Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DAD02786AE4DF74A4283557AB6A7500AB8ADA5C7442411C97F502F9FA9F9706A/0/34352e3137342e3130382e302f32322d3234203d3e20323635353734.roa
File:                     34352e3137342e3130382e302f32322d3234203d3e20323635353734.roa (raw, json)
Hash identifier:          jgWLkyEXsyKTR94dxh1epvwFer0GSC7dlIMphi0u9NQ=
Subject key identifier:   DE:B2:71:32:17:E3:C7:0C:AB:07:07:9D:DD:5A:E4:6A:13:36:E1:BD
Certificate issuer:       /CN=E7FC6D52B827804FAD0CF07C69DA6E0832E81C60
Certificate serial:       25440AA47C942FE332957F4CAC4B979ADD6DF6FA
Authority key identifier: E7:FC:6D:52:B8:27:80:4F:AD:0C:F0:7C:69:DA:6E:08:32:E8:1C:60
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E7FC6D52B827804FAD0CF07C69DA6E0832E81C60.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DAD02786AE4DF74A4283557AB6A7500AB8ADA5C7442411C97F502F9FA9F9706A/0/34352e3137342e3130382e302f32322d3234203d3e20323635353734.roa
Signing time:             Tue 04 Feb 2025 18:10:16 +0000
ROA not before:           Tue 04 Feb 2025 18:05:16 +0000
ROA not after:            Tue 03 Feb 2026 18:10:16 +0000
asID:                     265574
IP address blocks:        45.174.108.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:44:0a:a4:7c:94:2f:e3:32:95:7f:4c:ac:4b:97:9a:dd:6d:f6:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E7FC6D52B827804FAD0CF07C69DA6E0832E81C60
        Validity
            Not Before: Feb  4 18:05:16 2025 GMT
            Not After : Feb  3 18:10:16 2026 GMT
        Subject: CN=DEB2713217E3C70CAB07079DDD5AE46A1336E1BD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f3:99:86:82:df:09:ef:f2:9d:25:21:61:58:
                    34:e2:49:0d:d4:ee:97:99:f7:9b:94:2b:50:48:b0:
                    a7:e3:f3:4c:5b:43:01:9f:32:05:e8:f7:cd:52:a2:
                    82:f8:ea:95:7d:df:52:22:b5:83:de:2c:d3:5d:6a:
                    af:72:8d:7c:10:8d:43:cd:ed:9c:83:8a:08:aa:72:
                    ca:fd:7b:ab:f5:f1:8b:e5:d6:9c:60:e2:da:dd:e4:
                    42:20:e9:69:51:a4:39:98:50:78:34:99:87:a5:3a:
                    4b:4e:a7:05:49:c4:a3:e1:1b:58:a3:c4:23:1a:14:
                    c6:c5:5c:ae:63:49:f1:e7:55:e2:7a:e1:35:4a:45:
                    33:99:a6:b7:37:8d:d1:5a:72:55:2a:20:c1:5b:81:
                    ee:9b:28:0f:71:72:cd:d7:bc:c1:77:90:7e:fb:a8:
                    c7:a4:a8:2e:10:1a:b2:38:19:37:3c:ae:ab:79:9f:
                    99:86:c7:be:a7:d7:d7:e0:d7:8b:3a:11:e3:1e:28:
                    8b:da:90:69:95:a2:bc:3f:3c:21:55:80:2c:a0:60:
                    9a:8a:dd:43:b8:fa:25:8e:47:ce:0f:c0:52:fc:a0:
                    a1:17:7e:b4:ce:f1:bd:63:b9:e1:f5:45:a2:6f:dd:
                    10:7b:bc:a2:87:be:75:14:85:52:4f:3c:a0:cc:d8:
                    71:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:B2:71:32:17:E3:C7:0C:AB:07:07:9D:DD:5A:E4:6A:13:36:E1:BD
            X509v3 Authority Key Identifier:
                keyid:E7:FC:6D:52:B8:27:80:4F:AD:0C:F0:7C:69:DA:6E:08:32:E8:1C:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DAD02786AE4DF74A4283557AB6A7500AB8ADA5C7442411C97F502F9FA9F9706A/0/E7FC6D52B827804FAD0CF07C69DA6E0832E81C60.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E7FC6D52B827804FAD0CF07C69DA6E0832E81C60.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DAD02786AE4DF74A4283557AB6A7500AB8ADA5C7442411C97F502F9FA9F9706A/0/34352e3137342e3130382e302f32322d3234203d3e20323635353734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.174.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         44:2c:76:e7:12:18:a8:21:a4:50:0d:82:cb:94:9b:cc:4b:4f:
         c8:e5:2f:99:b9:80:1a:2f:9c:2b:2d:d9:96:15:aa:08:7c:61:
         9a:77:28:16:c8:8f:c5:08:b6:70:89:b3:6a:2d:7f:62:41:05:
         71:e0:96:72:2c:ae:39:f6:ea:22:c3:04:2b:b9:d3:88:d6:39:
         0d:03:97:27:89:b6:0c:e1:98:1e:ce:b7:a1:19:b2:76:a5:43:
         c8:a4:4d:77:7c:8c:1e:2e:5f:95:2f:dc:63:dc:b1:f3:02:e5:
         d0:00:57:8f:93:c3:b9:b4:2c:8d:1d:9d:a2:d1:fc:7b:09:43:
         60:86:1f:61:20:ce:f5:7b:47:99:02:c1:03:27:7c:bd:38:2b:
         9a:b4:72:88:57:b9:2a:0d:68:4d:30:34:93:83:79:63:56:e0:
         78:a3:4d:2a:04:4b:c4:3e:fb:c2:b4:20:88:f3:15:a2:16:54:
         a2:0a:c9:b1:67:a9:a7:05:44:82:3d:bb:8b:79:eb:cf:be:59:
         00:51:18:81:2c:39:68:92:3f:69:17:d2:4e:1e:6d:29:29:4a:
         4f:4f:4e:df:b0:67:82:fc:41:8c:0d:26:e5:b9:f0:e7:34:57:
         13:2b:04:7a:e2:d6:93:76:7a:c4:20:14:a2:57:b5:1c:4b:53:
         c1:df:c9:5d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUJUQKpHyUL+MylX9MrEuXmt1t9vowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTdGQzZENTJCODI3ODA0RkFEMENGMDdDNjlEQTZFMDgz
MkU4MUM2MDAeFw0yNTAyMDQxODA1MTZaFw0yNjAyMDMxODEwMTZaMDMxMTAvBgNV
BAMTKERFQjI3MTMyMTdFM0M3MENBQjA3MDc5RERENUFFNDZBMTMzNkUxQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC485mGgt8J7/KdJSFhWDTiSQ3U
7peZ95uUK1BIsKfj80xbQwGfMgXo981SooL46pV931IitYPeLNNdaq9yjXwQjUPN
7ZyDigiqcsr9e6v18Yvl1pxg4trd5EIg6WlRpDmYUHg0mYelOktOpwVJxKPhG1ij
xCMaFMbFXK5jSfHnVeJ64TVKRTOZprc3jdFaclUqIMFbge6bKA9xcs3XvMF3kH77
qMekqC4QGrI4GTc8rqt5n5mGx76n19fg14s6EeMeKIvakGmVorw/PCFVgCygYJqK
3UO4+iWOR84PwFL8oKEXfrTO8b1jueH1RaJv3RB7vKKHvnUUhVJPPKDM2HFVAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU3rJxMhfjxwyrBwed3VrkahM24b0wHwYDVR0j
BBgwFoAU5/xtUrgngE+tDPB8adpuCDLoHGAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQUQwMjc4NkFFNERGNzRBNDI4MzU1N0FCNkE3NTAwQUI4
QURBNUM3NDQyNDExQzk3RjUwMkY5RkE5Rjk3MDZBLzAvRTdGQzZENTJCODI3ODA0
RkFEMENGMDdDNjlEQTZFMDgzMkU4MUM2MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FN0ZDNkQ1MkI4Mjc4MDRGQUQw
Q0YwN0M2OURBNkUwODMyRTgxQzYwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREFEMDI3ODZBRTRERjc0QTQyODM1NTdBQjZBNzUwMEFCOEFEQTVDNzQ0
MjQxMUM5N0Y1MDJGOUZBOUY5NzA2QS8wLzM0MzUyZTMxMzczNDJlMzEzMDM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM1MzUzNzM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLa5s
MA0GCSqGSIb3DQEBCwUAA4IBAQBELHbnEhioIaRQDYLLlJvMS0/I5S+ZuYAaL5wr
LdmWFaoIfGGadygWyI/FCLZwibNqLX9iQQVx4JZyLK459uoiwwQrudOI1jkNA5cn
ibYM4ZgezrehGbJ2pUPIpE13fIweLl+VL9xj3LHzAuXQAFePk8O5tCyNHZ2i0fx7
CUNghh9hIM71e0eZAsEDJ3y9OCuatHKIV7kqDWhNMDSTg3ljVuB4o00qBEvEPvvC
tCCI8xWiFlSiCsmxZ6mnBUSCPbuLeevPvlkAURiBLDlokj9pF9JOHm0pKUpPT07f
sGeC/EGMDSblufDnNFcTKwR64taTdnrEIBSiV7UcS1PB38ld
-----END CERTIFICATE-----