Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/04BB42195A3038A81C1F1200E30F8D51F752801E722B954EE7A5705D70C72CB0/0/3230312e3231392e3132382e302f31392d3234203d3e203230303135.roa
File:                     3230312e3231392e3132382e302f31392d3234203d3e203230303135.roa (raw, json)
Hash identifier:          fWrhXhF9scDrwi2L1Q/PPU9PBwyrbb5fCwbqrb9Zs4A=
Subject key identifier:   90:26:0F:78:93:AA:26:2E:29:66:D9:FD:E1:11:C0:F1:55:CD:87:A8
Certificate issuer:       /CN=BA56744DBF20010C478D63405BC3FD8408043C5B
Certificate serial:       4513B44A56768FCDA58279D286D105FF00B847C6
Authority key identifier: BA:56:74:4D:BF:20:01:0C:47:8D:63:40:5B:C3:FD:84:08:04:3C:5B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BA56744DBF20010C478D63405BC3FD8408043C5B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/04BB42195A3038A81C1F1200E30F8D51F752801E722B954EE7A5705D70C72CB0/0/3230312e3231392e3132382e302f31392d3234203d3e203230303135.roa
Signing time:             Tue 04 Feb 2025 18:32:30 +0000
ROA not before:           Tue 04 Feb 2025 18:27:30 +0000
ROA not after:            Tue 03 Feb 2026 18:32:30 +0000
asID:                     20015
IP address blocks:        201.219.128.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:13:b4:4a:56:76:8f:cd:a5:82:79:d2:86:d1:05:ff:00:b8:47:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BA56744DBF20010C478D63405BC3FD8408043C5B
        Validity
            Not Before: Feb  4 18:27:30 2025 GMT
            Not After : Feb  3 18:32:30 2026 GMT
        Subject: CN=90260F7893AA262E2966D9FDE111C0F155CD87A8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:e4:2d:c8:25:b8:a9:e4:a9:31:5c:9a:47:e7:
                    65:44:e3:98:da:8a:9f:e5:37:93:d9:b5:43:e3:63:
                    c9:34:18:32:ad:66:b6:a6:c2:84:c9:b2:26:23:b5:
                    71:83:9a:0c:f8:c0:7f:33:21:f5:84:9a:79:22:ed:
                    89:1a:48:e2:0c:6e:a4:6a:73:1b:ca:d3:c5:90:6b:
                    11:06:48:bf:66:d3:32:f1:74:57:5f:4c:cc:4d:13:
                    a4:dc:ef:95:cc:ea:6a:9f:1b:a5:32:f4:4f:47:9b:
                    0a:58:01:3c:d9:06:32:4a:8d:ab:2d:5f:2f:29:56:
                    b6:2e:fb:6e:de:53:69:34:a6:0c:4f:9e:19:b7:6d:
                    0a:c1:af:57:89:ce:ff:28:29:a2:68:09:88:fa:11:
                    8b:3e:da:15:79:cc:12:39:95:ea:3b:4b:99:c5:3f:
                    07:e6:0d:d9:df:3c:68:97:79:7e:2c:4c:73:89:87:
                    d6:98:f9:60:1a:c3:80:54:a6:53:75:e8:7e:f1:35:
                    31:f7:b3:22:f3:ba:ef:e0:a7:b9:d8:11:16:62:82:
                    69:c3:69:a1:37:de:08:20:4c:79:5f:ad:99:b2:7a:
                    df:93:e0:c2:29:31:c7:aa:63:2e:eb:e9:e7:4d:2c:
                    1e:23:84:1b:9c:b5:7f:e2:5b:c1:74:4f:08:a0:a5:
                    84:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:26:0F:78:93:AA:26:2E:29:66:D9:FD:E1:11:C0:F1:55:CD:87:A8
            X509v3 Authority Key Identifier:
                keyid:BA:56:74:4D:BF:20:01:0C:47:8D:63:40:5B:C3:FD:84:08:04:3C:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/04BB42195A3038A81C1F1200E30F8D51F752801E722B954EE7A5705D70C72CB0/0/BA56744DBF20010C478D63405BC3FD8408043C5B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BA56744DBF20010C478D63405BC3FD8408043C5B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/04BB42195A3038A81C1F1200E30F8D51F752801E722B954EE7A5705D70C72CB0/0/3230312e3231392e3132382e302f31392d3234203d3e203230303135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.219.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6d:84:b9:bf:cd:52:5d:78:8f:ad:2c:af:d3:2b:f8:d1:8f:9c:
         69:47:5a:45:9a:ad:a2:27:a0:35:97:ec:4e:6b:f8:27:db:0a:
         37:e0:c3:79:a9:b7:bc:55:06:c0:9e:1a:6d:99:56:2e:83:be:
         55:19:e5:6f:38:6c:25:bf:84:94:78:74:e9:21:6d:35:b5:32:
         47:67:8d:18:2e:c3:fa:25:f7:92:cf:4e:5e:8d:99:23:61:b2:
         66:b0:62:d2:ac:0c:89:3b:4b:7e:42:a3:fd:2e:63:fb:8c:22:
         d8:32:2c:d3:9e:f6:bb:74:58:db:b5:2d:29:a4:ef:5b:6e:0d:
         92:df:e3:58:56:39:f9:8b:37:09:2b:a0:2f:b3:da:ef:a7:0d:
         8b:7f:1b:6c:4f:33:f1:ed:39:83:f9:e5:77:4d:b6:5b:56:55:
         25:0d:1b:fc:35:6c:6c:30:c7:29:e0:ce:6b:21:64:05:35:08:
         a9:4e:92:fe:fd:35:73:c2:58:ba:b9:c3:a3:70:47:05:04:94:
         0e:1f:af:6f:68:ff:19:10:ce:30:cb:2a:89:8d:97:ae:81:c1:
         35:d3:98:ac:07:e6:e1:93:f1:4e:26:9b:43:3a:d0:f5:ad:6c:
         82:ca:fc:3c:bb:1f:53:66:d5:87:dc:25:6a:91:d6:da:2d:7e:
         94:55:0a:44
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIURRO0SlZ2j82lgnnShtEF/wC4R8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkE1Njc0NERCRjIwMDEwQzQ3OEQ2MzQwNUJDM0ZEODQw
ODA0M0M1QjAeFw0yNTAyMDQxODI3MzBaFw0yNjAyMDMxODMyMzBaMDMxMTAvBgNV
BAMTKDkwMjYwRjc4OTNBQTI2MkUyOTY2RDlGREUxMTFDMEYxNTVDRDg3QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq5C3IJbip5KkxXJpH52VE45ja
ip/lN5PZtUPjY8k0GDKtZramwoTJsiYjtXGDmgz4wH8zIfWEmnki7YkaSOIMbqRq
cxvK08WQaxEGSL9m0zLxdFdfTMxNE6Tc75XM6mqfG6Uy9E9HmwpYATzZBjJKjast
Xy8pVrYu+27eU2k0pgxPnhm3bQrBr1eJzv8oKaJoCYj6EYs+2hV5zBI5leo7S5nF
PwfmDdnfPGiXeX4sTHOJh9aY+WAaw4BUplN16H7xNTH3syLzuu/gp7nYERZigmnD
aaE33gggTHlfrZmyet+T4MIpMceqYy7r6edNLB4jhBuctX/iW8F0TwigpYT3AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUkCYPeJOqJi4pZtn94RHA8VXNh6gwHwYDVR0j
BBgwFoAUulZ0Tb8gAQxHjWNAW8P9hAgEPFswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNEJCNDIxOTVBMzAzOEE4MUMxRjEyMDBFMzBGOEQ1MUY3
NTI4MDFFNzIyQjk1NEVFN0E1NzA1RDcwQzcyQ0IwLzAvQkE1Njc0NERCRjIwMDEw
QzQ3OEQ2MzQwNUJDM0ZEODQwODA0M0M1Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CQTU2NzQ0REJGMjAwMTBDNDc4
RDYzNDA1QkMzRkQ4NDA4MDQzQzVCLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDRCQjQyMTk1QTMwMzhBODFDMUYxMjAwRTMwRjhENTFGNzUyODAxRTcy
MkI5NTRFRTdBNTcwNUQ3MEM3MkNCMC8wLzMyMzAzMTJlMzIzMTM5MmUzMTMyMzgy
ZTMwMmYzMTM5MmQzMjM0MjAzZDNlMjAzMjMwMzAzMTM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFyduA
MA0GCSqGSIb3DQEBCwUAA4IBAQBthLm/zVJdeI+tLK/TK/jRj5xpR1pFmq2iJ6A1
l+xOa/gn2wo34MN5qbe8VQbAnhptmVYug75VGeVvOGwlv4SUeHTpIW01tTJHZ40Y
LsP6JfeSz05ejZkjYbJmsGLSrAyJO0t+QqP9LmP7jCLYMizTnva7dFjbtS0ppO9b
bg2S3+NYVjn5izcJK6Avs9rvpw2LfxtsTzPx7TmD+eV3TbZbVlUlDRv8NWxsMMcp
4M5rIWQFNQipTpL+/TVzwli6ucOjcEcFBJQOH69vaP8ZEM4wyyqJjZeugcE105is
B+bhk/FOJptDOtD1rWyCyvw8ux9TZtWH3CVqkdbaLX6UVQpE
-----END CERTIFICATE-----