Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C0E7A9136F1DAD264E04B6736BFAFA723BBF34D615BF712E98916F1DEDC86035/0/3135322e3136362e302e302f31352d3234203d3e203238313138.roa
File:                     3135322e3136362e302e302f31352d3234203d3e203238313138.roa (raw, json)
Hash identifier:          IiRZWTWx/Ygwgde1ALLt+MMm9nkyaADFHDmEbg42Szc=
Subject key identifier:   40:A0:79:74:35:04:FC:13:C7:5A:52:21:CD:A3:0A:6D:E3:23:B2:BA
Certificate issuer:       /CN=09612E5CB71DD47C0219F4047F44AF43260AE69B
Certificate serial:       6955A9C27D427287F5FCA9F0B465C131BB5A26E6
Authority key identifier: 09:61:2E:5C:B7:1D:D4:7C:02:19:F4:04:7F:44:AF:43:26:0A:E6:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/09612E5CB71DD47C0219F4047F44AF43260AE69B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C0E7A9136F1DAD264E04B6736BFAFA723BBF34D615BF712E98916F1DEDC86035/0/3135322e3136362e302e302f31352d3234203d3e203238313138.roa
Signing time:             Tue 04 Feb 2025 18:47:04 +0000
ROA not before:           Tue 04 Feb 2025 18:42:04 +0000
ROA not after:            Tue 03 Feb 2026 18:47:04 +0000
asID:                     28118
IP address blocks:        152.166.0.0/15 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:55:a9:c2:7d:42:72:87:f5:fc:a9:f0:b4:65:c1:31:bb:5a:26:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09612E5CB71DD47C0219F4047F44AF43260AE69B
        Validity
            Not Before: Feb  4 18:42:04 2025 GMT
            Not After : Feb  3 18:47:04 2026 GMT
        Subject: CN=40A079743504FC13C75A5221CDA30A6DE323B2BA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e6:69:30:e8:08:db:77:5d:36:f8:db:18:8b:
                    16:62:f4:ba:40:d3:01:7d:1b:35:38:5f:bb:37:a5:
                    0b:f7:4b:c4:30:e5:ec:43:1b:d7:7e:d7:90:f3:7e:
                    3b:2b:b5:2b:d6:1a:e1:94:0b:18:e2:3e:99:0a:5d:
                    7a:d5:d2:e1:ad:62:80:a1:2f:03:2d:1c:59:63:94:
                    a3:09:0a:87:33:bf:2b:d8:5d:1e:48:d6:21:bb:8c:
                    aa:c3:d2:4e:41:98:21:85:b6:47:a7:e1:cf:5c:ec:
                    e7:bc:37:fb:b7:8d:ee:26:d7:e9:69:db:a3:25:e9:
                    95:42:d9:41:30:fb:93:86:b8:ea:e0:24:80:d1:ed:
                    67:d7:62:67:6f:3d:b2:72:5a:a2:dd:58:27:4a:83:
                    89:5e:f8:c3:b3:32:7d:6c:6d:11:c5:0c:7d:7b:47:
                    85:b0:b8:e2:87:f5:66:52:48:d5:d1:cb:8e:db:bd:
                    cb:49:85:0b:83:65:2e:c0:c7:ec:51:b9:76:fc:ec:
                    ef:80:8e:77:13:f1:10:77:21:68:fd:84:9d:7c:6a:
                    2e:c9:32:bc:d6:93:36:1d:f8:2c:17:12:0d:7f:1f:
                    6d:1c:40:0a:9e:b5:a4:9c:ba:96:49:3a:76:09:d6:
                    a2:90:5f:bd:1a:4d:84:1f:c2:76:9f:6c:70:90:ed:
                    dd:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:A0:79:74:35:04:FC:13:C7:5A:52:21:CD:A3:0A:6D:E3:23:B2:BA
            X509v3 Authority Key Identifier:
                keyid:09:61:2E:5C:B7:1D:D4:7C:02:19:F4:04:7F:44:AF:43:26:0A:E6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C0E7A9136F1DAD264E04B6736BFAFA723BBF34D615BF712E98916F1DEDC86035/0/09612E5CB71DD47C0219F4047F44AF43260AE69B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/09612E5CB71DD47C0219F4047F44AF43260AE69B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C0E7A9136F1DAD264E04B6736BFAFA723BBF34D615BF712E98916F1DEDC86035/0/3135322e3136362e302e302f31352d3234203d3e203238313138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.166.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         35:77:13:e8:63:fb:d8:e9:69:cb:ff:a2:e5:0b:7f:fe:bb:69:
         38:f1:0d:84:4a:b0:ee:a7:5d:83:65:66:cf:29:36:70:37:3f:
         dc:41:04:28:82:0c:77:a4:14:74:b5:a7:68:a1:d6:3d:2b:d9:
         7c:0a:f5:2f:e0:7f:3d:9c:1d:ae:6d:bb:94:ef:57:85:4e:ef:
         dd:8f:a0:21:91:b0:41:57:80:6c:11:0d:4a:e3:c2:01:eb:61:
         a9:e4:cd:77:53:8f:51:15:63:ef:f8:fd:68:ca:ab:f7:00:7c:
         5b:ee:30:9a:34:ad:ee:73:92:3c:5a:88:83:06:c5:f4:55:8f:
         36:1c:f5:2f:b6:fd:7c:11:99:5e:b1:3f:ad:a9:fa:6e:a1:4b:
         e8:d8:e8:b0:3f:67:05:52:c6:c9:39:10:f6:f6:75:77:e8:55:
         7c:82:50:40:c5:db:4d:5d:da:17:81:6a:e3:4a:e3:23:4d:40:
         af:7c:85:5d:ef:13:b6:76:79:8d:a7:04:8c:f7:d9:35:0a:98:
         d9:a4:79:28:8a:50:ab:56:40:61:64:2e:86:00:24:1f:e6:7e:
         fd:10:ce:9e:89:d7:e8:c0:fe:1b:96:80:2d:92:d4:49:5c:70:
         ac:72:d0:aa:34:ac:18:53:c8:9f:cb:0a:3b:b9:3b:c8:22:be:
         c4:50:3d:91
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUaVWpwn1Ccof1/KnwtGXBMbtaJuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk2MTJFNUNCNzFERDQ3QzAyMTlGNDA0N0Y0NEFGNDMy
NjBBRTY5QjAeFw0yNTAyMDQxODQyMDRaFw0yNjAyMDMxODQ3MDRaMDMxMTAvBgNV
BAMTKDQwQTA3OTc0MzUwNEZDMTNDNzVBNTIyMUNEQTMwQTZERTMyM0IyQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC25mkw6Ajbd102+NsYixZi9LpA
0wF9GzU4X7s3pQv3S8Qw5exDG9d+15DzfjsrtSvWGuGUCxjiPpkKXXrV0uGtYoCh
LwMtHFljlKMJCoczvyvYXR5I1iG7jKrD0k5BmCGFtken4c9c7Oe8N/u3je4m1+lp
26Ml6ZVC2UEw+5OGuOrgJIDR7WfXYmdvPbJyWqLdWCdKg4le+MOzMn1sbRHFDH17
R4WwuOKH9WZSSNXRy47bvctJhQuDZS7Ax+xRuXb87O+AjncT8RB3IWj9hJ18ai7J
MrzWkzYd+CwXEg1/H20cQAqetaScupZJOnYJ1qKQX70aTYQfwnafbHCQ7d1TAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUQKB5dDUE/BPHWlIhzaMKbeMjsrowHwYDVR0j
BBgwFoAUCWEuXLcd1HwCGfQEf0SvQyYK5pswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMEU3QTkxMzZGMURBRDI2NEUwNEI2NzM2QkZBRkE3MjNC
QkYzNEQ2MTVCRjcxMkU5ODkxNkYxREVEQzg2MDM1LzAvMDk2MTJFNUNCNzFERDQ3
QzAyMTlGNDA0N0Y0NEFGNDMyNjBBRTY5Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wOTYxMkU1Q0I3MURENDdDMDIx
OUY0MDQ3RjQ0QUY0MzI2MEFFNjlCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzBFN0E5MTM2RjFEQUQyNjRFMDRCNjczNkJGQUZBNzIzQkJGMzRENjE1
QkY3MTJFOTg5MTZGMURFREM4NjAzNS8wLzMxMzUzMjJlMzEzNjM2MmUzMDJlMzAy
ZjMxMzUyZDMyMzQyMDNkM2UyMDMyMzgzMTMxMzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwGYpjANBgkq
hkiG9w0BAQsFAAOCAQEANXcT6GP72Olpy/+i5Qt//rtpOPENhEqw7qddg2Vmzyk2
cDc/3EEEKIIMd6QUdLWnaKHWPSvZfAr1L+B/PZwdrm27lO9XhU7v3Y+gIZGwQVeA
bBENSuPCAethqeTNd1OPURVj7/j9aMqr9wB8W+4wmjSt7nOSPFqIgwbF9FWPNhz1
L7b9fBGZXrE/ran6bqFL6NjosD9nBVLGyTkQ9vZ1d+hVfIJQQMXbTV3aF4Fq40rj
I01Ar3yFXe8TtnZ5jacEjPfZNQqY2aR5KIpQq1ZAYWQuhgAkH+Z+/RDOnonX6MD+
G5aALZLUSVxwrHLQqjSsGFPIn8sKO7k7yCK+xFA9kQ==
-----END CERTIFICATE-----