Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e31312e33322e302f31392d3234203d3e203131383135.roa
File:                     3139302e31312e33322e302f31392d3234203d3e203131383135.roa (raw, json)
Hash identifier:          uY9UNPjmv3woH1Mwh1P+wA57whNpVhmGMC7N/Zmg8X0=
Subject key identifier:   DE:51:EB:D5:AB:84:6A:85:9F:B9:7B:C7:97:10:7F:0E:11:DC:2F:B0
Certificate issuer:       /CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
Certificate serial:       295952894B639AEAA7018ED7C801A6947912950A
Authority key identifier: D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e31312e33322e302f31392d3234203d3e203131383135.roa
Signing time:             Tue 04 Feb 2025 18:34:28 +0000
ROA not before:           Tue 04 Feb 2025 18:29:28 +0000
ROA not after:            Tue 03 Feb 2026 18:34:28 +0000
asID:                     11815
IP address blocks:        190.11.32.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:59:52:89:4b:63:9a:ea:a7:01:8e:d7:c8:01:a6:94:79:12:95:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2F5141990A0252C37D63112FB6ECA5DBC5686B6
        Validity
            Not Before: Feb  4 18:29:28 2025 GMT
            Not After : Feb  3 18:34:28 2026 GMT
        Subject: CN=DE51EBD5AB846A859FB97BC797107F0E11DC2FB0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:9f:69:78:32:27:05:5b:5b:e0:fd:87:db:c2:
                    ee:83:11:7f:d7:48:ab:98:18:84:2d:f3:94:40:43:
                    af:76:c3:7c:b3:87:19:73:8b:8d:55:7f:f7:41:e4:
                    96:88:08:eb:27:50:a7:35:79:41:be:f4:63:11:cd:
                    66:dc:d6:44:24:fa:19:d1:e7:dd:2c:ed:b9:ee:b1:
                    be:73:a6:00:4e:11:54:98:21:b6:a1:98:07:8f:d8:
                    27:72:d3:4b:19:fb:14:af:cf:20:5a:84:48:3c:71:
                    f0:a0:61:66:53:22:6c:55:c2:1c:ae:17:57:a0:8c:
                    ff:0e:2f:4e:ca:3b:55:2f:f2:cf:64:95:cd:88:11:
                    82:26:c2:35:f7:c3:41:07:bf:dd:ad:8e:eb:62:cc:
                    6b:8c:f4:ac:9c:0a:16:19:2e:66:01:65:54:53:85:
                    0c:d1:97:a5:1a:d0:cd:b6:b8:98:54:3a:15:56:a5:
                    7b:34:58:43:9e:ae:1e:fb:c7:d2:d8:94:3d:3b:33:
                    dd:3a:59:34:42:a8:8e:98:06:fe:74:9f:e2:dd:4d:
                    c0:54:a6:d2:eb:94:23:ab:13:d8:5a:46:5a:23:c8:
                    e2:58:d7:a6:1d:cb:80:1c:de:de:18:b9:9e:e7:80:
                    5b:fc:e3:59:a2:7b:88:0a:2f:93:7f:39:9c:bb:08:
                    90:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:51:EB:D5:AB:84:6A:85:9F:B9:7B:C7:97:10:7F:0E:11:DC:2F:B0
            X509v3 Authority Key Identifier:
                keyid:D2:F5:14:19:90:A0:25:2C:37:D6:31:12:FB:6E:CA:5D:BC:56:86:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2F5141990A0252C37D63112FB6ECA5DBC5686B6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B2FFDCA30C15CD59970A7E7AFAEC3A91AF4301AC9008B0FFC3B8F9775F56F2FD/0/3139302e31312e33322e302f31392d3234203d3e203131383135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.11.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         ad:01:92:b7:6c:b1:50:1c:4f:ed:bf:83:8e:7c:b3:1b:98:29:
         94:de:28:74:00:1f:f1:2f:68:03:68:a8:5d:41:d5:19:17:1f:
         94:7f:cc:9d:03:a3:fe:97:15:6b:8d:de:31:95:32:bb:64:2d:
         d9:f3:ae:fe:34:2d:16:8f:30:8c:8e:b1:00:37:c2:d0:0f:52:
         8c:00:98:af:9c:0b:25:cf:57:4a:8a:84:1e:d9:ef:27:63:c7:
         1e:d3:e3:0c:a0:6c:37:2e:81:a3:fd:a4:0c:09:aa:c5:38:7c:
         1f:7b:db:02:75:28:ea:21:23:e9:e6:35:b3:d9:c6:d2:1f:b8:
         d4:1f:57:0f:a5:2a:2f:0c:6c:73:d7:3c:9d:e6:9b:02:75:78:
         c9:9c:d8:0c:76:89:9f:ec:22:d0:b8:49:5e:64:7b:34:a9:19:
         f9:ff:53:03:45:98:d9:f5:4f:33:b0:b4:a4:55:c2:46:90:cd:
         31:0c:b1:3f:85:8b:db:3c:23:43:a7:e8:db:5b:e9:35:5c:a1:
         40:60:f0:13:4c:1e:54:89:84:71:88:f0:1e:5b:9e:fb:86:5c:
         bc:2e:7a:fc:bb:fe:b5:e8:2b:33:18:26:6a:2d:b6:d4:e7:ed:
         a5:e0:0a:b5:d1:ba:9b:bb:2a:a9:81:37:4d:21:7b:47:e3:2c:
         86:94:b6:71
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUKVlSiUtjmuqnAY7XyAGmlHkSlQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJGNTE0MTk5MEEwMjUyQzM3RDYzMTEyRkI2RUNBNURC
QzU2ODZCNjAeFw0yNTAyMDQxODI5MjhaFw0yNjAyMDMxODM0MjhaMDMxMTAvBgNV
BAMTKERFNTFFQkQ1QUI4NDZBODU5RkI5N0JDNzk3MTA3RjBFMTFEQzJGQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxn2l4MicFW1vg/Yfbwu6DEX/X
SKuYGIQt85RAQ692w3yzhxlzi41Vf/dB5JaICOsnUKc1eUG+9GMRzWbc1kQk+hnR
590s7bnusb5zpgBOEVSYIbahmAeP2Cdy00sZ+xSvzyBahEg8cfCgYWZTImxVwhyu
F1egjP8OL07KO1Uv8s9klc2IEYImwjX3w0EHv92tjutizGuM9KycChYZLmYBZVRT
hQzRl6Ua0M22uJhUOhVWpXs0WEOerh77x9LYlD07M906WTRCqI6YBv50n+LdTcBU
ptLrlCOrE9haRlojyOJY16Ydy4Ac3t4YuZ7ngFv841mie4gKL5N/OZy7CJAbAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU3lHr1auEaoWfuXvHlxB/DhHcL7AwHwYDVR0j
BBgwFoAU0vUUGZCgJSw31jES+27KXbxWhrYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMkZGRENBMzBDMTVDRDU5OTcwQTdFN0FGQUVDM0E5MUFG
NDMwMUFDOTAwOEIwRkZDM0I4Rjk3NzVGNTZGMkZELzAvRDJGNTE0MTk5MEEwMjUy
QzM3RDYzMTEyRkI2RUNBNURCQzU2ODZCNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMkY1MTQxOTkwQTAyNTJDMzdE
NjMxMTJGQjZFQ0E1REJDNTY4NkI2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjJGRkRDQTMwQzE1Q0Q1OTk3MEE3RTdBRkFFQzNBOTFBRjQzMDFBQzkw
MDhCMEZGQzNCOEY5Nzc1RjU2RjJGRC8wLzMxMzkzMDJlMzEzMTJlMzMzMjJlMzAy
ZjMxMzkyZDMyMzQyMDNkM2UyMDMxMzEzODMxMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAW+CyAwDQYJ
KoZIhvcNAQELBQADggEBAK0BkrdssVAcT+2/g458sxuYKZTeKHQAH/EvaANoqF1B
1RkXH5R/zJ0Do/6XFWuN3jGVMrtkLdnzrv40LRaPMIyOsQA3wtAPUowAmK+cCyXP
V0qKhB7Z7ydjxx7T4wygbDcugaP9pAwJqsU4fB972wJ1KOohI+nmNbPZxtIfuNQf
Vw+lKi8MbHPXPJ3mmwJ1eMmc2Ax2iZ/sItC4SV5kezSpGfn/UwNFmNn1TzOwtKRV
wkaQzTEMsT+Fi9s8I0On6Ntb6TVcoUBg8BNMHlSJhHGI8B5bnvuGXLwuevy7/rXo
KzMYJmotttTn7aXgCrXRupu7KqmBN00he0fjLIaUtnE=
-----END CERTIFICATE-----