Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4A3C65E01138A797CC1CD88B7B32A80F15642316087C29513D3DAC2B1117A368/0/3139302e3131332e33322e302f32322d3234203d3e20323731383634.roa
File:                     3139302e3131332e33322e302f32322d3234203d3e20323731383634.roa (raw, json)
Hash identifier:          Ykcu8jC4UzsyZvhSzf6AMozsyx0Qjpsc4oSXGJYv0m4=
Subject key identifier:   AF:2D:29:26:24:59:21:D1:60:7D:FD:56:96:DD:A3:36:2F:5B:13:35
Certificate issuer:       /CN=EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8
Certificate serial:       117A5DDC4E400A940B6F84D2950C0146DE5469C8
Authority key identifier: EA:51:7D:4B:AA:B8:5D:3C:8F:50:08:F4:0B:C4:8B:21:CB:EA:72:B8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4A3C65E01138A797CC1CD88B7B32A80F15642316087C29513D3DAC2B1117A368/0/3139302e3131332e33322e302f32322d3234203d3e20323731383634.roa
Signing time:             Tue 04 Feb 2025 19:58:15 +0000
ROA not before:           Tue 04 Feb 2025 19:53:15 +0000
ROA not after:            Tue 03 Feb 2026 19:58:15 +0000
asID:                     271864
IP address blocks:        190.113.32.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:7a:5d:dc:4e:40:0a:94:0b:6f:84:d2:95:0c:01:46:de:54:69:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8
        Validity
            Not Before: Feb  4 19:53:15 2025 GMT
            Not After : Feb  3 19:58:15 2026 GMT
        Subject: CN=AF2D2926245921D1607DFD5696DDA3362F5B1335
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:14:cf:18:5c:4c:4c:c6:eb:6e:82:4f:47:15:
                    6f:ad:76:7f:8b:80:34:c8:7b:01:d4:37:03:c1:57:
                    2e:0a:0f:d5:bf:b1:1e:34:e7:f8:83:39:a0:67:b4:
                    7a:3e:89:70:45:d0:e3:94:01:74:53:52:29:46:ea:
                    2e:82:56:72:9e:0e:5e:85:03:c2:84:6f:6b:8f:5f:
                    89:30:44:22:85:6f:0e:6b:af:ac:15:70:e5:3a:31:
                    1f:1c:e4:04:4b:35:7d:7c:41:97:18:a3:25:55:b4:
                    f1:d5:ec:8d:63:c1:ed:58:91:e1:ec:1b:1d:f6:9c:
                    a9:64:a0:27:31:a3:33:40:97:53:24:6f:80:da:c8:
                    87:37:f2:08:66:9d:44:09:7a:9b:64:e4:7b:4f:b0:
                    a8:aa:00:30:56:59:2a:61:0a:c7:8a:94:69:82:43:
                    28:6f:f6:79:74:7f:8a:8f:e5:77:5d:28:86:ca:cf:
                    64:52:74:62:3e:ba:f1:88:7b:41:68:ce:33:72:98:
                    70:1e:f6:28:74:28:43:e2:e8:5c:3f:68:4a:d8:af:
                    9b:f2:44:0f:2d:55:c4:10:96:87:ec:92:53:10:56:
                    38:e8:38:27:09:be:c4:25:89:91:e8:0d:25:5a:fa:
                    6b:c4:4a:de:5c:a7:32:e3:50:8f:f8:fa:a9:4c:ec:
                    32:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:2D:29:26:24:59:21:D1:60:7D:FD:56:96:DD:A3:36:2F:5B:13:35
            X509v3 Authority Key Identifier:
                keyid:EA:51:7D:4B:AA:B8:5D:3C:8F:50:08:F4:0B:C4:8B:21:CB:EA:72:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4A3C65E01138A797CC1CD88B7B32A80F15642316087C29513D3DAC2B1117A368/0/EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EA517D4BAAB85D3C8F5008F40BC48B21CBEA72B8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4A3C65E01138A797CC1CD88B7B32A80F15642316087C29513D3DAC2B1117A368/0/3139302e3131332e33322e302f32322d3234203d3e20323731383634.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.113.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         25:f7:bd:ba:66:97:44:8a:5f:d3:72:87:d7:46:a7:d3:03:61:
         80:85:5b:be:ac:85:a5:d7:50:36:5a:6f:2c:f0:22:ef:88:47:
         31:f6:6b:11:28:f5:0b:3e:a9:75:60:66:36:10:89:85:8b:bb:
         ce:2c:41:74:0e:ad:de:95:9c:35:d5:6b:69:db:61:6b:54:11:
         e6:f9:07:cf:0a:0a:4b:4a:54:ee:dd:1e:a9:2b:4e:af:2b:25:
         61:e1:5a:85:ba:b2:c0:80:3c:fd:5d:6d:c6:89:99:0e:99:d9:
         57:94:14:b7:ff:72:ba:b2:50:3f:ac:6e:8e:92:6e:3e:33:1d:
         98:44:4d:71:13:58:b6:df:78:1a:db:68:61:1e:74:fd:12:5b:
         1e:67:19:30:a1:d9:29:87:4c:f7:fc:83:5a:2f:4f:71:00:67:
         79:86:ee:37:ce:12:36:a8:8b:e6:9e:86:99:9a:ad:25:42:46:
         ce:c2:1a:eb:ee:69:0d:c7:a9:e6:6f:d9:9c:74:2b:57:51:bd:
         07:09:a6:a3:e5:e4:a4:38:b2:6b:5a:55:01:79:89:4c:50:16:
         b0:36:c8:5c:fa:5e:c6:fb:19:bb:06:c5:1b:b1:dc:9b:ae:c7:
         3c:2e:e8:36:8e:63:61:55:28:89:a8:bc:cb:22:ec:72:3c:71:
         31:12:31:cb
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUEXpd3E5ACpQLb4TSlQwBRt5UacgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUE1MTdENEJBQUI4NUQzQzhGNTAwOEY0MEJDNDhCMjFD
QkVBNzJCODAeFw0yNTAyMDQxOTUzMTVaFw0yNjAyMDMxOTU4MTVaMDMxMTAvBgNV
BAMTKEFGMkQyOTI2MjQ1OTIxRDE2MDdERkQ1Njk2RERBMzM2MkY1QjEzMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNFM8YXExMxutugk9HFW+tdn+L
gDTIewHUNwPBVy4KD9W/sR405/iDOaBntHo+iXBF0OOUAXRTUilG6i6CVnKeDl6F
A8KEb2uPX4kwRCKFbw5rr6wVcOU6MR8c5ARLNX18QZcYoyVVtPHV7I1jwe1YkeHs
Gx32nKlkoCcxozNAl1Mkb4DayIc38ghmnUQJeptk5HtPsKiqADBWWSphCseKlGmC
Qyhv9nl0f4qP5XddKIbKz2RSdGI+uvGIe0FozjNymHAe9ih0KEPi6Fw/aErYr5vy
RA8tVcQQlofsklMQVjjoOCcJvsQliZHoDSVa+mvESt5cpzLjUI/4+qlM7DLrAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUry0pJiRZIdFgff1Wlt2jNi9bEzUwHwYDVR0j
BBgwFoAU6lF9S6q4XTyPUAj0C8SLIcvqcrgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80QTNDNjVFMDExMzhBNzk3Q0MxQ0Q4OEI3QjMyQTgwRjE1
NjQyMzE2MDg3QzI5NTEzRDNEQUMyQjExMTdBMzY4LzAvRUE1MTdENEJBQUI4NUQz
QzhGNTAwOEY0MEJDNDhCMjFDQkVBNzJCOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQTUxN0Q0QkFBQjg1RDNDOEY1
MDA4RjQwQkM0OEIyMUNCRUE3MkI4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEEzQzY1RTAxMTM4QTc5N0NDMUNEODhCN0IzMkE4MEYxNTY0MjMxNjA4
N0MyOTUxM0QzREFDMkIxMTE3QTM2OC8wLzMxMzkzMDJlMzEzMTMzMmUzMzMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzMxMzgzNjM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvnEg
MA0GCSqGSIb3DQEBCwUAA4IBAQAl9726ZpdEil/TcofXRqfTA2GAhVu+rIWl11A2
Wm8s8CLviEcx9msRKPULPql1YGY2EImFi7vOLEF0Dq3elZw11Wtp22FrVBHm+QfP
CgpLSlTu3R6pK06vKyVh4VqFurLAgDz9XW3GiZkOmdlXlBS3/3K6slA/rG6Okm4+
Mx2YRE1xE1i233ga22hhHnT9ElseZxkwodkph0z3/INaL09xAGd5hu43zhI2qIvm
noaZmq0lQkbOwhrr7mkNx6nmb9mcdCtXUb0HCaaj5eSkOLJrWlUBeYlMUBawNshc
+l7G+xm7BsUbsdybrsc8Lug2jmNhVSiJqLzLIuxyPHExEjHL
-----END CERTIFICATE-----