Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1707840DCF59A833F5F9735ABB7DAB9A31BC3A36A388719B238E79CBD285869B/0/3139302e35342e3134342e302f32302d3233203d3e2036353335.roa
File:                     3139302e35342e3134342e302f32302d3233203d3e2036353335.roa (raw, json)
Hash identifier:          ShBFYv0xEJTpiG4uM4KO6NtonYc07dL6x8451N5/FhU=
Subject key identifier:   14:74:7C:D1:03:56:9A:11:00:D7:E1:6F:28:ED:CD:03:08:27:C6:99
Certificate issuer:       /CN=CACAD70CF58B172E6D319A83D97EE37DB5B43E8B
Certificate serial:       3B2F5F6561727D01987E0F2351120A29115CF0C6
Authority key identifier: CA:CA:D7:0C:F5:8B:17:2E:6D:31:9A:83:D9:7E:E3:7D:B5:B4:3E:8B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CACAD70CF58B172E6D319A83D97EE37DB5B43E8B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1707840DCF59A833F5F9735ABB7DAB9A31BC3A36A388719B238E79CBD285869B/0/3139302e35342e3134342e302f32302d3233203d3e2036353335.roa
Signing time:             Tue 04 Feb 2025 20:03:24 +0000
ROA not before:           Tue 04 Feb 2025 19:58:24 +0000
ROA not after:            Tue 03 Feb 2026 20:03:24 +0000
asID:                     6535
IP address blocks:        190.54.144.0/20 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:2f:5f:65:61:72:7d:01:98:7e:0f:23:51:12:0a:29:11:5c:f0:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CACAD70CF58B172E6D319A83D97EE37DB5B43E8B
        Validity
            Not Before: Feb  4 19:58:24 2025 GMT
            Not After : Feb  3 20:03:24 2026 GMT
        Subject: CN=14747CD103569A1100D7E16F28EDCD030827C699
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:1b:ec:fe:f5:d9:b3:00:e9:9b:bd:74:7d:b3:
                    85:6b:90:4d:36:cb:31:5f:53:77:13:fc:57:72:51:
                    b2:b4:87:7a:71:c2:c4:4d:d0:a2:05:43:aa:9b:21:
                    eb:7c:0b:68:6c:b7:48:0d:b2:84:6f:be:9e:b3:2a:
                    35:c1:01:ae:cd:a6:d6:00:69:8d:d6:b8:ac:1a:89:
                    74:b3:6f:44:f5:36:25:7f:53:d3:72:fa:6f:68:7e:
                    a0:1a:b3:21:d2:cd:b3:a3:28:8a:1f:d6:36:ff:6f:
                    91:a3:e4:0c:9e:ad:d8:3c:b9:31:4c:73:30:34:8e:
                    08:87:04:77:45:47:df:de:bb:ea:d5:17:62:7f:50:
                    30:7a:84:06:ee:b2:bb:fc:c8:69:e2:fb:cd:f4:80:
                    d7:de:9c:24:fb:bc:d5:bc:52:2d:c5:9c:09:ab:6c:
                    56:90:e2:9d:df:f9:95:18:55:82:9c:5c:f4:36:3c:
                    c9:b1:7f:82:e6:27:8a:30:5c:26:cf:e3:69:ec:21:
                    99:b7:02:ad:d9:fa:26:c1:13:de:90:7c:7b:51:2a:
                    9c:ef:fb:95:57:81:61:69:d7:25:90:fa:94:15:9a:
                    f2:3e:a6:9f:82:7b:ad:f0:82:02:78:a5:f5:7f:f8:
                    ee:bb:a9:b9:f7:20:e9:8d:77:e9:87:85:38:0c:aa:
                    21:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:74:7C:D1:03:56:9A:11:00:D7:E1:6F:28:ED:CD:03:08:27:C6:99
            X509v3 Authority Key Identifier:
                keyid:CA:CA:D7:0C:F5:8B:17:2E:6D:31:9A:83:D9:7E:E3:7D:B5:B4:3E:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1707840DCF59A833F5F9735ABB7DAB9A31BC3A36A388719B238E79CBD285869B/0/CACAD70CF58B172E6D319A83D97EE37DB5B43E8B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CACAD70CF58B172E6D319A83D97EE37DB5B43E8B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1707840DCF59A833F5F9735ABB7DAB9A31BC3A36A388719B238E79CBD285869B/0/3139302e35342e3134342e302f32302d3233203d3e2036353335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.54.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         32:6d:03:a5:c6:3f:4d:75:b3:db:95:66:42:63:f3:8f:4f:6d:
         f0:8d:00:f3:81:53:89:68:b8:62:91:88:e6:1b:49:8b:9a:a5:
         d3:12:87:20:f6:d7:75:81:bc:62:6e:1a:83:ce:2a:e5:79:a2:
         a3:ff:e1:20:1e:a5:e1:1f:7e:1b:88:3e:f2:8e:53:d0:89:3c:
         1e:37:27:f5:f2:d1:a1:26:9b:b2:09:be:b3:34:03:9c:03:75:
         e5:32:b6:43:77:32:dd:40:39:46:2a:df:39:4a:c2:74:dc:3d:
         9a:d8:f0:1e:6a:f0:2a:1a:2c:1f:92:b0:0f:69:f2:33:00:81:
         9e:34:b7:50:e3:5e:df:ae:79:7c:f8:f1:b3:90:df:9e:5e:9a:
         be:fb:3b:eb:5d:08:3d:0e:f2:9e:99:13:01:5f:12:58:75:a4:
         02:26:18:7b:b2:a0:68:0d:ba:6e:ed:76:d0:50:59:e9:fe:bd:
         30:d4:18:1a:e8:f2:18:f8:74:30:c7:f8:8e:43:43:8f:e3:81:
         d7:03:eb:82:49:33:2c:98:90:ea:95:2c:80:c6:14:5a:fa:6a:
         24:8a:b2:95:b8:18:62:80:bc:e4:11:e0:dc:18:02:e3:23:74:
         64:8e:eb:74:86:d4:35:51:61:ce:5b:08:5c:2b:89:d2:61:8a:
         ca:65:2b:86
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUOy9fZWFyfQGYfg8jURIKKRFc8MYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0FDQUQ3MENGNThCMTcyRTZEMzE5QTgzRDk3RUUzN0RC
NUI0M0U4QjAeFw0yNTAyMDQxOTU4MjRaFw0yNjAyMDMyMDAzMjRaMDMxMTAvBgNV
BAMTKDE0NzQ3Q0QxMDM1NjlBMTEwMEQ3RTE2RjI4RURDRDAzMDgyN0M2OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnG+z+9dmzAOmbvXR9s4VrkE02
yzFfU3cT/FdyUbK0h3pxwsRN0KIFQ6qbIet8C2hst0gNsoRvvp6zKjXBAa7NptYA
aY3WuKwaiXSzb0T1NiV/U9Ny+m9ofqAasyHSzbOjKIof1jb/b5Gj5Ayerdg8uTFM
czA0jgiHBHdFR9/eu+rVF2J/UDB6hAbusrv8yGni+830gNfenCT7vNW8Ui3FnAmr
bFaQ4p3f+ZUYVYKcXPQ2PMmxf4LmJ4owXCbP42nsIZm3Aq3Z+ibBE96QfHtRKpzv
+5VXgWFp1yWQ+pQVmvI+pp+Ce63wggJ4pfV/+O67qbn3IOmNd+mHhTgMqiHjAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUFHR80QNWmhEA1+FvKO3NAwgnxpkwHwYDVR0j
BBgwFoAUysrXDPWLFy5tMZqD2X7jfbW0PoswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNzA3ODQwRENGNTlBODMzRjVGOTczNUFCQjdEQUI5QTMx
QkMzQTM2QTM4ODcxOUIyMzhFNzlDQkQyODU4NjlCLzAvQ0FDQUQ3MENGNThCMTcy
RTZEMzE5QTgzRDk3RUUzN0RCNUI0M0U4Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQUNBRDcwQ0Y1OEIxNzJFNkQz
MTlBODNEOTdFRTM3REI1QjQzRThCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTcwNzg0MERDRjU5QTgzM0Y1Rjk3MzVBQkI3REFCOUEzMUJDM0EzNkEz
ODg3MTlCMjM4RTc5Q0JEMjg1ODY5Qi8wLzMxMzkzMDJlMzUzNDJlMzEzNDM0MmUz
MDJmMzIzMDJkMzIzMzIwM2QzZTIwMzYzNTMzMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAS+NpAwDQYJ
KoZIhvcNAQELBQADggEBADJtA6XGP011s9uVZkJj849PbfCNAPOBU4louGKRiOYb
SYuapdMShyD213WBvGJuGoPOKuV5oqP/4SAepeEffhuIPvKOU9CJPB43J/Xy0aEm
m7IJvrM0A5wDdeUytkN3Mt1AOUYq3zlKwnTcPZrY8B5q8CoaLB+SsA9p8jMAgZ40
t1DjXt+ueXz48bOQ355emr77O+tdCD0O8p6ZEwFfElh1pAImGHuyoGgNum7tdtBQ
Wen+vTDUGBro8hj4dDDH+I5DQ4/jgdcD64JJMyyYkOqVLIDGFFr6aiSKspW4GGKA
vOQR4NwYAuMjdGSO63SG1DVRYc5bCFwridJhisplK4Y=
-----END CERTIFICATE-----