Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/40D8D4094F75BD5906A686CCC3F9D606251C695E3353C569059D12601809ED2D/0/AS26611.roa
File:                     AS26611.roa (raw, json)
Hash identifier:          ftzbQnLJ5GYdozIETudE6/ZsDjo05H2N+dKI0l7IWlY=
Subject key identifier:   CC:86:5A:C8:1B:7B:8D:50:42:29:50:B2:44:60:53:DA:DF:8F:B0:2C
Certificate issuer:       /CN=6ECA7CB8912ADEFBC99484E053EBE852A3A0E8C2
Certificate serial:       2E69DF8C5F4A0AE98DBC69D635145E500663B877
Authority key identifier: 6E:CA:7C:B8:91:2A:DE:FB:C9:94:84:E0:53:EB:E8:52:A3:A0:E8:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6ECA7CB8912ADEFBC99484E053EBE852A3A0E8C2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/40D8D4094F75BD5906A686CCC3F9D606251C695E3353C569059D12601809ED2D/0/AS26611.roa
Signing time:             Tue 04 Feb 2025 20:03:03 +0000
ROA not before:           Tue 04 Feb 2025 19:58:03 +0000
ROA not after:            Tue 03 Feb 2026 20:03:03 +0000
asID:                     26611
IP address blocks:        190.144.128.0/18 maxlen: 24
                          190.144.196.0/24 maxlen: 24
                          2800:480:ff50::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:69:df:8c:5f:4a:0a:e9:8d:bc:69:d6:35:14:5e:50:06:63:b8:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ECA7CB8912ADEFBC99484E053EBE852A3A0E8C2
        Validity
            Not Before: Feb  4 19:58:03 2025 GMT
            Not After : Feb  3 20:03:03 2026 GMT
        Subject: CN=CC865AC81B7B8D50422950B2446053DADF8FB02C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:70:80:21:fb:16:f8:42:3b:18:b1:60:02:2e:
                    78:a2:6e:a2:e8:82:5f:b6:94:db:1b:1b:d8:94:62:
                    c2:ba:ef:78:29:1a:9c:a4:27:a4:8a:1e:5f:3e:ff:
                    76:c9:f1:18:c6:5c:f2:ca:c9:2b:87:54:35:c2:04:
                    81:1e:c9:bc:44:01:f0:f3:cd:44:a0:75:a8:13:73:
                    12:82:58:9a:f8:91:7b:8d:5f:ce:55:d3:a4:cc:d6:
                    8c:36:05:80:3b:5a:e3:e7:36:ca:86:77:0b:dc:27:
                    45:56:06:c0:7f:25:d8:00:52:70:6b:01:8e:1f:dd:
                    68:6c:5b:53:79:54:c7:11:bd:3f:f6:fa:8d:0e:a1:
                    fd:f0:2f:77:3a:e4:0b:10:4a:cc:b7:71:65:3d:74:
                    ca:3d:b1:46:c8:94:ee:f4:8b:e0:0d:49:38:b1:b5:
                    02:9d:c4:b3:cc:66:c3:0f:3f:96:7f:77:29:86:bc:
                    5e:ed:c7:6c:76:b7:f8:46:b6:53:0f:ee:32:45:f1:
                    45:ba:e8:01:92:40:a0:9e:48:ca:9d:0d:dd:83:18:
                    11:31:1d:b6:8b:6c:f6:cb:f4:94:43:15:8b:8c:1d:
                    f9:e9:d2:0f:73:4b:74:ae:dc:2d:cc:08:7b:9f:e4:
                    c7:d7:7e:da:0b:ce:2e:26:e7:ff:44:73:08:19:6d:
                    1f:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:86:5A:C8:1B:7B:8D:50:42:29:50:B2:44:60:53:DA:DF:8F:B0:2C
            X509v3 Authority Key Identifier:
                keyid:6E:CA:7C:B8:91:2A:DE:FB:C9:94:84:E0:53:EB:E8:52:A3:A0:E8:C2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/40D8D4094F75BD5906A686CCC3F9D606251C695E3353C569059D12601809ED2D/0/6ECA7CB8912ADEFBC99484E053EBE852A3A0E8C2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6ECA7CB8912ADEFBC99484E053EBE852A3A0E8C2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/40D8D4094F75BD5906A686CCC3F9D606251C695E3353C569059D12601809ED2D/0/AS26611.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.144.128.0/18
                  190.144.196.0/24
                IPv6:
                  2800:480:ff50::/48

    Signature Algorithm: sha256WithRSAEncryption
         df:7c:9a:e5:3a:0c:3b:e0:ed:29:3c:15:3d:ba:e5:13:2b:b6:
         15:0c:77:31:2e:fb:81:ea:35:5e:dd:f1:65:e0:af:01:77:a4:
         5e:18:19:05:5c:f7:92:b5:cb:76:43:79:45:c0:5c:37:8b:ea:
         08:97:a8:69:0e:52:b5:92:7b:1e:ed:3c:13:8b:43:2f:4b:49:
         34:b3:90:3f:db:03:d5:ef:e5:e9:bb:a5:68:da:ec:33:af:c9:
         9a:cc:88:48:80:30:f8:99:4e:8a:e2:f8:c7:86:83:ee:5c:13:
         bc:d5:fc:56:7d:0c:84:01:42:97:41:d1:0a:da:80:cf:77:b5:
         4a:21:1c:23:fd:ed:8d:e6:41:50:ab:cc:d6:a3:33:63:2c:db:
         b5:84:fd:ed:68:3a:d6:42:d6:3b:42:9e:38:aa:28:d4:3f:0f:
         d0:77:74:7e:8c:14:d9:84:7d:d3:d5:32:ad:bb:2f:f5:6f:19:
         20:ed:3b:12:d5:8c:8d:4c:01:ea:4a:1a:10:6b:2d:de:06:3c:
         54:8c:32:e7:7e:ca:35:9d:dd:3b:46:63:3f:a2:87:34:f3:18:
         b2:7c:7b:0e:b2:93:8b:3e:05:d5:25:ee:ea:3a:ca:c1:ce:7c:
         58:89:e9:61:2b:da:bb:ce:25:57:1f:77:cb:ec:c4:a5:85:70:
         31:99:b6:51
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIULmnfjF9KCumNvGnWNRReUAZjuHcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkVDQTdDQjg5MTJBREVGQkM5OTQ4NEUwNTNFQkU4NTJB
M0EwRThDMjAeFw0yNTAyMDQxOTU4MDNaFw0yNjAyMDMyMDAzMDNaMDMxMTAvBgNV
BAMTKENDODY1QUM4MUI3QjhENTA0MjI5NTBCMjQ0NjA1M0RBREY4RkIwMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvcIAh+xb4QjsYsWACLniibqLo
gl+2lNsbG9iUYsK673gpGpykJ6SKHl8+/3bJ8RjGXPLKySuHVDXCBIEeybxEAfDz
zUSgdagTcxKCWJr4kXuNX85V06TM1ow2BYA7WuPnNsqGdwvcJ0VWBsB/JdgAUnBr
AY4f3WhsW1N5VMcRvT/2+o0Oof3wL3c65AsQSsy3cWU9dMo9sUbIlO70i+ANSTix
tQKdxLPMZsMPP5Z/dymGvF7tx2x2t/hGtlMP7jJF8UW66AGSQKCeSMqdDd2DGBEx
HbaLbPbL9JRDFYuMHfnp0g9zS3Su3C3MCHuf5MfXftoLzi4m5/9EcwgZbR8nAgMB
AAGjggKvMIICqzAdBgNVHQ4EFgQUzIZayBt7jVBCKVCyRGBT2t+PsCwwHwYDVR0j
BBgwFoAUbsp8uJEq3vvJlITgU+voUqOg6MIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80MEQ4RDQwOTRGNzVCRDU5MDZBNjg2Q0NDM0Y5RDYwNjI1
MUM2OTVFMzM1M0M1NjkwNTlEMTI2MDE4MDlFRDJELzAvNkVDQTdDQjg5MTJBREVG
QkM5OTQ4NEUwNTNFQkU4NTJBM0EwRThDMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82RUNBN0NCODkxMkFERUZCQzk5
NDg0RTA1M0VCRTg1MkEzQTBFOEMyLmNlcjCBlwYIKwYBBQUHAQsEgYowgYcwgYQG
CCsGAQUFBzALhnhyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80MEQ4RDQwOTRGNzVCRDU5MDZBNjg2Q0NDM0Y5RDYwNjI1MUM2OTVFMzM1
M0M1NjkwNTlEMTI2MDE4MDlFRDJELzAvQVMyNjYxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEBr6QgAME
AL6QxDAPBAIAAjAJAwcAKAAEgP9QMA0GCSqGSIb3DQEBCwUAA4IBAQDffJrlOgw7
4O0pPBU9uuUTK7YVDHcxLvuB6jVe3fFl4K8Bd6ReGBkFXPeStct2Q3lFwFw3i+oI
l6hpDlK1knse7TwTi0MvS0k0s5A/2wPV7+Xpu6Vo2uwzr8mazIhIgDD4mU6K4vjH
hoPuXBO81fxWfQyEAUKXQdEK2oDPd7VKIRwj/e2N5kFQq8zWozNjLNu1hP3taDrW
QtY7Qp44qijUPw/Qd3R+jBTZhH3T1TKtuy/1bxkg7TsS1YyNTAHqShoQay3eBjxU
jDLnfso1nd07RmM/ooc08xiyfHsOspOLPgXVJe7qOsrBznxYielhK9q7ziVXH3fL
7MSlhXAxmbZR
-----END CERTIFICATE-----