Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67251DDBF206F3078E36459E6E56B30893DF94A8FBF9C05E0F2D0E47457FCD38/0/3139302e31332e3132372e302f32342d3234203d3e203631343733.roa
File:                     3139302e31332e3132372e302f32342d3234203d3e203631343733.roa (raw, json)
Hash identifier:          NMIscklpVrWhkcAnG7NfpMZXsTFlyh+I151G2CBEwSU=
Subject key identifier:   83:2A:89:FE:94:AD:6A:BA:00:CC:34:9A:CD:26:7A:95:D4:08:81:C0
Certificate issuer:       /CN=4052A5C92CFA7072166954B78BEBA6DBD1517D9B
Certificate serial:       0DB07C7BD09472014516BDD68936FD8D049F2D9B
Authority key identifier: 40:52:A5:C9:2C:FA:70:72:16:69:54:B7:8B:EB:A6:DB:D1:51:7D:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4052A5C92CFA7072166954B78BEBA6DBD1517D9B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/67251DDBF206F3078E36459E6E56B30893DF94A8FBF9C05E0F2D0E47457FCD38/0/3139302e31332e3132372e302f32342d3234203d3e203631343733.roa
Signing time:             Tue 23 Jul 2024 16:00:00 +0000
ROA not before:           Tue 23 Jul 2024 15:55:00 +0000
ROA not after:            Tue 22 Jul 2025 16:00:00 +0000
asID:                     61473
IP address blocks:        190.13.127.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:b0:7c:7b:d0:94:72:01:45:16:bd:d6:89:36:fd:8d:04:9f:2d:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4052A5C92CFA7072166954B78BEBA6DBD1517D9B
        Validity
            Not Before: Jul 23 15:55:00 2024 GMT
            Not After : Jul 22 16:00:00 2025 GMT
        Subject: CN=832A89FE94AD6ABA00CC349ACD267A95D40881C0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:82:15:97:c1:da:07:77:f4:15:d5:87:21:5c:
                    0b:ec:ca:e0:c7:4a:3d:43:bd:30:4f:df:48:14:7c:
                    5c:87:d8:a3:76:0f:a9:ad:0a:fe:22:96:db:b0:0e:
                    86:f1:b2:36:5e:27:48:94:2c:1a:d1:88:38:71:a9:
                    32:40:45:2d:de:42:d9:dc:5c:f5:46:a7:a2:ce:3f:
                    01:b7:0c:89:15:6b:49:9a:c8:52:5c:b4:1d:f0:19:
                    2b:b5:2a:c7:5c:94:a9:b4:fb:ec:c8:6e:27:ea:7c:
                    c5:0a:36:ba:a8:94:c9:dd:70:a1:13:e0:b3:98:0d:
                    76:0e:7d:50:03:b1:12:e4:8d:76:84:7b:25:65:6d:
                    59:8c:4a:93:a9:0f:f0:de:7f:59:2e:1a:71:b5:c3:
                    bc:3a:9c:4d:98:72:09:ae:7b:39:1a:b5:8c:40:3b:
                    9b:f7:9e:11:c9:94:dc:db:d4:f2:bd:52:e2:8d:21:
                    e2:02:cf:bd:2d:60:af:ce:a4:ab:70:ce:52:d9:44:
                    49:6d:90:41:79:28:d3:55:09:4b:3c:c7:e0:5e:fd:
                    25:b9:b5:0b:9e:7f:16:16:92:35:8a:cf:fd:7a:c6:
                    ad:bc:62:02:ca:a6:66:02:9d:5b:9a:23:1c:47:61:
                    2b:c1:13:fd:e1:90:52:23:9f:5c:3d:f7:b7:97:94:
                    72:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:2A:89:FE:94:AD:6A:BA:00:CC:34:9A:CD:26:7A:95:D4:08:81:C0
            X509v3 Authority Key Identifier:
                keyid:40:52:A5:C9:2C:FA:70:72:16:69:54:B7:8B:EB:A6:DB:D1:51:7D:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/67251DDBF206F3078E36459E6E56B30893DF94A8FBF9C05E0F2D0E47457FCD38/0/4052A5C92CFA7072166954B78BEBA6DBD1517D9B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4052A5C92CFA7072166954B78BEBA6DBD1517D9B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67251DDBF206F3078E36459E6E56B30893DF94A8FBF9C05E0F2D0E47457FCD38/0/3139302e31332e3132372e302f32342d3234203d3e203631343733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.13.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:6c:7c:f0:01:79:16:6f:55:2f:10:a8:c7:37:73:e9:e5:61:
         50:2e:a8:c2:68:c6:10:ee:66:4d:ee:3c:eb:d6:27:29:ff:08:
         5e:9c:76:72:83:cf:a0:5a:da:70:ee:cc:0f:ee:5d:8c:80:7c:
         2c:dc:a6:3c:77:12:f2:16:41:31:ec:d9:44:9e:fe:c6:53:da:
         73:bf:3f:9e:f5:53:b3:26:3e:09:81:2a:2d:b7:bd:67:11:94:
         c1:35:12:d7:08:97:ae:c8:a4:9b:22:ad:8c:38:26:e2:57:75:
         2e:19:e0:93:05:b7:e5:cf:00:03:69:f3:18:71:5e:90:55:af:
         fa:4e:e0:14:22:b8:4d:40:d3:29:57:ff:84:7e:3f:04:10:a8:
         3a:01:8f:49:33:25:0c:bd:62:ee:ec:55:d2:ec:e3:db:01:bb:
         f1:c5:61:c6:94:3a:50:2e:89:d3:cb:c8:de:49:06:b8:f5:09:
         5a:0f:7b:5a:1b:fc:65:f1:78:ef:87:18:64:69:e5:18:e4:f2:
         29:fd:f3:f5:60:63:93:35:91:06:97:2f:b8:6c:96:5b:89:a0:
         d9:4a:b9:45:6b:92:3a:48:46:40:a9:c4:52:b7:6d:8b:e1:0e:
         67:12:ff:09:a3:8c:f1:6d:31:b4:a4:cd:2c:25:31:53:68:2e:
         6a:12:31:62
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUDbB8e9CUcgFFFr3WiTb9jQSfLZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDA1MkE1QzkyQ0ZBNzA3MjE2Njk1NEI3OEJFQkE2REJE
MTUxN0Q5QjAeFw0yNDA3MjMxNTU1MDBaFw0yNTA3MjIxNjAwMDBaMDMxMTAvBgNV
BAMTKDgzMkE4OUZFOTRBRDZBQkEwMENDMzQ5QUNEMjY3QTk1RDQwODgxQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ghWXwdoHd/QV1YchXAvsyuDH
Sj1DvTBP30gUfFyH2KN2D6mtCv4iltuwDobxsjZeJ0iULBrRiDhxqTJARS3eQtnc
XPVGp6LOPwG3DIkVa0mayFJctB3wGSu1KsdclKm0++zIbifqfMUKNrqolMndcKET
4LOYDXYOfVADsRLkjXaEeyVlbVmMSpOpD/Def1kuGnG1w7w6nE2YcgmuezkatYxA
O5v3nhHJlNzb1PK9UuKNIeICz70tYK/OpKtwzlLZREltkEF5KNNVCUs8x+Be/SW5
tQuefxYWkjWKz/16xq28YgLKpmYCnVuaIxxHYSvBE/3hkFIjn1w997eXlHKDAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUgyqJ/pStaroAzDSazSZ6ldQIgcAwHwYDVR0j
BBgwFoAUQFKlySz6cHIWaVS3i+um29FRfZswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NzI1MUREQkYyMDZGMzA3OEUzNjQ1OUU2RTU2QjMwODkz
REY5NEE4RkJGOUMwNUUwRjJEMEU0NzQ1N0ZDRDM4LzAvNDA1MkE1QzkyQ0ZBNzA3
MjE2Njk1NEI3OEJFQkE2REJEMTUxN0Q5Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80MDUyQTVDOTJDRkE3MDcyMTY2
OTU0Qjc4QkVCQTZEQkQxNTE3RDlCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjcyNTFEREJGMjA2RjMwNzhFMzY0NTlFNkU1NkIzMDg5M0RGOTRBOEZC
RjlDMDVFMEYyRDBFNDc0NTdGQ0QzOC8wLzMxMzkzMDJlMzEzMzJlMzEzMjM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTM0MzczMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAL4NfzAN
BgkqhkiG9w0BAQsFAAOCAQEAK2x88AF5Fm9VLxCoxzdz6eVhUC6owmjGEO5mTe48
69YnKf8IXpx2coPPoFracO7MD+5djIB8LNymPHcS8hZBMezZRJ7+xlPac78/nvVT
syY+CYEqLbe9ZxGUwTUS1wiXrsikmyKtjDgm4ld1LhngkwW35c8AA2nzGHFekFWv
+k7gFCK4TUDTKVf/hH4/BBCoOgGPSTMlDL1i7uxV0uzj2wG78cVhxpQ6UC6J08vI
3kkGuPUJWg97Whv8ZfF474cYZGnlGOTyKf3z9WBjkzWRBpcvuGyWW4mg2Uq5RWuS
OkhGQKnEUrdti+EOZxL/CaOM8W0xtKTNLCUxU2guahIxYg==
-----END CERTIFICATE-----