Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/05DE10193EA69825A80D66FF6CDA6A07515E86293506DAA9B559CF742E8AD847/0/3136382e3139342e3138302e302f32322d3234203d3e203237373437.roa
File:                     3136382e3139342e3138302e302f32322d3234203d3e203237373437.roa (raw, json)
Hash identifier:          8FL7m28VLUzLVsc2pjmgGREs7J6F1KJ2Nku/YARLFpg=
Subject key identifier:   9E:D3:DC:39:BE:29:B3:A2:CF:CC:4D:96:1A:89:86:32:A1:94:17:F8
Certificate issuer:       /CN=2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89
Certificate serial:       1807A8F90DFEFF5CB0380BDB0A94EC8975124D88
Authority key identifier: 2C:09:96:B2:CA:51:69:CE:A2:CE:5B:99:EA:E2:4D:BE:CD:A3:7C:89
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/05DE10193EA69825A80D66FF6CDA6A07515E86293506DAA9B559CF742E8AD847/0/3136382e3139342e3138302e302f32322d3234203d3e203237373437.roa
Signing time:             Tue 04 Feb 2025 18:34:51 +0000
ROA not before:           Tue 04 Feb 2025 18:29:51 +0000
ROA not after:            Tue 03 Feb 2026 18:34:51 +0000
asID:                     27747
IP address blocks:        168.194.180.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:07:a8:f9:0d:fe:ff:5c:b0:38:0b:db:0a:94:ec:89:75:12:4d:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89
        Validity
            Not Before: Feb  4 18:29:51 2025 GMT
            Not After : Feb  3 18:34:51 2026 GMT
        Subject: CN=9ED3DC39BE29B3A2CFCC4D961A898632A19417F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8d:c3:96:c4:1e:d9:e2:fb:55:f4:c5:da:98:
                    93:e5:f4:a5:9e:45:f9:bc:0c:8e:19:c9:f6:55:51:
                    7e:48:a5:75:c8:6c:c7:59:90:b8:a5:72:e6:d4:0b:
                    bb:0a:ae:88:9f:de:f8:8e:27:b6:54:d2:9c:ea:cc:
                    75:d5:46:f6:51:05:25:07:b5:12:44:2a:2c:bc:2a:
                    5c:60:c0:29:1c:3f:c4:63:04:98:fa:4e:0c:cb:46:
                    57:d9:8a:23:e0:52:00:55:78:4e:f3:8d:70:d1:d2:
                    d8:66:7e:24:c0:e6:75:dc:6b:8b:53:47:e2:a2:a8:
                    d9:c7:cb:f6:63:90:be:74:cc:21:99:3e:36:90:32:
                    6e:bd:7e:2f:d0:26:37:0d:d4:d4:fe:b4:fc:9d:8f:
                    26:59:35:d9:0f:3b:2a:d6:61:77:46:a9:44:b0:6e:
                    86:94:ca:38:f0:dc:56:32:59:1f:97:dd:2b:d7:86:
                    e8:6c:8d:97:bf:91:fa:37:c1:53:86:0c:97:e5:c0:
                    f0:a5:af:7b:00:12:5d:3a:a3:e5:2e:d8:5b:78:d4:
                    5f:9a:89:67:e7:45:0a:8b:b8:41:4e:fb:bf:e3:a8:
                    72:8d:e6:d7:55:ef:d2:22:c7:07:cd:e1:e6:e4:08:
                    42:e9:b1:60:48:5d:7f:0d:1c:14:c5:2e:57:a3:81:
                    7d:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:D3:DC:39:BE:29:B3:A2:CF:CC:4D:96:1A:89:86:32:A1:94:17:F8
            X509v3 Authority Key Identifier:
                keyid:2C:09:96:B2:CA:51:69:CE:A2:CE:5B:99:EA:E2:4D:BE:CD:A3:7C:89

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/05DE10193EA69825A80D66FF6CDA6A07515E86293506DAA9B559CF742E8AD847/0/2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2C0996B2CA5169CEA2CE5B99EAE24DBECDA37C89.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/05DE10193EA69825A80D66FF6CDA6A07515E86293506DAA9B559CF742E8AD847/0/3136382e3139342e3138302e302f32322d3234203d3e203237373437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.194.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         59:e4:83:f7:f9:63:92:78:ce:7e:f2:a8:0c:5d:16:33:0d:73:
         92:77:4a:5f:f7:94:c5:88:ab:fd:06:17:28:59:5f:ca:de:6c:
         b4:97:3e:b9:68:49:c2:ba:98:6b:21:f8:24:1e:8e:6a:6e:d0:
         2d:a8:ec:a2:2d:d9:cc:2e:c3:be:94:7e:7b:6b:11:95:18:9b:
         1b:e2:ab:8c:69:8e:8d:ff:fc:b7:dc:1c:b3:b1:74:8f:12:50:
         25:77:1f:df:18:d7:8f:56:89:d7:3e:03:7d:14:d3:9d:a3:3a:
         0d:22:ab:f3:4d:b4:05:8a:04:8c:63:60:d2:5a:c5:92:85:d7:
         91:c6:0f:6f:18:78:73:82:d2:2a:34:12:ce:68:af:f9:fe:87:
         15:04:c0:3e:4b:c2:70:93:5c:ce:05:26:33:a8:4c:be:4d:4f:
         9c:36:9d:15:e0:99:0e:67:2c:93:eb:5c:1c:7d:c6:ae:28:5c:
         ce:de:f8:59:51:5d:f6:96:e8:0c:13:50:5a:39:2b:71:83:f0:
         4a:ad:7c:91:35:15:67:9b:5a:a2:9f:08:a4:92:3b:a5:c5:c4:
         6e:db:73:d8:72:3b:13:f6:a8:73:37:ae:cd:73:9f:67:92:ad:
         7f:92:c6:9a:11:dd:eb:4e:34:da:64:37:b9:54:0a:3c:dd:24:
         1b:88:7b:6e
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUGAeo+Q3+/1ywOAvbCpTsiXUSTYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkMwOTk2QjJDQTUxNjlDRUEyQ0U1Qjk5RUFFMjREQkVD
REEzN0M4OTAeFw0yNTAyMDQxODI5NTFaFw0yNjAyMDMxODM0NTFaMDMxMTAvBgNV
BAMTKDlFRDNEQzM5QkUyOUIzQTJDRkNDNEQ5NjFBODk4NjMyQTE5NDE3RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnjcOWxB7Z4vtV9MXamJPl9KWe
Rfm8DI4ZyfZVUX5IpXXIbMdZkLilcubUC7sKroif3viOJ7ZU0pzqzHXVRvZRBSUH
tRJEKiy8KlxgwCkcP8RjBJj6TgzLRlfZiiPgUgBVeE7zjXDR0thmfiTA5nXca4tT
R+KiqNnHy/ZjkL50zCGZPjaQMm69fi/QJjcN1NT+tPydjyZZNdkPOyrWYXdGqUSw
boaUyjjw3FYyWR+X3SvXhuhsjZe/kfo3wVOGDJflwPClr3sAEl06o+Uu2Ft41F+a
iWfnRQqLuEFO+7/jqHKN5tdV79IixwfN4ebkCELpsWBIXX8NHBTFLlejgX27AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUntPcOb4ps6LPzE2WGomGMqGUF/gwHwYDVR0j
BBgwFoAULAmWsspRac6izluZ6uJNvs2jfIkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wNURFMTAxOTNFQTY5ODI1QTgwRDY2RkY2Q0RBNkEwNzUx
NUU4NjI5MzUwNkRBQTlCNTU5Q0Y3NDJFOEFEODQ3LzAvMkMwOTk2QjJDQTUxNjlD
RUEyQ0U1Qjk5RUFFMjREQkVDREEzN0M4OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yQzA5OTZCMkNBNTE2OUNFQTJD
RTVCOTlFQUUyNERCRUNEQTM3Qzg5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDVERTEwMTkzRUE2OTgyNUE4MEQ2NkZGNkNEQTZBMDc1MTVFODYyOTM1
MDZEQUE5QjU1OUNGNzQyRThBRDg0Ny8wLzMxMzYzODJlMzEzOTM0MmUzMTM4MzAy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM3MzczNDM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqMK0
MA0GCSqGSIb3DQEBCwUAA4IBAQBZ5IP3+WOSeM5+8qgMXRYzDXOSd0pf95TFiKv9
BhcoWV/K3my0lz65aEnCuphrIfgkHo5qbtAtqOyiLdnMLsO+lH57axGVGJsb4quM
aY6N//y33ByzsXSPElAldx/fGNePVonXPgN9FNOdozoNIqvzTbQFigSMY2DSWsWS
hdeRxg9vGHhzgtIqNBLOaK/5/ocVBMA+S8Jwk1zOBSYzqEy+TU+cNp0V4JkOZyyT
61wcfcauKFzO3vhZUV32lugME1BaOStxg/BKrXyRNRVnm1qinwikkjulxcRu23PY
cjsT9qhzN67Nc59nkq1/ksaaEd3rTjTaZDe5VAo83SQbiHtu
-----END CERTIFICATE-----