Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/3139302e3135312e3135322e302f32342d3234203d3e203532333339.roa
File:                     3139302e3135312e3135322e302f32342d3234203d3e203532333339.roa (raw, json)
Hash identifier:          6fskfSD98HqWrDlfcQ/dAxsKHhKuJJr+hTdpuaAs71E=
Subject key identifier:   43:52:8E:F5:A6:3C:4B:7E:8C:AE:B0:8D:5D:9D:17:D7:B2:33:64:DA
Certificate issuer:       /CN=59B4B5EBC1950B7FD52B09794CC53692ABB7F230
Certificate serial:       39032AE2395A462963D7505939D347C06EF7A075
Authority key identifier: 59:B4:B5:EB:C1:95:0B:7F:D5:2B:09:79:4C:C5:36:92:AB:B7:F2:30
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/59B4B5EBC1950B7FD52B09794CC53692ABB7F230.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/3139302e3135312e3135322e302f32342d3234203d3e203532333339.roa
Signing time:             Mon 08 Jul 2024 19:55:00 +0000
ROA not before:           Mon 08 Jul 2024 19:50:00 +0000
ROA not after:            Mon 07 Jul 2025 19:55:00 +0000
asID:                     52339
IP address blocks:        190.151.152.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:03:2a:e2:39:5a:46:29:63:d7:50:59:39:d3:47:c0:6e:f7:a0:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=59B4B5EBC1950B7FD52B09794CC53692ABB7F230
        Validity
            Not Before: Jul  8 19:50:00 2024 GMT
            Not After : Jul  7 19:55:00 2025 GMT
        Subject: CN=43528EF5A63C4B7E8CAEB08D5D9D17D7B23364DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a6:f2:9f:13:fb:b5:1f:57:27:f1:ef:d6:97:
                    c8:7c:05:db:81:13:84:89:d4:52:7e:37:fc:61:98:
                    4b:f6:c2:c4:71:df:23:cc:0b:91:81:8b:20:6d:d7:
                    17:09:22:8c:ca:12:2a:03:21:d6:a9:c9:7f:d8:86:
                    ae:59:7f:92:e9:c4:2a:cc:d2:53:a6:62:85:3c:33:
                    b1:66:35:b8:69:4e:e0:7a:4f:c8:85:11:66:66:76:
                    71:bb:09:40:86:99:4c:f8:9e:56:10:ed:65:3f:eb:
                    a6:ab:a4:b8:54:64:ec:7c:04:9b:d5:7b:fe:47:6b:
                    b3:44:30:b2:a7:8a:59:08:75:1e:88:d3:ef:a5:68:
                    e3:cf:c1:b8:73:f6:de:27:de:cb:a0:e6:49:a8:8a:
                    a8:77:a9:95:18:b4:ad:f2:95:9b:4e:e1:74:3d:ac:
                    ee:7e:54:19:74:24:bd:77:ae:81:ae:1a:2f:44:7c:
                    df:ee:e6:ce:40:0a:0b:ca:b1:01:70:bb:fb:e2:49:
                    47:23:4d:12:dd:61:4c:16:1a:2e:5b:4a:8a:c7:e6:
                    9b:16:67:b2:ad:04:ef:2e:02:04:2e:bb:53:c0:d2:
                    b6:c1:45:86:9f:be:8f:36:93:91:49:75:e7:32:f9:
                    11:36:b8:79:a8:2e:25:5a:d6:e7:9f:7e:b0:c5:4e:
                    0e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:52:8E:F5:A6:3C:4B:7E:8C:AE:B0:8D:5D:9D:17:D7:B2:33:64:DA
            X509v3 Authority Key Identifier:
                keyid:59:B4:B5:EB:C1:95:0B:7F:D5:2B:09:79:4C:C5:36:92:AB:B7:F2:30

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/59B4B5EBC1950B7FD52B09794CC53692ABB7F230.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/59B4B5EBC1950B7FD52B09794CC53692ABB7F230.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/828DED2581B8EA4737C44ABDE8284F735073DE3038C2D8F8C618511FCCACE522/0/3139302e3135312e3135322e302f32342d3234203d3e203532333339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.151.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:09:7d:2d:82:86:26:3e:d6:d1:2a:bf:e3:5e:43:55:74:5f:
         b7:ab:1f:21:71:0c:d6:f5:e5:03:28:3a:da:28:da:4e:00:f8:
         09:c8:7b:77:4c:6e:d5:f1:a8:55:3a:3e:52:92:c5:65:26:d5:
         c4:01:09:58:b6:db:5f:7e:7c:8f:9f:97:7a:36:e6:2d:b9:d8:
         5d:70:5a:4c:64:64:8d:9b:23:82:30:a8:97:cb:cf:cb:19:1a:
         90:af:7c:ef:b9:70:4d:92:b5:5c:a1:04:50:b0:12:70:6c:69:
         57:1d:b8:2e:d1:5e:5c:e6:b0:db:94:26:1e:28:45:8a:80:15:
         c0:b6:54:7a:f0:a0:6d:6e:d4:d6:b8:46:33:f8:d8:18:eb:98:
         4a:9d:33:7d:c8:04:64:4f:b3:27:10:e4:1f:74:07:36:06:72:
         ca:7e:3a:77:74:eb:bb:35:0f:ee:ca:2b:40:a6:85:1d:d5:7b:
         5f:6d:24:71:3d:8d:13:7f:e3:ab:40:a8:e1:b8:76:53:f3:33:
         d6:a0:9a:7d:03:bc:1c:59:24:55:45:cb:3c:dd:1b:e6:b5:5b:
         2d:f8:72:1a:2f:a9:4e:d9:36:b1:1c:12:e6:74:be:21:85:fd:
         0a:fe:50:ea:94:49:be:6b:eb:82:c2:26:a1:58:d4:3c:db:44:
         69:e6:97:a9
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUOQMq4jlaRilj11BZOdNHwG73oHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTlCNEI1RUJDMTk1MEI3RkQ1MkIwOTc5NENDNTM2OTJB
QkI3RjIzMDAeFw0yNDA3MDgxOTUwMDBaFw0yNTA3MDcxOTU1MDBaMDMxMTAvBgNV
BAMTKDQzNTI4RUY1QTYzQzRCN0U4Q0FFQjA4RDVEOUQxN0Q3QjIzMzY0REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfpvKfE/u1H1cn8e/Wl8h8BduB
E4SJ1FJ+N/xhmEv2wsRx3yPMC5GBiyBt1xcJIozKEioDIdapyX/Yhq5Zf5LpxCrM
0lOmYoU8M7FmNbhpTuB6T8iFEWZmdnG7CUCGmUz4nlYQ7WU/66arpLhUZOx8BJvV
e/5Ha7NEMLKnilkIdR6I0++laOPPwbhz9t4n3sug5kmoiqh3qZUYtK3ylZtO4XQ9
rO5+VBl0JL13roGuGi9EfN/u5s5ACgvKsQFwu/viSUcjTRLdYUwWGi5bSorH5psW
Z7KtBO8uAgQuu1PA0rbBRYafvo82k5FJdecy+RE2uHmoLiVa1ueffrDFTg4PAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUQ1KO9aY8S36MrrCNXZ0X17IzZNowHwYDVR0j
BBgwFoAUWbS168GVC3/VKwl5TMU2kqu38jAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84MjhERUQyNTgxQjhFQTQ3MzdDNDRBQkRFODI4NEY3MzUw
NzNERTMwMzhDMkQ4RjhDNjE4NTExRkNDQUNFNTIyLzAvNTlCNEI1RUJDMTk1MEI3
RkQ1MkIwOTc5NENDNTM2OTJBQkI3RjIzMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81OUI0QjVFQkMxOTUwQjdGRDUy
QjA5Nzk0Q0M1MzY5MkFCQjdGMjMwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODI4REVEMjU4MUI4RUE0NzM3QzQ0QUJERTgyODRGNzM1MDczREUzMDM4
QzJEOEY4QzYxODUxMUZDQ0FDRTUyMi8wLzMxMzkzMDJlMzEzNTMxMmUzMTM1MzIy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzMzMzM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvpeY
MA0GCSqGSIb3DQEBCwUAA4IBAQBICX0tgoYmPtbRKr/jXkNVdF+3qx8hcQzW9eUD
KDraKNpOAPgJyHt3TG7V8ahVOj5SksVlJtXEAQlYtttffnyPn5d6NuYtudhdcFpM
ZGSNmyOCMKiXy8/LGRqQr3zvuXBNkrVcoQRQsBJwbGlXHbgu0V5c5rDblCYeKEWK
gBXAtlR68KBtbtTWuEYz+NgY65hKnTN9yARkT7MnEOQfdAc2BnLKfjp3dOu7NQ/u
yitApoUd1XtfbSRxPY0Tf+OrQKjhuHZT8zPWoJp9A7wcWSRVRcs83RvmtVst+HIa
L6lO2TaxHBLmdL4hhf0K/lDqlEm+a+uCwiahWNQ820Rp5pep
-----END CERTIFICATE-----