Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3139302e39392e33372e302f32342d3234203d3e203237373733.roa
File:                     3139302e39392e33372e302f32342d3234203d3e203237373733.roa (raw, json)
Hash identifier:          2n9tawU4WcsdO0Pu0k3drMk3EMMDg8jlp0hgSBee3+s=
Subject key identifier:   BB:34:32:A2:E3:C2:19:9D:CF:84:39:F1:5A:55:FE:21:79:94:50:F2
Certificate issuer:       /CN=9BCCBD68EB22C37B886D81BDFC8BA77CD7312208
Certificate serial:       6D18D888CFF62D7FB1F0DACD9498C8063972E87D
Authority key identifier: 9B:CC:BD:68:EB:22:C3:7B:88:6D:81:BD:FC:8B:A7:7C:D7:31:22:08
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3139302e39392e33372e302f32342d3234203d3e203237373733.roa
Signing time:             Tue 04 Feb 2025 20:02:04 +0000
ROA not before:           Tue 04 Feb 2025 19:57:04 +0000
ROA not after:            Tue 03 Feb 2026 20:02:04 +0000
asID:                     27773
IP address blocks:        190.99.37.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:18:d8:88:cf:f6:2d:7f:b1:f0:da:cd:94:98:c8:06:39:72:e8:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9BCCBD68EB22C37B886D81BDFC8BA77CD7312208
        Validity
            Not Before: Feb  4 19:57:04 2025 GMT
            Not After : Feb  3 20:02:04 2026 GMT
        Subject: CN=BB3432A2E3C2199DCF8439F15A55FE21799450F2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:03:c9:94:c5:f3:72:d3:e8:fd:fc:e9:50:30:
                    e3:17:41:94:d9:67:7e:04:f3:dc:bb:52:74:1f:78:
                    91:65:bb:01:d2:9d:65:e9:0e:bd:4c:cd:a8:ee:f2:
                    66:dd:70:6d:b8:8a:ad:4d:2f:38:1c:e7:69:6b:64:
                    3a:6d:52:38:70:18:a5:76:66:0c:76:de:9b:a9:43:
                    ee:6e:75:90:ee:66:26:b7:c2:83:bc:21:67:23:02:
                    b9:e8:04:7a:20:40:87:58:d3:8e:f8:18:cb:67:f1:
                    02:b7:01:66:27:bb:38:85:f4:41:0c:0e:c5:c0:85:
                    0a:b1:b9:d1:0a:76:c6:df:7d:49:24:30:ed:36:9a:
                    ea:2d:b5:1e:f6:7b:1e:b3:d7:6d:65:3b:a1:c1:25:
                    f3:27:bb:4b:1c:d6:8f:76:38:72:e2:4d:bf:15:4b:
                    c9:c8:4b:72:13:62:99:6a:d0:49:fa:14:e3:60:4c:
                    49:b0:65:d4:c9:76:91:73:e0:90:7c:b6:ea:80:db:
                    29:d6:27:25:7c:45:92:f1:cd:16:7d:c5:60:d9:46:
                    69:48:03:12:7d:06:35:ab:e1:68:61:44:05:32:2a:
                    4e:5b:a0:1c:20:04:5b:36:69:07:ff:4c:09:84:90:
                    68:f3:4f:b9:37:3a:db:12:b0:bb:6b:b4:99:61:93:
                    5c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:34:32:A2:E3:C2:19:9D:CF:84:39:F1:5A:55:FE:21:79:94:50:F2
            X509v3 Authority Key Identifier:
                keyid:9B:CC:BD:68:EB:22:C3:7B:88:6D:81:BD:FC:8B:A7:7C:D7:31:22:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9BCCBD68EB22C37B886D81BDFC8BA77CD7312208.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A5F2F87D11786FB3FCADAA043431EB013CDBAD00247EDB7A6502BFFD8B4CC24/0/3139302e39392e33372e302f32342d3234203d3e203237373733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.99.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:f7:51:35:32:d1:4a:84:c0:63:e2:35:d4:39:ad:b1:67:4c:
         ca:bc:4e:3c:0f:bb:be:f0:e0:5a:95:6c:ab:a7:a5:ea:80:73:
         de:cf:ed:d0:e0:f9:a6:13:0c:96:e9:84:ca:93:e2:71:39:41:
         fb:39:01:78:68:4f:5d:4c:8d:5c:a5:a9:e5:96:26:82:e7:18:
         3f:69:29:ee:17:98:8d:a1:60:8d:68:45:21:b2:f7:85:09:44:
         bf:20:5f:c9:c4:05:5f:a1:bf:54:1a:99:90:31:73:5f:66:bd:
         43:26:b8:61:6f:9c:83:7a:9b:fe:51:95:1d:0f:4d:13:c9:20:
         b4:46:7e:f9:e0:6c:f7:cd:09:3d:89:78:e3:9f:76:ad:5e:a5:
         49:08:5e:33:d0:f1:a0:b1:68:88:80:78:85:da:52:d0:59:97:
         31:1d:f7:e0:ec:37:c3:38:2d:45:2e:a2:3c:64:29:d1:4f:bc:
         2e:67:7b:f6:61:b2:d2:5e:04:cf:b6:7a:82:2c:6b:be:62:34:
         e6:e2:7a:5e:8a:93:97:6d:0e:71:e5:55:81:47:68:35:3d:6f:
         48:62:33:8d:00:46:75:5c:e9:df:c7:a4:92:7c:0c:fd:32:b5:
         b8:ab:a2:3f:84:54:d2:d2:cc:02:50:93:02:a7:42:47:61:5e:
         75:0c:88:d8
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUbRjYiM/2LX+x8NrNlJjIBjly6H0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUJDQ0JENjhFQjIyQzM3Qjg4NkQ4MUJERkM4QkE3N0NE
NzMxMjIwODAeFw0yNTAyMDQxOTU3MDRaFw0yNjAyMDMyMDAyMDRaMDMxMTAvBgNV
BAMTKEJCMzQzMkEyRTNDMjE5OURDRjg0MzlGMTVBNTVGRTIxNzk5NDUwRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYA8mUxfNy0+j9/OlQMOMXQZTZ
Z34E89y7UnQfeJFluwHSnWXpDr1Mzaju8mbdcG24iq1NLzgc52lrZDptUjhwGKV2
Zgx23pupQ+5udZDuZia3woO8IWcjArnoBHogQIdY0474GMtn8QK3AWYnuziF9EEM
DsXAhQqxudEKdsbffUkkMO02muottR72ex6z121lO6HBJfMnu0sc1o92OHLiTb8V
S8nIS3ITYplq0En6FONgTEmwZdTJdpFz4JB8tuqA2ynWJyV8RZLxzRZ9xWDZRmlI
AxJ9BjWr4WhhRAUyKk5boBwgBFs2aQf/TAmEkGjzT7k3OtsSsLtrtJlhk1xNAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUuzQyouPCGZ3PhDnxWlX+IXmUUPIwHwYDVR0j
BBgwFoAUm8y9aOsiw3uIbYG9/IunfNcxIggwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQTVGMkY4N0QxMTc4NkZCM0ZDQURBQTA0MzQzMUVCMDEz
Q0RCQUQwMDI0N0VEQjdBNjUwMkJGRkQ4QjRDQzI0LzAvOUJDQ0JENjhFQjIyQzM3
Qjg4NkQ4MUJERkM4QkE3N0NENzMxMjIwOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QkNDQkQ2OEVCMjJDMzdCODg2
RDgxQkRGQzhCQTc3Q0Q3MzEyMjA4LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E1RjJGODdEMTE3ODZGQjNGQ0FEQUEwNDM0MzFFQjAxM0NEQkFEMDAy
NDdFREI3QTY1MDJCRkZEOEI0Q0MyNC8wLzMxMzkzMDJlMzkzOTJlMzMzNzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczNzM3MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+YyUwDQYJ
KoZIhvcNAQELBQADggEBAJ/3UTUy0UqEwGPiNdQ5rbFnTMq8TjwPu77w4FqVbKun
peqAc97P7dDg+aYTDJbphMqT4nE5Qfs5AXhoT11MjVylqeWWJoLnGD9pKe4XmI2h
YI1oRSGy94UJRL8gX8nEBV+hv1QamZAxc19mvUMmuGFvnIN6m/5RlR0PTRPJILRG
fvngbPfNCT2JeOOfdq1epUkIXjPQ8aCxaIiAeIXaUtBZlzEd9+DsN8M4LUUuojxk
KdFPvC5ne/ZhstJeBM+2eoIsa75iNObiel6Kk5dtDnHlVYFHaDU9b0hiM40ARnVc
6d/HpJJ8DP0ytbiroj+EVNLSzAJQkwKnQkdhXnUMiNg=
-----END CERTIFICATE-----