Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6DE91B35DA9AC709C34C2BD1A13A688E9A169AE888B92B4E4BBB86F25B77C458/0/3136382e3230352e302e302f32322d3234203d3e203532333939.roa
File:                     3136382e3230352e302e302f32322d3234203d3e203532333939.roa (raw, json)
Hash identifier:          A/85h6HYWIacNjLo4haaTnMpECLNvJSRoXS/F0qMDhw=
Subject key identifier:   E5:91:57:0B:F5:16:AE:6A:C8:F0:4C:4C:4C:FC:C6:B0:BA:93:28:E6
Certificate issuer:       /CN=F78F9E6F642B6485F25A9B2331897573DEED26F6
Certificate serial:       7E7C1F2E4357AB2725B74A397E8D81D7DCE8D3FD
Authority key identifier: F7:8F:9E:6F:64:2B:64:85:F2:5A:9B:23:31:89:75:73:DE:ED:26:F6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F78F9E6F642B6485F25A9B2331897573DEED26F6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6DE91B35DA9AC709C34C2BD1A13A688E9A169AE888B92B4E4BBB86F25B77C458/0/3136382e3230352e302e302f32322d3234203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:14:16 +0000
ROA not before:           Tue 04 Feb 2025 18:09:16 +0000
ROA not after:            Tue 03 Feb 2026 18:14:16 +0000
asID:                     52399
IP address blocks:        168.205.0.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:7c:1f:2e:43:57:ab:27:25:b7:4a:39:7e:8d:81:d7:dc:e8:d3:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F78F9E6F642B6485F25A9B2331897573DEED26F6
        Validity
            Not Before: Feb  4 18:09:16 2025 GMT
            Not After : Feb  3 18:14:16 2026 GMT
        Subject: CN=E591570BF516AE6AC8F04C4C4CFCC6B0BA9328E6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ca:60:20:42:24:38:19:f0:b4:05:df:d2:19:
                    c5:b4:1c:cb:07:1c:52:d6:e5:c6:64:65:71:83:9c:
                    c6:a8:0e:72:42:20:42:4c:77:5e:f2:2c:1f:1a:8d:
                    33:63:40:93:e8:7c:2b:c6:5e:f4:5e:25:9d:ed:08:
                    ef:e9:c8:b1:b6:82:db:59:4f:c3:8c:ab:8a:ca:44:
                    11:34:70:f6:ff:72:72:8e:95:a4:e1:74:3c:0f:c9:
                    86:23:21:9c:63:21:7f:de:ac:fb:7d:3d:ea:88:02:
                    bf:d9:4e:8f:15:a3:5b:ba:31:62:35:26:67:de:f2:
                    aa:98:39:6c:ed:50:6a:b7:25:26:7c:fd:a2:b6:08:
                    67:c6:a5:36:60:56:79:dd:85:98:51:41:ec:b4:4b:
                    d8:0f:14:10:23:5e:b8:73:a5:6f:49:8e:e0:c9:73:
                    ab:3e:59:c8:95:0c:48:1d:a8:f0:4e:30:eb:45:42:
                    0a:b4:93:1d:71:9f:3c:50:01:4f:cf:f8:f3:a7:b6:
                    5f:f2:60:49:1a:64:55:c2:f7:0b:b6:a8:70:55:c5:
                    87:4a:e1:bd:48:74:3e:f4:73:f5:fa:61:94:b3:31:
                    cd:0f:65:58:ba:67:95:e6:e9:ea:27:6a:b8:2e:1b:
                    ea:2d:be:52:8b:00:d8:a2:05:5c:3e:a8:f0:1b:f6:
                    e7:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:91:57:0B:F5:16:AE:6A:C8:F0:4C:4C:4C:FC:C6:B0:BA:93:28:E6
            X509v3 Authority Key Identifier:
                keyid:F7:8F:9E:6F:64:2B:64:85:F2:5A:9B:23:31:89:75:73:DE:ED:26:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6DE91B35DA9AC709C34C2BD1A13A688E9A169AE888B92B4E4BBB86F25B77C458/0/F78F9E6F642B6485F25A9B2331897573DEED26F6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F78F9E6F642B6485F25A9B2331897573DEED26F6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6DE91B35DA9AC709C34C2BD1A13A688E9A169AE888B92B4E4BBB86F25B77C458/0/3136382e3230352e302e302f32322d3234203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.205.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:b8:81:2a:94:31:25:53:c7:97:31:7c:ef:b8:f4:f2:1d:27:
         aa:ee:82:df:f9:03:45:91:16:69:c1:50:14:0c:54:ab:6c:84:
         49:ec:ed:4d:fc:b4:90:94:71:4f:aa:f3:e3:7e:81:58:32:e1:
         69:49:7b:79:5c:62:13:61:f6:e3:a5:6d:41:61:8f:d4:44:82:
         b6:d1:c9:48:50:7b:5f:4c:bc:17:56:16:69:2e:ce:4b:26:e8:
         c0:13:f4:0c:82:bd:f7:ff:68:70:2d:69:40:64:89:ad:3d:d0:
         6b:af:9c:80:0e:61:d2:49:8d:06:a3:a2:7f:62:f0:3a:f0:f5:
         c8:74:1e:6a:ec:09:f9:de:7a:8c:d6:6e:30:75:7b:8e:a0:d0:
         a9:10:fc:b2:92:10:e5:1a:51:ae:e2:4e:b4:8a:2b:2d:2a:00:
         8a:89:8c:ad:46:1a:a6:34:ac:c6:42:cb:73:9b:98:8d:81:e6:
         af:0e:56:11:7d:59:5e:56:76:7d:2b:7b:d5:24:a7:9e:ac:34:
         bf:3e:b9:e1:75:ca:ac:24:51:53:7d:f9:c8:cd:82:37:24:27:
         88:5d:69:5e:74:4e:3c:ad:13:27:66:0c:5f:42:f1:ed:b3:01:
         94:b8:05:fc:f4:ec:28:53:d5:38:26:d4:a4:63:c4:c0:ec:e1:
         1a:38:b8:e6
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUfnwfLkNXqyclt0o5fo2B19zo0/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjc4RjlFNkY2NDJCNjQ4NUYyNUE5QjIzMzE4OTc1NzNE
RUVEMjZGNjAeFw0yNTAyMDQxODA5MTZaFw0yNjAyMDMxODE0MTZaMDMxMTAvBgNV
BAMTKEU1OTE1NzBCRjUxNkFFNkFDOEYwNEM0QzRDRkNDNkIwQkE5MzI4RTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSymAgQiQ4GfC0Bd/SGcW0HMsH
HFLW5cZkZXGDnMaoDnJCIEJMd17yLB8ajTNjQJPofCvGXvReJZ3tCO/pyLG2gttZ
T8OMq4rKRBE0cPb/cnKOlaThdDwPyYYjIZxjIX/erPt9PeqIAr/ZTo8Vo1u6MWI1
Jmfe8qqYOWztUGq3JSZ8/aK2CGfGpTZgVnndhZhRQey0S9gPFBAjXrhzpW9JjuDJ
c6s+WciVDEgdqPBOMOtFQgq0kx1xnzxQAU/P+POntl/yYEkaZFXC9wu2qHBVxYdK
4b1IdD70c/X6YZSzMc0PZVi6Z5Xm6eonarguG+otvlKLANiiBVw+qPAb9ueFAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU5ZFXC/UWrmrI8ExMTPzGsLqTKOYwHwYDVR0j
BBgwFoAU94+eb2QrZIXyWpsjMYl1c97tJvYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82REU5MUIzNURBOUFDNzA5QzM0QzJCRDFBMTNBNjg4RTlB
MTY5QUU4ODhCOTJCNEU0QkJCODZGMjVCNzdDNDU4LzAvRjc4RjlFNkY2NDJCNjQ4
NUYyNUE5QjIzMzE4OTc1NzNERUVEMjZGNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GNzhGOUU2RjY0MkI2NDg1RjI1
QTlCMjMzMTg5NzU3M0RFRUQyNkY2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNkRFOTFCMzVEQTlBQzcwOUMzNEMyQkQxQTEzQTY4OEU5QTE2OUFFODg4
QjkyQjRFNEJCQjg2RjI1Qjc3QzQ1OC8wLzMxMzYzODJlMzIzMDM1MmUzMDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKozQAwDQYJ
KoZIhvcNAQELBQADggEBAEW4gSqUMSVTx5cxfO+49PIdJ6rugt/5A0WRFmnBUBQM
VKtshEns7U38tJCUcU+q8+N+gVgy4WlJe3lcYhNh9uOlbUFhj9REgrbRyUhQe19M
vBdWFmkuzksm6MAT9AyCvff/aHAtaUBkia090GuvnIAOYdJJjQajon9i8Drw9ch0
HmrsCfneeozWbjB1e46g0KkQ/LKSEOUaUa7iTrSKKy0qAIqJjK1GGqY0rMZCy3Ob
mI2B5q8OVhF9WV5Wdn0re9Ukp56sNL8+ueF1yqwkUVN9+cjNgjckJ4hdaV50Tjyt
EydmDF9C8e2zAZS4Bfz07ChT1Tgm1KRjxMDs4Ro4uOY=
-----END CERTIFICATE-----