Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3133302e3131362e302f32322d3234203d3e203236363131.roa
File:                     3139302e3133302e3131362e302f32322d3234203d3e203236363131.roa (raw, json)
Hash identifier:          j+Q93jAyCk4FP8CALlESAhM4GecvxP8UPBc6V95HNJY=
Subject key identifier:   54:D9:9B:14:66:B9:B2:80:3E:07:89:A2:F7:39:31:CB:68:CC:B4:8F
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       41183A929D91ABAAE830B204FE52C00AE984CB43
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3133302e3131362e302f32322d3234203d3e203236363131.roa
Signing time:             Tue 04 Feb 2025 18:05:18 +0000
ROA not before:           Tue 04 Feb 2025 18:00:18 +0000
ROA not after:            Tue 03 Feb 2026 18:05:18 +0000
asID:                     26611
IP address blocks:        190.130.116.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:18:3a:92:9d:91:ab:aa:e8:30:b2:04:fe:52:c0:0a:e9:84:cb:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Feb  4 18:00:18 2025 GMT
            Not After : Feb  3 18:05:18 2026 GMT
        Subject: CN=54D99B1466B9B2803E0789A2F73931CB68CCB48F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:dd:2f:dd:de:e0:f5:17:82:e0:15:4a:50:9f:
                    7f:f6:92:50:3a:aa:f4:88:7c:e2:9e:6b:61:45:5a:
                    b6:b1:34:fc:c9:05:f3:69:69:82:e2:8b:33:c3:be:
                    c7:3c:95:49:d0:9b:fe:2e:08:70:e0:e2:65:f1:17:
                    db:0a:81:ce:88:a0:99:8a:49:05:ee:d8:97:75:49:
                    da:49:34:ff:32:7e:17:52:fd:d6:f9:22:e4:93:ee:
                    4d:2d:46:52:de:00:6b:e2:3e:83:9b:41:0f:45:97:
                    c3:d4:2e:8f:af:68:c6:33:6e:8a:37:f5:90:8c:f7:
                    87:a9:9e:e7:e0:8b:8b:36:4e:ba:e3:f0:bb:e1:57:
                    0f:b3:6f:50:0a:05:34:c6:16:bf:82:cc:c8:ed:30:
                    37:65:f2:43:b4:92:91:51:96:3b:b8:6b:f6:83:6e:
                    bf:f8:b3:27:70:47:a7:7d:6e:c8:3b:93:de:b7:19:
                    d6:a2:70:7e:18:aa:d2:19:7a:41:4d:c8:b4:cf:b1:
                    d4:5e:98:a7:92:69:1f:cb:71:b0:19:22:8b:b3:c8:
                    cf:22:c9:12:91:55:0a:88:86:20:2e:9b:b3:5d:51:
                    71:d8:49:d3:a6:2c:49:3e:d6:1a:9f:b7:dd:60:d5:
                    ae:6a:e6:84:32:18:1d:c0:bf:aa:3f:86:b4:db:6c:
                    3b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:D9:9B:14:66:B9:B2:80:3E:07:89:A2:F7:39:31:CB:68:CC:B4:8F
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139302e3133302e3131362e302f32322d3234203d3e203236363131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.130.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         99:68:d5:2d:10:ae:c0:3d:d7:e3:e2:17:aa:83:0d:40:a7:d5:
         dd:29:b4:b6:ef:b1:dd:83:3a:eb:ce:42:b4:40:46:46:e4:d6:
         24:af:d4:5c:b1:ef:47:08:d5:f2:eb:c4:51:c9:bb:4c:70:91:
         25:dc:10:a3:dd:7c:c0:3b:4b:b9:9e:0e:b5:7f:9a:35:fb:ea:
         3e:fe:5d:83:84:fb:a0:af:09:a6:ab:0f:6e:fd:0e:c3:bc:6e:
         3f:8a:fc:b8:32:db:af:7b:7c:bd:5a:63:8b:88:a9:e0:11:91:
         05:1f:83:1f:90:c2:ac:55:87:97:14:e2:5b:6e:ab:13:be:ac:
         5a:a3:18:46:9b:b8:bf:06:0d:54:87:f6:41:c9:2a:f9:c2:f0:
         2a:b7:f5:32:f5:9d:9f:c2:29:be:e9:a7:6d:a9:f7:31:98:73:
         c1:5a:e8:73:cd:b5:ba:13:6b:86:ba:80:2a:70:53:b1:86:dd:
         6c:02:11:92:4d:8e:f6:ab:36:52:8e:6f:d3:43:e5:3f:69:d9:
         14:c7:09:f7:aa:b9:05:e5:c3:bc:e9:10:87:47:6f:f8:60:9d:
         e9:d3:40:4f:e5:1a:1a:db:48:e3:5a:09:48:b0:ac:26:c6:a2:
         f9:3a:87:ed:73:83:56:78:7d:a2:f7:89:be:62:ed:6e:7c:b5:
         ff:2b:91:38
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUQRg6kp2Rq6roMLIE/lLACumEy0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNTAyMDQxODAwMThaFw0yNjAyMDMxODA1MThaMDMxMTAvBgNV
BAMTKDU0RDk5QjE0NjZCOUIyODAzRTA3ODlBMkY3MzkzMUNCNjhDQ0I0OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe3S/d3uD1F4LgFUpQn3/2klA6
qvSIfOKea2FFWraxNPzJBfNpaYLiizPDvsc8lUnQm/4uCHDg4mXxF9sKgc6IoJmK
SQXu2Jd1SdpJNP8yfhdS/db5IuST7k0tRlLeAGviPoObQQ9Fl8PULo+vaMYzboo3
9ZCM94epnufgi4s2Trrj8LvhVw+zb1AKBTTGFr+CzMjtMDdl8kO0kpFRlju4a/aD
br/4sydwR6d9bsg7k963GdaicH4YqtIZekFNyLTPsdRemKeSaR/LcbAZIouzyM8i
yRKRVQqIhiAum7NdUXHYSdOmLEk+1hqft91g1a5q5oQyGB3Av6o/hrTbbDs7AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUVNmbFGa5soA+B4mi9zkxy2jMtI8wHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMxMzkzMDJlMzEzMzMwMmUzMTMxMzYy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzYzMTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvoJ0
MA0GCSqGSIb3DQEBCwUAA4IBAQCZaNUtEK7APdfj4heqgw1Ap9XdKbS277Hdgzrr
zkK0QEZG5NYkr9Rcse9HCNXy68RRybtMcJEl3BCj3XzAO0u5ng61f5o1++o+/l2D
hPugrwmmqw9u/Q7DvG4/ivy4Mtuve3y9WmOLiKngEZEFH4MfkMKsVYeXFOJbbqsT
vqxaoxhGm7i/Bg1Uh/ZBySr5wvAqt/Uy9Z2fwim+6adtqfcxmHPBWuhzzbW6E2uG
uoAqcFOxht1sAhGSTY72qzZSjm/TQ+U/adkUxwn3qrkF5cO86RCHR2/4YJ3p00BP
5Roa20jjWglIsKwmxqL5Ooftc4NWeH2i94m+Yu1ufLX/K5E4
-----END CERTIFICATE-----