4NVZ1y9SukvYXdQnWM8/
yshmkTVT3Gu7HWi3xkWnjygadESziiiC9qzOt8kGxMpcGKwI7gmQydEMT3mPYF85
6hi+OcdVnun3dH1xZUhUf1UbGPoSHM3winGugyu0qSnLxkN86maCdyC1CF6P0RPP
GqC9yCGlLTD4t7FPJPVPkFEKwinub3KwTozHd/ApyKMoMXSaRzx1H0SNDjJLo4GV
JKci8tIrHJsXSSxwcr0LbfxlVR5TtwapU5ez7mrvcvcBkw==
-----END CERTIFICATE-----