Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/46FE705F6DDBD162B8DEDBA9935386FCFF6B2A810DBF8C7F333E276285B9CF0F/0/3139312e39372e302e302f32302d3234203d3e20323632313836.roa
File:                     3139312e39372e302e302f32302d3234203d3e20323632313836.roa (raw, json)
Hash identifier:          7ldzGl42OAbRplpJXw7di1uHVESPjKrMHQzEvYfKxcM=
Subject key identifier:   6F:E5:D1:08:F4:C9:02:92:A1:36:E3:6D:A7:47:EA:B8:30:8E:04:3C
Certificate issuer:       /CN=81D6C23F88D2D34992A43FAB01EF5A5B04037BAB
Certificate serial:       7A3F484B9E1827A6A5CE31EEF271F44FA0E8A987
Authority key identifier: 81:D6:C2:3F:88:D2:D3:49:92:A4:3F:AB:01:EF:5A:5B:04:03:7B:AB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/81D6C23F88D2D34992A43FAB01EF5A5B04037BAB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/46FE705F6DDBD162B8DEDBA9935386FCFF6B2A810DBF8C7F333E276285B9CF0F/0/3139312e39372e302e302f32302d3234203d3e20323632313836.roa
Signing time:             Tue 04 Feb 2025 20:00:20 +0000
ROA not before:           Tue 04 Feb 2025 19:55:20 +0000
ROA not after:            Tue 03 Feb 2026 20:00:20 +0000
asID:                     262186
IP address blocks:        191.97.0.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:3f:48:4b:9e:18:27:a6:a5:ce:31:ee:f2:71:f4:4f:a0:e8:a9:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81D6C23F88D2D34992A43FAB01EF5A5B04037BAB
        Validity
            Not Before: Feb  4 19:55:20 2025 GMT
            Not After : Feb  3 20:00:20 2026 GMT
        Subject: CN=6FE5D108F4C90292A136E36DA747EAB8308E043C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:fb:e9:e8:46:c9:07:75:1a:76:c4:d4:71:8e:
                    61:f3:8c:fa:48:06:7c:1f:3b:60:94:a3:70:c6:75:
                    22:3d:c8:71:f0:8c:a7:ab:ac:e5:41:39:25:ea:9f:
                    f8:9f:61:28:7a:05:c7:86:9d:18:25:a1:34:4c:f4:
                    c5:a5:09:dd:b8:a5:b4:61:14:4e:95:79:53:06:a5:
                    e5:ff:66:b6:ea:70:3e:79:eb:db:24:a7:f1:40:69:
                    71:d6:08:b8:5e:1c:76:31:1d:9a:b8:a3:50:f5:31:
                    56:9d:dc:f6:bb:4f:a6:a3:f3:5c:b9:5f:6e:d1:49:
                    02:7c:83:08:96:c1:2c:f5:20:eb:f5:da:f9:2a:8c:
                    2f:1f:d9:5e:ef:c1:6d:8c:49:cf:26:e9:0d:70:c3:
                    79:2e:fd:7e:b8:4b:8d:59:80:8f:11:a4:e4:25:b0:
                    ff:58:44:c1:17:50:e3:94:99:ff:04:0c:f8:5b:48:
                    b7:2d:86:9a:87:05:0b:98:c4:ed:f5:48:c4:c5:c4:
                    56:b3:17:94:73:df:25:a2:20:e8:e8:3f:f8:fc:fc:
                    45:c5:3e:2f:10:08:a9:9c:ff:d3:8d:80:1a:89:4d:
                    e6:f8:a5:57:ce:d9:8a:d3:6f:62:72:5f:be:cc:d4:
                    a1:ea:bf:8c:11:a7:d7:d4:da:0a:e5:90:dc:14:6f:
                    26:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:E5:D1:08:F4:C9:02:92:A1:36:E3:6D:A7:47:EA:B8:30:8E:04:3C
            X509v3 Authority Key Identifier:
                keyid:81:D6:C2:3F:88:D2:D3:49:92:A4:3F:AB:01:EF:5A:5B:04:03:7B:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/46FE705F6DDBD162B8DEDBA9935386FCFF6B2A810DBF8C7F333E276285B9CF0F/0/81D6C23F88D2D34992A43FAB01EF5A5B04037BAB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/81D6C23F88D2D34992A43FAB01EF5A5B04037BAB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/46FE705F6DDBD162B8DEDBA9935386FCFF6B2A810DBF8C7F333E276285B9CF0F/0/3139312e39372e302e302f32302d3234203d3e20323632313836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.97.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         91:7e:0c:8c:b2:e1:39:d0:40:e1:dd:a3:19:6c:0d:a9:ec:79:
         fc:7e:e4:0c:f3:b0:f0:ef:7a:02:57:af:10:34:5c:87:c8:08:
         18:00:8a:01:b7:93:b7:64:3d:11:b8:c8:58:d4:3c:e8:c4:7d:
         0c:c7:5a:39:45:65:b8:fd:ee:25:b1:f0:2b:97:2a:a9:a9:24:
         35:61:75:7b:21:9f:0f:69:cc:3d:88:24:cc:48:43:39:b2:60:
         36:e5:a9:c4:91:b1:0b:dc:09:79:52:bf:b3:91:04:a4:8e:fb:
         5f:34:41:06:92:5f:6f:a2:8d:3d:6f:9b:0e:e2:a2:f5:8b:c1:
         2f:bb:56:55:b0:20:97:7b:a3:41:b2:b2:f0:eb:3d:14:35:7d:
         f7:04:84:0e:b3:00:df:a6:c2:6e:e2:cc:c3:88:78:d1:f1:33:
         de:5b:9d:43:fa:5f:03:a7:bf:41:4d:12:a2:65:94:ad:41:e3:
         84:31:92:90:0c:cd:80:3b:ae:85:3e:0b:4e:b1:68:05:0b:90:
         6b:19:7c:36:0b:28:6e:d1:96:fe:fe:f8:96:c5:b7:bc:65:06:
         3b:5b:9e:82:db:55:1c:52:e4:eb:a6:30:1f:29:e6:c5:eb:a2:
         9b:ef:76:d1:46:34:b0:37:49:91:5d:35:0e:84:2c:21:68:a4:
         e5:8f:ad:a5
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUej9IS54YJ6alzjHu8nH0T6DoqYcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODFENkMyM0Y4OEQyRDM0OTkyQTQzRkFCMDFFRjVBNUIw
NDAzN0JBQjAeFw0yNTAyMDQxOTU1MjBaFw0yNjAyMDMyMDAwMjBaMDMxMTAvBgNV
BAMTKDZGRTVEMTA4RjRDOTAyOTJBMTM2RTM2REE3NDdFQUI4MzA4RTA0M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCU++noRskHdRp2xNRxjmHzjPpI
BnwfO2CUo3DGdSI9yHHwjKerrOVBOSXqn/ifYSh6BceGnRgloTRM9MWlCd24pbRh
FE6VeVMGpeX/ZrbqcD5569skp/FAaXHWCLheHHYxHZq4o1D1MVad3Pa7T6aj81y5
X27RSQJ8gwiWwSz1IOv12vkqjC8f2V7vwW2MSc8m6Q1ww3ku/X64S41ZgI8RpOQl
sP9YRMEXUOOUmf8EDPhbSLcthpqHBQuYxO31SMTFxFazF5Rz3yWiIOjoP/j8/EXF
Pi8QCKmc/9ONgBqJTeb4pVfO2YrTb2JyX77M1KHqv4wRp9fU2grlkNwUbyZBAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUb+XRCPTJApKhNuNtp0fquDCOBDwwHwYDVR0j
BBgwFoAUgdbCP4jS00mSpD+rAe9aWwQDe6swDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NkZFNzA1RjZEREJEMTYyQjhERURCQTk5MzUzODZGQ0ZG
NkIyQTgxMERCRjhDN0YzMzNFMjc2Mjg1QjlDRjBGLzAvODFENkMyM0Y4OEQyRDM0
OTkyQTQzRkFCMDFFRjVBNUIwNDAzN0JBQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84MUQ2QzIzRjg4RDJEMzQ5OTJB
NDNGQUIwMUVGNUE1QjA0MDM3QkFCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDZGRTcwNUY2RERCRDE2MkI4REVEQkE5OTM1Mzg2RkNGRjZCMkE4MTBE
QkY4QzdGMzMzRTI3NjI4NUI5Q0YwRi8wLzMxMzkzMTJlMzkzNzJlMzAyZTMwMmYz
MjMwMmQzMjM0MjAzZDNlMjAzMjM2MzIzMTM4MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAS/YQAwDQYJ
KoZIhvcNAQELBQADggEBAJF+DIyy4TnQQOHdoxlsDansefx+5AzzsPDvegJXrxA0
XIfICBgAigG3k7dkPRG4yFjUPOjEfQzHWjlFZbj97iWx8CuXKqmpJDVhdXshnw9p
zD2IJMxIQzmyYDblqcSRsQvcCXlSv7ORBKSO+180QQaSX2+ijT1vmw7iovWLwS+7
VlWwIJd7o0GysvDrPRQ1ffcEhA6zAN+mwm7izMOIeNHxM95bnUP6XwOnv0FNEqJl
lK1B44QxkpAMzYA7roU+C06xaAULkGsZfDYLKG7Rlv7++JbFt7xlBjtbnoLbVRxS
5OumMB8p5sXropvvdtFGNLA3SZFdNQ6ELCFopOWPraU=
-----END CERTIFICATE-----