Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/3139302e3138342e3232352e302f32342d3234203d3e203532333639.roa
File:                     3139302e3138342e3232352e302f32342d3234203d3e203532333639.roa (raw, json)
Hash identifier:          eRaxMx3lvsTSYOXwozc9dothNR1G6LrIOYfori92V+E=
Subject key identifier:   38:CC:33:82:66:48:B6:D8:66:56:42:ED:96:42:8B:F5:C4:F4:D9:0B
Certificate issuer:       /CN=8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84
Certificate serial:       12E66FE69BAD286BD36EFC8B523C1CE5561ECE2B
Authority key identifier: 8E:F9:C7:D6:5A:4C:BA:F5:D2:1A:15:FA:2C:23:7D:D8:7F:F7:EF:84
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/3139302e3138342e3232352e302f32342d3234203d3e203532333639.roa
Signing time:             Sun 02 Mar 2025 04:11:07 +0000
ROA not before:           Sun 02 Mar 2025 04:06:07 +0000
ROA not after:            Sun 01 Mar 2026 04:11:07 +0000
asID:                     52369
IP address blocks:        190.184.225.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:e6:6f:e6:9b:ad:28:6b:d3:6e:fc:8b:52:3c:1c:e5:56:1e:ce:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84
        Validity
            Not Before: Mar  2 04:06:07 2025 GMT
            Not After : Mar  1 04:11:07 2026 GMT
        Subject: CN=38CC33826648B6D8665642ED96428BF5C4F4D90B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:2a:b0:e2:95:5c:70:04:7c:9b:a9:7b:ff:79:
                    66:49:76:4e:fa:cd:f1:bc:ca:83:d5:c5:0c:d2:1e:
                    6e:8b:61:aa:8e:4b:06:2d:c9:93:b2:19:10:77:5b:
                    43:bd:3f:5a:8c:3d:84:1a:b1:d6:12:d1:8b:ca:b1:
                    4a:74:6e:a5:c2:82:55:f8:e3:d4:1d:6a:c9:bc:0f:
                    ba:5a:f9:c2:9b:d1:1c:9e:9a:b6:54:94:eb:fe:8b:
                    2a:53:9e:91:7a:7c:6a:b8:b1:8b:d3:51:cb:eb:d6:
                    c6:bf:1e:7f:31:10:38:d2:52:bb:00:8a:81:28:e1:
                    5d:68:52:11:fb:61:cb:7e:63:70:74:62:ee:e5:3e:
                    55:a1:d9:c3:6f:15:f3:db:ab:be:6f:e5:e7:9b:73:
                    b3:bb:f9:dc:f5:51:cf:19:c1:62:42:0d:20:8d:ae:
                    47:53:f9:6f:eb:51:38:d5:a0:1d:51:08:b2:dc:c9:
                    c3:a3:03:7d:cb:4c:68:fa:f5:09:6d:15:ee:f8:9f:
                    f5:d1:7d:63:96:a4:81:0f:4a:3f:1e:49:37:04:c0:
                    24:2b:d6:f0:21:b8:19:b1:36:73:d5:38:77:71:40:
                    a2:33:f3:73:3d:fd:66:fd:c8:35:b3:b7:6b:48:3e:
                    34:2e:c8:46:b3:ca:77:02:11:fa:ca:38:87:27:74:
                    25:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:CC:33:82:66:48:B6:D8:66:56:42:ED:96:42:8B:F5:C4:F4:D9:0B
            X509v3 Authority Key Identifier:
                keyid:8E:F9:C7:D6:5A:4C:BA:F5:D2:1A:15:FA:2C:23:7D:D8:7F:F7:EF:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8EF9C7D65A4CBAF5D21A15FA2C237DD87FF7EF84.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16EC4DBCB1DA866AAF3711262909B1B3D553A9FAE911921268F25962F55D5A1C/0/3139302e3138342e3232352e302f32342d3234203d3e203532333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.184.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:8b:29:68:c4:f0:76:c7:04:1b:c3:55:1d:a8:3a:17:4b:ed:
         6f:ff:ff:4c:39:d8:0a:8e:2c:99:ea:62:55:dd:62:80:51:55:
         ba:be:44:94:7f:ad:9f:38:7e:cf:78:f6:c8:95:6a:a0:bb:19:
         79:7d:21:e7:9a:a1:95:e5:f0:1a:cc:e1:24:01:32:d3:9b:e5:
         95:2c:de:b1:54:bc:ba:66:0b:1f:46:76:5a:35:d2:6b:7b:e5:
         9e:41:15:e5:82:ea:94:e5:42:b6:ec:32:80:c0:7a:28:86:8e:
         07:94:4c:88:31:cc:e5:16:9e:1e:db:89:84:76:04:91:5d:ad:
         9d:c5:4c:40:98:36:0c:68:06:da:6d:59:ec:5f:24:47:33:26:
         45:1a:13:e9:cf:99:33:c6:4f:7b:2f:73:0c:8c:f9:2c:a2:85:
         68:83:9c:4a:2c:6d:9d:ba:96:5d:2f:98:75:e4:5b:3c:75:92:
         94:3e:75:1d:d1:e5:44:89:64:09:a8:5d:fc:a0:90:d1:79:45:
         8e:3f:61:4c:0b:72:c5:7f:38:3e:21:98:45:a6:7e:00:c5:07:
         7c:aa:f0:54:aa:52:e8:53:e3:b3:d5:2b:e8:56:83:69:0c:a9:
         a4:29:03:fe:22:1d:0c:78:a7:14:51:6f:16:f8:77:74:a1:93:
         c2:c6:62:82
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUEuZv5putKGvTbvyLUjwc5VYeziswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEVGOUM3RDY1QTRDQkFGNUQyMUExNUZBMkMyMzdERDg3
RkY3RUY4NDAeFw0yNTAzMDIwNDA2MDdaFw0yNjAzMDEwNDExMDdaMDMxMTAvBgNV
BAMTKDM4Q0MzMzgyNjY0OEI2RDg2NjU2NDJFRDk2NDI4QkY1QzRGNEQ5MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdKrDilVxwBHybqXv/eWZJdk76
zfG8yoPVxQzSHm6LYaqOSwYtyZOyGRB3W0O9P1qMPYQasdYS0YvKsUp0bqXCglX4
49Qdasm8D7pa+cKb0RyemrZUlOv+iypTnpF6fGq4sYvTUcvr1sa/Hn8xEDjSUrsA
ioEo4V1oUhH7Yct+Y3B0Yu7lPlWh2cNvFfPbq75v5eebc7O7+dz1Uc8ZwWJCDSCN
rkdT+W/rUTjVoB1RCLLcycOjA33LTGj69QltFe74n/XRfWOWpIEPSj8eSTcEwCQr
1vAhuBmxNnPVOHdxQKIz83M9/Wb9yDWzt2tIPjQuyEazyncCEfrKOIcndCWbAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUOMwzgmZItthmVkLtlkKL9cT02QswHwYDVR0j
BBgwFoAUjvnH1lpMuvXSGhX6LCN92H/374QwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkVDNERCQ0IxREE4NjZBQUYzNzExMjYyOTA5QjFCM0Q1
NTNBOUZBRTkxMTkyMTI2OEYyNTk2MkY1NUQ1QTFDLzAvOEVGOUM3RDY1QTRDQkFG
NUQyMUExNUZBMkMyMzdERDg3RkY3RUY4NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RUY5QzdENjVBNENCQUY1RDIx
QTE1RkEyQzIzN0REODdGRjdFRjg0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZFQzREQkNCMURBODY2QUFGMzcxMTI2MjkwOUIxQjNENTUzQTlGQUU5
MTE5MjEyNjhGMjU5NjJGNTVENUExQy8wLzMxMzkzMDJlMzEzODM0MmUzMjMyMzUy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzMzNjM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvrjh
MA0GCSqGSIb3DQEBCwUAA4IBAQAciyloxPB2xwQbw1UdqDoXS+1v//9MOdgKjiyZ
6mJV3WKAUVW6vkSUf62fOH7PePbIlWqguxl5fSHnmqGV5fAazOEkATLTm+WVLN6x
VLy6ZgsfRnZaNdJre+WeQRXlguqU5UK27DKAwHooho4HlEyIMczlFp4e24mEdgSR
Xa2dxUxAmDYMaAbabVnsXyRHMyZFGhPpz5kzxk97L3MMjPksooVog5xKLG2dupZd
L5h15Fs8dZKUPnUd0eVEiWQJqF38oJDReUWOP2FMC3LFfzg+IZhFpn4AxQd8qvBU
qlLoU+Oz1SvoVoNpDKmkKQP+Ih0MeKcUUW8W+Hd0oZPCxmKC
-----END CERTIFICATE-----