Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3138302e302f32322d3234203d3e20323732383433.roa
File:                     3139302e3138352e3138302e302f32322d3234203d3e20323732383433.roa (raw, json)
Hash identifier:          e3CPwxG+T2hxJCD7ZhyMLZGKylLAsgg72CZLSwD1K8c=
Subject key identifier:   99:CF:A1:E9:68:2D:A3:C2:6B:8B:12:0B:0F:F6:D5:1A:1D:82:08:EE
Certificate issuer:       /CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
Certificate serial:       0DF873FEBCDF20B75DCA9573A2F68827D1CFA381
Authority key identifier: F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3138302e302f32322d3234203d3e20323732383433.roa
Signing time:             Tue 04 Feb 2025 18:30:33 +0000
ROA not before:           Tue 04 Feb 2025 18:25:33 +0000
ROA not after:            Tue 03 Feb 2026 18:30:33 +0000
asID:                     272843
IP address blocks:        190.185.180.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:f8:73:fe:bc:df:20:b7:5d:ca:95:73:a2:f6:88:27:d1:cf:a3:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA
        Validity
            Not Before: Feb  4 18:25:33 2025 GMT
            Not After : Feb  3 18:30:33 2026 GMT
        Subject: CN=99CFA1E9682DA3C26B8B120B0FF6D51A1D8208EE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:7b:76:00:88:9a:28:60:d8:26:63:a7:76:10:
                    04:b3:fd:6b:bf:f2:50:be:7e:fb:e8:36:38:0f:01:
                    33:f5:4b:26:f4:3e:e8:83:4f:f7:71:ec:c0:d7:f6:
                    bb:b4:b8:59:fb:63:b8:f6:fc:34:cd:c6:3f:05:6b:
                    e5:c5:8b:f5:b8:2b:25:2e:a0:f2:63:48:d1:49:bf:
                    65:44:85:44:ff:f8:36:de:69:c7:e4:46:4d:92:55:
                    e8:4c:9a:81:4c:7f:b0:58:74:fd:0c:b3:1f:24:95:
                    ed:6e:ea:bb:df:47:49:48:aa:5c:22:53:e5:0c:16:
                    a7:d4:24:15:f1:06:c0:f1:00:c2:9f:2d:29:a4:2f:
                    64:57:22:73:8e:7a:cc:ec:e8:76:e8:28:e8:db:fa:
                    de:7d:85:06:88:29:20:8f:91:47:6a:47:bf:57:18:
                    43:cf:34:01:8c:78:28:d3:a8:31:77:5a:43:6c:6e:
                    91:ef:1e:47:81:a2:4e:e5:64:ae:09:1c:82:da:fe:
                    c4:72:0b:62:e0:83:59:4b:97:dc:f9:3f:d9:47:60:
                    2c:76:aa:d0:a1:6f:f6:0e:a0:4e:a7:aa:dd:d3:be:
                    de:94:d2:41:42:7d:c6:72:ef:67:50:b5:55:77:08:
                    35:30:f7:78:52:d8:bf:d0:65:1b:cd:a3:76:18:a8:
                    20:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:CF:A1:E9:68:2D:A3:C2:6B:8B:12:0B:0F:F6:D5:1A:1D:82:08:EE
            X509v3 Authority Key Identifier:
                keyid:F1:C3:5B:9C:F4:5B:DD:AB:E8:29:A9:F7:8B:C2:4D:C5:8A:FD:7E:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F1C35B9CF45BDDABE829A9F78BC24DC58AFD7ECA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3A8D32DDEB4727A34D781E42F81E3084692E9A32CA02C6C52A5BA410CE190F4B/0/3139302e3138352e3138302e302f32322d3234203d3e20323732383433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.185.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b2:c6:fa:fb:01:44:6f:55:77:67:1a:c7:af:0f:2c:5d:53:0a:
         13:c7:1e:dc:e8:ce:54:ec:26:3b:20:a2:95:61:52:43:19:a4:
         6a:6f:6e:48:5e:7c:f0:03:a9:32:e1:6c:90:34:5c:af:99:6b:
         f1:2d:0d:25:2f:82:55:1e:1b:4d:7f:97:f6:bb:62:6f:44:28:
         ce:72:47:30:72:35:0f:e2:5d:e0:5c:84:ce:25:25:ec:5b:f1:
         c7:c1:1e:45:f3:56:28:5b:de:e2:1d:96:34:10:5b:66:ba:7e:
         26:81:9d:1b:90:da:5e:6d:7d:35:85:16:7b:f9:6b:94:d1:69:
         1a:51:cf:89:25:d9:0e:35:d8:00:72:52:98:1f:f3:c4:71:7b:
         98:13:99:a7:31:bc:de:68:df:29:8c:88:ea:6d:bf:54:99:9a:
         4d:ab:4f:28:0f:bf:35:2e:28:f9:04:14:27:5a:37:98:10:40:
         c9:df:2d:57:04:17:70:e0:2e:81:4e:0e:7b:d8:26:ec:51:8c:
         35:a7:d7:e8:6f:cb:72:78:15:a3:05:1d:41:23:54:71:38:67:
         08:d7:af:31:ae:6c:75:94:75:ca:fd:92:84:50:6f:c6:ab:c7:
         68:ab:9c:b7:2d:48:4f:97:92:c7:d5:bd:a4:a6:e7:cd:72:dd:
         0a:81:4d:45
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUDfhz/rzfILddypVzovaIJ9HPo4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFDMzVCOUNGNDVCRERBQkU4MjlBOUY3OEJDMjREQzU4
QUZEN0VDQTAeFw0yNTAyMDQxODI1MzNaFw0yNjAyMDMxODMwMzNaMDMxMTAvBgNV
BAMTKDk5Q0ZBMUU5NjgyREEzQzI2QjhCMTIwQjBGRjZENTFBMUQ4MjA4RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCme3YAiJooYNgmY6d2EASz/Wu/
8lC+fvvoNjgPATP1Syb0PuiDT/dx7MDX9ru0uFn7Y7j2/DTNxj8Fa+XFi/W4KyUu
oPJjSNFJv2VEhUT/+DbeacfkRk2SVehMmoFMf7BYdP0Msx8kle1u6rvfR0lIqlwi
U+UMFqfUJBXxBsDxAMKfLSmkL2RXInOOeszs6HboKOjb+t59hQaIKSCPkUdqR79X
GEPPNAGMeCjTqDF3WkNsbpHvHkeBok7lZK4JHILa/sRyC2Lgg1lLl9z5P9lHYCx2
qtChb/YOoE6nqt3Tvt6U0kFCfcZy72dQtVV3CDUw93hS2L/QZRvNo3YYqCDLAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUmc+h6Wgto8JrixILD/bVGh2CCO4wHwYDVR0j
BBgwFoAU8cNbnPRb3avoKan3i8JNxYr9fsowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQThEMzJEREVCNDcyN0EzNEQ3ODFFNDJGODFFMzA4NDY5
MkU5QTMyQ0EwMkM2QzUyQTVCQTQxMENFMTkwRjRCLzAvRjFDMzVCOUNGNDVCRERB
QkU4MjlBOUY3OEJDMjREQzU4QUZEN0VDQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMUMzNUI5Q0Y0NUJEREFCRTgy
OUE5Rjc4QkMyNERDNThBRkQ3RUNBLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0E4RDMyRERFQjQ3MjdBMzRENzgxRTQyRjgxRTMwODQ2OTJFOUEzMkNB
MDJDNkM1MkE1QkE0MTBDRTE5MEY0Qi8wLzMxMzkzMDJlMzEzODM1MmUzMTM4MzAy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM3MzIzODM0MzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK+
ubQwDQYJKoZIhvcNAQELBQADggEBALLG+vsBRG9Vd2cax68PLF1TChPHHtzozlTs
JjsgopVhUkMZpGpvbkhefPADqTLhbJA0XK+Za/EtDSUvglUeG01/l/a7Ym9EKM5y
RzByNQ/iXeBchM4lJexb8cfBHkXzVihb3uIdljQQW2a6fiaBnRuQ2l5tfTWFFnv5
a5TRaRpRz4kl2Q412AByUpgf88Rxe5gTmacxvN5o3ymMiOptv1SZmk2rTygPvzUu
KPkEFCdaN5gQQMnfLVcEF3DgLoFODnvYJuxRjDWn1+hvy3J4FaMFHUEjVHE4ZwjX
rzGubHWUdcr9koRQb8arx2irnLctSE+XksfVvaSm581y3QqBTUU=
-----END CERTIFICATE-----