Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/291B858C7C334CDBEA2E3C82055F8F6FC65E446882C7034E52D95AF4B213AF3C/0/3136382e3139362e3135362e302f32322d3234203d3e20323634373731.roa
File:                     3136382e3139362e3135362e302f32322d3234203d3e20323634373731.roa (raw, json)
Hash identifier:          8Uo59A7cIFffWsy7yMqF1q0RsJPspTpQE7uepqI4mRA=
Subject key identifier:   16:D7:13:50:8E:27:02:A5:2F:E6:96:0B:9B:69:09:00:DD:0C:22:D9
Certificate issuer:       /CN=5558B5E1D174BAD1D35EA916CBE18E573AF38B25
Certificate serial:       60018B1D60FB510E120DFEA23A5250D7EB666D0B
Authority key identifier: 55:58:B5:E1:D1:74:BA:D1:D3:5E:A9:16:CB:E1:8E:57:3A:F3:8B:25
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5558B5E1D174BAD1D35EA916CBE18E573AF38B25.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/291B858C7C334CDBEA2E3C82055F8F6FC65E446882C7034E52D95AF4B213AF3C/0/3136382e3139362e3135362e302f32322d3234203d3e20323634373731.roa
Signing time:             Tue 04 Feb 2025 18:07:03 +0000
ROA not before:           Tue 04 Feb 2025 18:02:03 +0000
ROA not after:            Tue 03 Feb 2026 18:07:03 +0000
asID:                     264771
IP address blocks:        168.196.156.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:01:8b:1d:60:fb:51:0e:12:0d:fe:a2:3a:52:50:d7:eb:66:6d:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5558B5E1D174BAD1D35EA916CBE18E573AF38B25
        Validity
            Not Before: Feb  4 18:02:03 2025 GMT
            Not After : Feb  3 18:07:03 2026 GMT
        Subject: CN=16D713508E2702A52FE6960B9B690900DD0C22D9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:08:f6:eb:58:c0:c1:50:e6:30:0e:8c:1f:2f:
                    93:1d:3d:b8:f0:70:89:b4:af:9d:ff:f0:b2:73:ff:
                    ef:9f:ae:5d:ee:d5:96:b8:44:d2:06:ea:b4:7f:50:
                    37:0f:20:b6:a3:95:b1:26:34:96:2f:1c:7f:e9:65:
                    a8:5e:0c:ec:ad:01:24:13:6e:cc:f7:8f:1d:7b:0f:
                    e6:0c:d0:73:35:05:1f:88:4f:c3:39:8d:fb:21:d0:
                    eb:09:29:d0:9a:1e:fc:01:40:26:10:77:54:b9:d1:
                    a3:1a:39:09:0e:55:b8:b6:1f:35:7f:fe:cc:eb:da:
                    75:64:49:36:65:b2:46:ae:f2:a1:f9:0c:fb:61:19:
                    35:30:51:e8:49:51:b6:c2:2e:6a:61:70:0c:c9:64:
                    11:82:b4:c3:b9:ef:72:bb:1c:95:dd:36:f4:70:f6:
                    5e:df:41:29:7c:c2:ee:8f:05:49:1a:c2:87:98:9c:
                    fd:df:68:51:e4:9a:90:fc:c2:74:f1:3f:9f:fe:c8:
                    32:77:f0:d7:dc:91:5c:3b:81:e6:e0:d5:a0:e3:b0:
                    c8:26:67:85:bc:bb:ad:e8:df:33:96:57:29:cf:57:
                    81:af:7f:5c:d3:be:be:c2:f6:e1:0c:50:69:b4:15:
                    db:cd:e0:b5:37:1c:35:fb:e5:b7:e3:76:3e:0b:c1:
                    78:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:D7:13:50:8E:27:02:A5:2F:E6:96:0B:9B:69:09:00:DD:0C:22:D9
            X509v3 Authority Key Identifier:
                keyid:55:58:B5:E1:D1:74:BA:D1:D3:5E:A9:16:CB:E1:8E:57:3A:F3:8B:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/291B858C7C334CDBEA2E3C82055F8F6FC65E446882C7034E52D95AF4B213AF3C/0/5558B5E1D174BAD1D35EA916CBE18E573AF38B25.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5558B5E1D174BAD1D35EA916CBE18E573AF38B25.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/291B858C7C334CDBEA2E3C82055F8F6FC65E446882C7034E52D95AF4B213AF3C/0/3136382e3139362e3135362e302f32322d3234203d3e20323634373731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.196.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:61:d9:94:c4:f7:bc:92:e6:7a:bb:ec:63:d6:63:92:b2:1b:
         ba:1f:45:d4:0c:51:95:7d:ff:9b:ce:57:3d:68:f5:9a:8c:a8:
         e3:d9:45:f4:03:36:0d:f3:b5:92:fb:dd:7a:41:7d:95:a3:23:
         c2:d2:37:7d:ef:f8:ff:a3:c7:26:29:62:01:b1:42:74:d1:33:
         0b:12:69:f9:4f:24:cd:18:f7:f4:1e:c9:e5:99:b9:87:a4:25:
         de:24:e1:22:af:1c:94:86:c1:10:3b:ad:54:92:66:5e:56:c7:
         35:b4:23:21:04:00:ff:02:9b:ea:8f:f5:53:9a:10:2a:71:ff:
         06:cf:c5:3c:8d:07:0f:88:7a:ad:ec:e4:60:12:fe:0d:3c:1f:
         a3:05:c1:39:e2:0c:73:d1:7e:78:99:d2:ab:34:70:70:eb:96:
         6f:e1:5b:9a:78:97:9e:eb:6b:72:83:f7:71:cf:cd:02:b6:8b:
         00:8d:b1:b7:9c:72:f4:ef:f5:3a:28:74:a2:42:0a:a2:f3:43:
         f7:63:98:f3:c3:22:91:a5:1a:0a:84:5c:d1:2b:34:a3:61:3b:
         81:b3:d3:d8:83:9e:84:96:1c:bd:2d:e0:a4:51:42:f7:6f:08:
         94:29:25:2f:cb:c7:f5:b8:ca:39:df:a8:00:c7:c0:98:fb:83:
         ad:a2:93:5f
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUYAGLHWD7UQ4SDf6iOlJQ1+tmbQswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTU1OEI1RTFEMTc0QkFEMUQzNUVBOTE2Q0JFMThFNTcz
QUYzOEIyNTAeFw0yNTAyMDQxODAyMDNaFw0yNjAyMDMxODA3MDNaMDMxMTAvBgNV
BAMTKDE2RDcxMzUwOEUyNzAyQTUyRkU2OTYwQjlCNjkwOTAwREQwQzIyRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqCPbrWMDBUOYwDowfL5MdPbjw
cIm0r53/8LJz/++frl3u1Za4RNIG6rR/UDcPILajlbEmNJYvHH/pZaheDOytASQT
bsz3jx17D+YM0HM1BR+IT8M5jfsh0OsJKdCaHvwBQCYQd1S50aMaOQkOVbi2HzV/
/szr2nVkSTZlskau8qH5DPthGTUwUehJUbbCLmphcAzJZBGCtMO573K7HJXdNvRw
9l7fQSl8wu6PBUkawoeYnP3faFHkmpD8wnTxP5/+yDJ38NfckVw7gebg1aDjsMgm
Z4W8u63o3zOWVynPV4Gvf1zTvr7C9uEMUGm0FdvN4LU3HDX75bfjdj4LwXipAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUFtcTUI4nAqUv5pYLm2kJAN0MItkwHwYDVR0j
BBgwFoAUVVi14dF0utHTXqkWy+GOVzrziyUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yOTFCODU4QzdDMzM0Q0RCRUEyRTNDODIwNTVGOEY2RkM2
NUU0NDY4ODJDNzAzNEU1MkQ5NUFGNEIyMTNBRjNDLzAvNTU1OEI1RTFEMTc0QkFE
MUQzNUVBOTE2Q0JFMThFNTczQUYzOEIyNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81NTU4QjVFMUQxNzRCQUQxRDM1
RUE5MTZDQkUxOEU1NzNBRjM4QjI1LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjkxQjg1OEM3QzMzNENEQkVBMkUzQzgyMDU1RjhGNkZDNjVFNDQ2ODgy
QzcwMzRFNTJEOTVBRjRCMjEzQUYzQy8wLzMxMzYzODJlMzEzOTM2MmUzMTM1MzYy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzQzNzM3MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKo
xJwwDQYJKoZIhvcNAQELBQADggEBAJNh2ZTE97yS5nq77GPWY5KyG7ofRdQMUZV9
/5vOVz1o9ZqMqOPZRfQDNg3ztZL73XpBfZWjI8LSN33v+P+jxyYpYgGxQnTRMwsS
aflPJM0Y9/QeyeWZuYekJd4k4SKvHJSGwRA7rVSSZl5WxzW0IyEEAP8Cm+qP9VOa
ECpx/wbPxTyNBw+Ieq3s5GAS/g08H6MFwTniDHPRfniZ0qs0cHDrlm/hW5p4l57r
a3KD93HPzQK2iwCNsbeccvTv9ToodKJCCqLzQ/djmPPDIpGlGgqEXNErNKNhO4Gz
09iDnoSWHL0t4KRRQvdvCJQpJS/Lx/W4yjnfqADHwJj7g62ik18=
-----END CERTIFICATE-----