Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3138362e352e3233322e302f32312d3234203d3e203631343636.roa
File:                     3138362e352e3233322e302f32312d3234203d3e203631343636.roa (raw, json)
Hash identifier:          SOZFKgGuX2JUj3H+iEFRH+yqCc7E4A4dOzb+wWhb53w=
Subject key identifier:   83:58:23:68:B9:2D:0B:92:C7:10:4F:69:15:D5:EC:45:0C:3D:13:8C
Certificate issuer:       /CN=B3AC8703592539ADD492A1BDC08E997B67459567
Certificate serial:       734B311075A90AED534A2CF082EC70CAFD8E4C09
Authority key identifier: B3:AC:87:03:59:25:39:AD:D4:92:A1:BD:C0:8E:99:7B:67:45:95:67
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3138362e352e3233322e302f32312d3234203d3e203631343636.roa
Signing time:             Tue 04 Feb 2025 18:25:11 +0000
ROA not before:           Tue 04 Feb 2025 18:20:11 +0000
ROA not after:            Tue 03 Feb 2026 18:25:11 +0000
asID:                     61466
IP address blocks:        186.5.232.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:4b:31:10:75:a9:0a:ed:53:4a:2c:f0:82:ec:70:ca:fd:8e:4c:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B3AC8703592539ADD492A1BDC08E997B67459567
        Validity
            Not Before: Feb  4 18:20:11 2025 GMT
            Not After : Feb  3 18:25:11 2026 GMT
        Subject: CN=83582368B92D0B92C7104F6915D5EC450C3D138C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:0f:24:34:fb:86:ed:b4:26:3b:c8:98:1b:1a:
                    50:ce:da:0d:9d:2e:d4:64:a7:58:41:f0:08:68:26:
                    92:22:80:e8:f7:da:90:bc:cc:8b:b6:12:b5:19:ab:
                    ef:4e:db:58:a0:2c:d9:9a:11:a7:9f:9c:1b:01:3e:
                    0e:68:42:c2:3f:96:84:6c:55:6c:fd:25:48:d9:1f:
                    f0:7f:a2:fa:a4:5f:25:49:e4:b5:9d:03:64:2e:82:
                    d4:b2:7b:6b:38:4f:93:bc:bb:69:5b:c8:ac:ba:fd:
                    58:10:fe:7b:41:6f:82:67:41:cd:26:8d:e4:14:44:
                    d1:6b:1e:13:9b:a7:5d:ea:e3:00:52:b8:9f:6b:8b:
                    dc:14:d1:e6:e6:9a:24:0f:35:52:40:3e:41:de:8e:
                    3d:66:08:75:50:c1:ae:0a:be:76:9d:d1:b3:6b:99:
                    bb:2e:83:e8:87:2d:99:43:93:01:f5:09:9a:f2:ae:
                    bf:dd:a0:c9:30:84:78:bd:85:10:6f:f7:d6:95:67:
                    64:64:c3:22:e9:23:63:56:a5:dc:d5:b6:19:2e:6f:
                    2f:d8:c3:0d:98:33:5e:e5:61:8d:0b:8b:87:ff:80:
                    6e:6e:33:5b:d9:a0:c1:99:0e:f7:17:b7:d9:ad:9f:
                    a5:64:e1:f7:5e:79:8b:0b:13:2a:ae:e4:74:40:dc:
                    ba:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:58:23:68:B9:2D:0B:92:C7:10:4F:69:15:D5:EC:45:0C:3D:13:8C
            X509v3 Authority Key Identifier:
                keyid:B3:AC:87:03:59:25:39:AD:D4:92:A1:BD:C0:8E:99:7B:67:45:95:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/B3AC8703592539ADD492A1BDC08E997B67459567.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3AC8703592539ADD492A1BDC08E997B67459567.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/11559AA3349FE2D65A5A5769913573A99718D43DA2D0DFBB5C3C5FE9D0DEEE4D/0/3138362e352e3233322e302f32312d3234203d3e203631343636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.5.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         69:00:ab:6f:df:de:dc:7e:4e:48:61:38:37:29:5d:66:01:6b:
         61:eb:f7:55:d5:9b:e9:58:f0:ed:7a:4f:9a:31:40:e7:57:c4:
         72:3a:38:06:7b:22:55:9a:59:0e:6b:7f:35:1b:f7:b7:cc:66:
         fc:9a:3f:c7:3e:fa:e2:a8:83:a2:e6:04:cb:53:76:c9:bc:0f:
         1b:36:e7:9a:43:29:c6:b7:e3:56:92:2d:91:99:7c:a0:f2:b0:
         3b:f5:2a:e9:15:d1:4b:d2:38:74:b0:d7:02:8f:3f:bc:eb:ad:
         06:8f:48:81:1b:f7:c8:b1:b0:26:e7:0e:55:d0:a3:80:cf:9e:
         10:9e:27:5a:fd:33:f4:2c:3e:bb:e3:87:93:c1:e1:68:8e:c6:
         ec:38:0a:75:c9:0c:e5:43:c3:b0:76:38:eb:be:8f:55:c0:1c:
         d1:57:17:1f:56:03:f9:78:2b:de:ae:a1:8c:a6:40:1a:7f:1f:
         85:8f:40:dc:ff:5e:be:3a:41:54:a0:fc:af:db:2b:b0:63:86:
         14:54:73:f9:46:41:d9:86:b3:0a:4c:e9:98:74:71:45:a5:8d:
         7f:89:30:d6:74:6b:77:27:18:99:1d:af:47:41:64:34:df:db:
         ed:bc:af:d4:02:9c:4b:c4:b0:2e:24:ca:94:51:c1:1c:0b:0a:
         42:77:d9:28
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUc0sxEHWpCu1TSizwguxwyv2OTAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjNBQzg3MDM1OTI1MzlBREQ0OTJBMUJEQzA4RTk5N0I2
NzQ1OTU2NzAeFw0yNTAyMDQxODIwMTFaFw0yNjAyMDMxODI1MTFaMDMxMTAvBgNV
BAMTKDgzNTgyMzY4QjkyRDBCOTJDNzEwNEY2OTE1RDVFQzQ1MEMzRDEzOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWDyQ0+4bttCY7yJgbGlDO2g2d
LtRkp1hB8AhoJpIigOj32pC8zIu2ErUZq+9O21igLNmaEaefnBsBPg5oQsI/loRs
VWz9JUjZH/B/ovqkXyVJ5LWdA2QugtSye2s4T5O8u2lbyKy6/VgQ/ntBb4JnQc0m
jeQURNFrHhObp13q4wBSuJ9ri9wU0ebmmiQPNVJAPkHejj1mCHVQwa4Kvnad0bNr
mbsug+iHLZlDkwH1CZryrr/doMkwhHi9hRBv99aVZ2RkwyLpI2NWpdzVthkuby/Y
ww2YM17lYY0Li4f/gG5uM1vZoMGZDvcXt9mtn6Vk4fdeeYsLEyqu5HRA3Lo9AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUg1gjaLktC5LHEE9pFdXsRQw9E4wwHwYDVR0j
BBgwFoAUs6yHA1klOa3UkqG9wI6Ze2dFlWcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMTU1OUFBMzM0OUZFMkQ2NUE1QTU3Njk5MTM1NzNBOTk3
MThENDNEQTJEMERGQkI1QzNDNUZFOUQwREVFRTRELzAvQjNBQzg3MDM1OTI1MzlB
REQ0OTJBMUJEQzA4RTk5N0I2NzQ1OTU2Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CM0FDODcwMzU5MjUzOUFERDQ5
MkExQkRDMDhFOTk3QjY3NDU5NTY3LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTE1NTlBQTMzNDlGRTJENjVBNUE1NzY5OTEzNTczQTk5NzE4RDQzREEy
RDBERkJCNUMzQzVGRTlEMERFRUU0RC8wLzMxMzgzNjJlMzUyZTMyMzMzMjJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDM2MzEzNDM2MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO6BegwDQYJ
KoZIhvcNAQELBQADggEBAGkAq2/f3tx+TkhhODcpXWYBa2Hr91XVm+lY8O16T5ox
QOdXxHI6OAZ7IlWaWQ5rfzUb97fMZvyaP8c++uKog6LmBMtTdsm8Dxs255pDKca3
41aSLZGZfKDysDv1KukV0UvSOHSw1wKPP7zrrQaPSIEb98ixsCbnDlXQo4DPnhCe
J1r9M/QsPrvjh5PB4WiOxuw4CnXJDOVDw7B2OOu+j1XAHNFXFx9WA/l4K96uoYym
QBp/H4WPQNz/Xr46QVSg/K/bK7BjhhRUc/lGQdmGswpM6Zh0cUWljX+JMNZ0a3cn
GJkdr0dBZDTf2+28r9QCnEvEsC4kypRRwRwLCkJ32Sg=
-----END CERTIFICATE-----