Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/76429D3FC4898C43FD0C89E905ACAE83D553D45217106A8E0DB04088EE4FF11D/0/3133382e39392e3133362e302f32322d3234203d3e203631343937.roa
File:                     3133382e39392e3133362e302f32322d3234203d3e203631343937.roa (raw, json)
Hash identifier:          w6YQeVzBbdGX4ZtqxOWuTiF9w7pymQdvj42qCjcXegM=
Subject key identifier:   8A:E0:90:4C:40:BE:4C:CE:EF:90:17:7F:2E:32:80:16:D2:1B:C4:60
Certificate issuer:       /CN=CED1302EBC484C7C69E637E45AEF6775D5E618A9
Certificate serial:       7B82E0B08F0B9EAF018CA9C69A0715B4EAC1ECC9
Authority key identifier: CE:D1:30:2E:BC:48:4C:7C:69:E6:37:E4:5A:EF:67:75:D5:E6:18:A9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CED1302EBC484C7C69E637E45AEF6775D5E618A9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/76429D3FC4898C43FD0C89E905ACAE83D553D45217106A8E0DB04088EE4FF11D/0/3133382e39392e3133362e302f32322d3234203d3e203631343937.roa
Signing time:             Tue 04 Feb 2025 20:05:26 +0000
ROA not before:           Tue 04 Feb 2025 20:00:26 +0000
ROA not after:            Tue 03 Feb 2026 20:05:26 +0000
asID:                     61497
IP address blocks:        138.99.136.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:82:e0:b0:8f:0b:9e:af:01:8c:a9:c6:9a:07:15:b4:ea:c1:ec:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CED1302EBC484C7C69E637E45AEF6775D5E618A9
        Validity
            Not Before: Feb  4 20:00:26 2025 GMT
            Not After : Feb  3 20:05:26 2026 GMT
        Subject: CN=8AE0904C40BE4CCEEF90177F2E328016D21BC460
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:44:53:79:9c:d6:03:fa:24:8a:9b:09:18:02:
                    31:27:5d:1b:5e:7c:64:e7:c1:57:cb:98:b9:e4:cd:
                    71:5e:00:08:4e:f8:76:89:29:c9:28:36:c2:68:f5:
                    e5:7f:ba:ea:e8:b4:c8:db:f5:09:53:bf:6f:37:23:
                    01:53:40:74:99:ce:95:2d:8a:c0:a2:3f:21:ab:39:
                    70:64:ef:74:83:e6:26:50:09:63:f2:0c:0e:d0:04:
                    84:6e:ca:ad:39:95:a9:74:ad:df:86:07:41:a3:d0:
                    66:51:8c:2c:92:d0:2b:dc:4a:c9:8d:07:8e:2a:00:
                    38:d8:0a:9f:6e:9a:8f:bf:74:ac:3e:ca:eb:53:a6:
                    4b:24:4b:3a:38:9f:9b:50:98:ba:bc:1d:d5:e7:af:
                    f9:3e:e2:99:92:a2:92:6c:f1:eb:b2:7b:e3:55:3b:
                    69:bb:25:2d:e3:02:05:cc:92:0e:02:2b:05:d5:f8:
                    58:bf:e6:cb:ae:84:b0:7b:b1:41:c2:31:ad:e9:17:
                    a1:98:92:91:5a:80:f8:21:34:6e:19:29:6d:e2:80:
                    c9:7d:bf:97:42:3d:af:21:f1:55:6f:2c:63:b7:d2:
                    ec:3d:ad:6a:8f:d8:40:87:91:0a:3c:f7:4c:60:91:
                    64:59:17:58:d5:dc:d2:8f:b0:bb:92:31:3a:6a:d0:
                    9f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:E0:90:4C:40:BE:4C:CE:EF:90:17:7F:2E:32:80:16:D2:1B:C4:60
            X509v3 Authority Key Identifier:
                keyid:CE:D1:30:2E:BC:48:4C:7C:69:E6:37:E4:5A:EF:67:75:D5:E6:18:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/76429D3FC4898C43FD0C89E905ACAE83D553D45217106A8E0DB04088EE4FF11D/0/CED1302EBC484C7C69E637E45AEF6775D5E618A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CED1302EBC484C7C69E637E45AEF6775D5E618A9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/76429D3FC4898C43FD0C89E905ACAE83D553D45217106A8E0DB04088EE4FF11D/0/3133382e39392e3133362e302f32322d3234203d3e203631343937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.99.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6e:30:0c:5f:05:f5:03:ed:80:06:99:23:d7:4b:79:6d:6d:a2:
         e9:54:04:f2:d5:25:3b:fd:fc:2a:51:be:a4:82:c6:31:5a:ab:
         35:99:fb:13:c6:c2:16:ae:c5:84:41:0a:81:8b:b1:4d:64:07:
         b3:a9:c1:a3:a2:98:9b:5a:c6:88:0e:eb:eb:61:93:21:8f:df:
         4e:20:48:0d:da:cb:ef:a6:07:ed:dc:a5:20:ec:39:a9:fa:42:
         d5:8e:2b:91:2a:34:88:8f:f8:eb:e3:bc:69:88:20:8d:b5:59:
         25:45:ab:8a:3e:97:f5:8f:42:60:a3:60:ac:54:3c:77:a4:9a:
         0d:ab:41:6b:f8:6b:b2:d0:12:ea:38:5d:b7:cb:91:10:e3:32:
         e4:29:33:fd:35:a3:b2:68:0b:56:c0:0b:5a:f3:65:45:70:27:
         43:64:89:56:75:18:30:e3:ed:04:43:c7:a4:1e:21:8e:04:17:
         c1:ce:de:12:9d:42:7c:01:df:5f:2a:c0:c7:62:10:4e:ff:f7:
         41:26:08:63:d8:88:b1:02:eb:4a:9b:74:8e:db:f0:6f:78:99:
         d7:83:9e:c7:72:9a:bb:4c:b3:67:c4:c7:74:e0:eb:1c:54:92:
         2c:d6:82:f9:5a:28:aa:a9:a2:ee:81:d9:27:18:af:36:53:c3:
         70:ee:07:7e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUe4LgsI8Lnq8BjKnGmgcVtOrB7MkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0VEMTMwMkVCQzQ4NEM3QzY5RTYzN0U0NUFFRjY3NzVE
NUU2MThBOTAeFw0yNTAyMDQyMDAwMjZaFw0yNjAyMDMyMDA1MjZaMDMxMTAvBgNV
BAMTKDhBRTA5MDRDNDBCRTRDQ0VFRjkwMTc3RjJFMzI4MDE2RDIxQkM0NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvRFN5nNYD+iSKmwkYAjEnXRte
fGTnwVfLmLnkzXFeAAhO+HaJKckoNsJo9eV/uurotMjb9QlTv283IwFTQHSZzpUt
isCiPyGrOXBk73SD5iZQCWPyDA7QBIRuyq05lal0rd+GB0Gj0GZRjCyS0CvcSsmN
B44qADjYCp9umo+/dKw+yutTpkskSzo4n5tQmLq8HdXnr/k+4pmSopJs8euye+NV
O2m7JS3jAgXMkg4CKwXV+Fi/5suuhLB7sUHCMa3pF6GYkpFagPghNG4ZKW3igMl9
v5dCPa8h8VVvLGO30uw9rWqP2ECHkQo890xgkWRZF1jV3NKPsLuSMTpq0J+TAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUiuCQTEC+TM7vkBd/LjKAFtIbxGAwHwYDVR0j
BBgwFoAUztEwLrxITHxp5jfkWu9nddXmGKkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83NjQyOUQzRkM0ODk4QzQzRkQwQzg5RTkwNUFDQUU4M0Q1
NTNENDUyMTcxMDZBOEUwREIwNDA4OEVFNEZGMTFELzAvQ0VEMTMwMkVCQzQ4NEM3
QzY5RTYzN0U0NUFFRjY3NzVENUU2MThBOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DRUQxMzAyRUJDNDg0QzdDNjlF
NjM3RTQ1QUVGNjc3NUQ1RTYxOEE5LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzY0MjlEM0ZDNDg5OEM0M0ZEMEM4OUU5MDVBQ0FFODNENTUzRDQ1MjE3
MTA2QThFMERCMDQwODhFRTRGRjExRC8wLzMxMzMzODJlMzkzOTJlMzEzMzM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzYzMTM0MzkzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAopjiDAN
BgkqhkiG9w0BAQsFAAOCAQEAbjAMXwX1A+2ABpkj10t5bW2i6VQE8tUlO/38KlG+
pILGMVqrNZn7E8bCFq7FhEEKgYuxTWQHs6nBo6KYm1rGiA7r62GTIY/fTiBIDdrL
76YH7dylIOw5qfpC1Y4rkSo0iI/46+O8aYggjbVZJUWrij6X9Y9CYKNgrFQ8d6Sa
DatBa/hrstAS6jhdt8uREOMy5Ckz/TWjsmgLVsALWvNlRXAnQ2SJVnUYMOPtBEPH
pB4hjgQXwc7eEp1CfAHfXyrAx2IQTv/3QSYIY9iIsQLrSpt0jtvwb3iZ14Oex3Ka
u0yzZ8THdODrHFSSLNaC+Vooqqmi7oHZJxivNlPDcO4Hfg==
-----END CERTIFICATE-----