Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9AB340B0872A073FB39EAC32A11DD049ADA33A26A7D12BE470A245100509C2A2/0/3133312e3136312e35322e302f32322d3234203d3e20323633363836.roa
File:                     3133312e3136312e35322e302f32322d3234203d3e20323633363836.roa (raw, json)
Hash identifier:          2Z1OMOHBgTgcGXEeFK9fIa7CAPF3VuXOQ61efBJOwZs=
Subject key identifier:   0D:E0:FF:E4:38:FF:04:58:85:7F:38:AE:B9:24:15:F1:7A:56:9E:2C
Certificate issuer:       /CN=1516C2FE3F3E4B8C8641B5BDC6BD6483D91D2568
Certificate serial:       31A3E68268FC74CB2C690A0BA06E1F965B26F7A0
Authority key identifier: 15:16:C2:FE:3F:3E:4B:8C:86:41:B5:BD:C6:BD:64:83:D9:1D:25:68
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1516C2FE3F3E4B8C8641B5BDC6BD6483D91D2568.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9AB340B0872A073FB39EAC32A11DD049ADA33A26A7D12BE470A245100509C2A2/0/3133312e3136312e35322e302f32322d3234203d3e20323633363836.roa
Signing time:             Tue 04 Feb 2025 18:08:00 +0000
ROA not before:           Tue 04 Feb 2025 18:03:00 +0000
ROA not after:            Tue 03 Feb 2026 18:08:00 +0000
asID:                     263686
IP address blocks:        131.161.52.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:a3:e6:82:68:fc:74:cb:2c:69:0a:0b:a0:6e:1f:96:5b:26:f7:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1516C2FE3F3E4B8C8641B5BDC6BD6483D91D2568
        Validity
            Not Before: Feb  4 18:03:00 2025 GMT
            Not After : Feb  3 18:08:00 2026 GMT
        Subject: CN=0DE0FFE438FF0458857F38AEB92415F17A569E2C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:4e:e4:8f:df:ca:f2:e4:9f:09:63:0f:46:18:
                    ae:71:48:16:a4:a0:66:a4:f6:cd:9d:99:ab:b0:c0:
                    6c:32:0b:ac:59:b6:21:ba:a1:60:61:6f:aa:9d:70:
                    00:55:26:29:9c:8c:63:0d:05:b4:c7:ed:ef:74:f4:
                    99:81:71:e6:36:cf:e9:f3:1d:7f:a3:22:17:fa:94:
                    55:10:02:56:91:a7:ae:85:21:3d:81:ee:6e:df:11:
                    d3:71:d5:92:8e:85:19:9f:d7:db:7c:e7:a1:29:d9:
                    73:a5:2a:43:16:2a:2c:f1:1c:b2:4c:c7:85:1d:2a:
                    b7:11:0a:55:08:a7:9d:7f:8c:91:1c:15:4e:58:c5:
                    cc:e9:5e:0d:5f:7c:c2:ee:75:24:55:58:8e:a1:1c:
                    2e:6f:a2:35:06:d5:09:56:8c:a2:59:b2:5b:cd:e6:
                    26:1d:89:06:68:cc:2f:3b:75:83:be:3f:b3:50:9d:
                    3f:8a:e0:53:65:08:14:01:f1:39:e4:b7:62:7b:2c:
                    83:21:34:82:7c:ec:ca:28:7f:bc:2a:91:3f:7a:6c:
                    43:ea:74:25:b1:59:d7:6f:2a:85:6c:f1:ac:90:3f:
                    b5:08:21:31:d2:ff:87:57:80:28:1c:3a:35:cd:d4:
                    23:c3:26:fc:8e:14:40:7a:2c:77:68:7c:10:5f:e1:
                    46:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:E0:FF:E4:38:FF:04:58:85:7F:38:AE:B9:24:15:F1:7A:56:9E:2C
            X509v3 Authority Key Identifier:
                keyid:15:16:C2:FE:3F:3E:4B:8C:86:41:B5:BD:C6:BD:64:83:D9:1D:25:68

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9AB340B0872A073FB39EAC32A11DD049ADA33A26A7D12BE470A245100509C2A2/0/1516C2FE3F3E4B8C8641B5BDC6BD6483D91D2568.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1516C2FE3F3E4B8C8641B5BDC6BD6483D91D2568.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9AB340B0872A073FB39EAC32A11DD049ADA33A26A7D12BE470A245100509C2A2/0/3133312e3136312e35322e302f32322d3234203d3e20323633363836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.161.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         06:c9:2f:65:aa:00:5c:a4:af:74:95:34:90:04:71:7b:16:b4:
         96:68:92:99:b2:ab:9f:05:3b:2d:99:72:bc:1a:ea:46:40:96:
         f7:01:48:2f:40:bb:bd:b6:05:96:b1:1d:88:57:37:2d:e2:ca:
         d9:64:ad:8c:7a:29:72:0a:a1:7f:96:2b:58:1c:aa:d4:4c:85:
         d0:90:0f:c2:b6:d4:f6:c2:3d:8f:ed:58:d2:72:79:a0:49:b4:
         44:1d:e8:31:60:5c:48:9d:80:df:4b:17:79:db:69:a6:36:81:
         c2:a1:95:1f:de:ff:f5:d0:d4:a2:5a:71:58:22:f9:cc:0a:58:
         54:87:f2:bb:d3:d1:94:1e:74:18:31:a0:44:5d:45:ff:5b:b4:
         8c:28:84:09:b3:16:66:1e:8a:fe:4d:11:92:d1:89:33:42:f9:
         0b:2d:2d:7f:ef:09:3d:56:f2:cd:10:8a:36:45:ff:4c:c7:b4:
         3c:61:c9:08:08:d7:8f:60:dd:5d:e9:20:2a:26:7a:e7:6c:7e:
         8b:05:0c:d7:f8:a0:6b:2c:d5:c8:c0:40:07:0d:b4:ba:be:55:
         20:f6:72:73:02:54:1a:9e:09:8c:b6:59:d8:be:95:47:fc:69:
         17:e2:bb:25:75:ea:d4:7a:23:f3:ca:4f:57:86:af:ea:f5:41:
         d4:b5:c5:a5
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUMaPmgmj8dMssaQoLoG4fllsm96AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTUxNkMyRkUzRjNFNEI4Qzg2NDFCNUJEQzZCRDY0ODNE
OTFEMjU2ODAeFw0yNTAyMDQxODAzMDBaFw0yNjAyMDMxODA4MDBaMDMxMTAvBgNV
BAMTKDBERTBGRkU0MzhGRjA0NTg4NTdGMzhBRUI5MjQxNUYxN0E1NjlFMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaTuSP38ry5J8JYw9GGK5xSBak
oGak9s2dmauwwGwyC6xZtiG6oWBhb6qdcABVJimcjGMNBbTH7e909JmBceY2z+nz
HX+jIhf6lFUQAlaRp66FIT2B7m7fEdNx1ZKOhRmf19t856Ep2XOlKkMWKizxHLJM
x4UdKrcRClUIp51/jJEcFU5YxczpXg1ffMLudSRVWI6hHC5vojUG1QlWjKJZslvN
5iYdiQZozC87dYO+P7NQnT+K4FNlCBQB8Tnkt2J7LIMhNIJ87Moof7wqkT96bEPq
dCWxWddvKoVs8ayQP7UIITHS/4dXgCgcOjXN1CPDJvyOFEB6LHdofBBf4UaFAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUDeD/5Dj/BFiFfziuuSQV8XpWniwwHwYDVR0j
BBgwFoAUFRbC/j8+S4yGQbW9xr1kg9kdJWgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85QUIzNDBCMDg3MkEwNzNGQjM5RUFDMzJBMTFERDA0OUFE
QTMzQTI2QTdEMTJCRTQ3MEEyNDUxMDA1MDlDMkEyLzAvMTUxNkMyRkUzRjNFNEI4
Qzg2NDFCNUJEQzZCRDY0ODNEOTFEMjU2OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNTE2QzJGRTNGM0U0QjhDODY0
MUI1QkRDNkJENjQ4M0Q5MUQyNTY4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOUFCMzQwQjA4NzJBMDczRkIzOUVBQzMyQTExREQwNDlBREEzM0EyNkE3
RDEyQkU0NzBBMjQ1MTAwNTA5QzJBMi8wLzMxMzMzMTJlMzEzNjMxMmUzNTMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjMzMzYzODM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCg6E0
MA0GCSqGSIb3DQEBCwUAA4IBAQAGyS9lqgBcpK90lTSQBHF7FrSWaJKZsqufBTst
mXK8GupGQJb3AUgvQLu9tgWWsR2IVzct4srZZK2MeilyCqF/litYHKrUTIXQkA/C
ttT2wj2P7VjScnmgSbREHegxYFxInYDfSxd522mmNoHCoZUf3v/10NSiWnFYIvnM
ClhUh/K709GUHnQYMaBEXUX/W7SMKIQJsxZmHor+TRGS0YkzQvkLLS1/7wk9VvLN
EIo2Rf9Mx7Q8YckICNePYN1d6SAqJnrnbH6LBQzX+KBrLNXIwEAHDbS6vlUg9nJz
AlQangmMtlnYvpVH/GkX4rslderUeiPzyk9Xhq/q9UHUtcWl
-----END CERTIFICATE-----