Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3E9CB817C9E7C54352D64D5548E6B5A119192DF7EC2D8D81E379C4924B78A1FC/0/3139302e362e3137362e302f32302d3230203d3e203237383435.roa
File:                     3139302e362e3137362e302f32302d3230203d3e203237383435.roa (raw, json)
Hash identifier:          EB0+/EpJtN8PuZkfpMv8Om+s4Om3G1h4AVyLm0r54uk=
Subject key identifier:   69:D4:5D:58:5D:0B:C9:9D:2C:77:3E:85:89:B7:1B:20:68:CE:88:58
Certificate issuer:       /CN=55DB0D17B157BF6AD08BAC25988489AFD55B85BC
Certificate serial:       5E511AEE441CD51C70E5DE9D6B6FB2DE75436D88
Authority key identifier: 55:DB:0D:17:B1:57:BF:6A:D0:8B:AC:25:98:84:89:AF:D5:5B:85:BC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/55DB0D17B157BF6AD08BAC25988489AFD55B85BC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3E9CB817C9E7C54352D64D5548E6B5A119192DF7EC2D8D81E379C4924B78A1FC/0/3139302e362e3137362e302f32302d3230203d3e203237383435.roa
Signing time:             Tue 04 Feb 2025 18:51:44 +0000
ROA not before:           Tue 04 Feb 2025 18:46:44 +0000
ROA not after:            Tue 03 Feb 2026 18:51:44 +0000
asID:                     27845
IP address blocks:        190.6.176.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:51:1a:ee:44:1c:d5:1c:70:e5:de:9d:6b:6f:b2:de:75:43:6d:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=55DB0D17B157BF6AD08BAC25988489AFD55B85BC
        Validity
            Not Before: Feb  4 18:46:44 2025 GMT
            Not After : Feb  3 18:51:44 2026 GMT
        Subject: CN=69D45D585D0BC99D2C773E8589B71B2068CE8858
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:2b:78:57:1d:b9:51:94:21:dc:a2:0b:0b:f3:
                    ac:88:fe:61:21:10:ab:17:63:56:e4:9c:90:7b:83:
                    e7:89:c7:ac:12:f7:f5:7a:71:c2:99:ef:8f:2f:a2:
                    a8:e3:31:b5:9f:99:80:41:80:62:50:6c:9d:94:ef:
                    3e:ef:79:cc:66:c7:bb:c9:e6:99:44:88:cb:df:42:
                    8c:8c:9c:ec:86:65:08:b1:d6:9c:3b:cd:aa:58:5e:
                    8b:7b:f3:e9:97:1b:a0:71:f3:7b:6d:41:8c:97:1c:
                    d4:79:b3:70:d8:09:5f:d3:12:d2:a3:e0:ce:90:b4:
                    ce:50:ae:7f:81:e2:84:d7:cb:b2:22:62:53:4f:69:
                    29:e3:b1:bf:f4:55:77:6f:39:93:ab:43:85:41:78:
                    ee:f8:f3:ba:cc:6e:27:8d:f1:06:e0:ff:c6:9f:85:
                    ae:6a:27:5a:48:0e:31:d7:1d:54:2d:74:4a:3c:37:
                    c0:75:e5:36:66:cb:32:62:05:1a:a2:d4:55:d7:74:
                    3b:8b:af:2f:56:e4:92:99:a2:6f:c2:bd:70:ba:d7:
                    9e:92:5b:31:fc:64:fd:dd:94:be:45:b6:8b:a0:68:
                    b2:e2:0d:cb:1a:98:49:ba:70:a5:af:f4:a2:79:de:
                    0f:ac:05:26:45:7b:97:fa:05:44:2f:36:30:73:36:
                    e4:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:D4:5D:58:5D:0B:C9:9D:2C:77:3E:85:89:B7:1B:20:68:CE:88:58
            X509v3 Authority Key Identifier:
                keyid:55:DB:0D:17:B1:57:BF:6A:D0:8B:AC:25:98:84:89:AF:D5:5B:85:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3E9CB817C9E7C54352D64D5548E6B5A119192DF7EC2D8D81E379C4924B78A1FC/0/55DB0D17B157BF6AD08BAC25988489AFD55B85BC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/55DB0D17B157BF6AD08BAC25988489AFD55B85BC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3E9CB817C9E7C54352D64D5548E6B5A119192DF7EC2D8D81E379C4924B78A1FC/0/3139302e362e3137362e302f32302d3230203d3e203237383435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.6.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         d7:75:a0:f6:07:47:f4:77:f3:df:08:24:37:bb:2c:2b:ef:42:
         f4:fe:ef:6b:a3:36:66:84:2d:08:b0:ea:56:89:88:ef:50:62:
         64:bc:1f:f3:16:bc:77:73:3f:8c:7b:e8:07:75:2e:83:de:10:
         24:e7:00:22:82:43:40:df:14:2b:f4:97:5f:64:5f:56:66:b5:
         54:11:6c:29:40:fe:dc:8f:02:db:9a:3c:66:3b:a6:52:5e:c0:
         5b:c1:c0:ce:ef:87:00:27:12:23:76:d9:8a:bc:2f:51:45:dd:
         d5:49:59:1c:77:2f:e4:2d:84:a5:dd:4f:d1:14:37:27:ea:ca:
         31:70:c1:c7:f0:41:bd:49:3b:9c:06:86:c2:bf:e1:4d:47:0f:
         3e:f6:e2:98:ad:bd:a7:78:14:26:e5:34:f1:fc:2f:75:ed:81:
         e6:22:fe:6e:0c:8e:28:57:7f:5e:6a:c9:a0:6c:5a:00:72:e6:
         70:dc:5b:f4:57:1a:b3:b1:6b:b5:aa:ec:ba:f2:16:1a:3d:3c:
         62:48:68:db:8a:c8:e7:84:98:0d:ba:4c:dc:30:27:9a:3f:b9:
         2e:9b:09:e8:8f:ed:ae:30:80:4e:a5:f9:6a:cb:85:ae:7e:ba:
         75:48:20:30:c5:a8:aa:a3:2d:73:0f:73:2c:14:68:9d:42:f1:
         6e:d8:2b:5b
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUXlEa7kQc1Rxw5d6da2+y3nVDbYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTVEQjBEMTdCMTU3QkY2QUQwOEJBQzI1OTg4NDg5QUZE
NTVCODVCQzAeFw0yNTAyMDQxODQ2NDRaFw0yNjAyMDMxODUxNDRaMDMxMTAvBgNV
BAMTKDY5RDQ1RDU4NUQwQkM5OUQyQzc3M0U4NTg5QjcxQjIwNjhDRTg4NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMK3hXHblRlCHcogsL86yI/mEh
EKsXY1bknJB7g+eJx6wS9/V6ccKZ748voqjjMbWfmYBBgGJQbJ2U7z7vecxmx7vJ
5plEiMvfQoyMnOyGZQix1pw7zapYXot78+mXG6Bx83ttQYyXHNR5s3DYCV/TEtKj
4M6QtM5Qrn+B4oTXy7IiYlNPaSnjsb/0VXdvOZOrQ4VBeO7487rMbieN8Qbg/8af
ha5qJ1pIDjHXHVQtdEo8N8B15TZmyzJiBRqi1FXXdDuLry9W5JKZom/CvXC6156S
WzH8ZP3dlL5FtougaLLiDcsamEm6cKWv9KJ53g+sBSZFe5f6BUQvNjBzNuRrAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUadRdWF0LyZ0sdz6FibcbIGjOiFgwHwYDVR0j
BBgwFoAUVdsNF7FXv2rQi6wlmISJr9VbhbwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zRTlDQjgxN0M5RTdDNTQzNTJENjRENTU0OEU2QjVBMTE5
MTkyREY3RUMyRDhEODFFMzc5QzQ5MjRCNzhBMUZDLzAvNTVEQjBEMTdCMTU3QkY2
QUQwOEJBQzI1OTg4NDg5QUZENTVCODVCQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81NURCMEQxN0IxNTdCRjZBRDA4
QkFDMjU5ODg0ODlBRkQ1NUI4NUJDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0U5Q0I4MTdDOUU3QzU0MzUyRDY0RDU1NDhFNkI1QTExOTE5MkRGN0VD
MkQ4RDgxRTM3OUM0OTI0Qjc4QTFGQy8wLzMxMzkzMDJlMzYyZTMxMzczNjJlMzAy
ZjMyMzAyZDMyMzAyMDNkM2UyMDMyMzczODM0MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAS+BrAwDQYJ
KoZIhvcNAQELBQADggEBANd1oPYHR/R3898IJDe7LCvvQvT+72ujNmaELQiw6laJ
iO9QYmS8H/MWvHdzP4x76Ad1LoPeECTnACKCQ0DfFCv0l19kX1ZmtVQRbClA/tyP
AtuaPGY7plJewFvBwM7vhwAnEiN22Yq8L1FF3dVJWRx3L+QthKXdT9EUNyfqyjFw
wcfwQb1JO5wGhsK/4U1HDz724pitvad4FCblNPH8L3XtgeYi/m4MjihXf15qyaBs
WgBy5nDcW/RXGrOxa7Wq7LryFho9PGJIaNuKyOeEmA26TNwwJ5o/uS6bCeiP7a4w
gE6l+WrLha5+unVIIDDFqKqjLXMPcywUaJ1C8W7YK1s=
-----END CERTIFICATE-----