Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/21F5134D3F7842FC83A15DEBA24B51C70BE726DAF9F2D16AC545EEAD744327FE/0/3139302e3130352e3137362e302f32302d3234203d3e203532333038.roa
File:                     3139302e3130352e3137362e302f32302d3234203d3e203532333038.roa (raw, json)
Hash identifier:          X5E31p7CmWWzSXWa78KmwrOFMcvFbtm+rhjeaAAVPgE=
Subject key identifier:   DD:C7:F5:0B:6D:A4:E8:73:41:2B:F1:8C:AE:74:A2:B7:D8:6B:C3:FF
Certificate issuer:       /CN=8C02E0E579C60369B9E5962BC7E700427B6915B6
Certificate serial:       3AD32631A6C8002369577926E2CB5669DA0693C4
Authority key identifier: 8C:02:E0:E5:79:C6:03:69:B9:E5:96:2B:C7:E7:00:42:7B:69:15:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8C02E0E579C60369B9E5962BC7E700427B6915B6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/21F5134D3F7842FC83A15DEBA24B51C70BE726DAF9F2D16AC545EEAD744327FE/0/3139302e3130352e3137362e302f32302d3234203d3e203532333038.roa
Signing time:             Tue 04 Feb 2025 18:26:35 +0000
ROA not before:           Tue 04 Feb 2025 18:21:35 +0000
ROA not after:            Tue 03 Feb 2026 18:26:35 +0000
asID:                     52308
IP address blocks:        190.105.176.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:d3:26:31:a6:c8:00:23:69:57:79:26:e2:cb:56:69:da:06:93:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8C02E0E579C60369B9E5962BC7E700427B6915B6
        Validity
            Not Before: Feb  4 18:21:35 2025 GMT
            Not After : Feb  3 18:26:35 2026 GMT
        Subject: CN=DDC7F50B6DA4E873412BF18CAE74A2B7D86BC3FF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:53:18:de:43:1e:44:53:6b:99:55:7c:b8:17:
                    04:a6:0a:a1:84:b7:0f:ea:6c:9b:dd:f5:39:dd:64:
                    7e:20:f6:fa:d2:28:73:fd:ec:1c:9e:4f:57:3f:5d:
                    96:6a:45:db:b0:99:42:84:35:eb:94:09:68:99:15:
                    8b:57:b2:a2:90:ea:22:25:31:4c:35:16:43:da:4f:
                    ef:a2:b4:f5:97:a1:f9:6f:ec:94:00:b8:98:fb:f7:
                    35:1e:5e:f3:4f:42:da:f5:d6:f8:6f:c3:08:56:bc:
                    1b:58:40:4d:c1:20:3c:13:c1:bf:33:b9:01:6f:c7:
                    14:c3:94:13:e4:ae:94:07:18:6d:57:40:20:25:46:
                    33:6f:d6:3d:13:91:84:22:9f:a4:17:86:20:80:7a:
                    98:5a:1a:74:be:b1:22:d6:77:eb:c9:93:79:7c:e2:
                    f2:13:f2:a8:5e:33:3c:44:87:87:ca:56:62:a8:ae:
                    5b:7f:fd:8d:a7:eb:7a:9f:33:dc:60:63:50:a6:fd:
                    2f:7f:8c:65:d4:e9:0a:95:1d:ed:e8:6f:67:c4:a3:
                    63:bb:d8:87:1b:c2:fe:01:44:7e:39:df:18:36:27:
                    d3:1a:d3:b8:b4:bc:08:1b:cf:ca:8a:59:77:32:eb:
                    e3:9a:6a:4b:22:08:07:7c:cd:73:70:cc:b6:ce:8f:
                    78:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:C7:F5:0B:6D:A4:E8:73:41:2B:F1:8C:AE:74:A2:B7:D8:6B:C3:FF
            X509v3 Authority Key Identifier:
                keyid:8C:02:E0:E5:79:C6:03:69:B9:E5:96:2B:C7:E7:00:42:7B:69:15:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/21F5134D3F7842FC83A15DEBA24B51C70BE726DAF9F2D16AC545EEAD744327FE/0/8C02E0E579C60369B9E5962BC7E700427B6915B6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8C02E0E579C60369B9E5962BC7E700427B6915B6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/21F5134D3F7842FC83A15DEBA24B51C70BE726DAF9F2D16AC545EEAD744327FE/0/3139302e3130352e3137362e302f32302d3234203d3e203532333038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.105.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         da:a5:d4:72:cf:5a:81:a8:cb:c5:c9:f9:2d:36:48:44:ef:c9:
         c9:bc:7f:58:ca:9d:78:7f:0b:ee:78:5d:1d:3f:f9:f9:47:88:
         ed:9a:2b:49:7a:74:f1:e4:d2:57:96:4d:9a:3b:e1:16:4f:c8:
         28:65:17:b9:8c:f2:29:0e:11:e1:e7:5c:4b:c2:3f:6a:e6:8b:
         1b:35:2a:6b:07:48:3f:fe:ac:f9:92:b6:dd:f3:c0:63:ec:7c:
         67:0c:a8:d5:12:45:9b:25:79:05:d8:4f:d6:d6:d5:e0:a1:8a:
         da:3b:53:de:c3:01:cc:db:c5:80:54:17:4b:83:65:cf:b2:3a:
         7f:dd:1a:60:ac:d5:89:1c:f4:5b:9d:c5:1f:5c:5f:1c:3b:3f:
         5e:27:ad:1f:15:4a:91:bb:a2:da:fc:56:24:00:fb:33:c8:b0:
         e5:3f:cd:e0:97:8e:7a:4d:6c:20:29:5e:8c:3e:a8:3b:d5:2b:
         e9:24:87:f8:e2:05:cb:8f:9f:11:6f:57:88:d5:5c:43:88:63:
         15:dc:d9:aa:91:34:45:20:83:f0:b2:9f:84:b4:6c:7c:f9:ba:
         ea:25:47:60:89:9a:df:4d:1b:b6:c6:28:fd:b3:54:e4:e4:34:
         2d:5f:2b:26:08:45:b1:c5:9a:3d:db:30:13:15:70:2b:9e:83:
         7c:00:c2:83
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUOtMmMabIACNpV3km4stWadoGk8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEMwMkUwRTU3OUM2MDM2OUI5RTU5NjJCQzdFNzAwNDI3
QjY5MTVCNjAeFw0yNTAyMDQxODIxMzVaFw0yNjAyMDMxODI2MzVaMDMxMTAvBgNV
BAMTKEREQzdGNTBCNkRBNEU4NzM0MTJCRjE4Q0FFNzRBMkI3RDg2QkMzRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChUxjeQx5EU2uZVXy4FwSmCqGE
tw/qbJvd9TndZH4g9vrSKHP97ByeT1c/XZZqRduwmUKENeuUCWiZFYtXsqKQ6iIl
MUw1FkPaT++itPWXoflv7JQAuJj79zUeXvNPQtr11vhvwwhWvBtYQE3BIDwTwb8z
uQFvxxTDlBPkrpQHGG1XQCAlRjNv1j0TkYQin6QXhiCAephaGnS+sSLWd+vJk3l8
4vIT8qheMzxEh4fKVmKorlt//Y2n63qfM9xgY1Cm/S9/jGXU6QqVHe3ob2fEo2O7
2Icbwv4BRH453xg2J9Ma07i0vAgbz8qKWXcy6+OaaksiCAd8zXNwzLbOj3g1AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU3cf1C22k6HNBK/GMrnSit9hrw/8wHwYDVR0j
BBgwFoAUjALg5XnGA2m55ZYrx+cAQntpFbYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMUY1MTM0RDNGNzg0MkZDODNBMTVERUJBMjRCNTFDNzBC
RTcyNkRBRjlGMkQxNkFDNTQ1RUVBRDc0NDMyN0ZFLzAvOEMwMkUwRTU3OUM2MDM2
OUI5RTU5NjJCQzdFNzAwNDI3QjY5MTVCNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84QzAyRTBFNTc5QzYwMzY5QjlF
NTk2MkJDN0U3MDA0MjdCNjkxNUI2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjFGNTEzNEQzRjc4NDJGQzgzQTE1REVCQTI0QjUxQzcwQkU3MjZEQUY5
RjJEMTZBQzU0NUVFQUQ3NDQzMjdGRS8wLzMxMzkzMDJlMzEzMDM1MmUzMTM3MzYy
ZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzNTMyMzMzMDM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEvmmw
MA0GCSqGSIb3DQEBCwUAA4IBAQDapdRyz1qBqMvFyfktNkhE78nJvH9Yyp14fwvu
eF0dP/n5R4jtmitJenTx5NJXlk2aO+EWT8goZRe5jPIpDhHh51xLwj9q5osbNSpr
B0g//qz5krbd88Bj7HxnDKjVEkWbJXkF2E/W1tXgoYraO1PewwHM28WAVBdLg2XP
sjp/3RpgrNWJHPRbncUfXF8cOz9eJ60fFUqRu6La/FYkAPszyLDlP83gl456TWwg
KV6MPqg71SvpJIf44gXLj58Rb1eI1VxDiGMV3NmqkTRFIIPwsp+EtGx8+brqJUdg
iZrfTRu2xij9s1Tk5DQtXysmCEWxxZo92zATFXArnoN8AMKD
-----END CERTIFICATE-----