Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8AE318C22FAD245D5C58F79678E8663BF57322F025ED851A60AA09628C5B0D9E/0/3139302e3138312e3135332e302f32342d3234203d3e203532323432.roa
File:                     3139302e3138312e3135332e302f32342d3234203d3e203532323432.roa (raw, json)
Hash identifier:          01hPtJ6lE9pfH5MQ9rrHsdINYp6COhsrfQMMrFhdQvs=
Subject key identifier:   21:E1:8D:EE:FE:FE:6D:E1:63:0F:09:EC:0F:07:33:92:B2:55:08:34
Certificate issuer:       /CN=16B8B4852A1C8845ADB2F8E8F7CD40D7AD13A581
Certificate serial:       6748B3FF0F17A91D11ADDDAA825EAA013AB05585
Authority key identifier: 16:B8:B4:85:2A:1C:88:45:AD:B2:F8:E8:F7:CD:40:D7:AD:13:A5:81
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/16B8B4852A1C8845ADB2F8E8F7CD40D7AD13A581.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8AE318C22FAD245D5C58F79678E8663BF57322F025ED851A60AA09628C5B0D9E/0/3139302e3138312e3135332e302f32342d3234203d3e203532323432.roa
Signing time:             Tue 04 Feb 2025 18:02:09 +0000
ROA not before:           Tue 04 Feb 2025 17:57:09 +0000
ROA not after:            Tue 03 Feb 2026 18:02:09 +0000
asID:                     52242
IP address blocks:        190.181.153.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:48:b3:ff:0f:17:a9:1d:11:ad:dd:aa:82:5e:aa:01:3a:b0:55:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16B8B4852A1C8845ADB2F8E8F7CD40D7AD13A581
        Validity
            Not Before: Feb  4 17:57:09 2025 GMT
            Not After : Feb  3 18:02:09 2026 GMT
        Subject: CN=21E18DEEFEFE6DE1630F09EC0F073392B2550834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:1e:c2:e8:0c:ad:de:6f:d6:cb:a0:39:f4:95:
                    b7:4d:67:43:2c:73:c5:7a:d5:c7:d8:8b:9e:82:99:
                    87:b9:54:b3:1d:7e:cf:00:db:ce:b6:c3:df:9a:64:
                    ee:d0:a9:5f:94:15:47:2a:91:8e:61:ba:d6:7f:6b:
                    14:b9:f7:d5:27:7b:d8:7d:b1:10:82:44:4c:ad:1c:
                    de:79:bd:8b:ca:0a:75:ae:d1:65:9c:a9:15:d0:97:
                    28:cb:23:9e:99:63:5e:f6:92:a2:87:00:8d:c3:bf:
                    c0:dc:3f:b2:09:48:f3:a0:67:e1:4b:cc:75:dc:19:
                    2e:d1:6f:cd:aa:5e:70:ef:65:49:bf:86:77:71:b9:
                    bb:6f:4d:c1:94:ec:4e:b4:92:28:4f:b4:e1:48:c0:
                    d6:58:b0:0b:a4:d8:03:4f:83:16:df:3e:d6:b5:89:
                    d1:56:9f:48:2d:18:67:8a:49:bd:52:7a:f0:35:3f:
                    5d:ab:44:d5:c1:65:ed:4a:cf:b0:29:6e:d0:5f:48:
                    b0:d3:1e:84:b9:f1:ae:54:c2:14:72:9f:0e:42:86:
                    bd:6f:f4:d0:89:a9:aa:5f:58:ef:21:96:56:4c:d9:
                    25:6a:d2:72:9a:e1:c1:17:e8:7d:7f:14:93:35:a6:
                    c5:6a:40:54:82:48:09:7c:9c:2a:11:e8:77:b7:01:
                    cd:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:E1:8D:EE:FE:FE:6D:E1:63:0F:09:EC:0F:07:33:92:B2:55:08:34
            X509v3 Authority Key Identifier:
                keyid:16:B8:B4:85:2A:1C:88:45:AD:B2:F8:E8:F7:CD:40:D7:AD:13:A5:81

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8AE318C22FAD245D5C58F79678E8663BF57322F025ED851A60AA09628C5B0D9E/0/16B8B4852A1C8845ADB2F8E8F7CD40D7AD13A581.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/16B8B4852A1C8845ADB2F8E8F7CD40D7AD13A581.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8AE318C22FAD245D5C58F79678E8663BF57322F025ED851A60AA09628C5B0D9E/0/3139302e3138312e3135332e302f32342d3234203d3e203532323432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.181.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:90:08:81:bf:cf:f7:24:da:69:3c:ad:fd:55:87:d3:39:8f:
         05:ed:cd:78:d7:9d:7b:25:c4:36:d0:39:f8:c3:ea:cc:61:ac:
         35:7f:d4:6c:a2:63:ec:40:b1:8e:68:e5:9b:27:b0:11:d5:0f:
         6d:96:43:52:5e:29:c1:58:37:97:bb:bb:21:ac:4b:b8:46:5c:
         c4:89:6a:c0:0d:85:6e:5e:83:08:99:25:5a:e2:96:85:9b:24:
         67:88:69:17:5a:3c:dc:ff:64:0d:fb:1b:50:12:2f:45:10:0b:
         b5:b2:87:18:e0:9d:71:48:ff:7c:29:b3:c9:04:b9:b8:2f:67:
         a4:7d:dc:df:b6:21:8f:b0:eb:7a:f9:ad:ee:29:83:4f:cb:e0:
         35:33:c5:62:ba:3e:d7:f8:a2:d0:8a:5b:77:77:a6:dc:7f:99:
         07:31:09:62:37:f4:e8:70:f5:90:25:c0:4a:e8:26:4b:e5:79:
         8d:8c:6b:91:a9:a9:c0:fd:e2:0a:51:2d:2d:2e:98:52:4c:01:
         41:fc:3f:72:94:6b:9c:f0:7b:d3:2a:28:94:a2:0f:74:d7:aa:
         58:a3:79:bc:ba:20:8b:97:c6:dd:08:0f:ef:62:03:e4:8d:80:
         92:af:68:1c:1d:7b:44:29:ab:0d:0b:0f:18:04:3a:60:ac:c4:
         64:8d:4a:cc
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUZ0iz/w8XqR0Rrd2qgl6qATqwVYUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTZCOEI0ODUyQTFDODg0NUFEQjJGOEU4RjdDRDQwRDdB
RDEzQTU4MTAeFw0yNTAyMDQxNzU3MDlaFw0yNjAyMDMxODAyMDlaMDMxMTAvBgNV
BAMTKDIxRTE4REVFRkVGRTZERTE2MzBGMDlFQzBGMDczMzkyQjI1NTA4MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHsLoDK3eb9bLoDn0lbdNZ0Ms
c8V61cfYi56CmYe5VLMdfs8A2862w9+aZO7QqV+UFUcqkY5hutZ/axS599Une9h9
sRCCREytHN55vYvKCnWu0WWcqRXQlyjLI56ZY172kqKHAI3Dv8DcP7IJSPOgZ+FL
zHXcGS7Rb82qXnDvZUm/hndxubtvTcGU7E60kihPtOFIwNZYsAuk2ANPgxbfPta1
idFWn0gtGGeKSb1SevA1P12rRNXBZe1Kz7ApbtBfSLDTHoS58a5UwhRynw5Chr1v
9NCJqapfWO8hllZM2SVq0nKa4cEX6H1/FJM1psVqQFSCSAl8nCoR6He3Ac3HAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUIeGN7v7+beFjDwnsDwczkrJVCDQwHwYDVR0j
BBgwFoAUFri0hSociEWtsvjo981A160TpYEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84QUUzMThDMjJGQUQyNDVENUM1OEY3OTY3OEU4NjYzQkY1
NzMyMkYwMjVFRDg1MUE2MEFBMDk2MjhDNUIwRDlFLzAvMTZCOEI0ODUyQTFDODg0
NUFEQjJGOEU4RjdDRDQwRDdBRDEzQTU4MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNkI4QjQ4NTJBMUM4ODQ1QURC
MkY4RThGN0NENDBEN0FEMTNBNTgxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEFFMzE4QzIyRkFEMjQ1RDVDNThGNzk2NzhFODY2M0JGNTczMjJGMDI1
RUQ4NTFBNjBBQTA5NjI4QzVCMEQ5RS8wLzMxMzkzMDJlMzEzODMxMmUzMTM1MzMy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzIzNDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvrWZ
MA0GCSqGSIb3DQEBCwUAA4IBAQBgkAiBv8/3JNppPK39VYfTOY8F7c141517JcQ2
0Dn4w+rMYaw1f9RsomPsQLGOaOWbJ7AR1Q9tlkNSXinBWDeXu7shrEu4RlzEiWrA
DYVuXoMImSVa4paFmyRniGkXWjzc/2QN+xtQEi9FEAu1socY4J1xSP98KbPJBLm4
L2ekfdzftiGPsOt6+a3uKYNPy+A1M8Viuj7X+KLQilt3d6bcf5kHMQliN/TocPWQ
JcBK6CZL5XmNjGuRqanA/eIKUS0tLphSTAFB/D9ylGuc8HvTKiiUog9016pYo3m8
uiCLl8bdCA/vYgPkjYCSr2gcHXtEKasNCw8YBDpgrMRkjUrM
-----END CERTIFICATE-----