Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3138312e3138342e302f32342d3234203d3e203237383233.roa
File:                     3136382e3138312e3138342e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          D+sAkQ4/dHxxJI6gBYddhv84hYRseRhb1hI5v7rNl+8=
Subject key identifier:   D8:C9:D7:CB:5B:23:5C:E0:5D:69:9E:86:C8:CA:15:BE:DE:B8:08:D5
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       32722CC8D5217E7F5E8E7AA6E0A26F0C08A51400
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3138312e3138342e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:10 +0000
ROA not before:           Tue 04 Feb 2025 18:03:10 +0000
ROA not after:            Tue 03 Feb 2026 18:08:10 +0000
asID:                     27823
IP address blocks:        168.181.184.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:72:2c:c8:d5:21:7e:7f:5e:8e:7a:a6:e0:a2:6f:0c:08:a5:14:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:10 2025 GMT
            Not After : Feb  3 18:08:10 2026 GMT
        Subject: CN=D8C9D7CB5B235CE05D699E86C8CA15BEDEB808D5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:45:5b:47:aa:3b:0a:60:fb:d4:90:6a:7a:52:
                    f5:4e:f2:2a:d7:4e:81:df:07:b0:b1:e9:81:93:22:
                    e2:ca:12:29:c4:21:43:e9:9e:54:31:0f:2c:c2:9e:
                    3d:18:ed:04:73:e1:a4:ca:bb:e2:19:56:40:84:5e:
                    be:4e:75:cb:68:d9:68:bf:80:c9:b0:04:a5:01:65:
                    d3:db:b8:06:32:71:c8:85:a1:07:70:d7:c4:d8:29:
                    58:27:f8:e3:dd:90:58:5f:5e:06:59:a8:48:e8:98:
                    d5:b5:4e:57:d0:15:9d:a6:ce:6a:8a:16:a8:97:da:
                    7b:77:53:ad:81:27:cd:b6:57:65:b6:11:1c:d2:0e:
                    12:f0:a3:29:77:94:93:95:44:33:cd:04:81:75:34:
                    cf:0a:00:a5:59:5a:59:73:3c:43:40:c4:2f:01:ba:
                    96:01:96:55:5f:c4:42:88:a1:30:65:04:8e:30:6e:
                    2d:18:b4:36:0e:a6:2c:00:34:0c:ed:0b:36:79:19:
                    d1:f4:30:67:d2:35:ce:ec:a0:2c:00:34:1f:2d:58:
                    b2:6b:e4:ad:07:af:20:c1:fa:53:d6:ea:0f:a7:38:
                    23:4c:a1:bc:70:c5:25:89:ca:85:1f:12:e8:64:94:
                    eb:c3:12:35:f0:67:83:0d:4a:fe:5a:aa:df:54:cf:
                    5b:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:C9:D7:CB:5B:23:5C:E0:5D:69:9E:86:C8:CA:15:BE:DE:B8:08:D5
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3136382e3138312e3138342e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.181.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:37:ee:e6:b3:58:ee:3e:fe:4c:ab:49:d5:5a:e2:0d:86:9a:
         28:9a:99:57:81:27:8e:2c:dd:ad:9d:68:5d:06:21:70:88:eb:
         12:6c:65:8f:ec:11:8d:27:95:a9:1a:0a:81:a7:68:96:6c:46:
         f4:4a:ba:e8:5c:b5:63:52:91:5b:9a:21:c5:6a:c5:fa:c7:04:
         ef:1c:d2:ba:53:d0:5a:85:27:6c:1d:de:d9:0e:ff:bb:27:67:
         7b:81:2f:80:54:0a:b9:a8:72:b3:94:51:21:50:ea:31:a1:cf:
         94:eb:24:27:16:a2:1d:6c:fe:28:40:2c:58:98:b0:13:49:ed:
         29:3c:2c:69:02:f7:ec:01:a5:ab:a1:af:f1:81:6d:f6:0a:5f:
         8c:20:f3:f5:02:17:70:b7:cc:56:52:8c:6a:21:a1:08:71:2e:
         04:3d:1b:92:d1:21:83:f5:3c:05:f5:18:82:11:42:4b:46:3d:
         db:9d:91:5a:e8:1e:a2:33:96:03:c3:3a:25:a0:fc:94:a0:29:
         55:4e:2e:93:01:e2:b5:78:82:a9:c6:24:0b:41:c7:ff:06:82:
         3e:a9:52:e4:c8:29:3b:ab:72:2c:58:1e:8d:6a:db:87:f2:5e:
         4b:1e:e0:7a:5e:4a:b9:0e:af:0d:6a:e4:b4:9a:f6:d5:06:3b:
         13:a1:a0:38
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUMnIsyNUhfn9ejnqm4KJvDAilFAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTBaFw0yNjAyMDMxODA4MTBaMDMxMTAvBgNV
BAMTKEQ4QzlEN0NCNUIyMzVDRTA1RDY5OUU4NkM4Q0ExNUJFREVCODA4RDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0RVtHqjsKYPvUkGp6UvVO8irX
ToHfB7Cx6YGTIuLKEinEIUPpnlQxDyzCnj0Y7QRz4aTKu+IZVkCEXr5Odcto2Wi/
gMmwBKUBZdPbuAYycciFoQdw18TYKVgn+OPdkFhfXgZZqEjomNW1TlfQFZ2mzmqK
FqiX2nt3U62BJ822V2W2ERzSDhLwoyl3lJOVRDPNBIF1NM8KAKVZWllzPENAxC8B
upYBllVfxEKIoTBlBI4wbi0YtDYOpiwANAztCzZ5GdH0MGfSNc7soCwANB8tWLJr
5K0HryDB+lPW6g+nOCNMobxwxSWJyoUfEuhklOvDEjXwZ4MNSv5aqt9Uz1tNAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU2MnXy1sjXOBdaZ6GyMoVvt64CNUwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMxMzYzODJlMzEzODMxMmUzMTM4MzQy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzgzMjMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqLW4
MA0GCSqGSIb3DQEBCwUAA4IBAQAaN+7ms1juPv5Mq0nVWuINhpoomplXgSeOLN2t
nWhdBiFwiOsSbGWP7BGNJ5WpGgqBp2iWbEb0SrroXLVjUpFbmiHFasX6xwTvHNK6
U9BahSdsHd7ZDv+7J2d7gS+AVAq5qHKzlFEhUOoxoc+U6yQnFqIdbP4oQCxYmLAT
Se0pPCxpAvfsAaWroa/xgW32Cl+MIPP1Ahdwt8xWUoxqIaEIcS4EPRuS0SGD9TwF
9RiCEUJLRj3bnZFa6B6iM5YDwzoloPyUoClVTi6TAeK1eIKpxiQLQcf/BoI+qVLk
yCk7q3IsWB6NatuH8l5LHuB6Xkq5Dq8NauS0mvbVBjsToaA4
-----END CERTIFICATE-----