Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3139302e322e31392e302f32342d3234203d3e203237373131.roa
File:                     3139302e322e31392e302f32342d3234203d3e203237373131.roa (raw, json)
Hash identifier:          Ov7ahXXqvEUwyqHonDWCYGOGKAZQVO7lYLF1pF76lLc=
Subject key identifier:   DC:28:4B:EB:38:8B:DC:5F:55:D7:92:25:B8:B6:A5:67:35:B5:7F:41
Certificate issuer:       /CN=171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7
Certificate serial:       425496A7711A7FCEE131AC72A4949D5BC4AE39C9
Authority key identifier: 17:1F:14:D5:AE:EC:89:F4:AE:41:04:C0:F6:09:DE:27:7D:1D:3C:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3139302e322e31392e302f32342d3234203d3e203237373131.roa
Signing time:             Tue 04 Feb 2025 20:04:11 +0000
ROA not before:           Tue 04 Feb 2025 19:59:11 +0000
ROA not after:            Tue 03 Feb 2026 20:04:11 +0000
asID:                     27711
IP address blocks:        190.2.19.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:54:96:a7:71:1a:7f:ce:e1:31:ac:72:a4:94:9d:5b:c4:ae:39:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7
        Validity
            Not Before: Feb  4 19:59:11 2025 GMT
            Not After : Feb  3 20:04:11 2026 GMT
        Subject: CN=DC284BEB388BDC5F55D79225B8B6A56735B57F41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:2b:bd:73:6f:e8:47:33:e3:f0:ce:25:17:69:
                    7e:f4:33:d5:44:c7:83:1b:3b:1e:d3:d7:ab:75:66:
                    2e:30:1f:61:c1:54:db:47:be:ac:0f:fc:99:0d:e0:
                    95:8c:b3:bb:22:78:f9:56:d4:52:a0:98:1e:bb:4e:
                    47:81:9e:e8:9d:87:ad:06:84:2b:8f:95:f0:c3:dc:
                    d2:85:88:0c:67:8b:3a:ed:06:45:ca:95:d9:be:e5:
                    ad:5d:50:0b:61:67:af:df:1f:6e:4d:b9:32:d6:08:
                    82:b1:e4:fc:e1:1f:e0:2a:44:dd:ab:37:a9:07:50:
                    7d:b0:11:e4:be:e3:5f:46:13:66:f0:c5:e5:d7:5d:
                    f6:97:ae:3e:7b:ee:d0:23:1a:9e:48:13:a3:27:eb:
                    3e:ff:4e:9c:69:b2:0a:0c:dc:43:19:a0:28:dd:3f:
                    28:be:26:fa:df:6d:de:ce:c4:0d:ea:76:73:f9:ef:
                    0e:7b:70:17:5d:f5:c2:5c:f5:0c:f7:cd:2f:68:18:
                    be:66:5c:e7:b1:d5:ee:e6:6f:92:75:91:73:cd:e4:
                    14:b3:76:62:e0:0a:28:6d:98:e7:3b:a2:75:c8:1e:
                    28:43:50:4a:6e:36:d2:e2:9e:47:31:65:cb:6b:ed:
                    d6:6d:23:ce:d5:91:98:b1:c8:c0:a0:79:c5:7a:13:
                    bb:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:28:4B:EB:38:8B:DC:5F:55:D7:92:25:B8:B6:A5:67:35:B5:7F:41
            X509v3 Authority Key Identifier:
                keyid:17:1F:14:D5:AE:EC:89:F4:AE:41:04:C0:F6:09:DE:27:7D:1D:3C:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3139302e322e31392e302f32342d3234203d3e203237373131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.2.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:26:79:16:78:a4:54:50:fe:6d:e6:36:eb:1d:a9:d3:19:7c:
         1b:8e:52:8c:14:e0:54:a3:9c:fa:e0:b2:17:d1:85:f1:d4:40:
         57:6f:7a:07:1e:77:e1:58:65:3f:40:5d:bf:9e:8a:81:ae:b6:
         b5:2b:13:0c:8c:c2:14:2e:71:15:04:ae:a2:04:5c:e8:6f:19:
         6f:55:a6:71:a2:7b:9b:29:f3:73:d6:49:36:89:d3:7a:ca:9d:
         0e:37:6f:db:c4:47:20:af:e5:4b:8e:b3:e8:8f:41:e5:bd:9f:
         ac:4f:b6:8e:94:32:61:37:21:32:25:24:c7:5d:6b:0e:79:f0:
         70:c2:f0:61:40:a2:76:ed:79:d0:cd:74:6e:3a:b0:f9:f8:29:
         b8:bc:4b:a6:bc:8f:58:89:e0:4f:0e:f2:ba:15:42:11:83:07:
         e3:e7:78:51:cb:45:5f:99:37:51:12:6a:ef:3d:2f:02:68:cf:
         c6:64:5c:b0:0a:7c:6a:a2:8b:1d:c7:17:8a:f9:39:1c:0e:8c:
         a3:76:17:70:d3:5e:5c:ed:f4:94:fd:65:17:20:72:04:50:3f:
         3e:6f:33:5d:46:54:ff:3e:c9:f6:61:9a:88:71:48:bf:2f:7f:
         75:fe:ac:7f:ba:11:4e:21:86:b8:c0:86:93:9d:35:99:37:c9:
         f1:91:ba:57
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUQlSWp3Eaf87hMaxypJSdW8SuOckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTcxRjE0RDVBRUVDODlGNEFFNDEwNEMwRjYwOURFMjc3
RDFEM0NENzAeFw0yNTAyMDQxOTU5MTFaFw0yNjAyMDMyMDA0MTFaMDMxMTAvBgNV
BAMTKERDMjg0QkVCMzg4QkRDNUY1NUQ3OTIyNUI4QjZBNTY3MzVCNTdGNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhK71zb+hHM+PwziUXaX70M9VE
x4MbOx7T16t1Zi4wH2HBVNtHvqwP/JkN4JWMs7siePlW1FKgmB67TkeBnuidh60G
hCuPlfDD3NKFiAxnizrtBkXKldm+5a1dUAthZ6/fH25NuTLWCIKx5PzhH+AqRN2r
N6kHUH2wEeS+419GE2bwxeXXXfaXrj577tAjGp5IE6Mn6z7/TpxpsgoM3EMZoCjd
Pyi+Jvrfbd7OxA3qdnP57w57cBdd9cJc9Qz3zS9oGL5mXOex1e7mb5J1kXPN5BSz
dmLgCihtmOc7onXIHihDUEpuNtLinkcxZctr7dZtI87VkZixyMCgecV6E7vxAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQU3ChL6ziL3F9V15IluLalZzW1f0EwHwYDVR0j
BBgwFoAUFx8U1a7sifSuQQTA9gneJ30dPNcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMTM4MkIxQTRDQ0FCNjZEQTYxOEIxRUY5QUI0QzYzMDg2
RUFBQTE4RTdGMEM5NUJEOTQxODAzQzQ2RjVENTY3LzAvMTcxRjE0RDVBRUVDODlG
NEFFNDEwNEMwRjYwOURFMjc3RDFEM0NENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNzFGMTRENUFFRUM4OUY0QUU0
MTA0QzBGNjA5REUyNzdEMUQzQ0Q3LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzEzODJCMUE0Q0NBQjY2REE2MThCMUVGOUFCNEM2MzA4NkVBQUExOEU3
RjBDOTVCRDk0MTgwM0M0NkY1RDU2Ny8wLzMxMzkzMDJlMzIyZTMxMzkyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMjM3MzczMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvgITMA0GCSqG
SIb3DQEBCwUAA4IBAQAdJnkWeKRUUP5t5jbrHanTGXwbjlKMFOBUo5z64LIX0YXx
1EBXb3oHHnfhWGU/QF2/noqBrra1KxMMjMIULnEVBK6iBFzobxlvVaZxonubKfNz
1kk2idN6yp0ON2/bxEcgr+VLjrPoj0HlvZ+sT7aOlDJhNyEyJSTHXWsOefBwwvBh
QKJ27XnQzXRuOrD5+Cm4vEumvI9YieBPDvK6FUIRgwfj53hRy0VfmTdREmrvPS8C
aM/GZFywCnxqoosdxxeK+TkcDoyjdhdw015c7fSU/WUXIHIEUD8+bzNdRlT/Psn2
YZqIcUi/L391/qx/uhFOIYa4wIaTnTWZN8nxkbpX
-----END CERTIFICATE-----