Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3E9CB817C9E7C54352D64D5548E6B5A119192DF7EC2D8D81E379C4924B78A1FC/0/3139302e362e3136362e302f32332d3234203d3e203237383435.roa
File:                     3139302e362e3136362e302f32332d3234203d3e203237383435.roa (raw, json)
Hash identifier:          BOuH5COjfFTWUM3G0Zm5D6d2Jr3ImGyVU8Et2+EboBo=
Subject key identifier:   42:6C:F7:33:A8:8E:23:D4:FD:F4:96:D5:F1:C3:B4:D6:30:87:FA:50
Certificate issuer:       /CN=55DB0D17B157BF6AD08BAC25988489AFD55B85BC
Certificate serial:       535D51DCF892AE0556A06E51238D48BE6F1E2491
Authority key identifier: 55:DB:0D:17:B1:57:BF:6A:D0:8B:AC:25:98:84:89:AF:D5:5B:85:BC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/55DB0D17B157BF6AD08BAC25988489AFD55B85BC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3E9CB817C9E7C54352D64D5548E6B5A119192DF7EC2D8D81E379C4924B78A1FC/0/3139302e362e3136362e302f32332d3234203d3e203237383435.roa
Signing time:             Tue 04 Feb 2025 18:51:47 +0000
ROA not before:           Tue 04 Feb 2025 18:46:47 +0000
ROA not after:            Tue 03 Feb 2026 18:51:47 +0000
asID:                     27845
IP address blocks:        190.6.166.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:5d:51:dc:f8:92:ae:05:56:a0:6e:51:23:8d:48:be:6f:1e:24:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=55DB0D17B157BF6AD08BAC25988489AFD55B85BC
        Validity
            Not Before: Feb  4 18:46:47 2025 GMT
            Not After : Feb  3 18:51:47 2026 GMT
        Subject: CN=426CF733A88E23D4FDF496D5F1C3B4D63087FA50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:bf:a3:bf:c2:52:b4:ce:99:da:cc:0b:fa:92:
                    8e:25:81:ef:a8:71:6e:1f:e5:76:b8:77:20:29:5e:
                    4e:0f:b9:6f:ec:a0:c9:58:d7:50:e9:5f:80:02:c6:
                    c9:23:ee:1b:a5:c0:4f:6b:54:69:c1:98:8e:a0:8f:
                    63:2b:94:ac:53:7b:03:f8:fc:01:6e:56:f2:ae:be:
                    2c:23:de:a5:55:7e:38:a0:34:17:07:15:57:7f:bb:
                    39:89:79:ff:38:65:c9:50:63:64:06:53:d9:3f:fe:
                    8d:9b:48:c1:c7:b5:d8:0c:53:35:7b:d0:00:11:ec:
                    53:c9:34:54:37:a9:9b:5b:ca:82:1a:bc:75:51:fa:
                    8c:d3:a6:d2:9d:5e:bf:dc:e0:dc:25:77:11:61:fd:
                    05:3a:31:12:96:91:c5:57:a2:1a:03:9a:0d:eb:55:
                    fa:0f:0a:31:e0:00:99:ad:04:63:5b:dd:7a:d1:f0:
                    f7:c7:fe:07:3b:98:5d:a2:e2:96:62:41:21:86:d1:
                    fb:92:02:42:fd:5a:39:aa:2c:87:3c:71:7a:7b:03:
                    71:61:09:bc:9a:61:7e:b0:a4:3b:71:3a:a3:74:63:
                    de:a5:e0:20:de:9c:49:59:b1:12:87:bc:ce:d2:47:
                    77:96:2b:33:47:16:ba:06:4d:c9:6d:39:a8:0d:c1:
                    ab:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:6C:F7:33:A8:8E:23:D4:FD:F4:96:D5:F1:C3:B4:D6:30:87:FA:50
            X509v3 Authority Key Identifier:
                keyid:55:DB:0D:17:B1:57:BF:6A:D0:8B:AC:25:98:84:89:AF:D5:5B:85:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3E9CB817C9E7C54352D64D5548E6B5A119192DF7EC2D8D81E379C4924B78A1FC/0/55DB0D17B157BF6AD08BAC25988489AFD55B85BC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/55DB0D17B157BF6AD08BAC25988489AFD55B85BC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3E9CB817C9E7C54352D64D5548E6B5A119192DF7EC2D8D81E379C4924B78A1FC/0/3139302e362e3136362e302f32332d3234203d3e203237383435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.6.166.0/23

    Signature Algorithm: sha256WithRSAEncryption
         20:bd:33:f2:a1:0b:fd:7e:3c:0f:19:e0:8e:ce:b5:fc:4e:05:
         e1:4e:af:33:ab:62:20:08:1e:1b:87:72:d3:d7:2d:71:ae:1f:
         3e:8e:3b:a7:dc:a5:ae:ab:e4:7a:5d:b1:8c:6d:9d:e8:e0:0f:
         1d:57:06:a7:6c:53:b8:9d:4c:20:db:e5:b9:8c:b5:b2:21:7b:
         28:f5:76:a0:f3:63:9f:14:00:94:2d:b6:4a:a8:0b:4d:a8:18:
         79:15:38:2f:95:78:6a:d0:51:5b:fc:00:32:8b:cb:ae:c8:69:
         40:2b:a6:d5:b6:df:0d:b5:8f:f4:44:87:96:fe:35:ba:0e:dd:
         85:07:18:86:cd:be:d7:ca:89:ee:64:6b:dc:7e:25:e3:83:4c:
         5d:0f:a7:f2:de:dd:cb:d1:52:1b:10:c2:27:75:68:05:06:57:
         ee:04:65:82:78:16:0f:ba:ae:14:43:7b:50:58:21:52:54:d5:
         3f:93:9f:94:c2:f4:f8:56:a8:9c:b3:12:12:cb:87:26:10:32:
         46:34:82:f2:28:2b:ae:3d:b7:b1:8a:ef:b9:80:d6:af:64:3e:
         74:ee:63:6d:5a:fa:83:da:6b:ce:fd:61:cb:a8:a8:43:18:cc:
         27:e0:d2:f4:ef:44:60:02:3a:a1:b3:19:d7:cd:ee:b9:81:1f:
         22:72:1f:95
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUU11R3PiSrgVWoG5RI41Ivm8eJJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTVEQjBEMTdCMTU3QkY2QUQwOEJBQzI1OTg4NDg5QUZE
NTVCODVCQzAeFw0yNTAyMDQxODQ2NDdaFw0yNjAyMDMxODUxNDdaMDMxMTAvBgNV
BAMTKDQyNkNGNzMzQTg4RTIzRDRGREY0OTZENUYxQzNCNEQ2MzA4N0ZBNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXv6O/wlK0zpnazAv6ko4lge+o
cW4f5Xa4dyApXk4PuW/soMlY11DpX4ACxskj7hulwE9rVGnBmI6gj2MrlKxTewP4
/AFuVvKuviwj3qVVfjigNBcHFVd/uzmJef84ZclQY2QGU9k//o2bSMHHtdgMUzV7
0AAR7FPJNFQ3qZtbyoIavHVR+ozTptKdXr/c4NwldxFh/QU6MRKWkcVXohoDmg3r
VfoPCjHgAJmtBGNb3XrR8PfH/gc7mF2i4pZiQSGG0fuSAkL9WjmqLIc8cXp7A3Fh
CbyaYX6wpDtxOqN0Y96l4CDenElZsRKHvM7SR3eWKzNHFroGTcltOagNwavXAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUQmz3M6iOI9T99JbV8cO01jCH+lAwHwYDVR0j
BBgwFoAUVdsNF7FXv2rQi6wlmISJr9VbhbwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zRTlDQjgxN0M5RTdDNTQzNTJENjRENTU0OEU2QjVBMTE5
MTkyREY3RUMyRDhEODFFMzc5QzQ5MjRCNzhBMUZDLzAvNTVEQjBEMTdCMTU3QkY2
QUQwOEJBQzI1OTg4NDg5QUZENTVCODVCQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81NURCMEQxN0IxNTdCRjZBRDA4
QkFDMjU5ODg0ODlBRkQ1NUI4NUJDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0U5Q0I4MTdDOUU3QzU0MzUyRDY0RDU1NDhFNkI1QTExOTE5MkRGN0VD
MkQ4RDgxRTM3OUM0OTI0Qjc4QTFGQy8wLzMxMzkzMDJlMzYyZTMxMzYzNjJlMzAy
ZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzczODM0MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG+BqYwDQYJ
KoZIhvcNAQELBQADggEBACC9M/KhC/1+PA8Z4I7OtfxOBeFOrzOrYiAIHhuHctPX
LXGuHz6OO6fcpa6r5HpdsYxtnejgDx1XBqdsU7idTCDb5bmMtbIheyj1dqDzY58U
AJQttkqoC02oGHkVOC+VeGrQUVv8ADKLy67IaUArptW23w21j/REh5b+NboO3YUH
GIbNvtfKie5ka9x+JeODTF0Pp/Le3cvRUhsQwid1aAUGV+4EZYJ4Fg+6rhRDe1BY
IVJU1T+Tn5TC9PhWqJyzEhLLhyYQMkY0gvIoK649t7GK77mA1q9kPnTuY21a+oPa
a879YcuoqEMYzCfg0vTvRGACOqGzGdfN7rmBHyJyH5U=
-----END CERTIFICATE-----