Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8D37B4E30A7975DEA3BA26AB388FAC5427AC353E5752B5A22679FF6CE2E84E75/0/3139312e39382e3139322e302f32342d3234203d3e20323633323138.roa
File:                     3139312e39382e3139322e302f32342d3234203d3e20323633323138.roa (raw, json)
Hash identifier:          qGf5S61l3reqOiOdyjYWk/BXJAVgPMw0GJcfbDi+h38=
Subject key identifier:   3F:56:25:C5:6C:C2:9B:55:9D:40:BC:11:BE:91:94:A5:D5:F2:F1:BE
Certificate issuer:       /CN=D6578B90795CFC3357FE4AF953B5F071689073D0
Certificate serial:       72CDE42903AEAB9F123D7DCE70CB0C5ABF381515
Authority key identifier: D6:57:8B:90:79:5C:FC:33:57:FE:4A:F9:53:B5:F0:71:68:90:73:D0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6578B90795CFC3357FE4AF953B5F071689073D0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8D37B4E30A7975DEA3BA26AB388FAC5427AC353E5752B5A22679FF6CE2E84E75/0/3139312e39382e3139322e302f32342d3234203d3e20323633323138.roa
Signing time:             Tue 04 Feb 2025 18:43:21 +0000
ROA not before:           Tue 04 Feb 2025 18:38:21 +0000
ROA not after:            Tue 03 Feb 2026 18:43:21 +0000
asID:                     263218
IP address blocks:        191.98.192.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:cd:e4:29:03:ae:ab:9f:12:3d:7d:ce:70:cb:0c:5a:bf:38:15:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6578B90795CFC3357FE4AF953B5F071689073D0
        Validity
            Not Before: Feb  4 18:38:21 2025 GMT
            Not After : Feb  3 18:43:21 2026 GMT
        Subject: CN=3F5625C56CC29B559D40BC11BE9194A5D5F2F1BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f2:a6:65:f3:cf:d9:9b:31:7b:c7:9a:c9:52:
                    b3:d7:f2:91:0b:e0:dd:3f:e6:6a:4e:23:e2:85:7f:
                    d7:c0:16:95:ca:b1:37:09:99:37:78:b0:8c:58:97:
                    c3:b6:e0:a6:b1:0e:1b:bd:8d:cb:d9:43:54:81:dc:
                    b1:60:a6:a6:2f:91:86:69:d6:97:e2:39:a6:50:d4:
                    7c:23:fb:c2:d2:37:36:b8:77:33:d4:6c:ff:aa:42:
                    0d:9d:dd:df:bf:40:f6:4a:aa:4f:99:83:ad:cd:24:
                    d5:47:ef:f6:98:74:bc:47:43:85:ea:3e:c7:77:00:
                    dd:4d:de:5b:64:cd:17:37:1c:05:96:cc:aa:36:ec:
                    cb:d0:12:26:84:a2:a9:d4:9b:aa:c5:06:80:ad:37:
                    e2:b6:39:e1:05:69:8d:95:94:79:85:db:fd:a3:c1:
                    f4:48:10:b8:63:27:39:19:0a:9f:1d:71:74:84:cb:
                    58:12:90:66:fe:be:84:a6:ed:19:15:32:e2:16:3f:
                    0e:cd:b1:e4:74:35:79:9d:95:8f:7d:e2:09:7d:e5:
                    c8:b0:a9:56:d8:b5:8a:35:b3:0a:8a:b7:92:ba:37:
                    8e:70:a0:48:4c:d9:d3:9d:a3:b7:14:64:bc:7c:83:
                    95:01:44:02:5e:77:2f:9e:95:38:8d:57:de:41:59:
                    30:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:56:25:C5:6C:C2:9B:55:9D:40:BC:11:BE:91:94:A5:D5:F2:F1:BE
            X509v3 Authority Key Identifier:
                keyid:D6:57:8B:90:79:5C:FC:33:57:FE:4A:F9:53:B5:F0:71:68:90:73:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8D37B4E30A7975DEA3BA26AB388FAC5427AC353E5752B5A22679FF6CE2E84E75/0/D6578B90795CFC3357FE4AF953B5F071689073D0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6578B90795CFC3357FE4AF953B5F071689073D0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8D37B4E30A7975DEA3BA26AB388FAC5427AC353E5752B5A22679FF6CE2E84E75/0/3139312e39382e3139322e302f32342d3234203d3e20323633323138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.98.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:51:ed:15:0d:07:d3:e6:ae:43:20:29:bc:ae:85:27:58:70:
         e9:51:41:b2:a3:cb:66:a2:08:e3:65:0b:ce:f4:ff:9e:69:8a:
         7a:97:99:27:a9:ec:81:88:34:38:ab:0c:a9:ca:47:fa:bd:25:
         f4:6d:94:75:10:4e:ec:01:ac:27:95:61:1d:d0:b0:03:c5:d5:
         b0:5d:23:e9:1f:d7:37:34:81:ad:aa:3b:1a:61:e4:49:fe:43:
         4a:36:17:ea:e3:ac:34:ac:07:15:90:fb:3c:72:c9:1c:ae:57:
         0f:0b:c9:df:72:c0:70:e5:35:b9:40:f9:84:93:32:e0:4e:64:
         1b:15:d9:fe:78:5a:36:ab:52:0f:e3:be:d5:88:43:d8:9e:1d:
         7c:cb:e9:80:f9:4d:ed:5c:8e:9f:97:81:10:fe:64:fd:db:05:
         51:b7:13:6a:0d:c5:97:a0:28:fc:69:45:7c:a1:de:1e:5e:bc:
         23:b9:15:6f:a2:3d:c6:05:4f:e3:b4:1a:f1:76:4d:60:f4:c2:
         df:24:db:27:9b:0e:da:3c:38:3f:ec:81:76:18:07:33:6a:ff:
         0e:ed:97:95:4b:8d:2f:3e:dd:83:db:52:db:10:d2:40:2d:82:
         6e:9e:90:0a:02:22:63:39:90:21:4b:1b:25:9c:68:f6:47:3e:
         a3:b4:17:0a
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUcs3kKQOuq58SPX3OcMsMWr84FRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDY1NzhCOTA3OTVDRkMzMzU3RkU0QUY5NTNCNUYwNzE2
ODkwNzNEMDAeFw0yNTAyMDQxODM4MjFaFw0yNjAyMDMxODQzMjFaMDMxMTAvBgNV
BAMTKDNGNTYyNUM1NkNDMjlCNTU5RDQwQkMxMUJFOTE5NEE1RDVGMkYxQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI8qZl88/ZmzF7x5rJUrPX8pEL
4N0/5mpOI+KFf9fAFpXKsTcJmTd4sIxYl8O24KaxDhu9jcvZQ1SB3LFgpqYvkYZp
1pfiOaZQ1Hwj+8LSNza4dzPUbP+qQg2d3d+/QPZKqk+Zg63NJNVH7/aYdLxHQ4Xq
Psd3AN1N3ltkzRc3HAWWzKo27MvQEiaEoqnUm6rFBoCtN+K2OeEFaY2VlHmF2/2j
wfRIELhjJzkZCp8dcXSEy1gSkGb+voSm7RkVMuIWPw7NseR0NXmdlY994gl95ciw
qVbYtYo1swqKt5K6N45woEhM2dOdo7cUZLx8g5UBRAJedy+elTiNV95BWTD7AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUP1YlxWzCm1WdQLwRvpGUpdXy8b4wHwYDVR0j
BBgwFoAU1leLkHlc/DNX/kr5U7XwcWiQc9AwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84RDM3QjRFMzBBNzk3NURFQTNCQTI2QUIzODhGQUM1NDI3
QUMzNTNFNTc1MkI1QTIyNjc5RkY2Q0UyRTg0RTc1LzAvRDY1NzhCOTA3OTVDRkMz
MzU3RkU0QUY5NTNCNUYwNzE2ODkwNzNEMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjU3OEI5MDc5NUNGQzMzNTdG
RTRBRjk1M0I1RjA3MTY4OTA3M0QwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEQzN0I0RTMwQTc5NzVERUEzQkEyNkFCMzg4RkFDNTQyN0FDMzUzRTU3
NTJCNUEyMjY3OUZGNkNFMkU4NEU3NS8wLzMxMzkzMTJlMzkzODJlMzEzOTMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMzMzIzMTM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2LA
MA0GCSqGSIb3DQEBCwUAA4IBAQC/Ue0VDQfT5q5DICm8roUnWHDpUUGyo8tmogjj
ZQvO9P+eaYp6l5knqeyBiDQ4qwypykf6vSX0bZR1EE7sAawnlWEd0LADxdWwXSPp
H9c3NIGtqjsaYeRJ/kNKNhfq46w0rAcVkPs8cskcrlcPC8nfcsBw5TW5QPmEkzLg
TmQbFdn+eFo2q1IP477ViEPYnh18y+mA+U3tXI6fl4EQ/mT92wVRtxNqDcWXoCj8
aUV8od4eXrwjuRVvoj3GBU/jtBrxdk1g9MLfJNsnmw7aPDg/7IF2GAczav8O7ZeV
S40vPt2D21LbENJALYJunpAKAiJjOZAhSxslnGj2Rz6jtBcK
-----END CERTIFICATE-----