Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E6D2BC7FB7C5C774D7EB328A9135BF4865D92FE35BD5BBD7CA4A16A372D8FC13/0/3137302e3233312e3137362e302f32322d3234203d3e20323634373235.roa
File:                     3137302e3233312e3137362e302f32322d3234203d3e20323634373235.roa (raw, json)
Hash identifier:          BwtM4rmSi1cNaLZS34wDUqqkKZ0S+7ggnPpxJ5i+RAw=
Subject key identifier:   E2:F6:7B:F1:F6:86:26:D9:A1:9D:DF:2E:22:79:9A:B8:C3:76:8B:BB
Certificate issuer:       /CN=93F35A87F551B29E98811C3B3CAAA1961A6A9D07
Certificate serial:       737D54075A5442D3DF8416DF41672A1621E18B78
Authority key identifier: 93:F3:5A:87:F5:51:B2:9E:98:81:1C:3B:3C:AA:A1:96:1A:6A:9D:07
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/93F35A87F551B29E98811C3B3CAAA1961A6A9D07.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E6D2BC7FB7C5C774D7EB328A9135BF4865D92FE35BD5BBD7CA4A16A372D8FC13/0/3137302e3233312e3137362e302f32322d3234203d3e20323634373235.roa
Signing time:             Tue 04 Feb 2025 18:39:59 +0000
ROA not before:           Tue 04 Feb 2025 18:34:59 +0000
ROA not after:            Tue 03 Feb 2026 18:39:59 +0000
asID:                     264725
IP address blocks:        170.231.176.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:7d:54:07:5a:54:42:d3:df:84:16:df:41:67:2a:16:21:e1:8b:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93F35A87F551B29E98811C3B3CAAA1961A6A9D07
        Validity
            Not Before: Feb  4 18:34:59 2025 GMT
            Not After : Feb  3 18:39:59 2026 GMT
        Subject: CN=E2F67BF1F68626D9A19DDF2E22799AB8C3768BBB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:3d:1c:59:88:c6:e9:b3:24:9c:4a:07:58:4c:
                    f2:f2:9f:39:30:d0:7e:6a:98:69:f6:76:4f:5f:f4:
                    5d:07:eb:fd:70:dd:fa:58:62:7f:b6:12:88:1c:92:
                    cc:67:bf:b3:c9:c4:17:4a:75:8b:2f:1d:d3:19:00:
                    f0:9d:e2:b0:e3:f3:70:0c:25:c6:11:34:a1:15:77:
                    7f:5f:b6:7d:40:91:03:ec:3d:c6:42:8c:20:1e:e2:
                    76:32:e1:b1:c8:7f:bf:0c:e6:1d:77:2e:77:d4:1e:
                    91:59:e3:49:b8:11:2a:24:08:24:2a:2a:a6:a7:5f:
                    c3:5c:04:f0:56:6d:fa:a7:61:63:f8:23:45:9e:fb:
                    1c:27:40:73:ab:ec:a7:2b:6d:0d:ac:90:f4:2b:5b:
                    a5:47:30:dc:9d:0f:4b:9a:5e:19:a8:a3:79:24:b7:
                    51:fb:14:22:db:29:ec:76:eb:32:4e:76:96:1e:6b:
                    1b:3f:7f:b8:3b:4e:99:7a:98:79:a8:36:ec:a2:0b:
                    1e:96:a1:cd:d2:36:51:e1:03:40:7e:79:ee:ab:42:
                    03:88:1d:34:e1:1e:24:ec:24:83:42:21:d2:aa:2e:
                    df:c0:4b:8c:c0:34:ff:90:36:01:67:62:94:02:89:
                    be:ee:c1:30:a0:79:f3:ff:79:c5:95:1d:42:e9:39:
                    14:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:F6:7B:F1:F6:86:26:D9:A1:9D:DF:2E:22:79:9A:B8:C3:76:8B:BB
            X509v3 Authority Key Identifier:
                keyid:93:F3:5A:87:F5:51:B2:9E:98:81:1C:3B:3C:AA:A1:96:1A:6A:9D:07

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E6D2BC7FB7C5C774D7EB328A9135BF4865D92FE35BD5BBD7CA4A16A372D8FC13/0/93F35A87F551B29E98811C3B3CAAA1961A6A9D07.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/93F35A87F551B29E98811C3B3CAAA1961A6A9D07.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E6D2BC7FB7C5C774D7EB328A9135BF4865D92FE35BD5BBD7CA4A16A372D8FC13/0/3137302e3233312e3137362e302f32322d3234203d3e20323634373235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.231.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:84:68:96:90:b3:ad:ac:ef:a9:89:80:de:90:aa:1f:43:7c:
         9f:83:4e:40:57:d6:01:91:1c:d4:be:56:0c:b8:23:c3:db:f9:
         b9:f3:90:83:07:03:27:1d:ae:35:fc:0b:aa:0a:9a:e2:a6:af:
         a1:aa:2a:1c:8a:2a:9d:75:6a:42:af:2c:76:6f:3e:b1:8b:5e:
         89:8e:c2:8e:3f:16:77:06:64:ad:45:68:18:5e:90:f5:6d:21:
         dd:b4:b4:55:6a:64:46:3e:3c:9f:99:19:06:b2:5b:22:36:22:
         d5:8b:de:21:d6:2f:6a:cb:e3:92:4d:db:81:a2:e3:db:ac:a9:
         51:93:5e:22:82:40:6a:02:ba:0f:5a:9f:50:bd:d8:53:21:91:
         67:fc:70:36:7d:46:4c:19:5d:f8:32:be:2a:50:d3:9d:01:d9:
         63:70:71:8f:e9:cc:ec:9b:45:a6:e2:e8:39:2f:1f:f7:7b:e1:
         3c:b1:f9:68:4c:d7:75:6d:f9:3d:55:a4:f5:45:2c:5c:17:e5:
         da:1d:97:b3:3b:f3:92:01:eb:a4:81:24:f3:26:2f:30:6f:be:
         7d:e7:d2:53:44:28:20:4d:73:9c:dc:ab:d8:04:fa:72:df:04:
         07:d4:90:11:53:ad:e7:62:2f:51:93:8a:70:35:28:1a:b6:db:
         10:6f:fc:c8
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUc31UB1pUQtPfhBbfQWcqFiHhi3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTNGMzVBODdGNTUxQjI5RTk4ODExQzNCM0NBQUExOTYx
QTZBOUQwNzAeFw0yNTAyMDQxODM0NTlaFw0yNjAyMDMxODM5NTlaMDMxMTAvBgNV
BAMTKEUyRjY3QkYxRjY4NjI2RDlBMTlEREYyRTIyNzk5QUI4QzM3NjhCQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWPRxZiMbpsyScSgdYTPLynzkw
0H5qmGn2dk9f9F0H6/1w3fpYYn+2Eogcksxnv7PJxBdKdYsvHdMZAPCd4rDj83AM
JcYRNKEVd39ftn1AkQPsPcZCjCAe4nYy4bHIf78M5h13LnfUHpFZ40m4ESokCCQq
KqanX8NcBPBWbfqnYWP4I0We+xwnQHOr7KcrbQ2skPQrW6VHMNydD0uaXhmoo3kk
t1H7FCLbKex26zJOdpYeaxs/f7g7Tpl6mHmoNuyiCx6Woc3SNlHhA0B+ee6rQgOI
HTThHiTsJINCIdKqLt/AS4zANP+QNgFnYpQCib7uwTCgefP/ecWVHULpORRbAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU4vZ78faGJtmhnd8uInmauMN2i7swHwYDVR0j
BBgwFoAUk/Nah/VRsp6YgRw7PKqhlhpqnQcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FNkQyQkM3RkI3QzVDNzc0RDdFQjMyOEE5MTM1QkY0ODY1
RDkyRkUzNUJENUJCRDdDQTRBMTZBMzcyRDhGQzEzLzAvOTNGMzVBODdGNTUxQjI5
RTk4ODExQzNCM0NBQUExOTYxQTZBOUQwNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85M0YzNUE4N0Y1NTFCMjlFOTg4
MTFDM0IzQ0FBQTE5NjFBNkE5RDA3LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTZEMkJDN0ZCN0M1Qzc3NEQ3RUIzMjhBOTEzNUJGNDg2NUQ5MkZFMzVC
RDVCQkQ3Q0E0QTE2QTM3MkQ4RkMxMy8wLzMxMzczMDJlMzIzMzMxMmUzMTM3MzYy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzQzNzMyMzUucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKq
57AwDQYJKoZIhvcNAQELBQADggEBALCEaJaQs62s76mJgN6Qqh9DfJ+DTkBX1gGR
HNS+Vgy4I8Pb+bnzkIMHAycdrjX8C6oKmuKmr6GqKhyKKp11akKvLHZvPrGLXomO
wo4/FncGZK1FaBhekPVtId20tFVqZEY+PJ+ZGQayWyI2ItWL3iHWL2rL45JN24Gi
49usqVGTXiKCQGoCug9an1C92FMhkWf8cDZ9RkwZXfgyvipQ050B2WNwcY/pzOyb
Rabi6DkvH/d74Tyx+WhM13Vt+T1VpPVFLFwX5dodl7M785IB66SBJPMmLzBvvn3n
0lNEKCBNc5zcq9gE+nLfBAfUkBFTrediL1GTinA1KBq22xBv/Mg=
-----END CERTIFICATE-----