Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C0CE9AA0BC29760A13F1C1FBADBCAA564D094312E70029DFE6E0D0AFDC88405F/0/3136382e3139342e3134302e302f32322d3232203d3e20323634373534.roa
File:                     3136382e3139342e3134302e302f32322d3232203d3e20323634373534.roa (raw, json)
Hash identifier:          Ty5KiGrwNjNsXEsQXtkuWo7ySt6zBoj75vKGbw/ACFc=
Subject key identifier:   C1:79:9C:F8:5F:36:45:4A:63:96:C0:FC:C2:8F:47:8B:94:6E:AC:EA
Certificate issuer:       /CN=AC7B8BA3D05E211CF7697DC38DBB7591FCD3075A
Certificate serial:       13A1A1AAE661AC20EFE2C8432640D56AE6B701F0
Authority key identifier: AC:7B:8B:A3:D0:5E:21:1C:F7:69:7D:C3:8D:BB:75:91:FC:D3:07:5A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AC7B8BA3D05E211CF7697DC38DBB7591FCD3075A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C0CE9AA0BC29760A13F1C1FBADBCAA564D094312E70029DFE6E0D0AFDC88405F/0/3136382e3139342e3134302e302f32322d3232203d3e20323634373534.roa
Signing time:             Tue 04 Feb 2025 18:32:39 +0000
ROA not before:           Tue 04 Feb 2025 18:27:39 +0000
ROA not after:            Tue 03 Feb 2026 18:32:39 +0000
asID:                     264754
IP address blocks:        168.194.140.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:a1:a1:aa:e6:61:ac:20:ef:e2:c8:43:26:40:d5:6a:e6:b7:01:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC7B8BA3D05E211CF7697DC38DBB7591FCD3075A
        Validity
            Not Before: Feb  4 18:27:39 2025 GMT
            Not After : Feb  3 18:32:39 2026 GMT
        Subject: CN=C1799CF85F36454A6396C0FCC28F478B946EACEA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:37:23:71:fb:5d:2e:fd:05:c3:84:36:90:04:
                    75:56:af:51:7a:15:95:8c:39:db:f0:5b:46:b3:1c:
                    ff:ef:44:97:e8:0f:23:e1:da:0b:f3:e3:1f:f5:1f:
                    5a:4b:18:3e:cc:95:d1:52:a3:30:0e:f7:20:ed:da:
                    b2:16:b2:64:cd:62:dd:3c:94:23:7b:b1:11:ab:80:
                    b4:39:dd:20:43:4c:66:b5:20:82:ff:13:04:36:76:
                    e6:4a:46:35:20:d3:06:da:cd:23:da:69:ed:fb:5b:
                    35:d0:9a:61:f3:7d:21:03:8d:35:ff:38:1a:e8:a4:
                    97:ed:9b:99:17:ca:63:45:00:49:8d:ec:5c:e4:88:
                    7d:41:6c:96:e0:4c:72:75:80:22:33:1e:25:9d:4c:
                    25:67:5e:c8:76:5e:0d:ed:27:2a:28:25:dd:3c:26:
                    1e:6f:24:df:58:ab:bd:06:e6:cc:21:d9:98:4f:3b:
                    e8:89:08:d9:91:27:19:ab:36:66:ee:50:c7:0a:de:
                    07:bf:a7:3a:2d:86:3e:e8:3d:c9:01:54:25:d9:a7:
                    ed:1a:22:9d:7d:0c:23:5c:d4:02:ea:bd:71:79:a2:
                    3c:83:87:66:59:09:bb:39:96:ea:eb:ee:ec:e4:00:
                    e2:13:98:b9:2b:c3:3d:8f:9c:ad:7f:1a:76:f8:90:
                    05:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:79:9C:F8:5F:36:45:4A:63:96:C0:FC:C2:8F:47:8B:94:6E:AC:EA
            X509v3 Authority Key Identifier:
                keyid:AC:7B:8B:A3:D0:5E:21:1C:F7:69:7D:C3:8D:BB:75:91:FC:D3:07:5A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C0CE9AA0BC29760A13F1C1FBADBCAA564D094312E70029DFE6E0D0AFDC88405F/0/AC7B8BA3D05E211CF7697DC38DBB7591FCD3075A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AC7B8BA3D05E211CF7697DC38DBB7591FCD3075A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C0CE9AA0BC29760A13F1C1FBADBCAA564D094312E70029DFE6E0D0AFDC88405F/0/3136382e3139342e3134302e302f32322d3232203d3e20323634373534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.194.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:92:35:c1:6e:9f:4e:95:fc:82:58:5b:d3:1d:2c:5d:e6:ff:
         8e:db:45:e3:af:c3:bc:a8:1d:84:33:41:ce:5d:c0:54:ae:c1:
         11:87:03:c8:59:c9:e7:ee:d4:a6:37:44:18:6f:c2:7b:64:b0:
         06:0f:bb:4e:1a:43:29:63:31:c3:53:e9:be:a9:d9:2d:89:b1:
         42:67:75:bc:67:a4:83:5d:e7:ad:4f:96:2f:ea:24:db:82:72:
         b0:23:3a:72:28:13:49:a5:1f:b9:e6:b4:78:f6:28:6f:e9:26:
         57:bf:52:b9:04:4f:8b:95:1e:b0:ae:8e:09:f6:22:7f:fc:29:
         32:4d:c5:de:f3:e5:77:c0:c1:40:5d:6a:87:69:07:d3:23:76:
         aa:9e:85:71:2f:af:ec:38:d8:bf:6f:3c:ba:7b:cb:ed:bb:be:
         d9:2d:1b:cf:1e:a7:e3:5d:f7:28:9a:34:d6:ca:0a:f8:c9:90:
         79:6d:cb:ec:80:28:de:6f:06:e4:e4:43:f2:24:f7:17:c4:5e:
         1d:1f:52:d2:6a:3d:85:3a:95:9e:80:dd:3f:48:06:91:78:14:
         30:b7:9a:0d:46:80:d0:a5:95:0a:85:f3:f9:e8:9b:f8:e0:ac:
         1a:dc:e0:8d:7e:bc:5e:0b:ef:45:38:06:15:ba:3a:ec:08:ba:
         45:20:e3:d1
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUE6GhquZhrCDv4shDJkDVaua3AfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM3QjhCQTNEMDVFMjExQ0Y3Njk3REMzOERCQjc1OTFG
Q0QzMDc1QTAeFw0yNTAyMDQxODI3MzlaFw0yNjAyMDMxODMyMzlaMDMxMTAvBgNV
BAMTKEMxNzk5Q0Y4NUYzNjQ1NEE2Mzk2QzBGQ0MyOEY0NzhCOTQ2RUFDRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCNyNx+10u/QXDhDaQBHVWr1F6
FZWMOdvwW0azHP/vRJfoDyPh2gvz4x/1H1pLGD7MldFSozAO9yDt2rIWsmTNYt08
lCN7sRGrgLQ53SBDTGa1IIL/EwQ2duZKRjUg0wbazSPaae37WzXQmmHzfSEDjTX/
OBropJftm5kXymNFAEmN7FzkiH1BbJbgTHJ1gCIzHiWdTCVnXsh2Xg3tJyooJd08
Jh5vJN9Yq70G5swh2ZhPO+iJCNmRJxmrNmbuUMcK3ge/pzothj7oPckBVCXZp+0a
Ip19DCNc1ALqvXF5ojyDh2ZZCbs5lurr7uzkAOITmLkrwz2PnK1/Gnb4kAWlAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUwXmc+F82RUpjlsD8wo9Hi5RurOowHwYDVR0j
BBgwFoAUrHuLo9BeIRz3aX3Djbt1kfzTB1owDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMENFOUFBMEJDMjk3NjBBMTNGMUMxRkJBREJDQUE1NjRE
MDk0MzEyRTcwMDI5REZFNkUwRDBBRkRDODg0MDVGLzAvQUM3QjhCQTNEMDVFMjEx
Q0Y3Njk3REMzOERCQjc1OTFGQ0QzMDc1QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BQzdCOEJBM0QwNUUyMTFDRjc2
OTdEQzM4REJCNzU5MUZDRDMwNzVBLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzBDRTlBQTBCQzI5NzYwQTEzRjFDMUZCQURCQ0FBNTY0RDA5NDMxMkU3
MDAyOURGRTZFMEQwQUZEQzg4NDA1Ri8wLzMxMzYzODJlMzEzOTM0MmUzMTM0MzAy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM2MzQzNzM1MzQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKo
wowwDQYJKoZIhvcNAQELBQADggEBAHCSNcFun06V/IJYW9MdLF3m/47bReOvw7yo
HYQzQc5dwFSuwRGHA8hZyefu1KY3RBhvwntksAYPu04aQyljMcNT6b6p2S2JsUJn
dbxnpINd561Pli/qJNuCcrAjOnIoE0mlH7nmtHj2KG/pJle/UrkET4uVHrCujgn2
In/8KTJNxd7z5XfAwUBdaodpB9MjdqqehXEvr+w42L9vPLp7y+27vtktG88ep+Nd
9yiaNNbKCvjJkHlty+yAKN5vBuTkQ/Ik9xfEXh0fUtJqPYU6lZ6A3T9IBpF4FDC3
mg1GgNCllQqF8/nom/jgrBrc4I1+vF4L70U4BhW6OuwIukUg49E=
-----END CERTIFICATE-----