Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4B71DE7CD160FB471BE4FA8EB772197AF8BD8CE3637458D218FFE303DE48AB98/0/3139302e3130382e37322e302f32342d3234203d3e20323633323436.roa
File:                     3139302e3130382e37322e302f32342d3234203d3e20323633323436.roa (raw, json)
Hash identifier:          X6eUqopfLNLOx9Tai3ny7T7yg4YXqILBAIus8QMB1CM=
Subject key identifier:   41:9A:65:C8:B1:C9:CC:BC:A3:B8:37:22:8D:73:21:F6:9F:C6:DE:87
Certificate issuer:       /CN=EE0F3FF0E8430A1CB45AD3260983A9D349722624
Certificate serial:       6E3F050623F8AE1E14AC6F8C07AA482EB70878CA
Authority key identifier: EE:0F:3F:F0:E8:43:0A:1C:B4:5A:D3:26:09:83:A9:D3:49:72:26:24
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EE0F3FF0E8430A1CB45AD3260983A9D349722624.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4B71DE7CD160FB471BE4FA8EB772197AF8BD8CE3637458D218FFE303DE48AB98/0/3139302e3130382e37322e302f32342d3234203d3e20323633323436.roa
Signing time:             Tue 04 Feb 2025 18:00:34 +0000
ROA not before:           Tue 04 Feb 2025 17:55:34 +0000
ROA not after:            Tue 03 Feb 2026 18:00:34 +0000
asID:                     263246
IP address blocks:        190.108.72.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:3f:05:06:23:f8:ae:1e:14:ac:6f:8c:07:aa:48:2e:b7:08:78:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EE0F3FF0E8430A1CB45AD3260983A9D349722624
        Validity
            Not Before: Feb  4 17:55:34 2025 GMT
            Not After : Feb  3 18:00:34 2026 GMT
        Subject: CN=419A65C8B1C9CCBCA3B837228D7321F69FC6DE87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:5a:d5:b7:00:49:81:e6:af:26:93:40:62:4b:
                    a8:c4:c0:98:c6:da:9e:8f:f1:54:9b:12:57:4d:a6:
                    f3:f9:84:95:ba:39:e3:32:b4:73:ed:e6:bf:ac:de:
                    b5:72:3f:af:ab:3d:1f:5b:f8:72:65:5f:4e:6e:0d:
                    0a:27:4b:4f:a3:4c:2d:f9:b3:ea:dc:7d:3e:4e:2f:
                    ce:10:7a:5c:2d:af:a5:53:df:b2:41:2f:2d:52:1d:
                    49:10:9a:f7:bc:68:e9:7c:2a:1a:b3:eb:c1:1c:c3:
                    85:23:84:e4:5e:c0:f9:d0:30:77:13:fd:8b:ae:22:
                    ef:5c:41:24:04:1d:59:69:8c:2c:70:5b:12:70:d9:
                    37:bd:d5:a1:3f:e4:ab:61:b1:20:ac:2c:48:32:95:
                    eb:bf:9d:62:13:b5:57:8e:f8:0a:22:44:9b:2d:e1:
                    d9:ff:91:e6:39:44:0d:f4:ff:2e:41:11:eb:39:3b:
                    fd:e4:e0:b4:b0:eb:8e:f1:1e:d8:91:eb:63:e2:ca:
                    85:2c:ee:9c:44:ca:ac:a7:81:23:c7:01:60:51:ed:
                    65:99:38:c3:c2:b7:2e:2d:d7:6f:33:5d:e8:26:6d:
                    6a:a0:ab:23:77:e9:c9:8d:77:41:fc:2f:5a:55:29:
                    42:80:d5:75:ce:a0:c1:0c:5f:d9:22:d0:8a:c2:56:
                    2b:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:9A:65:C8:B1:C9:CC:BC:A3:B8:37:22:8D:73:21:F6:9F:C6:DE:87
            X509v3 Authority Key Identifier:
                keyid:EE:0F:3F:F0:E8:43:0A:1C:B4:5A:D3:26:09:83:A9:D3:49:72:26:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4B71DE7CD160FB471BE4FA8EB772197AF8BD8CE3637458D218FFE303DE48AB98/0/EE0F3FF0E8430A1CB45AD3260983A9D349722624.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EE0F3FF0E8430A1CB45AD3260983A9D349722624.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4B71DE7CD160FB471BE4FA8EB772197AF8BD8CE3637458D218FFE303DE48AB98/0/3139302e3130382e37322e302f32342d3234203d3e20323633323436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.108.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:39:fb:9f:7d:d2:95:fe:eb:1b:e5:6d:b5:44:57:21:05:2d:
         5d:bb:ac:af:55:58:cf:34:e0:93:c0:9d:4f:68:09:fa:b3:f7:
         ff:7a:1c:7b:fc:ed:c6:9d:69:a4:a3:1c:34:bc:b2:9d:c3:7d:
         57:27:35:f1:b2:22:40:db:b8:de:f5:fe:d4:7f:ee:f4:1b:7e:
         f7:f3:c2:3e:02:68:70:fe:cc:0d:09:f9:da:19:a0:3a:9e:81:
         9b:6e:a2:b6:fb:74:ad:71:75:a0:db:02:53:a2:d3:03:4b:0e:
         51:e9:35:5e:c0:4f:27:51:95:81:c7:8f:57:86:c6:3f:74:83:
         f4:7a:4c:15:3e:7f:a6:70:24:43:62:77:62:c6:c2:40:f0:41:
         81:2e:41:13:ec:d2:74:8a:cf:12:bc:ff:a7:2e:3d:c3:19:43:
         bf:33:ad:4c:28:c2:9c:f9:38:37:6c:5f:33:36:4b:52:ac:da:
         36:a2:dd:d3:cc:81:d9:1f:bf:0e:52:19:5a:b1:6f:66:1c:77:
         ef:90:95:77:34:fc:e4:ee:00:d0:ae:27:5d:91:a9:7c:da:b1:
         e2:a6:d3:33:0f:30:d2:8f:db:3f:c8:8d:17:1d:bf:a4:cf:cb:
         58:95:fc:de:d9:79:88:12:0b:ae:22:68:85:f3:3e:aa:e2:c7:
         56:d5:b8:eb
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUbj8FBiP4rh4UrG+MB6pILrcIeMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUUwRjNGRjBFODQzMEExQ0I0NUFEMzI2MDk4M0E5RDM0
OTcyMjYyNDAeFw0yNTAyMDQxNzU1MzRaFw0yNjAyMDMxODAwMzRaMDMxMTAvBgNV
BAMTKDQxOUE2NUM4QjFDOUNDQkNBM0I4MzcyMjhENzMyMUY2OUZDNkRFODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBWtW3AEmB5q8mk0BiS6jEwJjG
2p6P8VSbEldNpvP5hJW6OeMytHPt5r+s3rVyP6+rPR9b+HJlX05uDQonS0+jTC35
s+rcfT5OL84Qelwtr6VT37JBLy1SHUkQmve8aOl8Khqz68Ecw4UjhORewPnQMHcT
/YuuIu9cQSQEHVlpjCxwWxJw2Te91aE/5KthsSCsLEgyleu/nWITtVeO+AoiRJst
4dn/keY5RA30/y5BEes5O/3k4LSw647xHtiR62PiyoUs7pxEyqyngSPHAWBR7WWZ
OMPCty4t128zXegmbWqgqyN36cmNd0H8L1pVKUKA1XXOoMEMX9ki0IrCVisvAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUQZplyLHJzLyjuDcijXMh9p/G3ocwHwYDVR0j
BBgwFoAU7g8/8OhDChy0WtMmCYOp00lyJiQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80QjcxREU3Q0QxNjBGQjQ3MUJFNEZBOEVCNzcyMTk3QUY4
QkQ4Q0UzNjM3NDU4RDIxOEZGRTMwM0RFNDhBQjk4LzAvRUUwRjNGRjBFODQzMEEx
Q0I0NUFEMzI2MDk4M0E5RDM0OTcyMjYyNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FRTBGM0ZGMEU4NDMwQTFDQjQ1
QUQzMjYwOTgzQTlEMzQ5NzIyNjI0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEI3MURFN0NEMTYwRkI0NzFCRTRGQThFQjc3MjE5N0FGOEJEOENFMzYz
NzQ1OEQyMThGRkUzMDNERTQ4QUI5OC8wLzMxMzkzMDJlMzEzMDM4MmUzNzMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMzMzIzNDM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvmxI
MA0GCSqGSIb3DQEBCwUAA4IBAQCEOfuffdKV/usb5W21RFchBS1du6yvVVjPNOCT
wJ1PaAn6s/f/ehx7/O3GnWmkoxw0vLKdw31XJzXxsiJA27je9f7Uf+70G37388I+
Amhw/swNCfnaGaA6noGbbqK2+3StcXWg2wJTotMDSw5R6TVewE8nUZWBx49XhsY/
dIP0ekwVPn+mcCRDYndixsJA8EGBLkET7NJ0is8SvP+nLj3DGUO/M61MKMKc+Tg3
bF8zNktSrNo2ot3TzIHZH78OUhlasW9mHHfvkJV3NPzk7gDQriddkal82rHiptMz
DzDSj9s/yI0XHb+kz8tYlfze2XmIEguuImiF8z6q4sdW1bjr
-----END CERTIFICATE-----