Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/52214818C59A13029495CE71BF9E834CE46B03E04DBBAEB14C1CD6CD56E1968E/0/3139302e39372e3232342e302f31392d3234203d3e20323633373033.roa
File:                     3139302e39372e3232342e302f31392d3234203d3e20323633373033.roa (raw, json)
Hash identifier:          s2xMt7u2Du7ge+8lN2XQ09y2IPGCWYGSQUU/hWdKCkI=
Subject key identifier:   89:FF:EB:9D:EA:17:FC:61:75:44:FA:FD:FA:C9:AE:89:57:C4:F2:E4
Certificate issuer:       /CN=C4F3D6A93ED39200B7BE0E7DA2877BFEBD304184
Certificate serial:       46D08D3EE6B085043558E710CAD3FD9FBA01D7D8
Authority key identifier: C4:F3:D6:A9:3E:D3:92:00:B7:BE:0E:7D:A2:87:7B:FE:BD:30:41:84
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C4F3D6A93ED39200B7BE0E7DA2877BFEBD304184.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/52214818C59A13029495CE71BF9E834CE46B03E04DBBAEB14C1CD6CD56E1968E/0/3139302e39372e3232342e302f31392d3234203d3e20323633373033.roa
Signing time:             Tue 04 Feb 2025 18:26:08 +0000
ROA not before:           Tue 04 Feb 2025 18:21:08 +0000
ROA not after:            Tue 03 Feb 2026 18:26:08 +0000
asID:                     263703
IP address blocks:        190.97.224.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:d0:8d:3e:e6:b0:85:04:35:58:e7:10:ca:d3:fd:9f:ba:01:d7:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C4F3D6A93ED39200B7BE0E7DA2877BFEBD304184
        Validity
            Not Before: Feb  4 18:21:08 2025 GMT
            Not After : Feb  3 18:26:08 2026 GMT
        Subject: CN=89FFEB9DEA17FC617544FAFDFAC9AE8957C4F2E4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:19:96:ce:7e:af:bd:f9:8b:0f:87:c5:0e:2a:
                    ef:69:7f:5e:f9:77:00:49:d8:81:e3:0c:f7:0d:2d:
                    a2:18:bf:c5:33:53:5b:3b:93:8f:e8:8f:51:90:19:
                    fd:f8:b8:b0:04:76:ae:ab:d9:88:ce:6e:0b:4b:c2:
                    21:00:f2:5f:09:a3:8f:2a:52:27:7c:3c:e8:0e:bf:
                    39:e4:ff:0d:da:11:c4:49:dd:ee:cc:91:de:96:5b:
                    e8:0a:5a:96:dd:fa:e6:69:49:37:22:9c:9c:f3:31:
                    6a:64:ae:0a:1a:68:87:8e:42:3f:0d:32:fc:3a:c4:
                    77:e8:4b:45:65:af:24:eb:17:9c:52:f5:6c:b3:07:
                    89:09:b2:ff:8b:65:78:52:a5:81:a6:cb:bc:ce:e7:
                    71:62:1e:71:08:4b:40:4b:04:a6:90:d5:21:ac:d3:
                    a8:17:0c:e5:93:9f:1b:4b:7f:da:90:d7:95:9c:a7:
                    81:c3:a1:bd:f7:0a:4c:d0:d4:e6:94:c0:30:17:d6:
                    ce:0a:1b:2d:e7:65:8a:c6:7a:bf:de:f2:91:ed:25:
                    28:72:fd:3c:4d:5d:16:68:24:76:8c:f1:5c:94:4d:
                    e3:98:65:21:29:42:d5:88:14:b2:35:ca:00:2c:f8:
                    59:1e:62:da:3d:93:7e:2d:c0:ea:f7:4c:a0:e0:47:
                    80:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:FF:EB:9D:EA:17:FC:61:75:44:FA:FD:FA:C9:AE:89:57:C4:F2:E4
            X509v3 Authority Key Identifier:
                keyid:C4:F3:D6:A9:3E:D3:92:00:B7:BE:0E:7D:A2:87:7B:FE:BD:30:41:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/52214818C59A13029495CE71BF9E834CE46B03E04DBBAEB14C1CD6CD56E1968E/0/C4F3D6A93ED39200B7BE0E7DA2877BFEBD304184.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C4F3D6A93ED39200B7BE0E7DA2877BFEBD304184.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/52214818C59A13029495CE71BF9E834CE46B03E04DBBAEB14C1CD6CD56E1968E/0/3139302e39372e3232342e302f31392d3234203d3e20323633373033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.97.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6d:34:bd:96:be:c6:dd:40:56:1e:81:6d:c5:a9:ed:78:13:1b:
         e0:c0:fd:00:9e:c4:09:ea:92:24:a6:58:69:49:c2:a6:58:e4:
         1a:23:e4:a6:1c:8a:8a:c9:ea:7c:51:38:56:09:19:d2:29:eb:
         d0:cb:b0:4f:5b:a1:56:3a:fd:51:bf:cf:fb:53:06:60:8b:b9:
         26:e0:6d:f9:fe:1d:42:34:6e:a5:5e:b0:1d:fd:e5:c3:3c:ed:
         dd:89:2a:12:ef:c0:81:2b:97:bc:4b:cb:31:df:15:fa:b7:a7:
         3e:44:75:37:c8:48:32:cc:76:76:31:4c:b8:81:69:f9:56:fd:
         1c:23:b5:e0:89:1b:e1:c0:93:7b:22:77:00:b2:b8:15:65:d0:
         63:50:c1:15:af:55:8e:14:57:15:d9:1e:80:89:91:63:52:75:
         da:5d:92:ea:f5:84:33:7e:e3:aa:67:b5:c3:0e:64:e1:49:bd:
         2d:4f:18:39:1e:12:a9:eb:c2:f0:6d:51:e4:b1:cf:15:17:74:
         f3:68:fb:c4:63:f0:b4:6e:ba:9c:f1:71:11:a4:a1:d2:59:c1:
         3d:64:24:f1:4d:a5:70:96:fa:38:5b:5c:5c:20:b8:f8:58:05:
         12:34:e1:04:db:c3:57:9c:4e:b3:ab:2a:d9:eb:a4:66:f1:2c:
         8e:4c:5e:62
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIURtCNPuawhQQ1WOcQytP9n7oB19gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzRGM0Q2QTkzRUQzOTIwMEI3QkUwRTdEQTI4NzdCRkVC
RDMwNDE4NDAeFw0yNTAyMDQxODIxMDhaFw0yNjAyMDMxODI2MDhaMDMxMTAvBgNV
BAMTKDg5RkZFQjlERUExN0ZDNjE3NTQ0RkFGREZBQzlBRTg5NTdDNEYyRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrGZbOfq+9+YsPh8UOKu9pf175
dwBJ2IHjDPcNLaIYv8UzU1s7k4/oj1GQGf34uLAEdq6r2YjObgtLwiEA8l8Jo48q
Uid8POgOvznk/w3aEcRJ3e7Mkd6WW+gKWpbd+uZpSTcinJzzMWpkrgoaaIeOQj8N
Mvw6xHfoS0VlryTrF5xS9WyzB4kJsv+LZXhSpYGmy7zO53FiHnEIS0BLBKaQ1SGs
06gXDOWTnxtLf9qQ15Wcp4HDob33CkzQ1OaUwDAX1s4KGy3nZYrGer/e8pHtJShy
/TxNXRZoJHaM8VyUTeOYZSEpQtWIFLI1ygAs+FkeYto9k34twOr3TKDgR4DhAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUif/rneoX/GF1RPr9+smuiVfE8uQwHwYDVR0j
BBgwFoAUxPPWqT7TkgC3vg59ood7/r0wQYQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MjIxNDgxOEM1OUExMzAyOTQ5NUNFNzFCRjlFODM0Q0U0
NkIwM0UwNERCQkFFQjE0QzFDRDZDRDU2RTE5NjhFLzAvQzRGM0Q2QTkzRUQzOTIw
MEI3QkUwRTdEQTI4NzdCRkVCRDMwNDE4NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DNEYzRDZBOTNFRDM5MjAwQjdC
RTBFN0RBMjg3N0JGRUJEMzA0MTg0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTIyMTQ4MThDNTlBMTMwMjk0OTVDRTcxQkY5RTgzNENFNDZCMDNFMDRE
QkJBRUIxNEMxQ0Q2Q0Q1NkUxOTY4RS8wLzMxMzkzMDJlMzkzNzJlMzIzMjM0MmUz
MDJmMzEzOTJkMzIzNDIwM2QzZTIwMzIzNjMzMzczMDMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFvmHg
MA0GCSqGSIb3DQEBCwUAA4IBAQBtNL2WvsbdQFYegW3Fqe14ExvgwP0AnsQJ6pIk
plhpScKmWOQaI+SmHIqKyep8UThWCRnSKevQy7BPW6FWOv1Rv8/7UwZgi7km4G35
/h1CNG6lXrAd/eXDPO3diSoS78CBK5e8S8sx3xX6t6c+RHU3yEgyzHZ2MUy4gWn5
Vv0cI7XgiRvhwJN7IncAsrgVZdBjUMEVr1WOFFcV2R6AiZFjUnXaXZLq9YQzfuOq
Z7XDDmThSb0tTxg5HhKp68LwbVHksc8VF3TzaPvEY/C0brqc8XERpKHSWcE9ZCTx
TaVwlvo4W1xcILj4WAUSNOEE28NXnE6zqyrZ66Rm8SyOTF5i
-----END CERTIFICATE-----