Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2DEA4B959BE421481C137BAE5FBC2FBE1BDDD87C07A65D52F0C9ECF68F7C599F/0/3138362e302e3132382e302f32312d3234203d3e203237393533.roa
File:                     3138362e302e3132382e302f32312d3234203d3e203237393533.roa (raw, json)
Hash identifier:          6W+lDruCv5Cal3YFWrCDVOkjF+ac2FZ27xlkk77RztA=
Subject key identifier:   F5:32:7F:29:1E:0D:85:FC:39:AA:DB:0D:78:3B:F8:71:74:4F:05:2B
Certificate issuer:       /CN=D67E5644D439ECB615A931808B0D6F2AC66A19F2
Certificate serial:       0F5F625E448B9845634D4E8D31BA0B8041879AE2
Authority key identifier: D6:7E:56:44:D4:39:EC:B6:15:A9:31:80:8B:0D:6F:2A:C6:6A:19:F2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D67E5644D439ECB615A931808B0D6F2AC66A19F2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2DEA4B959BE421481C137BAE5FBC2FBE1BDDD87C07A65D52F0C9ECF68F7C599F/0/3138362e302e3132382e302f32312d3234203d3e203237393533.roa
Signing time:             Tue 04 Feb 2025 18:56:25 +0000
ROA not before:           Tue 04 Feb 2025 18:51:25 +0000
ROA not after:            Tue 03 Feb 2026 18:56:25 +0000
asID:                     27953
IP address blocks:        186.0.128.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:5f:62:5e:44:8b:98:45:63:4d:4e:8d:31:ba:0b:80:41:87:9a:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D67E5644D439ECB615A931808B0D6F2AC66A19F2
        Validity
            Not Before: Feb  4 18:51:25 2025 GMT
            Not After : Feb  3 18:56:25 2026 GMT
        Subject: CN=F5327F291E0D85FC39AADB0D783BF871744F052B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:97:cb:c5:24:80:ea:20:b6:61:46:21:0a:d1:
                    f5:8c:b9:20:6b:7b:c8:33:55:d3:86:3d:54:79:f4:
                    af:f6:9e:b9:28:6a:73:4c:9c:41:a8:0c:0d:22:00:
                    c9:c2:eb:22:d8:52:ef:8f:30:8d:28:45:3f:98:83:
                    b3:8b:40:45:82:3f:15:70:62:e4:46:31:e2:39:8e:
                    8f:ea:05:b6:43:5e:1d:94:df:6f:68:96:a4:d9:e5:
                    ac:16:11:ba:38:34:7a:72:08:f5:f0:0c:60:c5:15:
                    7d:41:96:42:f8:9d:dd:37:c4:cb:b5:8b:e4:31:a1:
                    fa:b3:2c:bf:47:95:d8:0a:77:69:99:1b:c2:29:53:
                    70:95:87:70:88:93:34:19:8c:da:f8:5a:18:7b:6e:
                    41:c0:ef:43:20:e2:e4:42:c4:b6:55:c5:10:3d:3c:
                    97:a8:80:47:e0:6f:68:2b:eb:a3:58:74:80:d9:98:
                    13:72:27:d4:e9:fa:36:99:1d:79:ef:d5:64:69:15:
                    fa:ce:80:f4:34:00:1b:4e:21:fd:be:d7:ab:f7:16:
                    81:8d:b3:73:95:c8:6f:03:11:06:96:47:54:6e:21:
                    5f:59:5b:21:16:85:86:b4:0d:a5:e5:5b:53:c9:f7:
                    f5:f4:59:a7:f1:17:ea:b1:d8:87:dd:9c:58:e3:05:
                    13:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:32:7F:29:1E:0D:85:FC:39:AA:DB:0D:78:3B:F8:71:74:4F:05:2B
            X509v3 Authority Key Identifier:
                keyid:D6:7E:56:44:D4:39:EC:B6:15:A9:31:80:8B:0D:6F:2A:C6:6A:19:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2DEA4B959BE421481C137BAE5FBC2FBE1BDDD87C07A65D52F0C9ECF68F7C599F/0/D67E5644D439ECB615A931808B0D6F2AC66A19F2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D67E5644D439ECB615A931808B0D6F2AC66A19F2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2DEA4B959BE421481C137BAE5FBC2FBE1BDDD87C07A65D52F0C9ECF68F7C599F/0/3138362e302e3132382e302f32312d3234203d3e203237393533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.0.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         5d:f9:9a:17:21:2c:39:83:9f:ee:49:f7:90:b2:46:31:b7:33:
         12:31:8e:d5:38:e7:1b:9a:29:03:41:cb:3b:ad:ec:40:7d:59:
         fd:43:9c:59:57:31:7d:f8:a7:37:45:e0:8b:f3:f3:a6:b3:49:
         51:a1:e7:b9:4a:f7:10:44:28:f7:d9:1b:9a:95:8f:13:a1:87:
         92:04:13:c7:89:bb:8d:d4:ac:7d:f4:64:fb:26:d1:3c:c5:75:
         7c:15:48:67:24:3c:01:91:0e:fa:92:86:b0:27:e8:5f:6e:fd:
         32:f2:a0:ee:1d:9a:f7:d7:e6:00:f0:7f:52:08:44:f6:a3:da:
         f5:7f:e0:8b:d9:1f:76:25:ef:75:c1:98:86:03:a8:21:1d:83:
         27:28:77:2b:89:6f:6b:c2:fe:c5:c2:c7:fd:41:54:48:71:1e:
         d0:33:26:ca:2c:80:99:38:59:91:de:88:f2:2c:5c:bc:d6:0f:
         bb:34:86:a3:dc:da:e8:b4:82:18:fd:57:82:b5:7a:27:9f:e0:
         4f:f8:03:32:57:d1:80:4e:cd:28:67:57:68:36:dc:1e:c0:31:
         2f:7d:61:eb:22:8c:dd:3d:27:f2:14:f2:7c:5d:c0:2b:96:31:
         91:ac:72:2d:cc:82:a3:80:48:80:80:a0:b4:ad:50:ad:c9:23:
         2b:ef:6a:df
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUD19iXkSLmEVjTU6NMboLgEGHmuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDY3RTU2NDRENDM5RUNCNjE1QTkzMTgwOEIwRDZGMkFD
NjZBMTlGMjAeFw0yNTAyMDQxODUxMjVaFw0yNjAyMDMxODU2MjVaMDMxMTAvBgNV
BAMTKEY1MzI3RjI5MUUwRDg1RkMzOUFBREIwRDc4M0JGODcxNzQ0RjA1MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsl8vFJIDqILZhRiEK0fWMuSBr
e8gzVdOGPVR59K/2nrkoanNMnEGoDA0iAMnC6yLYUu+PMI0oRT+Yg7OLQEWCPxVw
YuRGMeI5jo/qBbZDXh2U329olqTZ5awWEbo4NHpyCPXwDGDFFX1BlkL4nd03xMu1
i+QxofqzLL9HldgKd2mZG8IpU3CVh3CIkzQZjNr4Whh7bkHA70Mg4uRCxLZVxRA9
PJeogEfgb2gr66NYdIDZmBNyJ9Tp+jaZHXnv1WRpFfrOgPQ0ABtOIf2+16v3FoGN
s3OVyG8DEQaWR1RuIV9ZWyEWhYa0DaXlW1PJ9/X0WafxF+qx2IfdnFjjBRMVAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU9TJ/KR4Nhfw5qtsNeDv4cXRPBSswHwYDVR0j
BBgwFoAU1n5WRNQ57LYVqTGAiw1vKsZqGfIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yREVBNEI5NTlCRTQyMTQ4MUMxMzdCQUU1RkJDMkZCRTFC
REREODdDMDdBNjVENTJGMEM5RUNGNjhGN0M1OTlGLzAvRDY3RTU2NDRENDM5RUNC
NjE1QTkzMTgwOEIwRDZGMkFDNjZBMTlGMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjdFNTY0NEQ0MzlFQ0I2MTVB
OTMxODA4QjBENkYyQUM2NkExOUYyLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkRFQTRCOTU5QkU0MjE0ODFDMTM3QkFFNUZCQzJGQkUxQkRERDg3QzA3
QTY1RDUyRjBDOUVDRjY4RjdDNTk5Ri8wLzMxMzgzNjJlMzAyZTMxMzIzODJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDMyMzczOTM1MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO6AIAwDQYJ
KoZIhvcNAQELBQADggEBAF35mhchLDmDn+5J95CyRjG3MxIxjtU45xuaKQNByzut
7EB9Wf1DnFlXMX34pzdF4Ivz86azSVGh57lK9xBEKPfZG5qVjxOhh5IEE8eJu43U
rH30ZPsm0TzFdXwVSGckPAGRDvqShrAn6F9u/TLyoO4dmvfX5gDwf1IIRPaj2vV/
4IvZH3Yl73XBmIYDqCEdgycodyuJb2vC/sXCx/1BVEhxHtAzJsosgJk4WZHeiPIs
XLzWD7s0hqPc2ui0ghj9V4K1eief4E/4AzJX0YBOzShnV2g23B7AMS99YesijN09
J/IU8nxdwCuWMZGsci3MgqOASICAoLStUK3JIyvvat8=
-----END CERTIFICATE-----