Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B28AC549303B74A1C49CA076B974F0636B03B79F9E0335B6FDBBFD60EA918348/0/3137392e35312e3230382e302f32322d3234203d3e20323731373831.roa
File:                     3137392e35312e3230382e302f32322d3234203d3e20323731373831.roa (raw, json)
Hash identifier:          qefcdKBbQ8rTrMpgo/t4zhuWfrSW4R/8kvtNUQX7kms=
Subject key identifier:   9C:7F:9A:DC:15:4B:99:5D:2C:51:25:DA:37:71:5E:CC:96:59:4B:FC
Certificate issuer:       /CN=BF91FE0B7120FEC1B02E20F4EB88A4DDFA1B7FFC
Certificate serial:       4C9C6EC89E6FE9343C5031DF36875F4937738C96
Authority key identifier: BF:91:FE:0B:71:20:FE:C1:B0:2E:20:F4:EB:88:A4:DD:FA:1B:7F:FC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BF91FE0B7120FEC1B02E20F4EB88A4DDFA1B7FFC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B28AC549303B74A1C49CA076B974F0636B03B79F9E0335B6FDBBFD60EA918348/0/3137392e35312e3230382e302f32322d3234203d3e20323731373831.roa
Signing time:             Tue 04 Feb 2025 18:29:08 +0000
ROA not before:           Tue 04 Feb 2025 18:24:08 +0000
ROA not after:            Tue 03 Feb 2026 18:29:08 +0000
asID:                     271781
IP address blocks:        179.51.208.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:9c:6e:c8:9e:6f:e9:34:3c:50:31:df:36:87:5f:49:37:73:8c:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BF91FE0B7120FEC1B02E20F4EB88A4DDFA1B7FFC
        Validity
            Not Before: Feb  4 18:24:08 2025 GMT
            Not After : Feb  3 18:29:08 2026 GMT
        Subject: CN=9C7F9ADC154B995D2C5125DA37715ECC96594BFC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:01:9c:cf:29:c5:a0:90:a3:4d:df:97:cb:70:
                    e2:f8:f2:41:57:60:d3:a9:91:be:57:17:67:13:f5:
                    7c:a2:b1:6c:dd:2e:9c:f3:39:1a:5a:cf:8b:16:67:
                    fc:e8:71:34:ef:2c:46:b8:dd:c8:7c:bd:98:0a:ae:
                    7e:ab:f5:8c:d0:4e:a1:fb:67:d2:36:11:aa:ef:84:
                    5c:f7:f1:2b:07:75:a9:cf:a9:ab:5a:84:53:f1:7c:
                    33:de:20:d0:e7:84:00:26:b4:7b:08:7e:f3:85:b3:
                    6f:98:44:58:aa:58:92:10:73:d1:3f:0c:ad:96:9d:
                    ac:f0:7c:d0:43:1c:3e:ac:5a:c4:7a:22:e1:3b:8a:
                    d9:fa:a3:69:6c:a4:81:ad:93:3c:c7:92:61:ea:3a:
                    04:d4:8f:38:81:1a:10:b7:01:76:3d:88:48:88:93:
                    b2:d0:70:1b:60:2c:38:c2:92:88:fb:ba:49:9f:de:
                    98:41:d8:78:19:30:79:2c:8e:34:31:fe:d6:0b:e0:
                    8a:11:04:61:d6:ce:36:2f:8d:db:a9:4b:a6:21:f3:
                    ad:3c:29:42:cc:e7:1a:de:ee:a7:09:73:73:87:3f:
                    f8:39:eb:ea:22:f8:f7:b9:b9:d0:34:2d:e4:14:89:
                    df:6e:95:5e:fa:f5:bd:76:2c:f2:64:78:6a:62:89:
                    e9:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:7F:9A:DC:15:4B:99:5D:2C:51:25:DA:37:71:5E:CC:96:59:4B:FC
            X509v3 Authority Key Identifier:
                keyid:BF:91:FE:0B:71:20:FE:C1:B0:2E:20:F4:EB:88:A4:DD:FA:1B:7F:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B28AC549303B74A1C49CA076B974F0636B03B79F9E0335B6FDBBFD60EA918348/0/BF91FE0B7120FEC1B02E20F4EB88A4DDFA1B7FFC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BF91FE0B7120FEC1B02E20F4EB88A4DDFA1B7FFC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B28AC549303B74A1C49CA076B974F0636B03B79F9E0335B6FDBBFD60EA918348/0/3137392e35312e3230382e302f32322d3234203d3e20323731373831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.51.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b5:2e:e3:72:8f:60:8b:28:bc:40:31:11:2f:27:e7:7e:92:b8:
         b9:a7:d3:e7:8d:33:a5:10:5a:5c:cf:56:c3:a0:f7:aa:7a:a4:
         1a:37:41:ba:7b:45:45:ae:cc:31:13:ae:7a:7e:80:9e:ec:26:
         d3:d0:d2:23:0a:30:a6:ac:c6:8a:b7:17:e8:c0:ad:26:e4:c2:
         b6:c0:e2:b8:ea:fb:42:fc:44:df:d7:cf:f7:5c:e9:0a:bc:14:
         76:b3:35:5d:1f:4f:5b:b5:db:1c:4a:dd:29:30:fd:f6:3a:9a:
         aa:ad:11:c4:81:e0:7d:83:62:eb:e8:40:7f:87:0e:01:b6:ac:
         32:06:40:0a:e3:69:29:db:99:19:7a:4f:d6:f7:dc:22:ac:02:
         ba:82:7d:4a:48:a0:11:aa:a0:45:33:b0:46:9c:ba:a5:81:f0:
         45:a6:1a:44:bb:7d:de:c0:63:0d:03:66:ea:e9:cd:0a:cb:61:
         50:0f:1c:2f:6b:2c:3c:56:fa:eb:1e:d4:3b:03:e3:a5:c4:cd:
         9f:7c:12:f0:09:e4:77:8e:41:44:4d:73:ed:5a:e0:0e:aa:ed:
         c8:78:20:c0:df:10:4e:fb:e9:6a:ec:d6:48:14:d4:12:32:ff:
         03:b5:88:08:8a:e4:f6:36:6b:f5:57:04:57:f5:ff:c1:ed:be:
         a0:ae:81:f9
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUTJxuyJ5v6TQ8UDHfNodfSTdzjJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkY5MUZFMEI3MTIwRkVDMUIwMkUyMEY0RUI4OEE0RERG
QTFCN0ZGQzAeFw0yNTAyMDQxODI0MDhaFw0yNjAyMDMxODI5MDhaMDMxMTAvBgNV
BAMTKDlDN0Y5QURDMTU0Qjk5NUQyQzUxMjVEQTM3NzE1RUNDOTY1OTRCRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVAZzPKcWgkKNN35fLcOL48kFX
YNOpkb5XF2cT9XyisWzdLpzzORpaz4sWZ/zocTTvLEa43ch8vZgKrn6r9YzQTqH7
Z9I2EarvhFz38SsHdanPqatahFPxfDPeINDnhAAmtHsIfvOFs2+YRFiqWJIQc9E/
DK2WnazwfNBDHD6sWsR6IuE7itn6o2lspIGtkzzHkmHqOgTUjziBGhC3AXY9iEiI
k7LQcBtgLDjCkoj7ukmf3phB2HgZMHksjjQx/tYL4IoRBGHWzjYvjdupS6Yh8608
KULM5xre7qcJc3OHP/g56+oi+Pe5udA0LeQUid9ulV769b12LPJkeGpiielLAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUnH+a3BVLmV0sUSXaN3FezJZZS/wwHwYDVR0j
BBgwFoAUv5H+C3Eg/sGwLiD064ik3fobf/wwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMjhBQzU0OTMwM0I3NEExQzQ5Q0EwNzZCOTc0RjA2MzZC
MDNCNzlGOUUwMzM1QjZGREJCRkQ2MEVBOTE4MzQ4LzAvQkY5MUZFMEI3MTIwRkVD
MUIwMkUyMEY0RUI4OEE0RERGQTFCN0ZGQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CRjkxRkUwQjcxMjBGRUMxQjAy
RTIwRjRFQjg4QTREREZBMUI3RkZDLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjI4QUM1NDkzMDNCNzRBMUM0OUNBMDc2Qjk3NEYwNjM2QjAzQjc5RjlF
MDMzNUI2RkRCQkZENjBFQTkxODM0OC8wLzMxMzczOTJlMzUzMTJlMzIzMDM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzMxMzczODMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCszPQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC1LuNyj2CLKLxAMREvJ+d+kri5p9PnjTOlEFpc
z1bDoPeqeqQaN0G6e0VFrswxE656foCe7CbT0NIjCjCmrMaKtxfowK0m5MK2wOK4
6vtC/ETf18/3XOkKvBR2szVdH09btdscSt0pMP32OpqqrRHEgeB9g2Lr6EB/hw4B
tqwyBkAK42kp25kZek/W99wirAK6gn1KSKARqqBFM7BGnLqlgfBFphpEu33ewGMN
A2bq6c0Ky2FQDxwvayw8VvrrHtQ7A+OlxM2ffBLwCeR3jkFETXPtWuAOqu3IeCDA
3xBO++lq7NZIFNQSMv8DtYgIiuT2Nmv1VwRX9f/B7b6groH5
-----END CERTIFICATE-----