Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DBE1DF14102D229D2A32EF830927E03CD6429044F67ED8E239EF6114B9CA2FF6/0/34352e3138372e38392e302f32342d3234203d3e20323639393135.roa
File:                     34352e3138372e38392e302f32342d3234203d3e20323639393135.roa (raw, json)
Hash identifier:          eH4mEzmSIlFH4LH2Sb1+aclqCYyUA34THwvryUcZUcU=
Subject key identifier:   CD:20:6E:4B:6A:D1:F2:9C:6F:2B:8B:A9:8E:BE:A2:7C:98:02:94:DC
Certificate issuer:       /CN=D7C2C80CB59C8E33C7BB4ED10BEA57E21CE76CEE
Certificate serial:       42D2825AC52B38F421B0C9470B85A98EFE648EB6
Authority key identifier: D7:C2:C8:0C:B5:9C:8E:33:C7:BB:4E:D1:0B:EA:57:E2:1C:E7:6C:EE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D7C2C80CB59C8E33C7BB4ED10BEA57E21CE76CEE.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DBE1DF14102D229D2A32EF830927E03CD6429044F67ED8E239EF6114B9CA2FF6/0/34352e3138372e38392e302f32342d3234203d3e20323639393135.roa
Signing time:             Tue 04 Feb 2025 20:00:17 +0000
ROA not before:           Tue 04 Feb 2025 19:55:17 +0000
ROA not after:            Tue 03 Feb 2026 20:00:17 +0000
asID:                     269915
IP address blocks:        45.187.89.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:d2:82:5a:c5:2b:38:f4:21:b0:c9:47:0b:85:a9:8e:fe:64:8e:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D7C2C80CB59C8E33C7BB4ED10BEA57E21CE76CEE
        Validity
            Not Before: Feb  4 19:55:17 2025 GMT
            Not After : Feb  3 20:00:17 2026 GMT
        Subject: CN=CD206E4B6AD1F29C6F2B8BA98EBEA27C980294DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:9a:db:11:db:d7:d2:9b:d0:3f:94:f7:ad:c8:
                    24:b1:91:0e:47:0a:5f:8a:34:cd:33:35:f7:79:65:
                    f0:cb:b5:54:95:b3:51:45:94:af:b0:ac:72:68:cb:
                    26:dc:d8:ce:c2:2e:d8:a4:c4:cd:5b:65:16:0e:68:
                    2e:e1:89:11:7f:a6:b4:d0:4b:14:5b:bb:28:63:0d:
                    7b:32:2b:ce:23:16:00:d3:ff:58:06:82:02:c0:f2:
                    a3:94:25:5a:b4:ca:c2:cb:9d:2c:f9:d3:df:5c:53:
                    df:90:7b:05:8e:57:5f:7c:35:5b:2e:eb:68:df:3d:
                    c5:61:7b:a9:a1:e4:6b:05:cd:ee:85:e2:da:13:ac:
                    e2:c6:8c:73:36:a9:85:77:d9:13:a9:f6:fb:62:42:
                    8e:10:b9:f0:68:26:34:9a:90:e6:16:3f:99:21:53:
                    da:a4:6d:f7:34:ec:e5:af:52:d2:3c:d9:93:bf:46:
                    9c:23:3d:8a:e8:f7:92:0d:c3:93:62:89:33:23:f7:
                    db:52:23:5a:59:81:2f:41:5c:a4:e9:84:9c:eb:39:
                    87:9f:a7:12:3c:77:3f:68:77:8d:b8:48:b9:82:b9:
                    b8:ff:91:a2:9f:f1:28:50:a6:88:39:36:22:f8:71:
                    56:62:1b:b5:9b:c5:ca:10:6b:75:7c:77:6a:cb:fe:
                    a3:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:20:6E:4B:6A:D1:F2:9C:6F:2B:8B:A9:8E:BE:A2:7C:98:02:94:DC
            X509v3 Authority Key Identifier:
                keyid:D7:C2:C8:0C:B5:9C:8E:33:C7:BB:4E:D1:0B:EA:57:E2:1C:E7:6C:EE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DBE1DF14102D229D2A32EF830927E03CD6429044F67ED8E239EF6114B9CA2FF6/0/D7C2C80CB59C8E33C7BB4ED10BEA57E21CE76CEE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D7C2C80CB59C8E33C7BB4ED10BEA57E21CE76CEE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DBE1DF14102D229D2A32EF830927E03CD6429044F67ED8E239EF6114B9CA2FF6/0/34352e3138372e38392e302f32342d3234203d3e20323639393135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.187.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:f6:c7:f6:81:e3:9f:12:a5:74:72:79:49:c4:6e:88:29:7a:
         06:ab:1a:ff:0c:76:f8:0f:a0:b0:24:71:f8:ea:b7:8b:90:75:
         53:7e:9d:1b:4d:43:a0:f2:31:aa:0a:8e:2e:f9:7b:84:a6:20:
         50:9c:25:ca:d1:7d:06:bb:e4:3f:10:db:a5:5a:53:9a:ee:55:
         af:66:6e:fb:f0:0e:65:37:e8:4d:3c:6f:f5:74:7e:d4:b1:fc:
         f8:ed:fd:85:a0:59:7d:96:8a:ae:cc:f1:c4:03:28:31:06:ea:
         43:21:5a:d7:d9:05:ad:9e:79:cd:d8:16:41:fc:19:cd:98:4e:
         75:30:fc:3a:43:50:b7:14:a4:7c:c3:90:45:41:29:fc:68:14:
         12:6d:51:93:9d:2d:45:c6:32:f8:e6:bd:b5:c8:9e:8d:a5:48:
         8a:9e:1d:1d:53:ea:b7:4b:22:46:56:93:33:38:81:83:f7:39:
         e8:af:a2:e5:b9:1a:20:42:0d:8f:64:65:f3:b8:2f:37:f5:fa:
         38:7e:15:d6:83:b0:60:c6:8c:fa:f5:f2:26:ec:6f:2a:50:cc:
         c3:0f:d2:81:44:41:de:2b:21:dc:c5:2c:25:06:9a:d6:64:f5:
         44:17:8e:95:e7:15:51:9c:e5:ed:10:26:2d:31:a7:63:8c:68:
         95:51:f4:5c
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUQtKCWsUrOPQhsMlHC4Wpjv5kjrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDdDMkM4MENCNTlDOEUzM0M3QkI0RUQxMEJFQTU3RTIx
Q0U3NkNFRTAeFw0yNTAyMDQxOTU1MTdaFw0yNjAyMDMyMDAwMTdaMDMxMTAvBgNV
BAMTKENEMjA2RTRCNkFEMUYyOUM2RjJCOEJBOThFQkVBMjdDOTgwMjk0REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8mtsR29fSm9A/lPetyCSxkQ5H
Cl+KNM0zNfd5ZfDLtVSVs1FFlK+wrHJoyybc2M7CLtikxM1bZRYOaC7hiRF/prTQ
SxRbuyhjDXsyK84jFgDT/1gGggLA8qOUJVq0ysLLnSz5099cU9+QewWOV198NVsu
62jfPcVhe6mh5GsFze6F4toTrOLGjHM2qYV32ROp9vtiQo4QufBoJjSakOYWP5kh
U9qkbfc07OWvUtI82ZO/RpwjPYro95INw5NiiTMj99tSI1pZgS9BXKTphJzrOYef
pxI8dz9od424SLmCubj/kaKf8ShQpog5NiL4cVZiG7WbxcoQa3V8d2rL/qO1AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUzSBuS2rR8pxvK4upjr6ifJgClNwwHwYDVR0j
BBgwFoAU18LIDLWcjjPHu07RC+pX4hznbO4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQkUxREYxNDEwMkQyMjlEMkEzMkVGODMwOTI3RTAzQ0Q2
NDI5MDQ0RjY3RUQ4RTIzOUVGNjExNEI5Q0EyRkY2LzAvRDdDMkM4MENCNTlDOEUz
M0M3QkI0RUQxMEJFQTU3RTIxQ0U3NkNFRS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EN0MyQzgwQ0I1OUM4RTMzQzdC
QjRFRDEwQkVBNTdFMjFDRTc2Q0VFLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREJFMURGMTQxMDJEMjI5RDJBMzJFRjgzMDkyN0UwM0NENjQyOTA0NEY2
N0VEOEUyMzlFRjYxMTRCOUNBMkZGNi8wLzM0MzUyZTMxMzgzNzJlMzgzOTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzOTM5MzEzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC27WTAN
BgkqhkiG9w0BAQsFAAOCAQEATvbH9oHjnxKldHJ5ScRuiCl6Bqsa/wx2+A+gsCRx
+Oq3i5B1U36dG01DoPIxqgqOLvl7hKYgUJwlytF9BrvkPxDbpVpTmu5Vr2Zu+/AO
ZTfoTTxv9XR+1LH8+O39haBZfZaKrszxxAMoMQbqQyFa19kFrZ55zdgWQfwZzZhO
dTD8OkNQtxSkfMOQRUEp/GgUEm1Rk50tRcYy+Oa9tciejaVIip4dHVPqt0siRlaT
MziBg/c56K+i5bkaIEINj2Rl87gvN/X6OH4V1oOwYMaM+vXyJuxvKlDMww/SgURB
3ish3MUsJQaa1mT1RBeOlecVUZzl7RAmLTGnY4xolVH0XA==
-----END CERTIFICATE-----