Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e3137322e302f32322d3234203d3e20323632353839.roa
File:                     3139302e39302e3137322e302f32322d3234203d3e20323632353839.roa (raw, json)
Hash identifier:          npSLl8BJkxNUVJAGkBg/BFS1SfkaucY3r6+n3nsZ76M=
Subject key identifier:   CB:AF:6B:3C:9A:B2:F8:D4:02:97:B6:6A:09:53:4E:5A:0C:DC:5E:B8
Certificate issuer:       /CN=CBDE88C65320D3EBD8ED2F568D896F3935E87CC5
Certificate serial:       087A44F5B969C8DD5B43302BBCEACDD0A8AD9408
Authority key identifier: CB:DE:88:C6:53:20:D3:EB:D8:ED:2F:56:8D:89:6F:39:35:E8:7C:C5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e3137322e302f32322d3234203d3e20323632353839.roa
Signing time:             Tue 04 Feb 2025 18:17:13 +0000
ROA not before:           Tue 04 Feb 2025 18:12:13 +0000
ROA not after:            Tue 03 Feb 2026 18:17:13 +0000
asID:                     262589
IP address blocks:        190.90.172.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:7a:44:f5:b9:69:c8:dd:5b:43:30:2b:bc:ea:cd:d0:a8:ad:94:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CBDE88C65320D3EBD8ED2F568D896F3935E87CC5
        Validity
            Not Before: Feb  4 18:12:13 2025 GMT
            Not After : Feb  3 18:17:13 2026 GMT
        Subject: CN=CBAF6B3C9AB2F8D40297B66A09534E5A0CDC5EB8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:48:c4:d0:32:b1:09:34:c3:00:4f:6d:e0:6b:
                    4c:56:36:3a:59:d2:bd:ee:4b:2e:95:75:25:33:63:
                    62:b3:8e:bf:40:22:2a:7c:30:34:ad:f6:fe:6f:01:
                    3e:78:d6:24:ff:4b:fa:84:99:ad:65:a2:a9:31:50:
                    54:29:e0:35:21:f6:51:6e:b6:67:b3:69:44:24:29:
                    a7:0b:37:c6:5c:37:4a:3b:27:45:06:6c:15:75:47:
                    5b:4b:ea:f9:7e:2b:30:c8:20:17:72:36:35:fe:88:
                    c3:66:97:bc:1b:77:a2:f3:7e:33:1c:fd:95:60:fe:
                    0c:08:13:d7:ff:8e:a1:7e:d4:35:8f:4e:06:27:e4:
                    93:88:51:d4:de:f2:67:9b:08:98:aa:5a:aa:16:64:
                    e3:68:ff:ea:7b:49:b8:e8:13:77:d9:0d:56:65:49:
                    e2:83:87:e5:e4:29:1a:44:a6:03:9e:6f:16:d4:f5:
                    5c:95:60:ed:fc:23:ed:48:09:dd:20:87:9c:8e:fa:
                    f1:33:83:f1:bd:44:2a:5e:b1:aa:37:aa:db:58:3f:
                    20:3b:ee:1d:e2:c4:3c:c4:f6:ae:ef:fe:ac:c8:e7:
                    24:da:37:67:12:f6:5f:40:be:66:f6:cd:5e:d4:8d:
                    a9:a0:d2:93:73:d5:a1:5e:b8:a6:dc:eb:9b:81:a5:
                    7a:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:AF:6B:3C:9A:B2:F8:D4:02:97:B6:6A:09:53:4E:5A:0C:DC:5E:B8
            X509v3 Authority Key Identifier:
                keyid:CB:DE:88:C6:53:20:D3:EB:D8:ED:2F:56:8D:89:6F:39:35:E8:7C:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e3137322e302f32322d3234203d3e20323632353839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         04:a9:2e:bb:f9:6d:b8:53:cc:a8:a1:0b:b5:2d:a3:ac:d0:b2:
         82:1c:79:bf:72:52:74:44:4d:5f:24:24:fc:13:b8:01:19:1e:
         96:ec:ad:ba:ec:94:f9:a9:73:7b:40:03:7a:82:47:fb:82:ec:
         e0:f2:95:4b:a8:3a:e1:df:4b:d1:e4:c0:88:b5:68:32:3e:9c:
         77:5f:21:f6:fe:6f:65:60:6f:9b:46:3d:b1:ef:87:38:6a:0e:
         ee:84:02:19:b8:2f:29:38:b3:21:ca:bb:fd:7c:a3:97:88:b0:
         01:0e:ab:cf:b2:a2:ae:39:59:b1:d6:7b:00:18:99:6e:e7:60:
         57:75:90:6c:dc:28:41:98:59:d3:36:6d:35:53:e3:47:19:8f:
         a3:b6:71:b2:6e:b0:cd:3f:a3:83:fb:20:2b:31:aa:2a:6e:7b:
         d8:4c:18:59:87:4d:98:5f:83:5a:4c:69:40:ac:2a:31:7c:8c:
         50:68:58:f0:56:0c:be:f0:ce:ed:ba:41:53:49:f5:35:a2:25:
         e0:24:c2:03:f7:9b:f6:87:9e:62:e3:10:5c:f4:9f:6f:4a:10:
         bf:d3:25:fd:18:34:59:0e:ae:d1:39:98:08:aa:c6:39:24:08:
         bb:b4:26:bd:a0:57:8a:65:58:75:d3:b8:59:6f:8a:98:1f:bf:
         9d:46:d9:b9
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUCHpE9blpyN1bQzArvOrN0KitlAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0JERTg4QzY1MzIwRDNFQkQ4RUQyRjU2OEQ4OTZGMzkz
NUU4N0NDNTAeFw0yNTAyMDQxODEyMTNaFw0yNjAyMDMxODE3MTNaMDMxMTAvBgNV
BAMTKENCQUY2QjNDOUFCMkY4RDQwMjk3QjY2QTA5NTM0RTVBMENEQzVFQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7SMTQMrEJNMMAT23ga0xWNjpZ
0r3uSy6VdSUzY2Kzjr9AIip8MDSt9v5vAT541iT/S/qEma1loqkxUFQp4DUh9lFu
tmezaUQkKacLN8ZcN0o7J0UGbBV1R1tL6vl+KzDIIBdyNjX+iMNml7wbd6LzfjMc
/ZVg/gwIE9f/jqF+1DWPTgYn5JOIUdTe8mebCJiqWqoWZONo/+p7SbjoE3fZDVZl
SeKDh+XkKRpEpgOebxbU9VyVYO38I+1ICd0gh5yO+vEzg/G9RCpesao3qttYPyA7
7h3ixDzE9q7v/qzI5yTaN2cS9l9Avmb2zV7Ujamg0pNz1aFeuKbc65uBpXoFAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUy69rPJqy+NQCl7ZqCVNOWgzcXrgwHwYDVR0j
BBgwFoAUy96IxlMg0+vY7S9WjYlvOTXofMUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRkFFODRDOUQyRUE1QjlFNjgyNjM1NDNCQkQ0OThDM0Yx
Q0VGMUY4N0YzODM0MzQ2N0Y1NTE1RDYwMkI3NTI5LzAvQ0JERTg4QzY1MzIwRDNF
QkQ4RUQyRjU2OEQ4OTZGMzkzNUU4N0NDNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQkRFODhDNjUzMjBEM0VCRDhF
RDJGNTY4RDg5NkYzOTM1RTg3Q0M1LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUZBRTg0QzlEMkVBNUI5RTY4MjYzNTQzQkJENDk4QzNGMUNFRjFGODdG
MzgzNDM0NjdGNTUxNUQ2MDJCNzUyOS8wLzMxMzkzMDJlMzkzMDJlMzEzNzMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjMyMzUzODM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvlqs
MA0GCSqGSIb3DQEBCwUAA4IBAQAEqS67+W24U8yooQu1LaOs0LKCHHm/clJ0RE1f
JCT8E7gBGR6W7K267JT5qXN7QAN6gkf7guzg8pVLqDrh30vR5MCItWgyPpx3XyH2
/m9lYG+bRj2x74c4ag7uhAIZuC8pOLMhyrv9fKOXiLABDqvPsqKuOVmx1nsAGJlu
52BXdZBs3ChBmFnTNm01U+NHGY+jtnGybrDNP6OD+yArMaoqbnvYTBhZh02YX4Na
TGlArCoxfIxQaFjwVgy+8M7tukFTSfU1oiXgJMID95v2h55i4xBc9J9vShC/0yX9
GDRZDq7ROZgIqsY5JAi7tCa9oFeKZVh107hZb4qYH7+dRtm5
-----END CERTIFICATE-----