Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138322e3235322e302f32322d3234203d3e20323637383736.roa
File:                     3139302e3138322e3235322e302f32322d3234203d3e20323637383736.roa (raw, json)
Hash identifier:          TaGkjLfFCAVDJTh26of7MX3t7J+Gl/XulIG03d9avwQ=
Subject key identifier:   31:5B:C0:BD:9C:6A:F1:CD:B0:E3:FA:D0:EC:81:4B:EC:DF:EA:EB:CE
Certificate issuer:       /CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
Certificate serial:       68A0A137AF4C240473DBE74CE63041B4B46510DB
Authority key identifier: F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138322e3235322e302f32322d3234203d3e20323637383736.roa
Signing time:             Tue 04 Feb 2025 18:30:34 +0000
ROA not before:           Tue 04 Feb 2025 18:25:34 +0000
ROA not after:            Tue 03 Feb 2026 18:30:34 +0000
asID:                     267876
IP address blocks:        190.182.252.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:a0:a1:37:af:4c:24:04:73:db:e7:4c:e6:30:41:b4:b4:65:10:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
        Validity
            Not Before: Feb  4 18:25:34 2025 GMT
            Not After : Feb  3 18:30:34 2026 GMT
        Subject: CN=315BC0BD9C6AF1CDB0E3FAD0EC814BECDFEAEBCE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:79:bf:28:85:dc:54:f1:79:cc:34:23:53:d9:
                    14:d5:74:8b:f9:30:6a:8f:86:5d:57:f1:0f:4c:45:
                    c3:93:45:64:b1:31:8b:ac:ae:75:17:9f:44:de:46:
                    d3:89:80:12:71:fc:49:3c:00:1b:3e:5f:29:5c:f1:
                    a9:ab:67:34:ab:1d:95:66:e3:e0:e7:b5:08:6d:e0:
                    3e:35:75:40:c4:5d:ac:1d:b6:00:98:46:ad:8d:a8:
                    10:d4:bc:b7:2a:af:53:f0:9e:42:9c:95:d7:89:88:
                    80:c8:9c:9e:e1:7f:18:35:fc:61:92:09:c9:36:0d:
                    f2:ce:2d:d3:0d:dd:32:79:4e:ec:a9:79:ef:1d:6f:
                    d0:1c:5a:d6:e8:97:4a:0e:5f:07:89:16:2c:90:a5:
                    9f:43:35:a8:77:58:99:b0:be:3f:e5:71:ed:ed:72:
                    df:1e:37:19:9f:d4:1e:9f:d7:ca:bb:8e:ea:1c:79:
                    56:d8:b7:41:7e:f8:ba:f8:b8:16:cb:32:cf:fd:e9:
                    92:f3:ab:43:e5:fd:26:f6:5c:ad:e4:16:c0:dc:e4:
                    ae:fb:af:c7:6a:22:f8:88:b3:62:78:b4:3d:a6:9d:
                    f6:22:0d:4d:e8:8f:f3:97:b8:8e:54:9c:bb:a8:86:
                    ec:b0:ea:52:42:66:41:e4:a2:c8:9e:8f:03:4e:51:
                    e5:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:5B:C0:BD:9C:6A:F1:CD:B0:E3:FA:D0:EC:81:4B:EC:DF:EA:EB:CE
            X509v3 Authority Key Identifier:
                keyid:F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138322e3235322e302f32322d3234203d3e20323637383736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.182.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:01:ff:22:3f:07:9b:63:44:3a:da:c1:37:49:a8:29:64:d6:
         cf:37:18:a3:2b:b6:95:52:2e:af:da:2d:dd:8f:fe:51:cf:24:
         51:95:f5:95:f9:73:5b:65:80:8c:f0:a6:54:d5:22:e6:7c:a6:
         4b:31:6a:a1:5d:a7:4b:20:d7:8c:3e:89:ee:35:8b:3c:19:ce:
         86:8d:9b:71:fd:d0:8d:02:6c:99:4e:75:7f:b9:ba:01:f3:c0:
         24:61:40:a8:b3:51:66:cc:0e:17:d4:4e:51:71:41:c1:ba:fb:
         d2:28:48:12:de:08:10:a5:ef:83:44:7b:ae:e0:fc:51:71:14:
         6c:25:a0:83:26:79:22:18:03:26:a8:f6:8a:ae:f7:f4:72:77:
         70:e7:3d:cd:a4:4f:38:c4:a7:d5:5a:95:23:72:a8:a4:cc:2c:
         bb:7e:12:c0:da:96:c7:dd:b8:c6:b7:bb:6b:f2:3f:7b:e8:3b:
         85:ee:65:9f:78:19:a8:c4:4d:83:e8:d3:26:0b:47:e7:1e:6b:
         0d:c3:fd:91:6d:0b:97:cf:f9:fb:96:c2:fa:79:b9:5a:c3:86:
         eb:4c:4e:97:dc:e0:f8:d6:2f:6b:70:9c:a7:19:ef:52:7b:bf:
         fd:70:0e:1d:48:93:bb:ad:43:f6:b8:93:98:9f:a2:ec:e9:e4:
         a7:6e:49:f9
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUaKChN69MJARz2+dM5jBBtLRlENswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFDMzVCOUNGNDVCRERBQkU4MjlBOUY3OEJDMjREQzU4
QUZEN0VDQTAeFw0yNTAyMDQxODI1MzRaFw0yNjAyMDMxODMwMzRaMDMxMTAvBgNV
BAMTKDMxNUJDMEJEOUM2QUYxQ0RCMEUzRkFEMEVDODE0QkVDREZFQUVCQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWeb8ohdxU8XnMNCNT2RTVdIv5
MGqPhl1X8Q9MRcOTRWSxMYusrnUXn0TeRtOJgBJx/Ek8ABs+Xylc8amrZzSrHZVm
4+DntQht4D41dUDEXawdtgCYRq2NqBDUvLcqr1PwnkKcldeJiIDInJ7hfxg1/GGS
Cck2DfLOLdMN3TJ5Tuypee8db9AcWtbol0oOXweJFiyQpZ9DNah3WJmwvj/lce3t
ct8eNxmf1B6f18q7juoceVbYt0F++Lr4uBbLMs/96ZLzq0Pl/Sb2XK3kFsDc5K77
r8dqIviIs2J4tD2mnfYiDU3oj/OXuI5UnLuohuyw6lJCZkHkosiejwNOUeXtAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUMVvAvZxq8c2w4/rQ7IFL7N/q684wHwYDVR0j
BBgwFoAU8cNbnPRb3avoKan3i8JNxYr9fsowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQThEMzJEREVCNDcyN0EzNEQ3ODFFNDJGODFFMzA4NDY5
MkU5QTMyQ0EwMkM2QzUyQTVCQTQxMENFMTkwRjRCLzAvRjFDMzVCOUNGNDVCRERB
QkU4MjlBOUY3OEJDMjREQzU4QUZEN0VDQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMUMzNUI5Q0Y0NUJEREFCRTgy
OUE5Rjc4QkMyNERDNThBRkQ3RUNBLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E4RDMyRERFQjQ3MjdBMzRENzgxRTQyRjgxRTMwODQ2OTJFOUEzMkNB
MDJDNkM1MkE1QkE0MTBDRTE5MEY0Qi8wLzMxMzkzMDJlMzEzODMyMmUzMjM1MzIy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzczODM3MzYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK+
tvwwDQYJKoZIhvcNAQELBQADggEBAB0B/yI/B5tjRDrawTdJqClk1s83GKMrtpVS
Lq/aLd2P/lHPJFGV9ZX5c1tlgIzwplTVIuZ8pksxaqFdp0sg14w+ie41izwZzoaN
m3H90I0CbJlOdX+5ugHzwCRhQKizUWbMDhfUTlFxQcG6+9IoSBLeCBCl74NEe67g
/FFxFGwloIMmeSIYAyao9oqu9/Ryd3DnPc2kTzjEp9ValSNyqKTMLLt+EsDalsfd
uMa3u2vyP3voO4XuZZ94GajETYPo0yYLR+ceaw3D/ZFtC5fP+fuWwvp5uVrDhutM
Tpfc4PjWL2twnKcZ71J7v/1wDh1Ik7utQ/a4k5ifouzp5KduSfk=
-----END CERTIFICATE-----