Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e36362e302f32342d3234203d3e203237383337.roa
File:                     3139302e39302e36362e302f32342d3234203d3e203237383337.roa (raw, json)
Hash identifier:          xn9g+wVMYly6aYJ+mKAHNud91KpSNWv70XixdCMYXaI=
Subject key identifier:   4C:E6:59:5E:82:3E:E8:93:32:AE:82:27:67:2A:F6:60:1C:9A:DE:73
Certificate issuer:       /CN=CBDE88C65320D3EBD8ED2F568D896F3935E87CC5
Certificate serial:       3B9D931FAEF87A21C4F82957E3DF3342AAA6E186
Authority key identifier: CB:DE:88:C6:53:20:D3:EB:D8:ED:2F:56:8D:89:6F:39:35:E8:7C:C5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e36362e302f32342d3234203d3e203237383337.roa
Signing time:             Tue 04 Feb 2025 18:17:20 +0000
ROA not before:           Tue 04 Feb 2025 18:12:20 +0000
ROA not after:            Tue 03 Feb 2026 18:17:20 +0000
asID:                     27837
IP address blocks:        190.90.66.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:9d:93:1f:ae:f8:7a:21:c4:f8:29:57:e3:df:33:42:aa:a6:e1:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CBDE88C65320D3EBD8ED2F568D896F3935E87CC5
        Validity
            Not Before: Feb  4 18:12:20 2025 GMT
            Not After : Feb  3 18:17:20 2026 GMT
        Subject: CN=4CE6595E823EE89332AE8227672AF6601C9ADE73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:05:3f:5e:73:d6:f4:e4:d6:c0:1c:e3:74:24:
                    85:7b:07:d0:13:29:22:bb:17:6f:88:ca:20:c6:bb:
                    80:6b:1a:b8:30:bd:48:7f:23:fd:78:66:1f:10:89:
                    e9:81:b2:04:b7:9e:9b:5a:66:a5:ab:ad:cf:04:56:
                    ac:69:63:3a:8f:36:84:06:12:0f:68:94:86:43:88:
                    ab:d4:94:67:31:c9:eb:46:3c:55:13:b7:2c:db:c9:
                    3d:51:ae:75:6c:bb:5f:9b:45:c3:8a:e7:05:eb:01:
                    79:44:8d:a3:31:87:8f:3e:12:5d:e3:d3:11:37:42:
                    49:cf:ef:4c:21:e7:c6:d8:2f:47:07:a0:b3:21:7d:
                    ea:12:84:48:76:b5:b2:bc:8b:e2:6e:be:0f:c6:72:
                    b6:c7:fd:23:d4:3b:f3:82:a9:98:56:81:b8:ab:b3:
                    10:36:9e:58:3b:fa:e1:c3:1e:c6:dd:bb:6b:51:53:
                    89:f3:50:aa:c9:2d:85:1f:af:42:30:fb:83:44:6f:
                    a3:e0:35:86:f0:3a:fa:be:71:62:3e:65:29:8a:78:
                    d8:9b:1d:de:44:7c:9f:cb:43:dc:a3:20:c4:fa:07:
                    fc:e6:f3:5a:ac:73:6f:3d:cc:4a:5e:93:ae:b6:03:
                    82:38:93:c2:c3:d6:40:b3:8b:9a:25:2d:57:93:7d:
                    60:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:E6:59:5E:82:3E:E8:93:32:AE:82:27:67:2A:F6:60:1C:9A:DE:73
            X509v3 Authority Key Identifier:
                keyid:CB:DE:88:C6:53:20:D3:EB:D8:ED:2F:56:8D:89:6F:39:35:E8:7C:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBDE88C65320D3EBD8ED2F568D896F3935E87CC5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1FAE84C9D2EA5B9E68263543BBD498C3F1CEF1F87F38343467F5515D602B7529/0/3139302e39302e36362e302f32342d3234203d3e203237383337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.90.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:30:dd:7c:71:9c:dd:ed:07:c1:65:47:5a:89:3f:c6:3e:33:
         58:d9:2c:b7:a5:59:e0:7c:91:0f:a7:fb:6b:c4:21:bf:f3:3e:
         44:52:65:00:7e:49:20:5f:f9:54:ee:f2:c9:65:75:83:0d:1d:
         c5:ae:fe:27:d8:43:e0:22:b8:c9:5f:af:3e:25:de:61:f4:02:
         b6:a8:f2:ef:a4:5d:4b:ab:10:c1:68:9f:a3:a8:19:d1:c1:19:
         25:b6:06:bb:e2:81:e6:c9:c8:5f:8e:17:cd:84:62:af:d1:05:
         e2:ea:e7:6f:e5:c6:b9:69:1d:49:40:57:34:81:98:82:ce:76:
         dc:4b:6f:42:a8:25:30:6e:12:f0:6b:a9:a8:48:46:45:40:58:
         98:04:a8:c4:00:2f:5d:21:6b:88:29:64:81:c1:a2:e5:87:cb:
         89:d9:80:d2:e2:9b:23:7c:5a:b4:50:af:53:29:3d:62:d8:cb:
         ca:b6:32:a5:15:e2:fe:3f:8b:e3:e9:ea:6a:4e:cd:6b:ce:0f:
         94:5b:48:27:8a:2a:69:62:e7:d5:67:07:c1:e6:f5:e1:64:0d:
         b8:a8:7e:a5:84:23:b4:36:4a:72:6c:b8:a7:38:a1:b5:93:c6:
         24:e5:c1:b7:28:60:f5:8a:ea:0e:65:6f:e4:04:c1:cd:88:f2:
         fd:4a:f3:7b
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUO52TH674eiHE+ClX498zQqqm4YYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0JERTg4QzY1MzIwRDNFQkQ4RUQyRjU2OEQ4OTZGMzkz
NUU4N0NDNTAeFw0yNTAyMDQxODEyMjBaFw0yNjAyMDMxODE3MjBaMDMxMTAvBgNV
BAMTKDRDRTY1OTVFODIzRUU4OTMzMkFFODIyNzY3MkFGNjYwMUM5QURFNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPBT9ec9b05NbAHON0JIV7B9AT
KSK7F2+IyiDGu4BrGrgwvUh/I/14Zh8QiemBsgS3nptaZqWrrc8EVqxpYzqPNoQG
Eg9olIZDiKvUlGcxyetGPFUTtyzbyT1RrnVsu1+bRcOK5wXrAXlEjaMxh48+El3j
0xE3QknP70wh58bYL0cHoLMhfeoShEh2tbK8i+Juvg/GcrbH/SPUO/OCqZhWgbir
sxA2nlg7+uHDHsbdu2tRU4nzUKrJLYUfr0Iw+4NEb6PgNYbwOvq+cWI+ZSmKeNib
Hd5EfJ/LQ9yjIMT6B/zm81qsc289zEpek662A4I4k8LD1kCzi5olLVeTfWBJAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUTOZZXoI+6JMyroInZyr2YBya3nMwHwYDVR0j
BBgwFoAUy96IxlMg0+vY7S9WjYlvOTXofMUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xRkFFODRDOUQyRUE1QjlFNjgyNjM1NDNCQkQ0OThDM0Yx
Q0VGMUY4N0YzODM0MzQ2N0Y1NTE1RDYwMkI3NTI5LzAvQ0JERTg4QzY1MzIwRDNF
QkQ4RUQyRjU2OEQ4OTZGMzkzNUU4N0NDNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQkRFODhDNjUzMjBEM0VCRDhF
RDJGNTY4RDg5NkYzOTM1RTg3Q0M1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUZBRTg0QzlEMkVBNUI5RTY4MjYzNTQzQkJENDk4QzNGMUNFRjFGODdG
MzgzNDM0NjdGNTUxNUQ2MDJCNzUyOS8wLzMxMzkzMDJlMzkzMDJlMzYzNjJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczODMzMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+WkIwDQYJ
KoZIhvcNAQELBQADggEBAHow3XxxnN3tB8FlR1qJP8Y+M1jZLLelWeB8kQ+n+2vE
Ib/zPkRSZQB+SSBf+VTu8slldYMNHcWu/ifYQ+AiuMlfrz4l3mH0Arao8u+kXUur
EMFon6OoGdHBGSW2BrvigebJyF+OF82EYq/RBeLq52/lxrlpHUlAVzSBmILOdtxL
b0KoJTBuEvBrqahIRkVAWJgEqMQAL10ha4gpZIHBouWHy4nZgNLimyN8WrRQr1Mp
PWLYy8q2MqUV4v4/i+Pp6mpOzWvOD5RbSCeKKmli59VnB8Hm9eFkDbiofqWEI7Q2
SnJsuKc4obWTxiTlwbcoYPWK6g5lb+QEwc2I8v1K83s=
-----END CERTIFICATE-----