Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/757D6598483B0D1E52E22DFE67B37F03EAE18A33AECC6EC1BC364861B1B214CB/0/3139302e3130362e3232302e302f32322d3234203d3e203532333632.roa
File:                     3139302e3130362e3232302e302f32322d3234203d3e203532333632.roa (raw, json)
Hash identifier:          Nsfub7eDJPas5c02ZVxMBL92IqScRmIRdFYzIt5eowM=
Subject key identifier:   5E:CC:FE:2C:BA:AF:47:FF:16:B6:B7:27:50:29:5A:C2:AC:A4:CD:46
Certificate issuer:       /CN=8E1499D12067F2BEA1287B63425EA3B70FCAFFC1
Certificate serial:       0572FC3E73CC49066D726582F708D03B02CFBCC4
Authority key identifier: 8E:14:99:D1:20:67:F2:BE:A1:28:7B:63:42:5E:A3:B7:0F:CA:FF:C1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8E1499D12067F2BEA1287B63425EA3B70FCAFFC1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/757D6598483B0D1E52E22DFE67B37F03EAE18A33AECC6EC1BC364861B1B214CB/0/3139302e3130362e3232302e302f32322d3234203d3e203532333632.roa
Signing time:             Tue 04 Feb 2025 18:25:43 +0000
ROA not before:           Tue 04 Feb 2025 18:20:43 +0000
ROA not after:            Tue 03 Feb 2026 18:25:43 +0000
asID:                     52362
IP address blocks:        190.106.220.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:72:fc:3e:73:cc:49:06:6d:72:65:82:f7:08:d0:3b:02:cf:bc:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8E1499D12067F2BEA1287B63425EA3B70FCAFFC1
        Validity
            Not Before: Feb  4 18:20:43 2025 GMT
            Not After : Feb  3 18:25:43 2026 GMT
        Subject: CN=5ECCFE2CBAAF47FF16B6B72750295AC2ACA4CD46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:1e:d8:ee:f8:59:80:22:88:12:de:6f:b1:f7:
                    75:b6:b5:a9:6a:2b:bf:89:57:65:d4:34:2a:d4:c7:
                    ef:7d:34:84:74:a8:86:30:ad:e9:af:13:54:e3:91:
                    11:28:96:18:71:b3:b4:b4:0a:ee:4d:99:c6:b9:41:
                    41:28:5d:3c:f5:98:12:d0:ae:e5:43:9f:df:8e:32:
                    96:c0:2b:e2:9e:26:e5:37:1c:d1:c3:c3:4c:c1:13:
                    6b:b1:ec:c5:a2:4e:4d:bb:e6:5f:1e:ea:50:63:22:
                    9a:d9:9a:4b:ef:2e:4f:54:d6:c0:be:3f:44:75:ee:
                    8a:24:09:fc:ab:0e:ce:e6:30:7d:c4:81:3c:4d:da:
                    82:92:9f:d3:7f:3a:42:87:e9:2a:d8:80:c1:1a:98:
                    18:18:13:94:4a:44:ab:fe:24:d7:98:c8:a9:de:e2:
                    72:c4:e6:77:6d:33:dd:58:07:07:0a:b5:47:ac:56:
                    11:ab:38:61:28:80:e9:19:79:0a:71:89:32:b3:35:
                    9e:73:fe:b3:4e:14:b4:21:82:a8:20:f7:41:35:02:
                    45:e4:b0:52:83:e4:76:a8:fc:40:d9:a6:88:55:73:
                    55:56:a2:0f:3c:cb:0b:28:80:62:a7:c4:ba:a6:d3:
                    c3:7a:89:3d:8a:5c:1b:9a:9c:29:af:d8:0a:53:a2:
                    da:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:CC:FE:2C:BA:AF:47:FF:16:B6:B7:27:50:29:5A:C2:AC:A4:CD:46
            X509v3 Authority Key Identifier:
                keyid:8E:14:99:D1:20:67:F2:BE:A1:28:7B:63:42:5E:A3:B7:0F:CA:FF:C1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/757D6598483B0D1E52E22DFE67B37F03EAE18A33AECC6EC1BC364861B1B214CB/0/8E1499D12067F2BEA1287B63425EA3B70FCAFFC1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8E1499D12067F2BEA1287B63425EA3B70FCAFFC1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/757D6598483B0D1E52E22DFE67B37F03EAE18A33AECC6EC1BC364861B1B214CB/0/3139302e3130362e3232302e302f32322d3234203d3e203532333632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.106.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:7a:d3:90:b9:6b:06:fb:72:31:ec:aa:cd:eb:6d:6e:e8:3b:
         49:07:ee:fa:ec:ea:69:87:dd:34:cf:a7:1d:95:08:6b:ea:eb:
         cd:47:fb:5a:04:76:1b:fa:e6:5a:e7:48:fb:f0:ef:37:1e:a4:
         2e:02:4d:2f:d4:6f:53:bf:3b:d9:61:33:ef:01:37:c9:0b:2f:
         cc:a8:11:4e:1a:8a:39:53:0d:1a:dd:97:50:66:0c:6f:06:1f:
         8f:6c:61:13:5d:72:28:cd:85:38:88:27:6e:3f:ce:25:16:0d:
         9c:a4:81:d2:b2:b6:e2:c8:32:72:82:55:b4:18:0e:bb:29:32:
         73:4c:7d:21:5e:37:07:f3:11:aa:34:96:d9:54:80:2a:32:4f:
         19:8f:c1:d3:e0:22:47:11:02:fa:69:99:52:a2:9f:86:37:23:
         07:a6:4a:7a:73:ab:bd:36:83:50:d3:48:ec:70:87:aa:e7:a4:
         ab:ac:e4:c0:c3:28:16:57:73:25:59:ea:bd:f3:19:c8:e0:ad:
         cd:a6:3c:de:a6:41:8c:3d:98:f5:7a:bf:e0:be:27:f9:8b:40:
         83:74:15:e7:14:df:24:de:14:63:e3:2c:4a:63:ee:6b:8a:f2:
         85:22:69:c6:d8:51:7d:91:3d:47:46:30:57:7e:b1:b0:a3:e1:
         7b:fe:18:85
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUBXL8PnPMSQZtcmWC9wjQOwLPvMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEUxNDk5RDEyMDY3RjJCRUExMjg3QjYzNDI1RUEzQjcw
RkNBRkZDMTAeFw0yNTAyMDQxODIwNDNaFw0yNjAyMDMxODI1NDNaMDMxMTAvBgNV
BAMTKDVFQ0NGRTJDQkFBRjQ3RkYxNkI2QjcyNzUwMjk1QUMyQUNBNENENDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIHtju+FmAIogS3m+x93W2talq
K7+JV2XUNCrUx+99NIR0qIYwremvE1TjkREolhhxs7S0Cu5Nmca5QUEoXTz1mBLQ
ruVDn9+OMpbAK+KeJuU3HNHDw0zBE2ux7MWiTk275l8e6lBjIprZmkvvLk9U1sC+
P0R17ookCfyrDs7mMH3EgTxN2oKSn9N/OkKH6SrYgMEamBgYE5RKRKv+JNeYyKne
4nLE5ndtM91YBwcKtUesVhGrOGEogOkZeQpxiTKzNZ5z/rNOFLQhgqgg90E1AkXk
sFKD5Hao/EDZpohVc1VWog88ywsogGKnxLqm08N6iT2KXBuanCmv2ApTotqBAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUXsz+LLqvR/8WtrcnUClawqykzUYwHwYDVR0j
BBgwFoAUjhSZ0SBn8r6hKHtjQl6jtw/K/8EwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83NTdENjU5ODQ4M0IwRDFFNTJFMjJERkU2N0IzN0YwM0VB
RTE4QTMzQUVDQzZFQzFCQzM2NDg2MUIxQjIxNENCLzAvOEUxNDk5RDEyMDY3RjJC
RUExMjg3QjYzNDI1RUEzQjcwRkNBRkZDMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RTE0OTlEMTIwNjdGMkJFQTEy
ODdCNjM0MjVFQTNCNzBGQ0FGRkMxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzU3RDY1OTg0ODNCMEQxRTUyRTIyREZFNjdCMzdGMDNFQUUxOEEzM0FF
Q0M2RUMxQkMzNjQ4NjFCMUIyMTRDQi8wLzMxMzkzMDJlMzEzMDM2MmUzMjMyMzAy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNTMyMzMzNjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvmrc
MA0GCSqGSIb3DQEBCwUAA4IBAQCIetOQuWsG+3Ix7KrN621u6DtJB+767Opph900
z6cdlQhr6uvNR/taBHYb+uZa50j78O83HqQuAk0v1G9TvzvZYTPvATfJCy/MqBFO
Goo5Uw0a3ZdQZgxvBh+PbGETXXIozYU4iCduP84lFg2cpIHSsrbiyDJyglW0GA67
KTJzTH0hXjcH8xGqNJbZVIAqMk8Zj8HT4CJHEQL6aZlSop+GNyMHpkp6c6u9NoNQ
00jscIeq56SrrOTAwygWV3MlWeq98xnI4K3NpjzepkGMPZj1er/gvif5i0CDdBXn
FN8k3hRj4yxKY+5rivKFImnG2FF9kT1HRjBXfrGwo+F7/hiF
-----END CERTIFICATE-----