Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0328B18C5676A937ACD46D1956506C1A9DD781F270D2992C529B17585C065B59/0/3133312e37322e3136382e302f32332d3233203d3e20323639393138.roa
File:                     3133312e37322e3136382e302f32332d3233203d3e20323639393138.roa (raw, json)
Hash identifier:          ehWhZqMoHgknEApHuIKXZx5RXDQosjMS+A2zARw0ZB0=
Subject key identifier:   AA:A5:B7:56:F1:C7:A5:EC:B7:E0:43:83:3E:AF:06:5A:5A:3E:E4:E9
Certificate issuer:       /CN=9626A6128814BFABD36D86E0348EDC7C67F0F691
Certificate serial:       48502E152287FE143069F75C6BA40D55F738C9B5
Authority key identifier: 96:26:A6:12:88:14:BF:AB:D3:6D:86:E0:34:8E:DC:7C:67:F0:F6:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9626A6128814BFABD36D86E0348EDC7C67F0F691.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0328B18C5676A937ACD46D1956506C1A9DD781F270D2992C529B17585C065B59/0/3133312e37322e3136382e302f32332d3233203d3e20323639393138.roa
Signing time:             Thu 23 May 2024 00:50:04 +0000
ROA not before:           Thu 23 May 2024 00:45:04 +0000
ROA not after:            Thu 22 May 2025 00:50:04 +0000
asID:                     269918
IP address blocks:        131.72.168.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:50:2e:15:22:87:fe:14:30:69:f7:5c:6b:a4:0d:55:f7:38:c9:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9626A6128814BFABD36D86E0348EDC7C67F0F691
        Validity
            Not Before: May 23 00:45:04 2024 GMT
            Not After : May 22 00:50:04 2025 GMT
        Subject: CN=AAA5B756F1C7A5ECB7E043833EAF065A5A3EE4E9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:fa:5b:75:c3:37:bb:c0:60:ea:ad:03:73:47:
                    bd:3a:be:7f:b3:eb:73:1f:01:28:ce:52:2e:03:27:
                    08:94:a2:9d:71:cc:4e:21:21:9f:9f:13:38:35:48:
                    3b:2b:6c:13:9a:f8:c1:2e:0d:9f:e7:71:17:13:dc:
                    76:c3:5f:6b:13:63:77:78:16:46:ad:99:e0:74:62:
                    d7:ca:0a:6b:68:ee:c2:02:bc:c4:21:fe:3e:c3:eb:
                    e9:c2:ab:3e:05:dd:ad:b9:c0:68:2d:42:05:81:db:
                    d0:31:58:32:7a:a5:af:e9:ac:21:3b:57:70:e7:fd:
                    86:3a:22:1e:12:d3:a1:22:e9:52:7b:01:36:e7:86:
                    84:9f:71:c4:05:f5:2b:70:cb:7e:84:56:22:ed:11:
                    d2:f7:c4:cf:83:6c:2e:64:b8:6e:b1:c5:9b:ec:fe:
                    01:1d:09:74:44:a8:93:95:9e:8b:9d:c5:b9:02:97:
                    9e:c6:e1:d7:4f:c3:63:fb:3c:d7:bf:4e:3f:87:b1:
                    3e:c2:67:c1:3a:33:db:90:72:d6:0c:64:f8:4b:11:
                    b7:db:56:7e:8d:5b:c4:d7:ab:47:66:9d:93:21:a6:
                    6e:2c:73:ad:6d:3d:62:fc:9f:d8:a7:40:2a:2c:00:
                    77:6f:99:d2:f4:b2:f2:a8:17:51:9b:ba:21:b6:ee:
                    ec:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:A5:B7:56:F1:C7:A5:EC:B7:E0:43:83:3E:AF:06:5A:5A:3E:E4:E9
            X509v3 Authority Key Identifier:
                keyid:96:26:A6:12:88:14:BF:AB:D3:6D:86:E0:34:8E:DC:7C:67:F0:F6:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0328B18C5676A937ACD46D1956506C1A9DD781F270D2992C529B17585C065B59/0/9626A6128814BFABD36D86E0348EDC7C67F0F691.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9626A6128814BFABD36D86E0348EDC7C67F0F691.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0328B18C5676A937ACD46D1956506C1A9DD781F270D2992C529B17585C065B59/0/3133312e37322e3136382e302f32332d3233203d3e20323639393138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         35:db:21:81:fe:a6:f1:27:52:77:67:18:ad:dc:1e:54:2f:32:
         04:ee:72:24:bb:c1:a1:31:bd:ba:b8:4d:11:8b:1d:44:6b:1a:
         21:d4:8e:6f:2e:2a:7c:c6:3b:05:1c:30:82:91:3e:c3:19:8a:
         86:15:ce:fb:dc:90:6e:2a:92:5a:5d:70:dd:8f:e2:69:44:28:
         66:52:3c:a7:56:e2:03:bc:89:7b:cb:2a:92:5c:a0:d9:e9:6b:
         b0:78:a2:21:a9:cd:37:b8:ed:f3:76:21:cc:ea:e2:93:65:9f:
         03:1c:f7:97:3d:05:6c:2c:5d:2e:7c:8e:3b:87:49:72:a5:25:
         d3:cf:b9:70:58:0f:90:78:e9:f8:3a:77:9f:63:05:13:5c:17:
         cf:aa:d9:27:11:1a:a2:a0:8b:85:d2:71:2e:5b:d5:9a:9a:ee:
         55:58:98:6a:e6:fd:82:95:74:ff:29:57:d8:8b:8e:db:25:6b:
         21:89:13:79:98:c0:5d:4c:42:99:cb:4e:d8:e7:bb:c1:5a:57:
         4c:f9:3c:d7:2a:5e:39:ec:ba:a6:7d:6e:08:72:fa:3f:89:96:
         b6:e1:33:03:0c:27:30:01:a5:8c:5c:25:ad:d6:de:ad:72:64:
         91:0b:4e:fd:b4:da:e3:bd:4b:18:f3:13:3a:54:60:33:54:f9:
         57:74:81:01
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUSFAuFSKH/hQwafdca6QNVfc4ybUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTYyNkE2MTI4ODE0QkZBQkQzNkQ4NkUwMzQ4RURDN0M2
N0YwRjY5MTAeFw0yNDA1MjMwMDQ1MDRaFw0yNTA1MjIwMDUwMDRaMDMxMTAvBgNV
BAMTKEFBQTVCNzU2RjFDN0E1RUNCN0UwNDM4MzNFQUYwNjVBNUEzRUU0RTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5+lt1wze7wGDqrQNzR706vn+z
63MfASjOUi4DJwiUop1xzE4hIZ+fEzg1SDsrbBOa+MEuDZ/ncRcT3HbDX2sTY3d4
FkatmeB0YtfKCmto7sICvMQh/j7D6+nCqz4F3a25wGgtQgWB29AxWDJ6pa/prCE7
V3Dn/YY6Ih4S06Ei6VJ7ATbnhoSfccQF9Stwy36EViLtEdL3xM+DbC5kuG6xxZvs
/gEdCXREqJOVnoudxbkCl57G4ddPw2P7PNe/Tj+HsT7CZ8E6M9uQctYMZPhLEbfb
Vn6NW8TXq0dmnZMhpm4sc61tPWL8n9inQCosAHdvmdL0svKoF1GbuiG27uyfAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUqqW3VvHHpey34EODPq8GWlo+5OkwHwYDVR0j
BBgwFoAUliamEogUv6vTbYbgNI7cfGfw9pEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMzI4QjE4QzU2NzZBOTM3QUNENDZEMTk1NjUwNkMxQTlE
RDc4MUYyNzBEMjk5MkM1MjlCMTc1ODVDMDY1QjU5LzAvOTYyNkE2MTI4ODE0QkZB
QkQzNkQ4NkUwMzQ4RURDN0M2N0YwRjY5MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NjI2QTYxMjg4MTRCRkFCRDM2
RDg2RTAzNDhFREM3QzY3RjBGNjkxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDMyOEIxOEM1Njc2QTkzN0FDRDQ2RDE5NTY1MDZDMUE5REQ3ODFGMjcw
RDI5OTJDNTI5QjE3NTg1QzA2NUI1OS8wLzMxMzMzMTJlMzczMjJlMzEzNjM4MmUz
MDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzNjM5MzkzMTM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBg0io
MA0GCSqGSIb3DQEBCwUAA4IBAQA12yGB/qbxJ1J3Zxit3B5ULzIE7nIku8GhMb26
uE0Rix1Eaxoh1I5vLip8xjsFHDCCkT7DGYqGFc773JBuKpJaXXDdj+JpRChmUjyn
VuIDvIl7yyqSXKDZ6WuweKIhqc03uO3zdiHM6uKTZZ8DHPeXPQVsLF0ufI47h0ly
pSXTz7lwWA+QeOn4OnefYwUTXBfPqtknERqioIuF0nEuW9Wamu5VWJhq5v2ClXT/
KVfYi47bJWshiRN5mMBdTEKZy07Y57vBWldM+TzXKl457LqmfW4Icvo/iZa24TMD
DCcwAaWMXCWt1t6tcmSRC079tNrjvUsY8xM6VGAzVPlXdIEB
-----END CERTIFICATE-----