Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F41F6B566D658E37C2BE9CDF35422CCE2ABE79948367C450EAB25731EC595924/0/34352e3137332e362e302f32332d3234203d3e20323632313931.roa
File:                     34352e3137332e362e302f32332d3234203d3e20323632313931.roa (raw, json)
Hash identifier:          oI83DaouRrBwJRqop/p5ZTxtd3zNyQ4q9zL5lP01W0Q=
Subject key identifier:   44:9D:AD:28:17:CF:D5:12:BF:D0:61:97:6E:90:75:31:48:10:67:67
Certificate issuer:       /CN=43DD90FBD36BCA09CE09DC8B3272A69B0F97D5C8
Certificate serial:       61531A87E820F1B245B664C9FAFC3F731443569B
Authority key identifier: 43:DD:90:FB:D3:6B:CA:09:CE:09:DC:8B:32:72:A6:9B:0F:97:D5:C8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43DD90FBD36BCA09CE09DC8B3272A69B0F97D5C8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F41F6B566D658E37C2BE9CDF35422CCE2ABE79948367C450EAB25731EC595924/0/34352e3137332e362e302f32332d3234203d3e20323632313931.roa
Signing time:             Tue 04 Feb 2025 19:57:52 +0000
ROA not before:           Tue 04 Feb 2025 19:52:52 +0000
ROA not after:            Tue 03 Feb 2026 19:57:52 +0000
asID:                     262191
IP address blocks:        45.173.6.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:53:1a:87:e8:20:f1:b2:45:b6:64:c9:fa:fc:3f:73:14:43:56:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43DD90FBD36BCA09CE09DC8B3272A69B0F97D5C8
        Validity
            Not Before: Feb  4 19:52:52 2025 GMT
            Not After : Feb  3 19:57:52 2026 GMT
        Subject: CN=449DAD2817CFD512BFD061976E90753148106767
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:36:36:98:de:20:b5:ab:53:6e:23:80:be:dc:
                    26:91:18:dc:32:1b:bd:b7:39:a0:f9:db:67:3a:a0:
                    e2:db:df:4b:4f:dc:80:e0:e8:99:26:b1:ec:ba:87:
                    d0:0b:03:68:ce:5e:4c:dc:37:71:c5:4c:9f:e2:f2:
                    d1:02:c7:d9:aa:82:4b:5a:3c:7e:15:3f:b1:f3:36:
                    60:62:b9:e4:32:0f:a7:73:2a:b3:e4:ee:3f:7e:ad:
                    73:b1:77:fb:d5:15:4f:97:d9:56:4d:99:fa:bd:d1:
                    fe:cf:9c:9b:1d:47:5e:d0:cb:47:63:26:af:be:60:
                    e8:51:db:28:e3:cf:85:ad:96:33:aa:20:92:93:28:
                    32:e5:7a:61:73:b1:f8:ba:94:97:ae:87:62:10:98:
                    4f:44:94:1e:df:c4:2b:d6:1a:55:3f:ea:e9:a1:3f:
                    a6:f8:5d:e6:00:ad:96:f6:fd:97:24:39:b2:e4:47:
                    be:fc:6b:29:68:36:bb:a7:63:a6:13:6b:27:8a:8d:
                    15:5d:69:82:ea:a7:87:3e:c1:6f:17:10:75:3d:88:
                    aa:26:42:f2:8c:4d:ca:dd:3c:52:5c:70:e4:c3:5a:
                    39:b9:2a:32:84:79:56:33:4c:a5:e2:90:1b:7b:a0:
                    67:68:dd:ba:0b:bf:61:44:f4:72:5c:6a:d6:3c:60:
                    37:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:9D:AD:28:17:CF:D5:12:BF:D0:61:97:6E:90:75:31:48:10:67:67
            X509v3 Authority Key Identifier:
                keyid:43:DD:90:FB:D3:6B:CA:09:CE:09:DC:8B:32:72:A6:9B:0F:97:D5:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F41F6B566D658E37C2BE9CDF35422CCE2ABE79948367C450EAB25731EC595924/0/43DD90FBD36BCA09CE09DC8B3272A69B0F97D5C8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43DD90FBD36BCA09CE09DC8B3272A69B0F97D5C8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F41F6B566D658E37C2BE9CDF35422CCE2ABE79948367C450EAB25731EC595924/0/34352e3137332e362e302f32332d3234203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         67:f0:d2:c6:3d:cb:00:a6:bb:f8:5d:af:a0:d0:4f:f5:77:92:
         3a:cc:77:6f:7f:0f:5c:85:d9:4b:48:b3:25:0f:62:21:27:39:
         11:38:5a:e3:42:a1:b6:08:0a:1a:bb:55:b8:80:40:1a:c8:3f:
         69:f7:9c:a2:e2:e1:d1:b9:e4:ce:d8:90:44:9d:63:ff:44:a1:
         92:88:c9:5b:97:b7:89:6a:55:46:e5:a8:b2:1d:fa:0b:56:8c:
         e9:39:39:01:96:07:6e:44:bb:d1:01:96:e4:a9:c7:2d:ce:bd:
         3d:b9:b3:80:2e:8a:8f:47:0c:68:eb:89:c2:ed:70:3f:1f:5b:
         d6:14:4f:d3:84:d3:c5:14:84:f3:40:c0:bf:8f:22:ca:09:ee:
         f3:8c:ea:7c:79:b1:0b:5a:2b:f2:a4:47:fe:49:59:b8:0e:e7:
         97:e6:d4:8c:37:b2:f9:36:35:73:5a:99:4c:1d:ce:10:53:86:
         bb:da:8e:aa:a9:d1:c4:c4:8f:88:ab:b6:62:37:55:a9:0e:de:
         5e:d2:d5:e3:ec:fa:47:d4:cd:84:1d:f1:20:64:74:a9:d0:a8:
         c8:c0:c2:0a:b7:85:05:8d:86:d9:0c:ff:de:14:b8:94:df:81:
         ee:2a:19:1d:f9:49:ed:9f:d4:7e:f1:ac:b0:50:37:2b:a2:89:
         58:28:cb:36
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUYVMah+gg8bJFtmTJ+vw/cxRDVpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNERDkwRkJEMzZCQ0EwOUNFMDlEQzhCMzI3MkE2OUIw
Rjk3RDVDODAeFw0yNTAyMDQxOTUyNTJaFw0yNjAyMDMxOTU3NTJaMDMxMTAvBgNV
BAMTKDQ0OURBRDI4MTdDRkQ1MTJCRkQwNjE5NzZFOTA3NTMxNDgxMDY3NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsNjaY3iC1q1NuI4C+3CaRGNwy
G723OaD522c6oOLb30tP3IDg6Jkmsey6h9ALA2jOXkzcN3HFTJ/i8tECx9mqgkta
PH4VP7HzNmBiueQyD6dzKrPk7j9+rXOxd/vVFU+X2VZNmfq90f7PnJsdR17Qy0dj
Jq++YOhR2yjjz4WtljOqIJKTKDLlemFzsfi6lJeuh2IQmE9ElB7fxCvWGlU/6umh
P6b4XeYArZb2/ZckObLkR778ayloNrunY6YTayeKjRVdaYLqp4c+wW8XEHU9iKom
QvKMTcrdPFJccOTDWjm5KjKEeVYzTKXikBt7oGdo3boLv2FE9HJcatY8YDfnAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQURJ2tKBfP1RK/0GGXbpB1MUgQZ2cwHwYDVR0j
BBgwFoAUQ92Q+9NrygnOCdyLMnKmmw+X1cgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GNDFGNkI1NjZENjU4RTM3QzJCRTlDREYzNTQyMkNDRTJB
QkU3OTk0ODM2N0M0NTBFQUIyNTczMUVDNTk1OTI0LzAvNDNERDkwRkJEMzZCQ0Ew
OUNFMDlEQzhCMzI3MkE2OUIwRjk3RDVDOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0REOTBGQkQzNkJDQTA5Q0Uw
OURDOEIzMjcyQTY5QjBGOTdENUM4LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjQxRjZCNTY2RDY1OEUzN0MyQkU5Q0RGMzU0MjJDQ0UyQUJFNzk5NDgz
NjdDNDUwRUFCMjU3MzFFQzU5NTkyNC8wLzM0MzUyZTMxMzczMzJlMzYyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtrQYwDQYJ
KoZIhvcNAQELBQADggEBAGfw0sY9ywCmu/hdr6DQT/V3kjrMd29/D1yF2UtIsyUP
YiEnORE4WuNCobYIChq7VbiAQBrIP2n3nKLi4dG55M7YkESdY/9EoZKIyVuXt4lq
VUblqLId+gtWjOk5OQGWB25Eu9EBluSpxy3OvT25s4Auio9HDGjricLtcD8fW9YU
T9OE08UUhPNAwL+PIsoJ7vOM6nx5sQtaK/KkR/5JWbgO55fm1Iw3svk2NXNamUwd
zhBThrvajqqp0cTEj4irtmI3VakO3l7S1ePs+kfUzYQd8SBkdKnQqMjAwgq3hQWN
htkM/94UuJTfge4qGR35Se2f1H7xrLBQNyuiiVgoyzY=
-----END CERTIFICATE-----