Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e32392e302f32342d3234203d3e20323637363939.roa
File:                     3137302e3235342e32392e302f32342d3234203d3e20323637363939.roa (raw, json)
Hash identifier:          ocpOSU2x3VE8qqQIwxCesLYFz/EU5s3ykTNh55y6Nbc=
Subject key identifier:   62:2E:28:CA:BB:78:4D:14:FB:DD:C7:3D:DD:A5:1E:C6:E7:6B:01:E2
Certificate issuer:       /CN=DF4F03C5770C7BA39912813367B5E868005CCD99
Certificate serial:       5BD00DAC13B72DDBC2B4D680FA375C81523A75F2
Authority key identifier: DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e32392e302f32342d3234203d3e20323637363939.roa
Signing time:             Tue 04 Feb 2025 20:04:50 +0000
ROA not before:           Tue 04 Feb 2025 19:59:50 +0000
ROA not after:            Tue 03 Feb 2026 20:04:50 +0000
asID:                     267699
IP address blocks:        170.254.29.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:d0:0d:ac:13:b7:2d:db:c2:b4:d6:80:fa:37:5c:81:52:3a:75:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DF4F03C5770C7BA39912813367B5E868005CCD99
        Validity
            Not Before: Feb  4 19:59:50 2025 GMT
            Not After : Feb  3 20:04:50 2026 GMT
        Subject: CN=622E28CABB784D14FBDDC73DDDA51EC6E76B01E2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:2d:82:88:15:ad:da:91:16:b7:db:0d:94:1a:
                    5b:ef:7e:79:50:4d:d4:2f:45:55:46:79:79:3d:9c:
                    41:b4:9b:bf:31:1e:96:d6:5b:4f:90:df:2f:22:c7:
                    95:02:e8:d7:59:16:3a:61:c6:48:34:69:4c:04:68:
                    2c:fc:f8:1b:31:70:b5:1f:ca:63:43:ac:31:2f:8a:
                    3d:47:8b:6d:5c:4b:2c:df:38:69:97:e1:b8:71:3f:
                    65:1b:31:01:5a:19:b4:7d:05:c4:15:12:b2:02:b5:
                    d8:be:83:03:7a:dd:d6:90:d8:91:dd:3c:91:70:0e:
                    44:cf:f5:6e:fb:cd:31:26:e3:a6:47:e5:87:2a:18:
                    99:84:8a:0f:b0:68:6f:ce:c9:97:7f:0d:db:d0:12:
                    7d:61:46:c1:1c:46:27:4e:b9:35:66:ca:b3:4e:21:
                    4b:3e:6c:fd:f7:e5:4e:e0:b3:85:97:2c:5d:28:a3:
                    1e:3d:00:ef:11:63:80:82:cc:8c:e5:9d:3b:ef:f4:
                    ec:e2:c3:c9:05:d3:70:ce:7a:12:21:3d:0c:9b:01:
                    25:d8:7d:e2:41:b7:24:c2:8b:75:fd:b8:29:a2:b9:
                    d1:bc:6c:95:34:3d:cb:69:f9:ad:51:c4:7b:b4:8c:
                    15:a4:32:25:45:dd:24:f7:d7:1e:b9:c3:b2:4b:a3:
                    fa:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:2E:28:CA:BB:78:4D:14:FB:DD:C7:3D:DD:A5:1E:C6:E7:6B:01:E2
            X509v3 Authority Key Identifier:
                keyid:DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e32392e302f32342d3234203d3e20323637363939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:c0:53:81:58:3e:21:ff:e6:5a:5e:d4:e9:23:85:35:9f:01:
         29:28:2e:eb:8d:90:aa:7c:f8:e8:4c:0d:5a:4e:fc:dc:9d:ef:
         7b:f3:56:d7:75:91:50:74:dc:0f:0a:c3:a1:ed:62:2c:5b:7a:
         e1:5c:72:7d:b0:15:bd:01:7c:6e:50:88:8d:cf:ba:50:98:00:
         fa:78:5e:5c:27:32:bf:c8:ac:25:8c:2e:43:26:aa:fd:ae:bc:
         87:9b:2d:5d:ba:ba:31:31:8e:cf:e0:f7:2e:85:df:20:37:1b:
         75:a1:8d:72:96:5a:96:af:6f:1e:b4:4d:89:fe:ca:db:d8:66:
         4b:8e:6e:39:78:7a:6f:ff:04:b5:e1:d4:b1:04:19:20:06:b6:
         11:56:e3:e0:b9:bd:dd:b2:dc:a1:48:1d:03:b6:bf:93:36:1b:
         fe:bc:31:4b:bd:ab:c7:73:00:85:9f:b9:61:dd:ab:e9:10:93:
         0f:32:24:a5:c3:d0:c2:fb:2e:32:48:aa:a0:1d:b3:04:b5:98:
         28:15:32:4b:64:6a:ff:27:c3:fa:dd:71:9b:2a:0d:27:b7:4c:
         2b:9b:b5:de:a3:15:d8:35:a0:c4:4a:29:11:47:01:f1:69:ba:
         b4:ea:e4:d0:97:24:51:83:eb:d3:c6:53:51:ff:36:b3:3e:59:
         82:1c:e7:ca
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUW9ANrBO3LdvCtNaA+jdcgVI6dfIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREY0RjAzQzU3NzBDN0JBMzk5MTI4MTMzNjdCNUU4Njgw
MDVDQ0Q5OTAeFw0yNTAyMDQxOTU5NTBaFw0yNjAyMDMyMDA0NTBaMDMxMTAvBgNV
BAMTKDYyMkUyOENBQkI3ODREMTRGQkREQzczREREQTUxRUM2RTc2QjAxRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3LYKIFa3akRa32w2UGlvvfnlQ
TdQvRVVGeXk9nEG0m78xHpbWW0+Q3y8ix5UC6NdZFjphxkg0aUwEaCz8+BsxcLUf
ymNDrDEvij1Hi21cSyzfOGmX4bhxP2UbMQFaGbR9BcQVErICtdi+gwN63daQ2JHd
PJFwDkTP9W77zTEm46ZH5YcqGJmEig+waG/OyZd/DdvQEn1hRsEcRidOuTVmyrNO
IUs+bP335U7gs4WXLF0oox49AO8RY4CCzIzlnTvv9Oziw8kF03DOehIhPQybASXY
feJBtyTCi3X9uCmiudG8bJU0Pctp+a1RxHu0jBWkMiVF3ST31x65w7JLo/pfAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUYi4oyrt4TRT73cc93aUexudrAeIwHwYDVR0j
BBgwFoAU308DxXcMe6OZEoEzZ7XoaABczZkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FMDhEOTMzNjgyRjY4OEVEOEMzNkQwRkMxRjM0QjY4MzE1
MDUzRDNGMzcxRjY4NEI5QTM4N0E1RkE2NzA5RjE3LzAvREY0RjAzQzU3NzBDN0JB
Mzk5MTI4MTMzNjdCNUU4NjgwMDVDQ0Q5OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERjRGMDNDNTc3MEM3QkEzOTkx
MjgxMzM2N0I1RTg2ODAwNUNDRDk5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTA4RDkzMzY4MkY2ODhFRDhDMzZEMEZDMUYzNEI2ODMxNTA1M0QzRjM3
MUY2ODRCOUEzODdBNUZBNjcwOUYxNy8wLzMxMzczMDJlMzIzNTM0MmUzMjM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM3MzYzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqv4d
MA0GCSqGSIb3DQEBCwUAA4IBAQA7wFOBWD4h/+ZaXtTpI4U1nwEpKC7rjZCqfPjo
TA1aTvzcne9781bXdZFQdNwPCsOh7WIsW3rhXHJ9sBW9AXxuUIiNz7pQmAD6eF5c
JzK/yKwljC5DJqr9rryHmy1duroxMY7P4Pcuhd8gNxt1oY1yllqWr28etE2J/srb
2GZLjm45eHpv/wS14dSxBBkgBrYRVuPgub3dstyhSB0Dtr+TNhv+vDFLvavHcwCF
n7lh3avpEJMPMiSlw9DC+y4ySKqgHbMEtZgoFTJLZGr/J8P63XGbKg0nt0wrm7Xe
oxXYNaDESikRRwHxabq06uTQlyRRg+vTxlNR/zazPlmCHOfK
-----END CERTIFICATE-----