Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139312e36342e302e302f31322d3234203d3e203236363131.roa
File:                     3139312e36342e302e302f31322d3234203d3e203236363131.roa (raw, json)
Hash identifier:          9dm/U0GD8iLdC6lSVhSlmDufSsSBtsD+49xmlWtfHzo=
Subject key identifier:   0D:E7:69:10:3E:13:F5:F0:6C:F3:BF:53:B2:75:EA:15:0F:4E:A6:61
Certificate issuer:       /CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
Certificate serial:       4E66744F8C9D3CD146E2FA2BD323816CC6EC679F
Authority key identifier: 43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139312e36342e302e302f31322d3234203d3e203236363131.roa
Signing time:             Tue 04 Feb 2025 18:05:05 +0000
ROA not before:           Tue 04 Feb 2025 18:00:05 +0000
ROA not after:            Tue 03 Feb 2026 18:05:05 +0000
asID:                     26611
IP address blocks:        191.64.0.0/12 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:66:74:4f:8c:9d:3c:d1:46:e2:fa:2b:d3:23:81:6c:c6:ec:67:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5
        Validity
            Not Before: Feb  4 18:00:05 2025 GMT
            Not After : Feb  3 18:05:05 2026 GMT
        Subject: CN=0DE769103E13F5F06CF3BF53B275EA150F4EA661
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b0:8b:39:ba:bc:45:c0:37:cb:26:a4:d8:48:
                    f4:3b:64:a7:3c:91:18:2a:7c:fc:c7:10:7d:af:0c:
                    bd:21:ab:b5:b8:85:92:20:a6:47:8c:c9:d3:99:18:
                    e2:5d:82:0e:cd:65:fe:26:bf:e3:03:0b:d0:b0:04:
                    84:d0:e9:8d:61:6d:20:a2:e6:9f:8f:05:03:5c:5f:
                    e9:5a:33:c1:96:36:e0:84:14:67:c8:c0:c6:66:21:
                    73:31:52:ec:c6:18:ff:c0:35:26:32:77:89:9c:32:
                    89:7b:0d:42:c6:b5:5b:7b:f0:66:53:53:98:d6:ad:
                    13:69:1c:33:45:45:b1:80:8f:80:24:40:80:2e:08:
                    03:dd:7c:d9:23:ef:2d:aa:e5:8e:4c:a9:a1:ff:fa:
                    c7:f8:bb:71:06:8b:3f:7c:1a:89:c9:8a:5d:05:38:
                    d4:29:62:f7:93:1a:58:22:19:92:f7:ed:c8:fe:bb:
                    07:74:4a:ba:df:82:64:24:3f:54:04:a9:02:f6:db:
                    25:89:ed:2b:11:6f:87:ad:48:a3:35:40:4f:f4:3e:
                    44:92:30:94:7e:b3:68:dd:6e:96:4a:e6:f4:ac:7c:
                    6d:03:a6:d3:c1:16:a0:26:fc:dd:ff:96:68:8b:90:
                    ab:1a:dd:14:43:fa:de:5b:25:ac:39:f4:a0:5c:41:
                    55:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:E7:69:10:3E:13:F5:F0:6C:F3:BF:53:B2:75:EA:15:0F:4E:A6:61
            X509v3 Authority Key Identifier:
                keyid:43:FF:1C:8A:E0:B4:75:7E:68:ED:D0:8A:E1:AE:B2:AD:AD:86:53:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/43FF1C8AE0B4757E68EDD08AE1AEB2ADAD8653D5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/51240E7962B9380A3E627C94441EA6BB2CCA3DB1D22E934B6CC9DC5B635EF491/0/3139312e36342e302e302f31322d3234203d3e203236363131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.64.0.0/12

    Signature Algorithm: sha256WithRSAEncryption
         2c:41:21:9d:ee:47:7a:21:92:d0:5d:ef:4e:02:b5:bd:94:da:
         d9:f8:01:a0:44:d1:c1:6c:3e:b6:95:51:1f:7e:17:29:10:1e:
         c2:b7:8f:66:4b:92:19:58:c0:ed:25:8d:62:9a:4c:de:fa:a7:
         f0:b9:57:9c:6e:00:5b:95:92:01:7a:d2:a7:a4:08:88:3e:92:
         7a:ed:7e:d0:b5:6a:f1:65:92:78:73:98:6a:75:af:37:68:6c:
         97:51:cd:ff:0b:e8:e6:53:48:53:b0:fa:c1:6f:ac:3d:99:81:
         db:40:20:05:62:90:06:fa:5b:c0:89:9a:6a:c3:ff:c7:36:b2:
         1c:4b:11:75:e0:50:0f:b8:be:3f:33:31:1a:4d:8a:ef:17:56:
         0c:6e:2f:70:83:5a:e1:78:74:00:50:d0:21:fc:4e:c5:1e:c3:
         98:0d:5e:d9:22:f9:54:d1:ca:ad:25:ee:f1:c8:f7:19:97:05:
         88:47:ec:25:b9:4b:2f:76:3d:ac:7a:41:fc:b3:23:ba:78:21:
         a7:48:10:ca:e7:79:3c:1f:ba:d5:af:27:cf:6b:8e:35:ea:ea:
         27:f3:1b:7a:b5:90:e1:0f:a0:a3:da:1e:24:03:71:c2:73:89:
         72:43:9e:76:b1:ac:c4:67:ad:a8:48:4f:50:84:e5:fe:8a:8c:
         62:af:e4:39
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIUTmZ0T4ydPNFG4vor0yOBbMbsZ58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGRjFDOEFFMEI0NzU3RTY4RUREMDhBRTFBRUIyQURB
RDg2NTNENTAeFw0yNTAyMDQxODAwMDVaFw0yNjAyMDMxODA1MDVaMDMxMTAvBgNV
BAMTKDBERTc2OTEwM0UxM0Y1RjA2Q0YzQkY1M0IyNzVFQTE1MEY0RUE2NjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+sIs5urxFwDfLJqTYSPQ7ZKc8
kRgqfPzHEH2vDL0hq7W4hZIgpkeMydOZGOJdgg7NZf4mv+MDC9CwBITQ6Y1hbSCi
5p+PBQNcX+laM8GWNuCEFGfIwMZmIXMxUuzGGP/ANSYyd4mcMol7DULGtVt78GZT
U5jWrRNpHDNFRbGAj4AkQIAuCAPdfNkj7y2q5Y5MqaH/+sf4u3EGiz98GonJil0F
ONQpYveTGlgiGZL37cj+uwd0SrrfgmQkP1QEqQL22yWJ7SsRb4etSKM1QE/0PkSS
MJR+s2jdbpZK5vSsfG0DptPBFqAm/N3/lmiLkKsa3RRD+t5bJaw59KBcQVXRAgMB
AAGjggLDMIICvzAdBgNVHQ4EFgQUDedpED4T9fBs879TsnXqFQ9OpmEwHwYDVR0j
BBgwFoAUQ/8ciuC0dX5o7dCK4a6yra2GU9UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MTI0MEU3OTYyQjkzODBBM0U2MjdDOTQ0NDFFQTZCQjJD
Q0EzREIxRDIyRTkzNEI2Q0M5REM1QjYzNUVGNDkxLzAvNDNGRjFDOEFFMEI0NzU3
RTY4RUREMDhBRTFBRUIyQURBRDg2NTNENS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80M0ZGMUM4QUUwQjQ3NTdFNjhF
REQwOEFFMUFFQjJBREFEODY1M0Q1LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTEyNDBFNzk2MkI5MzgwQTNFNjI3Qzk0NDQxRUE2QkIyQ0NBM0RCMUQy
MkU5MzRCNkNDOURDNUI2MzVFRjQ5MS8wLzMxMzkzMTJlMzYzNDJlMzAyZTMwMmYz
MTMyMmQzMjM0MjAzZDNlMjAzMjM2MzYzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMEv0AwDQYJKoZI
hvcNAQELBQADggEBACxBIZ3uR3ohktBd704Ctb2U2tn4AaBE0cFsPraVUR9+FykQ
HsK3j2ZLkhlYwO0ljWKaTN76p/C5V5xuAFuVkgF60qekCIg+knrtftC1avFlknhz
mGp1rzdobJdRzf8L6OZTSFOw+sFvrD2ZgdtAIAVikAb6W8CJmmrD/8c2shxLEXXg
UA+4vj8zMRpNiu8XVgxuL3CDWuF4dABQ0CH8TsUew5gNXtki+VTRyq0l7vHI9xmX
BYhH7CW5Sy92Pax6QfyzI7p4IadIEMrneTwfutWvJ89rjjXq6ifzG3q1kOEPoKPa
HiQDccJziXJDnnaxrMRnrahIT1CE5f6KjGKv5Dk=
-----END CERTIFICATE-----