Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5B996C1AF21FC5FB59BE1C349AAA90661D63D6846477746596187E432F8F5F23/0/3139322e3138382e3139362e302f32342d3234203d3e203237393437.roa
File:                     3139322e3138382e3139362e302f32342d3234203d3e203237393437.roa (raw, json)
Hash identifier:          I8m96l7DHvVtPyk13zicoUsJSzHPYgBNbei+dp8EgHg=
Subject key identifier:   16:44:6A:80:DB:84:F3:E0:39:C1:32:D7:88:DF:56:DF:71:35:DC:D9
Certificate issuer:       /CN=962E09CED777E3B6E30D51D97754EF33B1DFD373
Certificate serial:       66E0FED5BE33317A2ED7109C2BE9AAD079AA7288
Authority key identifier: 96:2E:09:CE:D7:77:E3:B6:E3:0D:51:D9:77:54:EF:33:B1:DF:D3:73
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/962E09CED777E3B6E30D51D97754EF33B1DFD373.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5B996C1AF21FC5FB59BE1C349AAA90661D63D6846477746596187E432F8F5F23/0/3139322e3138382e3139362e302f32342d3234203d3e203237393437.roa
Signing time:             Tue 04 Feb 2025 18:37:34 +0000
ROA not before:           Tue 04 Feb 2025 18:32:34 +0000
ROA not after:            Tue 03 Feb 2026 18:37:34 +0000
asID:                     27947
IP address blocks:        192.188.196.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:e0:fe:d5:be:33:31:7a:2e:d7:10:9c:2b:e9:aa:d0:79:aa:72:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=962E09CED777E3B6E30D51D97754EF33B1DFD373
        Validity
            Not Before: Feb  4 18:32:34 2025 GMT
            Not After : Feb  3 18:37:34 2026 GMT
        Subject: CN=16446A80DB84F3E039C132D788DF56DF7135DCD9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6c:fc:83:30:b7:59:d5:5c:ce:0f:4f:51:16:
                    39:53:b0:4b:c1:9f:7b:c4:be:0e:fc:7e:9c:ea:c6:
                    af:04:94:e9:43:59:7a:59:bf:b2:d1:ba:bf:4f:41:
                    89:3d:d1:53:4d:14:9f:46:11:c4:80:55:ac:6b:ac:
                    f8:fa:7e:56:be:15:09:b7:d1:03:0d:d3:a1:8a:d4:
                    1a:b8:52:30:e0:7a:d0:75:b3:94:5b:97:04:e4:14:
                    b5:24:74:d8:a8:ab:d2:e1:ce:7e:93:e8:ae:69:e2:
                    03:37:ac:4d:4d:21:83:1d:d5:be:da:eb:41:e5:39:
                    84:2e:7b:b2:1d:3a:a4:26:82:30:f4:60:3b:1a:91:
                    44:da:04:96:79:d0:31:9f:78:0b:a8:ae:30:14:d1:
                    08:bd:26:00:59:d4:e7:4d:dc:8a:61:6e:81:7f:65:
                    2f:6b:99:bf:bc:91:97:b2:d3:c4:be:95:5d:c1:af:
                    c6:49:0e:34:12:68:ff:57:21:d8:f9:5c:d8:cb:1e:
                    f1:ed:bf:c1:a6:83:6c:a9:04:ed:2c:f6:ea:c1:51:
                    23:cf:4a:9c:b4:6a:00:cb:c5:f1:ca:6c:26:3e:a7:
                    a8:ae:4b:60:8f:0b:28:c7:79:0b:a8:b4:2d:bb:30:
                    f2:f4:3d:aa:ad:27:0c:23:7e:2d:f1:65:68:1c:a5:
                    2c:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:44:6A:80:DB:84:F3:E0:39:C1:32:D7:88:DF:56:DF:71:35:DC:D9
            X509v3 Authority Key Identifier:
                keyid:96:2E:09:CE:D7:77:E3:B6:E3:0D:51:D9:77:54:EF:33:B1:DF:D3:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5B996C1AF21FC5FB59BE1C349AAA90661D63D6846477746596187E432F8F5F23/0/962E09CED777E3B6E30D51D97754EF33B1DFD373.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/962E09CED777E3B6E30D51D97754EF33B1DFD373.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5B996C1AF21FC5FB59BE1C349AAA90661D63D6846477746596187E432F8F5F23/0/3139322e3138382e3139362e302f32342d3234203d3e203237393437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.188.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:bd:26:d0:6b:16:f2:d0:f4:d5:1e:72:51:66:5f:2a:2d:6f:
         24:b7:66:e0:f0:40:02:13:5c:6d:4f:d3:f2:86:1b:fe:cc:0a:
         70:8d:16:48:77:a3:d9:62:27:06:55:1e:08:51:1e:f8:9f:23:
         3d:e0:f9:3c:88:ca:13:ec:dd:0b:e6:ed:f6:94:b5:91:60:74:
         db:ef:af:67:d2:80:7a:ab:13:e0:3d:38:c3:93:9a:96:6f:70:
         93:2d:c6:54:9e:7b:dc:56:a0:10:5f:93:04:9d:19:69:e8:18:
         7e:23:48:7e:6d:69:a7:75:81:9d:ae:3d:d3:df:a7:1c:cc:77:
         94:90:57:ec:53:78:7c:a4:b8:39:bf:ca:47:82:fa:56:fb:fc:
         d6:1a:2d:c9:a7:39:c6:0b:8a:6b:bf:4b:ac:68:49:d2:84:8f:
         4f:cb:dd:65:e9:86:7a:c3:f9:7e:fc:f8:61:70:41:44:13:1e:
         85:41:c2:67:50:db:44:1a:5d:f8:8c:80:98:d2:66:ae:7c:e4:
         43:f7:04:1d:34:70:13:bd:60:19:30:b6:88:44:a1:60:92:2c:
         3c:d8:cb:da:42:8a:34:71:ba:6b:e8:54:6f:e9:53:16:01:f3:
         ce:0a:fa:67:07:17:9d:1b:b6:21:e2:35:39:47:50:2c:4b:27:
         f4:f8:74:15
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUZuD+1b4zMXou1xCcK+mq0HmqcogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTYyRTA5Q0VENzc3RTNCNkUzMEQ1MUQ5Nzc1NEVGMzNC
MURGRDM3MzAeFw0yNTAyMDQxODMyMzRaFw0yNjAyMDMxODM3MzRaMDMxMTAvBgNV
BAMTKDE2NDQ2QTgwREI4NEYzRTAzOUMxMzJENzg4REY1NkRGNzEzNURDRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCibPyDMLdZ1VzOD09RFjlTsEvB
n3vEvg78fpzqxq8ElOlDWXpZv7LRur9PQYk90VNNFJ9GEcSAVaxrrPj6fla+FQm3
0QMN06GK1Bq4UjDgetB1s5RblwTkFLUkdNioq9Lhzn6T6K5p4gM3rE1NIYMd1b7a
60HlOYQue7IdOqQmgjD0YDsakUTaBJZ50DGfeAuorjAU0Qi9JgBZ1OdN3IphboF/
ZS9rmb+8kZey08S+lV3Br8ZJDjQSaP9XIdj5XNjLHvHtv8Gmg2ypBO0s9urBUSPP
Spy0agDLxfHKbCY+p6iuS2CPCyjHeQuotC27MPL0PaqtJwwjfi3xZWgcpSxnAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUFkRqgNuE8+A5wTLXiN9W33E13NkwHwYDVR0j
BBgwFoAUli4Jztd347bjDVHZd1TvM7Hf03MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81Qjk5NkMxQUYyMUZDNUZCNTlCRTFDMzQ5QUFBOTA2NjFE
NjNENjg0NjQ3Nzc0NjU5NjE4N0U0MzJGOEY1RjIzLzAvOTYyRTA5Q0VENzc3RTNC
NkUzMEQ1MUQ5Nzc1NEVGMzNCMURGRDM3My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NjJFMDlDRUQ3NzdFM0I2RTMw
RDUxRDk3NzU0RUYzM0IxREZEMzczLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUI5OTZDMUFGMjFGQzVGQjU5QkUxQzM0OUFBQTkwNjYxRDYzRDY4NDY0
Nzc3NDY1OTYxODdFNDMyRjhGNUYyMy8wLzMxMzkzMjJlMzEzODM4MmUzMTM5MzYy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzkzNDM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwLzE
MA0GCSqGSIb3DQEBCwUAA4IBAQCLvSbQaxby0PTVHnJRZl8qLW8kt2bg8EACE1xt
T9Pyhhv+zApwjRZId6PZYicGVR4IUR74nyM94Pk8iMoT7N0L5u32lLWRYHTb769n
0oB6qxPgPTjDk5qWb3CTLcZUnnvcVqAQX5MEnRlp6Bh+I0h+bWmndYGdrj3T36cc
zHeUkFfsU3h8pLg5v8pHgvpW+/zWGi3JpznGC4prv0usaEnShI9Py91l6YZ6w/l+
/PhhcEFEEx6FQcJnUNtEGl34jICY0maufORD9wQdNHATvWAZMLaIRKFgkiw82Mva
Qoo0cbpr6FRv6VMWAfPOCvpnBxedG7Yh4jU5R1AsSyf0+HQV
-----END CERTIFICATE-----