Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2DEA4B959BE421481C137BAE5FBC2FBE1BDDD87C07A65D52F0C9ECF68F7C599F/0/3138362e3139302e3136302e302f32302d3234203d3e203237393533.roa
File:                     3138362e3139302e3136302e302f32302d3234203d3e203237393533.roa (raw, json)
Hash identifier:          FWS+lkJhsYylzUea9L98dM3IRZVbPmzcREsL953RygU=
Subject key identifier:   C7:72:A7:0F:97:17:0A:F0:E6:4D:AF:25:EB:55:9D:E5:9B:55:12:06
Certificate issuer:       /CN=D67E5644D439ECB615A931808B0D6F2AC66A19F2
Certificate serial:       417B4DD732F62A6D7910B29091A6F71A38A658A3
Authority key identifier: D6:7E:56:44:D4:39:EC:B6:15:A9:31:80:8B:0D:6F:2A:C6:6A:19:F2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D67E5644D439ECB615A931808B0D6F2AC66A19F2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2DEA4B959BE421481C137BAE5FBC2FBE1BDDD87C07A65D52F0C9ECF68F7C599F/0/3138362e3139302e3136302e302f32302d3234203d3e203237393533.roa
Signing time:             Tue 04 Feb 2025 18:56:26 +0000
ROA not before:           Tue 04 Feb 2025 18:51:26 +0000
ROA not after:            Tue 03 Feb 2026 18:56:26 +0000
asID:                     27953
IP address blocks:        186.190.160.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:7b:4d:d7:32:f6:2a:6d:79:10:b2:90:91:a6:f7:1a:38:a6:58:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D67E5644D439ECB615A931808B0D6F2AC66A19F2
        Validity
            Not Before: Feb  4 18:51:26 2025 GMT
            Not After : Feb  3 18:56:26 2026 GMT
        Subject: CN=C772A70F97170AF0E64DAF25EB559DE59B551206
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e4:bb:22:7e:f3:61:ba:7a:79:62:fb:9b:55:
                    ac:28:47:e1:d8:78:6f:e0:af:f1:26:d7:11:21:37:
                    28:91:d5:25:a4:a8:f7:9d:c2:6c:90:9e:fb:8b:a4:
                    d2:9b:6b:58:82:6a:eb:1d:ae:93:ba:e1:88:9c:b8:
                    a0:9c:21:c4:05:2e:bf:4b:55:9b:6c:e0:f6:91:e1:
                    1a:d0:e1:09:9f:99:b9:91:14:2e:95:06:ea:12:74:
                    37:8f:1d:45:2d:4e:7c:01:d4:2c:0d:52:2b:68:a3:
                    32:74:c9:4b:8f:03:23:ac:87:03:ea:f7:4d:85:fa:
                    c7:64:5b:2f:c9:09:40:44:ee:b0:a2:f9:29:10:42:
                    db:c9:04:4b:b2:0d:c0:6d:74:b0:36:26:38:e4:b7:
                    a5:41:63:0f:92:f4:f2:3d:81:bc:86:5f:fd:d8:f3:
                    58:1d:1e:9e:73:d8:dc:fd:b5:27:60:e6:c1:5e:56:
                    8b:55:9e:af:95:97:a0:8e:26:7c:e5:7c:e6:9b:3c:
                    ff:99:8b:c3:da:65:be:5e:c0:20:d5:4c:bc:f1:6c:
                    fe:2c:82:6d:40:71:65:6b:23:53:70:7d:b6:66:82:
                    07:bf:5f:14:a0:5c:1f:96:ab:3a:76:69:08:c7:87:
                    cb:2c:2c:68:91:b3:bd:84:31:38:23:48:fc:ab:27:
                    99:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:72:A7:0F:97:17:0A:F0:E6:4D:AF:25:EB:55:9D:E5:9B:55:12:06
            X509v3 Authority Key Identifier:
                keyid:D6:7E:56:44:D4:39:EC:B6:15:A9:31:80:8B:0D:6F:2A:C6:6A:19:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2DEA4B959BE421481C137BAE5FBC2FBE1BDDD87C07A65D52F0C9ECF68F7C599F/0/D67E5644D439ECB615A931808B0D6F2AC66A19F2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D67E5644D439ECB615A931808B0D6F2AC66A19F2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2DEA4B959BE421481C137BAE5FBC2FBE1BDDD87C07A65D52F0C9ECF68F7C599F/0/3138362e3139302e3136302e302f32302d3234203d3e203237393533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.190.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         69:88:a5:2f:19:0e:9f:26:27:48:55:49:68:0f:ee:6d:69:1f:
         99:73:8e:6e:d7:ee:33:f4:1f:84:f1:94:94:53:50:db:3d:10:
         69:4f:73:b8:4a:91:91:90:c3:df:67:20:81:87:92:b1:f5:19:
         c9:82:44:be:26:79:f0:83:65:e4:29:16:af:b9:54:4d:6e:40:
         dc:52:14:68:dc:23:53:0d:43:f7:72:4f:94:af:2d:d9:39:8d:
         76:89:0f:30:1d:2c:d8:91:9c:91:77:ea:01:b2:3a:bf:32:29:
         25:6b:e9:03:2e:02:62:84:c6:4f:12:3f:d4:1b:b5:a0:29:aa:
         85:0a:de:5b:39:d8:31:fc:de:80:e0:e3:6c:40:69:da:2f:22:
         41:8b:1b:6f:f8:f2:16:b4:ea:26:ed:e6:0d:81:66:ec:e9:32:
         8a:bb:ff:c8:53:5c:60:16:ad:7e:e5:ce:80:e7:42:3e:57:5b:
         d4:06:cf:d5:5d:b6:df:28:a3:17:e2:01:a5:07:73:5d:77:7f:
         2e:b6:36:fe:ae:89:88:37:77:77:ca:59:08:be:16:a1:00:76:
         76:ef:e5:6b:44:aa:4c:e2:b8:cb:cb:65:06:98:3f:cb:2f:00:
         f2:61:0a:9e:30:04:83:13:34:85:a8:f3:f1:b6:47:6b:7c:c2:
         af:11:e7:4c
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUQXtN1zL2Km15ELKQkab3GjimWKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDY3RTU2NDRENDM5RUNCNjE1QTkzMTgwOEIwRDZGMkFD
NjZBMTlGMjAeFw0yNTAyMDQxODUxMjZaFw0yNjAyMDMxODU2MjZaMDMxMTAvBgNV
BAMTKEM3NzJBNzBGOTcxNzBBRjBFNjREQUYyNUVCNTU5REU1OUI1NTEyMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC95LsifvNhunp5YvubVawoR+HY
eG/gr/Em1xEhNyiR1SWkqPedwmyQnvuLpNKba1iCausdrpO64YicuKCcIcQFLr9L
VZts4PaR4RrQ4QmfmbmRFC6VBuoSdDePHUUtTnwB1CwNUitoozJ0yUuPAyOshwPq
902F+sdkWy/JCUBE7rCi+SkQQtvJBEuyDcBtdLA2Jjjkt6VBYw+S9PI9gbyGX/3Y
81gdHp5z2Nz9tSdg5sFeVotVnq+Vl6COJnzlfOabPP+Zi8PaZb5ewCDVTLzxbP4s
gm1AcWVrI1NwfbZmgge/XxSgXB+Wqzp2aQjHh8ssLGiRs72EMTgjSPyrJ5khAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUx3KnD5cXCvDmTa8l61Wd5ZtVEgYwHwYDVR0j
BBgwFoAU1n5WRNQ57LYVqTGAiw1vKsZqGfIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yREVBNEI5NTlCRTQyMTQ4MUMxMzdCQUU1RkJDMkZCRTFC
REREODdDMDdBNjVENTJGMEM5RUNGNjhGN0M1OTlGLzAvRDY3RTU2NDRENDM5RUNC
NjE1QTkzMTgwOEIwRDZGMkFDNjZBMTlGMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjdFNTY0NEQ0MzlFQ0I2MTVB
OTMxODA4QjBENkYyQUM2NkExOUYyLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkRFQTRCOTU5QkU0MjE0ODFDMTM3QkFFNUZCQzJGQkUxQkRERDg3QzA3
QTY1RDUyRjBDOUVDRjY4RjdDNTk5Ri8wLzMxMzgzNjJlMzEzOTMwMmUzMTM2MzAy
ZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjM3MzkzNTMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEur6g
MA0GCSqGSIb3DQEBCwUAA4IBAQBpiKUvGQ6fJidIVUloD+5taR+Zc45u1+4z9B+E
8ZSUU1DbPRBpT3O4SpGRkMPfZyCBh5Kx9RnJgkS+Jnnwg2XkKRavuVRNbkDcUhRo
3CNTDUP3ck+Ury3ZOY12iQ8wHSzYkZyRd+oBsjq/Mikla+kDLgJihMZPEj/UG7Wg
KaqFCt5bOdgx/N6A4ONsQGnaLyJBixtv+PIWtOom7eYNgWbs6TKKu//IU1xgFq1+
5c6A50I+V1vUBs/VXbbfKKMX4gGlB3Ndd38utjb+romIN3d3ylkIvhahAHZ27+Vr
RKpM4rjLy2UGmD/LLwDyYQqeMASDEzSFqPPxtkdrfMKvEedM
-----END CERTIFICATE-----