Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/14C42BDE910BAA62EDD4E8746D255602440A5CFED3B4A483B3E30AB84CCFDE2A/0/3134332e3235352e3135362e302f32342d3234203d3e203435343730.roa
File:                     3134332e3235352e3135362e302f32342d3234203d3e203435343730.roa (raw, json)
Hash identifier:          9tLx3BNMBY4yKV+0wRCWdsklF99GjGnQZaHMcSOx6ZQ=
Subject key identifier:   F1:3B:54:70:ED:10:C4:C3:FC:BF:7D:59:77:71:86:3A:B4:16:E8:A2
Certificate issuer:       /CN=C0B7886622A538FD5E3C3C91D6B6A0DF2665C78D
Certificate serial:       1302E29A57FAEB873FD71F4532983DE17391A8EB
Authority key identifier: C0:B7:88:66:22:A5:38:FD:5E:3C:3C:91:D6:B6:A0:DF:26:65:C7:8D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C0B7886622A538FD5E3C3C91D6B6A0DF2665C78D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/14C42BDE910BAA62EDD4E8746D255602440A5CFED3B4A483B3E30AB84CCFDE2A/0/3134332e3235352e3135362e302f32342d3234203d3e203435343730.roa
Signing time:             Tue 04 Feb 2025 18:18:36 +0000
ROA not before:           Tue 04 Feb 2025 18:13:36 +0000
ROA not after:            Tue 03 Feb 2026 18:18:36 +0000
asID:                     45470
IP address blocks:        143.255.156.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:02:e2:9a:57:fa:eb:87:3f:d7:1f:45:32:98:3d:e1:73:91:a8:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C0B7886622A538FD5E3C3C91D6B6A0DF2665C78D
        Validity
            Not Before: Feb  4 18:13:36 2025 GMT
            Not After : Feb  3 18:18:36 2026 GMT
        Subject: CN=F13B5470ED10C4C3FCBF7D597771863AB416E8A2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1a:e1:3f:0b:bc:97:4c:94:49:ec:67:4e:95:
                    c9:0b:ce:38:58:28:b6:07:cf:eb:95:86:95:8b:6e:
                    24:fb:fe:cc:e2:2a:c1:b3:7f:ae:79:58:fe:35:f8:
                    77:58:8b:ed:a2:3e:16:d6:8e:02:e7:d4:ba:13:a3:
                    5b:18:73:d2:6e:fa:19:9a:fd:47:75:2b:6b:a7:14:
                    d4:5e:76:09:ea:39:1b:d2:f7:45:cd:8f:3a:54:ab:
                    69:b6:a1:a6:93:2b:81:e3:c5:dd:38:af:24:93:c5:
                    b0:7b:86:f5:14:4c:42:f7:e7:f8:4a:10:c3:c4:2f:
                    a2:6c:60:d3:be:33:f8:c4:bb:ec:c7:a6:21:35:01:
                    30:fe:33:0e:d7:04:57:b7:04:33:6c:8e:94:6e:3a:
                    f5:d9:d6:6a:4f:50:ae:25:3e:bc:34:7e:7a:a5:aa:
                    27:c1:e0:91:43:0a:a8:a6:4f:fc:6b:f4:b2:c4:54:
                    02:74:92:78:87:b3:39:24:0f:62:6f:f6:a7:d8:e4:
                    7e:fd:41:91:88:bf:65:4a:0e:7a:76:a3:93:e2:12:
                    a8:60:e3:7e:82:f9:91:fe:d0:69:98:da:d9:b2:d2:
                    42:f5:35:a3:c6:2f:6f:32:8d:bd:85:ab:dc:58:da:
                    d8:65:b2:f8:d2:24:53:56:9f:96:ec:38:2e:21:ca:
                    d1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:3B:54:70:ED:10:C4:C3:FC:BF:7D:59:77:71:86:3A:B4:16:E8:A2
            X509v3 Authority Key Identifier:
                keyid:C0:B7:88:66:22:A5:38:FD:5E:3C:3C:91:D6:B6:A0:DF:26:65:C7:8D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/14C42BDE910BAA62EDD4E8746D255602440A5CFED3B4A483B3E30AB84CCFDE2A/0/C0B7886622A538FD5E3C3C91D6B6A0DF2665C78D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C0B7886622A538FD5E3C3C91D6B6A0DF2665C78D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/14C42BDE910BAA62EDD4E8746D255602440A5CFED3B4A483B3E30AB84CCFDE2A/0/3134332e3235352e3135362e302f32342d3234203d3e203435343730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.255.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:6a:1e:22:c0:e3:3d:8b:6f:d2:29:40:08:89:25:f9:11:4d:
         9a:c9:21:ba:0a:cb:d5:84:18:95:19:6f:f8:80:d6:a9:a2:f0:
         22:02:46:87:52:f3:54:55:49:93:cb:b3:1e:b6:9b:43:6d:90:
         91:d8:5c:54:33:e1:1a:db:30:0e:99:2f:29:95:08:17:72:4b:
         21:64:06:34:da:3c:d7:64:30:a4:58:a4:68:5d:1f:38:2d:d1:
         1e:f3:75:78:09:74:d5:15:6e:dc:0f:92:01:f0:c2:35:88:9c:
         99:58:23:df:6a:ea:fd:7e:07:75:a5:c5:f6:3a:15:0f:63:79:
         cc:61:cb:0c:c3:f2:d1:b8:3b:9d:59:c6:88:34:18:7d:22:9b:
         5a:78:3d:c5:e4:7e:1a:75:83:4e:f9:9e:0a:df:e5:4c:17:be:
         41:4e:f8:b5:92:4c:ea:a4:db:78:7c:af:15:27:aa:94:0a:eb:
         83:f7:4d:85:06:3b:7f:32:d4:3c:c1:f2:31:66:6a:8c:50:ae:
         9d:7b:48:0f:b7:35:e7:5c:b2:1a:71:b0:5f:ad:4b:c7:ee:db:
         2d:a4:72:d9:29:9d:d6:45:e0:2f:2a:6e:ef:95:97:f6:cb:06:
         c5:8a:a1:54:25:9c:1d:78:12:65:e3:e3:76:4c:24:8e:86:3c:
         bd:ec:1f:64
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUEwLimlf664c/1x9FMpg94XORqOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzBCNzg4NjYyMkE1MzhGRDVFM0MzQzkxRDZCNkEwREYy
NjY1Qzc4RDAeFw0yNTAyMDQxODEzMzZaFw0yNjAyMDMxODE4MzZaMDMxMTAvBgNV
BAMTKEYxM0I1NDcwRUQxMEM0QzNGQ0JGN0Q1OTc3NzE4NjNBQjQxNkU4QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4GuE/C7yXTJRJ7GdOlckLzjhY
KLYHz+uVhpWLbiT7/sziKsGzf655WP41+HdYi+2iPhbWjgLn1LoTo1sYc9Ju+hma
/Ud1K2unFNRedgnqORvS90XNjzpUq2m2oaaTK4Hjxd04rySTxbB7hvUUTEL35/hK
EMPEL6JsYNO+M/jEu+zHpiE1ATD+Mw7XBFe3BDNsjpRuOvXZ1mpPUK4lPrw0fnql
qifB4JFDCqimT/xr9LLEVAJ0kniHszkkD2Jv9qfY5H79QZGIv2VKDnp2o5PiEqhg
436C+ZH+0GmY2tmy0kL1NaPGL28yjb2Fq9xY2thlsvjSJFNWn5bsOC4hytFTAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU8TtUcO0QxMP8v31Zd3GGOrQW6KIwHwYDVR0j
BBgwFoAUwLeIZiKlOP1ePDyR1rag3yZlx40wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNEM0MkJERTkxMEJBQTYyRURENEU4NzQ2RDI1NTYwMjQ0
MEE1Q0ZFRDNCNEE0ODNCM0UzMEFCODRDQ0ZERTJBLzAvQzBCNzg4NjYyMkE1MzhG
RDVFM0MzQzkxRDZCNkEwREYyNjY1Qzc4RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMEI3ODg2NjIyQTUzOEZENUUz
QzNDOTFENkI2QTBERjI2NjVDNzhELmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTRDNDJCREU5MTBCQUE2MkVERDRFODc0NkQyNTU2MDI0NDBBNUNGRUQz
QjRBNDgzQjNFMzBBQjg0Q0NGREUyQS8wLzMxMzQzMzJlMzIzNTM1MmUzMTM1MzYy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM1MzQzNzMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAj/+c
MA0GCSqGSIb3DQEBCwUAA4IBAQCFah4iwOM9i2/SKUAIiSX5EU2aySG6CsvVhBiV
GW/4gNapovAiAkaHUvNUVUmTy7MetptDbZCR2FxUM+Ea2zAOmS8plQgXckshZAY0
2jzXZDCkWKRoXR84LdEe83V4CXTVFW7cD5IB8MI1iJyZWCPfaur9fgd1pcX2OhUP
Y3nMYcsMw/LRuDudWcaINBh9IptaeD3F5H4adYNO+Z4K3+VMF75BTvi1kkzqpNt4
fK8VJ6qUCuuD902FBjt/MtQ8wfIxZmqMUK6de0gPtzXnXLIacbBfrUvH7tstpHLZ
KZ3WReAvKm7vlZf2ywbFiqFUJZwdeBJl4+N2TCSOhjy97B9k
-----END CERTIFICATE-----