Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/3133312e3139362e3131322e302f32342d3234203d3e20323639373536.roa
File:                     3133312e3139362e3131322e302f32342d3234203d3e20323639373536.roa (raw, json)
Hash identifier:          URsl2hdyfcKImmuBval+2GexK/XYE0vQ7dNZoyhPUM4=
Subject key identifier:   28:74:A7:0F:82:69:4F:52:59:41:7E:10:3B:72:16:3E:C5:EE:5A:DD
Certificate issuer:       /CN=575E8C6CA1804CEB8830FE8544A39CB633AA341C
Certificate serial:       592BBEC39739D4FAA7B69CD016DFA07FEE71957A
Authority key identifier: 57:5E:8C:6C:A1:80:4C:EB:88:30:FE:85:44:A3:9C:B6:33:AA:34:1C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/3133312e3139362e3131322e302f32342d3234203d3e20323639373536.roa
Signing time:             Tue 04 Feb 2025 18:00:13 +0000
ROA not before:           Tue 04 Feb 2025 17:55:13 +0000
ROA not after:            Tue 03 Feb 2026 18:00:13 +0000
asID:                     269756
IP address blocks:        131.196.112.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:2b:be:c3:97:39:d4:fa:a7:b6:9c:d0:16:df:a0:7f:ee:71:95:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=575E8C6CA1804CEB8830FE8544A39CB633AA341C
        Validity
            Not Before: Feb  4 17:55:13 2025 GMT
            Not After : Feb  3 18:00:13 2026 GMT
        Subject: CN=2874A70F82694F5259417E103B72163EC5EE5ADD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ac:ee:1e:88:11:64:37:0f:b8:54:73:42:dc:
                    d9:f8:5c:87:39:f0:93:a7:06:b4:2b:46:60:58:fe:
                    4b:44:4a:9d:0d:31:b1:17:54:3f:2d:18:33:fe:16:
                    f9:8b:45:0f:e0:e6:e8:29:ac:2c:ff:eb:b3:40:5b:
                    73:61:f3:68:85:dc:b3:e7:28:c3:3a:e5:98:ef:48:
                    6a:e8:82:1f:60:16:d3:60:3d:1b:3c:9a:b0:86:9f:
                    26:88:07:c2:8b:16:95:86:aa:06:63:ed:7a:52:81:
                    a7:f0:99:3c:db:22:48:00:00:b7:87:ed:59:f4:9c:
                    21:bb:e4:8b:59:f3:94:b6:93:70:8b:72:af:86:a4:
                    7d:6f:fd:87:b2:1e:13:24:23:c4:c1:89:45:f4:81:
                    66:79:57:28:e4:d4:4b:d5:cc:7b:f6:c7:0b:33:46:
                    46:6d:4b:6e:cd:67:83:74:a0:4f:2f:e2:40:ad:0f:
                    88:fe:b3:f9:31:72:01:2a:8a:3a:7c:7e:c8:f7:c1:
                    db:b1:98:95:f1:8a:6b:ab:56:6e:26:3c:13:2d:dc:
                    77:29:8d:d9:f2:93:e2:e6:35:1d:1b:3b:74:15:c1:
                    83:3f:74:8c:ed:8f:f4:76:23:a2:53:5c:c5:a4:e4:
                    6b:01:27:c4:0e:cc:82:63:31:d2:32:97:55:17:8c:
                    ba:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:74:A7:0F:82:69:4F:52:59:41:7E:10:3B:72:16:3E:C5:EE:5A:DD
            X509v3 Authority Key Identifier:
                keyid:57:5E:8C:6C:A1:80:4C:EB:88:30:FE:85:44:A3:9C:B6:33:AA:34:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/575E8C6CA1804CEB8830FE8544A39CB633AA341C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/026CF02C4ED29BE51A5CF7349FEF7F5AEE84C01AD4960B2C3BE10F9D37B17BE0/0/3133312e3139362e3131322e302f32342d3234203d3e20323639373536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.196.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:8d:69:1b:d2:5b:1b:bb:86:a0:34:c9:94:9d:9a:a1:b2:a5:
         4c:c7:aa:62:02:30:bc:d7:c0:76:72:20:2d:3f:07:f2:dd:cb:
         a8:d4:fe:a3:a0:95:e7:e2:2f:39:68:a4:9d:25:47:4f:4f:b8:
         18:92:3f:a4:e9:e0:cd:ce:3e:fd:20:b9:ff:bd:c6:59:b1:5d:
         f8:cd:a1:b2:ec:04:e0:73:6b:8b:35:b5:65:80:70:22:f2:aa:
         0c:2a:19:f7:86:7e:2b:78:2e:69:83:f7:91:f3:c7:13:0f:de:
         bc:eb:70:fd:ee:89:ab:4d:cd:2a:d8:32:8d:18:b7:f7:b4:bf:
         15:22:9b:b6:3f:07:44:71:38:7e:70:ff:60:51:fb:70:80:70:
         99:ae:f0:6e:e0:fd:fe:71:ec:ab:33:41:3f:fd:d4:60:5a:69:
         ce:5a:c1:21:4a:45:eb:1c:74:92:68:52:74:d5:8c:34:ea:63:
         e9:40:66:2f:95:21:e1:c7:5b:93:ae:95:08:89:f7:a4:47:d2:
         b0:6f:0d:fe:1c:d4:b1:2d:9f:25:af:f8:a9:8c:6f:f0:da:62:
         20:6f:43:b6:41:e0:19:04:21:57:bd:e3:18:39:f3:69:4f:88:
         56:66:d5:c6:a0:70:aa:c9:a7:6a:b8:71:39:25:68:10:81:34:
         04:b7:84:1f
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUWSu+w5c51PqntpzQFt+gf+5xlXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTc1RThDNkNBMTgwNENFQjg4MzBGRTg1NDRBMzlDQjYz
M0FBMzQxQzAeFw0yNTAyMDQxNzU1MTNaFw0yNjAyMDMxODAwMTNaMDMxMTAvBgNV
BAMTKDI4NzRBNzBGODI2OTRGNTI1OTQxN0UxMDNCNzIxNjNFQzVFRTVBREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChrO4eiBFkNw+4VHNC3Nn4XIc5
8JOnBrQrRmBY/ktESp0NMbEXVD8tGDP+FvmLRQ/g5ugprCz/67NAW3Nh82iF3LPn
KMM65ZjvSGrogh9gFtNgPRs8mrCGnyaIB8KLFpWGqgZj7XpSgafwmTzbIkgAALeH
7Vn0nCG75ItZ85S2k3CLcq+GpH1v/YeyHhMkI8TBiUX0gWZ5Vyjk1EvVzHv2xwsz
RkZtS27NZ4N0oE8v4kCtD4j+s/kxcgEqijp8fsj3wduxmJXximurVm4mPBMt3Hcp
jdnyk+LmNR0bO3QVwYM/dIztj/R2I6JTXMWk5GsBJ8QOzIJjMdIyl1UXjLqJAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUKHSnD4JpT1JZQX4QO3IWPsXuWt0wHwYDVR0j
BBgwFoAUV16MbKGATOuIMP6FRKOctjOqNBwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMjZDRjAyQzRFRDI5QkU1MUE1Q0Y3MzQ5RkVGN0Y1QUVF
ODRDMDFBRDQ5NjBCMkMzQkUxMEY5RDM3QjE3QkUwLzAvNTc1RThDNkNBMTgwNENF
Qjg4MzBGRTg1NDRBMzlDQjYzM0FBMzQxQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81NzVFOEM2Q0ExODA0Q0VCODgz
MEZFODU0NEEzOUNCNjMzQUEzNDFDLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDI2Q0YwMkM0RUQyOUJFNTFBNUNGNzM0OUZFRjdGNUFFRTg0QzAxQUQ0
OTYwQjJDM0JFMTBGOUQzN0IxN0JFMC8wLzMxMzMzMTJlMzEzOTM2MmUzMTMxMzIy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzkzNzM1MzYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACD
xHAwDQYJKoZIhvcNAQELBQADggEBAC6NaRvSWxu7hqA0yZSdmqGypUzHqmICMLzX
wHZyIC0/B/Ldy6jU/qOglefiLzlopJ0lR09PuBiSP6Tp4M3OPv0guf+9xlmxXfjN
obLsBOBza4s1tWWAcCLyqgwqGfeGfit4LmmD95HzxxMP3rzrcP3uiatNzSrYMo0Y
t/e0vxUim7Y/B0RxOH5w/2BR+3CAcJmu8G7g/f5x7KszQT/91GBaac5awSFKResc
dJJoUnTVjDTqY+lAZi+VIeHHW5OulQiJ96RH0rBvDf4c1LEtnyWv+KmMb/DaYiBv
Q7ZB4BkEIVe94xg582lPiFZm1cagcKrJp2q4cTklaBCBNAS3hB8=
-----END CERTIFICATE-----