Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/174E0592B6FE13D34009C97E6AB4F6E129B52B23FC0D4590E21563D8D2FD5AE4/0/3139302e38392e3137322e302f32342d3234203d3e20323732303339.roa
File:                     3139302e38392e3137322e302f32342d3234203d3e20323732303339.roa (raw, json)
Hash identifier:          pxq0ESd2oq3+rW4I4bjj1bs0/8JBUjD0+LMDjND5a44=
Subject key identifier:   CE:F6:C7:06:8C:8B:92:C1:A7:1E:74:BD:B0:A2:44:D1:AA:30:CF:01
Certificate issuer:       /CN=10375D175F51B222AA826C424C2717803A68C991
Certificate serial:       203CF3D30C3AFA3DD59F2CB426FD5153CEBE9CEE
Authority key identifier: 10:37:5D:17:5F:51:B2:22:AA:82:6C:42:4C:27:17:80:3A:68:C9:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/10375D175F51B222AA826C424C2717803A68C991.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/174E0592B6FE13D34009C97E6AB4F6E129B52B23FC0D4590E21563D8D2FD5AE4/0/3139302e38392e3137322e302f32342d3234203d3e20323732303339.roa
Signing time:             Tue 04 Feb 2025 20:02:42 +0000
ROA not before:           Tue 04 Feb 2025 19:57:42 +0000
ROA not after:            Tue 03 Feb 2026 20:02:42 +0000
asID:                     272039
IP address blocks:        190.89.172.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:3c:f3:d3:0c:3a:fa:3d:d5:9f:2c:b4:26:fd:51:53:ce:be:9c:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10375D175F51B222AA826C424C2717803A68C991
        Validity
            Not Before: Feb  4 19:57:42 2025 GMT
            Not After : Feb  3 20:02:42 2026 GMT
        Subject: CN=CEF6C7068C8B92C1A71E74BDB0A244D1AA30CF01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:74:79:06:57:bf:1f:2c:cc:6a:40:f1:23:b5:
                    80:06:36:b4:84:3b:45:61:e8:d0:7d:2b:95:83:98:
                    84:5d:29:fb:58:ef:98:70:a9:3b:7b:28:e1:ce:32:
                    1a:6b:13:e4:f5:e0:ec:c5:9b:7c:0a:3b:ce:57:54:
                    6a:c3:ac:f0:bc:8a:a7:f5:66:f1:b7:11:28:db:42:
                    e9:2f:36:f0:1f:91:d7:aa:ff:cb:6b:29:d4:95:3f:
                    52:cd:af:1e:08:2d:24:f2:3d:d8:9d:68:0e:9b:e5:
                    5a:d6:a4:34:5e:0a:3d:e7:ee:81:fd:05:d0:ee:77:
                    67:58:16:1f:52:ca:12:96:f1:c2:5f:b2:56:73:6d:
                    91:a7:61:f0:19:e7:e9:56:c0:c7:02:4b:8a:53:4d:
                    81:78:fb:3d:8c:ce:75:69:17:de:14:18:f4:22:aa:
                    c5:29:be:bd:1f:73:52:53:54:c2:75:f6:3e:02:78:
                    e3:8c:24:5b:64:41:88:4e:d6:37:5b:83:60:c4:14:
                    3b:7b:73:eb:02:80:f4:74:f7:55:e9:df:7e:3e:36:
                    a0:d3:c5:04:7a:18:c5:9d:48:00:fb:5a:ca:20:33:
                    b9:f7:cf:20:4c:84:dd:f8:20:78:67:c1:2e:1d:a5:
                    d0:33:86:37:66:13:31:1f:88:8a:d7:aa:50:c6:b1:
                    80:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:F6:C7:06:8C:8B:92:C1:A7:1E:74:BD:B0:A2:44:D1:AA:30:CF:01
            X509v3 Authority Key Identifier:
                keyid:10:37:5D:17:5F:51:B2:22:AA:82:6C:42:4C:27:17:80:3A:68:C9:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/174E0592B6FE13D34009C97E6AB4F6E129B52B23FC0D4590E21563D8D2FD5AE4/0/10375D175F51B222AA826C424C2717803A68C991.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/10375D175F51B222AA826C424C2717803A68C991.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/174E0592B6FE13D34009C97E6AB4F6E129B52B23FC0D4590E21563D8D2FD5AE4/0/3139302e38392e3137322e302f32342d3234203d3e20323732303339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.89.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:e6:a3:70:2f:1c:2a:06:1f:12:41:10:05:f4:79:d1:f3:17:
         6e:b7:26:cd:34:56:fe:b5:38:59:b3:77:a1:45:84:bf:df:81:
         1c:cc:5f:ad:82:4f:1e:86:32:17:79:30:5d:7b:4e:43:8e:44:
         b7:5f:2b:d4:20:31:f4:be:19:f4:8c:29:f8:32:31:fc:49:43:
         c8:55:ca:cd:50:84:10:6f:76:c5:da:8a:2e:8b:96:30:ba:0d:
         a8:56:23:b6:86:c9:6f:2c:65:73:38:19:14:02:d4:d4:18:eb:
         25:74:5e:48:03:5c:34:d0:f1:97:df:9c:5b:67:da:e7:8d:df:
         48:11:37:80:b0:4e:57:97:4e:0b:1e:50:26:80:04:e8:37:17:
         eb:6b:78:83:56:63:fb:d5:82:66:63:01:86:d2:fa:0b:a0:4f:
         ba:08:83:08:02:7e:a0:7d:02:fd:2d:1f:41:78:49:16:05:39:
         f9:fc:e5:11:ba:27:81:5b:24:56:48:ce:3a:a3:36:61:fa:9a:
         3c:a7:27:71:a4:aa:e4:d7:92:9f:2d:27:d1:9f:58:46:ec:28:
         62:fe:16:02:a1:35:6f:10:dc:33:98:40:5a:eb:e6:af:1b:d8:
         27:e4:e7:75:b6:f0:51:45:05:b3:13:b1:fc:20:23:5e:fa:79:
         a1:31:b1:4d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUIDzz0ww6+j3Vnyy0Jv1RU86+nO4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTAzNzVEMTc1RjUxQjIyMkFBODI2QzQyNEMyNzE3ODAz
QTY4Qzk5MTAeFw0yNTAyMDQxOTU3NDJaFw0yNjAyMDMyMDAyNDJaMDMxMTAvBgNV
BAMTKENFRjZDNzA2OEM4QjkyQzFBNzFFNzRCREIwQTI0NEQxQUEzMENGMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEdHkGV78fLMxqQPEjtYAGNrSE
O0Vh6NB9K5WDmIRdKftY75hwqTt7KOHOMhprE+T14OzFm3wKO85XVGrDrPC8iqf1
ZvG3ESjbQukvNvAfkdeq/8trKdSVP1LNrx4ILSTyPdidaA6b5VrWpDReCj3n7oH9
BdDud2dYFh9SyhKW8cJfslZzbZGnYfAZ5+lWwMcCS4pTTYF4+z2MznVpF94UGPQi
qsUpvr0fc1JTVMJ19j4CeOOMJFtkQYhO1jdbg2DEFDt7c+sCgPR091Xp334+NqDT
xQR6GMWdSAD7WsogM7n3zyBMhN34IHhnwS4dpdAzhjdmEzEfiIrXqlDGsYBHAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUzvbHBoyLksGnHnS9sKJE0aowzwEwHwYDVR0j
BBgwFoAUEDddF19RsiKqgmxCTCcXgDpoyZEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNzRFMDU5MkI2RkUxM0QzNDAwOUM5N0U2QUI0RjZFMTI5
QjUyQjIzRkMwRDQ1OTBFMjE1NjNEOEQyRkQ1QUU0LzAvMTAzNzVEMTc1RjUxQjIy
MkFBODI2QzQyNEMyNzE3ODAzQTY4Qzk5MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xMDM3NUQxNzVGNTFCMjIyQUE4
MjZDNDI0QzI3MTc4MDNBNjhDOTkxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTc0RTA1OTJCNkZFMTNEMzQwMDlDOTdFNkFCNEY2RTEyOUI1MkIyM0ZD
MEQ0NTkwRTIxNTYzRDhEMkZENUFFNC8wLzMxMzkzMDJlMzgzOTJlMzEzNzMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMyMzAzMzM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvlms
MA0GCSqGSIb3DQEBCwUAA4IBAQA35qNwLxwqBh8SQRAF9HnR8xdutybNNFb+tThZ
s3ehRYS/34EczF+tgk8ehjIXeTBde05DjkS3XyvUIDH0vhn0jCn4MjH8SUPIVcrN
UIQQb3bF2ooui5Ywug2oViO2hslvLGVzOBkUAtTUGOsldF5IA1w00PGX35xbZ9rn
jd9IETeAsE5Xl04LHlAmgAToNxfra3iDVmP71YJmYwGG0voLoE+6CIMIAn6gfQL9
LR9BeEkWBTn5/OURuieBWyRWSM46ozZh+po8pydxpKrk15KfLSfRn1hG7Chi/hYC
oTVvENwzmEBa6+avG9gn5Od1tvBRRQWzE7H8ICNe+nmhMbFN
-----END CERTIFICATE-----