Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/BE5D47A3592B259B5A43A3E01BC9DD4B7D76D8AEC387E1955FE9094A3AC6DE47/0/3139302e35372e31362e302f32342d3234203d3e20323633373833.roa
File:                     3139302e35372e31362e302f32342d3234203d3e20323633373833.roa (raw, json)
Hash identifier:          bW6iQsggVt4kq+fk/a+TgfvetC+Ql/TrPFo2kXCFqOM=
Subject key identifier:   2D:CE:60:2C:DA:19:77:68:76:8E:96:DF:40:17:A5:3E:C0:DD:EA:07
Certificate issuer:       /CN=DCDE245406EF53D802AC05030F2AF3C618B69FF2
Certificate serial:       1B1625C1464951C8AE31687BD74125E6C7CE2835
Authority key identifier: DC:DE:24:54:06:EF:53:D8:02:AC:05:03:0F:2A:F3:C6:18:B6:9F:F2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DCDE245406EF53D802AC05030F2AF3C618B69FF2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/BE5D47A3592B259B5A43A3E01BC9DD4B7D76D8AEC387E1955FE9094A3AC6DE47/0/3139302e35372e31362e302f32342d3234203d3e20323633373833.roa
Signing time:             Tue 04 Feb 2025 18:51:36 +0000
ROA not before:           Tue 04 Feb 2025 18:46:36 +0000
ROA not after:            Tue 03 Feb 2026 18:51:36 +0000
asID:                     263783
IP address blocks:        190.57.16.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:16:25:c1:46:49:51:c8:ae:31:68:7b:d7:41:25:e6:c7:ce:28:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DCDE245406EF53D802AC05030F2AF3C618B69FF2
        Validity
            Not Before: Feb  4 18:46:36 2025 GMT
            Not After : Feb  3 18:51:36 2026 GMT
        Subject: CN=2DCE602CDA197768768E96DF4017A53EC0DDEA07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:8b:fb:2c:9f:8a:7f:2e:a2:d5:a4:0d:e1:34:
                    c4:90:10:a9:2a:29:49:78:5e:8d:7f:92:e1:20:e5:
                    36:56:02:0b:6e:81:fa:c8:ec:5d:7a:86:b0:ac:a9:
                    e9:95:f1:36:d1:78:96:21:73:51:8f:dd:6e:5b:d4:
                    bf:47:f5:53:59:9a:79:1f:cb:10:4a:e4:cd:99:68:
                    e8:5f:47:5a:5d:3b:07:f7:0f:75:39:e7:b8:e7:2b:
                    d3:c4:11:4f:51:2a:a5:aa:8e:bb:61:05:2b:ec:8c:
                    26:7a:c9:ae:09:50:6f:02:06:f0:31:b1:c5:4f:0d:
                    91:69:64:28:c5:88:78:8f:f2:66:02:46:d8:58:d8:
                    7d:99:0b:9a:99:f8:93:3c:2c:14:28:da:e2:ee:61:
                    7a:b4:91:ee:ed:93:7d:de:b8:9d:21:27:72:e2:44:
                    b4:a6:fe:c7:57:36:7d:15:d1:a0:44:e1:46:33:8d:
                    c4:02:21:1c:ee:50:0a:31:ff:b8:fb:1f:3f:bb:7d:
                    9d:26:65:c1:15:60:30:a0:55:31:c6:a2:7d:35:1c:
                    04:68:10:51:da:8a:33:08:13:96:32:b5:b2:a5:3a:
                    26:2c:85:b4:c7:38:53:c0:39:09:f2:ff:71:85:4f:
                    2e:1c:ab:e1:2f:39:d7:30:8f:0b:2a:81:1b:cc:4a:
                    39:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:CE:60:2C:DA:19:77:68:76:8E:96:DF:40:17:A5:3E:C0:DD:EA:07
            X509v3 Authority Key Identifier:
                keyid:DC:DE:24:54:06:EF:53:D8:02:AC:05:03:0F:2A:F3:C6:18:B6:9F:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/BE5D47A3592B259B5A43A3E01BC9DD4B7D76D8AEC387E1955FE9094A3AC6DE47/0/DCDE245406EF53D802AC05030F2AF3C618B69FF2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DCDE245406EF53D802AC05030F2AF3C618B69FF2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/BE5D47A3592B259B5A43A3E01BC9DD4B7D76D8AEC387E1955FE9094A3AC6DE47/0/3139302e35372e31362e302f32342d3234203d3e20323633373833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.57.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:cb:66:d9:07:fa:5e:bc:b5:d8:d8:89:9a:59:08:57:09:7d:
         5f:9f:50:96:db:4b:26:dd:8a:26:85:14:48:e5:52:64:56:0d:
         5f:a4:0b:55:5d:33:b7:01:5d:32:3a:97:4a:0a:32:e3:75:4d:
         36:92:ea:ca:89:b3:e6:0e:26:f4:b4:89:ee:c4:b1:5e:9d:40:
         a4:96:d2:78:9a:3b:76:29:b5:5b:8d:1f:e2:51:36:0a:31:92:
         ee:d2:fa:00:e4:b9:0b:83:d5:95:50:6f:16:2a:36:f3:23:03:
         7e:a9:de:2c:e5:bd:75:05:71:8a:93:e7:10:54:6a:41:2a:c7:
         59:3e:2d:8b:f4:f1:22:41:43:a5:bd:74:ae:cf:72:e6:27:31:
         57:75:a1:b5:96:c8:89:68:1b:d5:f5:8f:28:1a:e5:40:52:0f:
         59:45:92:aa:50:24:4f:55:dd:3d:6f:3d:15:7a:79:c3:fa:a0:
         a9:c2:f1:32:43:b3:90:bc:22:55:9f:95:3a:3e:c0:0b:9f:61:
         9e:48:0a:04:cd:4f:34:01:c8:77:28:bb:f6:db:9d:d2:f8:4e:
         b5:92:6a:c6:8b:e2:b2:92:a1:2f:27:5a:9b:da:ca:6c:53:87:
         18:d8:e2:33:82:d8:d7:6d:ac:f9:07:d5:f8:b4:82:87:bb:f0:
         13:b4:f9:ab
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUGxYlwUZJUciuMWh710El5sfOKDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRENERTI0NTQwNkVGNTNEODAyQUMwNTAzMEYyQUYzQzYx
OEI2OUZGMjAeFw0yNTAyMDQxODQ2MzZaFw0yNjAyMDMxODUxMzZaMDMxMTAvBgNV
BAMTKDJEQ0U2MDJDREExOTc3Njg3NjhFOTZERjQwMTdBNTNFQzBEREVBMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZi/ssn4p/LqLVpA3hNMSQEKkq
KUl4Xo1/kuEg5TZWAgtugfrI7F16hrCsqemV8TbReJYhc1GP3W5b1L9H9VNZmnkf
yxBK5M2ZaOhfR1pdOwf3D3U557jnK9PEEU9RKqWqjrthBSvsjCZ6ya4JUG8CBvAx
scVPDZFpZCjFiHiP8mYCRthY2H2ZC5qZ+JM8LBQo2uLuYXq0ke7tk33euJ0hJ3Li
RLSm/sdXNn0V0aBE4UYzjcQCIRzuUAox/7j7Hz+7fZ0mZcEVYDCgVTHGon01HARo
EFHaijMIE5YytbKlOiYshbTHOFPAOQny/3GFTy4cq+EvOdcwjwsqgRvMSjmbAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQULc5gLNoZd2h2jpbfQBelPsDd6gcwHwYDVR0j
BBgwFoAU3N4kVAbvU9gCrAUDDyrzxhi2n/IwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CRTVENDdBMzU5MkIyNTlCNUE0M0EzRTAxQkM5REQ0QjdE
NzZEOEFFQzM4N0UxOTU1RkU5MDk0QTNBQzZERTQ3LzAvRENERTI0NTQwNkVGNTNE
ODAyQUMwNTAzMEYyQUYzQzYxOEI2OUZGMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQ0RFMjQ1NDA2RUY1M0Q4MDJB
QzA1MDMwRjJBRjNDNjE4QjY5RkYyLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQkU1RDQ3QTM1OTJCMjU5QjVBNDNBM0UwMUJDOURENEI3RDc2RDhBRUMz
ODdFMTk1NUZFOTA5NEEzQUM2REU0Ny8wLzMxMzkzMDJlMzUzNzJlMzEzNjJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzMzM3MzgzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAL45EDAN
BgkqhkiG9w0BAQsFAAOCAQEAjctm2Qf6Xry12NiJmlkIVwl9X59QlttLJt2KJoUU
SOVSZFYNX6QLVV0ztwFdMjqXSgoy43VNNpLqyomz5g4m9LSJ7sSxXp1ApJbSeJo7
dim1W40f4lE2CjGS7tL6AOS5C4PVlVBvFio28yMDfqneLOW9dQVxipPnEFRqQSrH
WT4ti/TxIkFDpb10rs9y5icxV3WhtZbIiWgb1fWPKBrlQFIPWUWSqlAkT1XdPW89
FXp5w/qgqcLxMkOzkLwiVZ+VOj7AC59hnkgKBM1PNAHIdyi79tud0vhOtZJqxovi
spKhLydam9rKbFOHGNjiM4LY122s+QfV+LSCh7vwE7T5qw==
-----END CERTIFICATE-----