Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AF0A4F620D224C38859357384007DECBBDBE5CA6B1FFD28472D04B77E3F596B1/0/3138312e3138392e32372e302f32342d3234203d3e20323732303631.roa
File:                     3138312e3138392e32372e302f32342d3234203d3e20323732303631.roa (raw, json)
Hash identifier:          jhVs9IVixW5HO6qu0P1dgU1WpJfA8TxNrpffoehbL9Y=
Subject key identifier:   5E:AA:85:83:1B:57:11:5D:21:9B:37:47:6F:B6:2A:4F:A0:8C:CC:F6
Certificate issuer:       /CN=ED84261D115D794840163DB5C548D17B25BA2A9E
Certificate serial:       14A58FC6523534C47EB7DA4A9F96C619C7DB5A5D
Authority key identifier: ED:84:26:1D:11:5D:79:48:40:16:3D:B5:C5:48:D1:7B:25:BA:2A:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/ED84261D115D794840163DB5C548D17B25BA2A9E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AF0A4F620D224C38859357384007DECBBDBE5CA6B1FFD28472D04B77E3F596B1/0/3138312e3138392e32372e302f32342d3234203d3e20323732303631.roa
Signing time:             Tue 04 Feb 2025 18:43:04 +0000
ROA not before:           Tue 04 Feb 2025 18:38:04 +0000
ROA not after:            Tue 03 Feb 2026 18:43:04 +0000
asID:                     272061
IP address blocks:        181.189.27.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:a5:8f:c6:52:35:34:c4:7e:b7:da:4a:9f:96:c6:19:c7:db:5a:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ED84261D115D794840163DB5C548D17B25BA2A9E
        Validity
            Not Before: Feb  4 18:38:04 2025 GMT
            Not After : Feb  3 18:43:04 2026 GMT
        Subject: CN=5EAA85831B57115D219B37476FB62A4FA08CCCF6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:03:2e:a7:78:3a:3f:a6:04:94:65:e9:16:95:
                    79:1f:a8:82:ff:9b:df:3b:10:9c:39:63:05:79:9a:
                    ce:f1:26:8c:18:8f:cd:3a:cd:16:b7:41:0f:eb:ba:
                    f8:89:01:cb:a5:93:de:d6:72:dc:9e:91:c3:69:d0:
                    a1:c4:b3:b3:6a:96:f8:a5:e1:59:06:a5:2b:59:4e:
                    ff:e1:f8:c7:06:38:2c:08:2a:cb:80:5e:70:f2:cf:
                    f3:5c:ad:d9:e5:8a:41:b8:4c:92:cf:93:e6:92:2c:
                    ad:d4:b6:7c:10:3f:88:aa:1d:4f:d2:1c:99:d6:23:
                    df:21:bc:82:41:5e:0a:11:ca:c6:79:34:75:77:ba:
                    40:11:87:44:d3:14:65:9a:55:d3:21:85:c1:ea:26:
                    df:7c:0b:55:71:32:3d:8c:ec:c0:65:0e:35:0e:28:
                    c9:0f:0f:f9:4c:0b:e7:22:a8:dc:a3:c3:8e:bb:cb:
                    c9:44:9e:e1:fa:0d:6b:14:8b:cd:f0:35:52:41:c9:
                    fe:37:0d:8e:3f:40:5a:04:25:15:26:e6:65:76:12:
                    94:37:03:d3:ba:3b:df:d7:20:53:df:4c:98:9a:6b:
                    6d:51:08:ea:b8:82:c0:a3:54:11:1a:c9:f2:f2:5a:
                    2c:6d:05:75:69:c1:04:0b:c1:91:7e:85:e8:ac:2e:
                    6e:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:AA:85:83:1B:57:11:5D:21:9B:37:47:6F:B6:2A:4F:A0:8C:CC:F6
            X509v3 Authority Key Identifier:
                keyid:ED:84:26:1D:11:5D:79:48:40:16:3D:B5:C5:48:D1:7B:25:BA:2A:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AF0A4F620D224C38859357384007DECBBDBE5CA6B1FFD28472D04B77E3F596B1/0/ED84261D115D794840163DB5C548D17B25BA2A9E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/ED84261D115D794840163DB5C548D17B25BA2A9E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AF0A4F620D224C38859357384007DECBBDBE5CA6B1FFD28472D04B77E3F596B1/0/3138312e3138392e32372e302f32342d3234203d3e20323732303631.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.189.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:e1:ad:2b:88:0e:91:56:bc:4e:69:b9:4b:6a:09:eb:e8:e6:
         8f:50:e4:d7:f8:be:d7:55:cd:46:a9:4b:8a:3b:5d:13:5d:2d:
         3f:15:de:26:d6:fe:38:ac:52:7f:f2:08:f9:a3:dd:3e:53:90:
         f7:d7:bf:34:c2:9e:5e:d7:ce:7f:03:fd:ec:a9:a0:47:c9:c8:
         b7:7a:d3:9c:49:5b:00:50:72:8d:92:33:42:07:24:24:ae:84:
         bb:bc:6e:0c:7a:54:b5:a8:d2:7d:48:8f:d5:bc:86:bf:7e:6e:
         3c:e7:01:a5:1c:21:07:cf:b8:0e:d0:03:35:e1:80:ca:9e:1d:
         da:71:54:c3:1c:9e:5f:e1:50:b1:aa:41:83:87:41:12:6e:73:
         c5:d8:e5:6e:9f:9c:ba:fe:ea:ec:e5:bd:66:9d:ec:20:17:7a:
         98:eb:75:1a:c3:b9:0c:3d:ae:0e:f4:42:2c:29:af:71:64:8a:
         61:dd:a6:24:92:7b:a5:4f:67:da:ee:48:71:c2:e9:70:42:74:
         5b:62:e9:74:2b:db:2e:9d:d0:a7:eb:56:36:41:b4:9d:1a:11:
         8d:a4:84:e3:81:bd:68:c0:0c:1d:45:15:c2:c3:d1:4c:f3:21:
         92:b2:47:ef:4a:51:06:e1:69:2f:19:68:ba:11:d4:df:c4:b9:
         5f:d5:af:3b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUFKWPxlI1NMR+t9pKn5bGGcfbWl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUQ4NDI2MUQxMTVENzk0ODQwMTYzREI1QzU0OEQxN0Iy
NUJBMkE5RTAeFw0yNTAyMDQxODM4MDRaFw0yNjAyMDMxODQzMDRaMDMxMTAvBgNV
BAMTKDVFQUE4NTgzMUI1NzExNUQyMTlCMzc0NzZGQjYyQTRGQTA4Q0NDRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoAy6neDo/pgSUZekWlXkfqIL/
m987EJw5YwV5ms7xJowYj806zRa3QQ/ruviJAculk97WctyekcNp0KHEs7Nqlvil
4VkGpStZTv/h+McGOCwIKsuAXnDyz/NcrdnlikG4TJLPk+aSLK3UtnwQP4iqHU/S
HJnWI98hvIJBXgoRysZ5NHV3ukARh0TTFGWaVdMhhcHqJt98C1VxMj2M7MBlDjUO
KMkPD/lMC+ciqNyjw467y8lEnuH6DWsUi83wNVJByf43DY4/QFoEJRUm5mV2EpQ3
A9O6O9/XIFPfTJiaa21RCOq4gsCjVBEayfLyWixtBXVpwQQLwZF+heisLm6lAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUXqqFgxtXEV0hmzdHb7YqT6CMzPYwHwYDVR0j
BBgwFoAU7YQmHRFdeUhAFj21xUjReyW6Kp4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BRjBBNEY2MjBEMjI0QzM4ODU5MzU3Mzg0MDA3REVDQkJE
QkU1Q0E2QjFGRkQyODQ3MkQwNEI3N0UzRjU5NkIxLzAvRUQ4NDI2MUQxMTVENzk0
ODQwMTYzREI1QzU0OEQxN0IyNUJBMkE5RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FRDg0MjYxRDExNUQ3OTQ4NDAx
NjNEQjVDNTQ4RDE3QjI1QkEyQTlFLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUYwQTRGNjIwRDIyNEMzODg1OTM1NzM4NDAwN0RFQ0JCREJFNUNBNkIx
RkZEMjg0NzJEMDRCNzdFM0Y1OTZCMS8wLzMxMzgzMTJlMzEzODM5MmUzMjM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMyMzAzNjMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtb0b
MA0GCSqGSIb3DQEBCwUAA4IBAQBe4a0riA6RVrxOablLagnr6OaPUOTX+L7XVc1G
qUuKO10TXS0/Fd4m1v44rFJ/8gj5o90+U5D31780wp5e185/A/3sqaBHyci3etOc
SVsAUHKNkjNCByQkroS7vG4MelS1qNJ9SI/VvIa/fm485wGlHCEHz7gO0AM14YDK
nh3acVTDHJ5f4VCxqkGDh0ESbnPF2OVun5y6/urs5b1mnewgF3qY63Uaw7kMPa4O
9EIsKa9xZIph3aYkknulT2fa7khxwulwQnRbYul0K9sundCn61Y2QbSdGhGNpITj
gb1owAwdRRXCw9FM8yGSskfvSlEG4WkvGWi6EdTfxLlf1a87
-----END CERTIFICATE-----