Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3139302e3231302e3133312e302f32342d3234203d3e203631343532.roa
File:                     3139302e3231302e3133312e302f32342d3234203d3e203631343532.roa (raw, json)
Hash identifier:          093zHiw7LD0F3kxef00OwAQruzJ71Z8Z3/iK7nNhFPs=
Subject key identifier:   E0:BF:88:16:C1:A8:E9:D0:46:70:59:40:55:F2:DF:0F:9F:D3:53:C9
Certificate issuer:       /CN=171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7
Certificate serial:       7CEA9231950AEA6C8D2F001C2E237A3F1CC866EB
Authority key identifier: 17:1F:14:D5:AE:EC:89:F4:AE:41:04:C0:F6:09:DE:27:7D:1D:3C:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3139302e3231302e3133312e302f32342d3234203d3e203631343532.roa
Signing time:             Tue 04 Feb 2025 20:04:07 +0000
ROA not before:           Tue 04 Feb 2025 19:59:07 +0000
ROA not after:            Tue 03 Feb 2026 20:04:07 +0000
asID:                     61452
IP address blocks:        190.210.131.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:ea:92:31:95:0a:ea:6c:8d:2f:00:1c:2e:23:7a:3f:1c:c8:66:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7
        Validity
            Not Before: Feb  4 19:59:07 2025 GMT
            Not After : Feb  3 20:04:07 2026 GMT
        Subject: CN=E0BF8816C1A8E9D04670594055F2DF0F9FD353C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e9:cb:e6:84:9e:32:6d:69:22:b6:09:fb:03:
                    be:f8:f2:11:5f:b4:9e:62:0d:18:92:96:12:1a:80:
                    8b:80:92:9b:e4:86:72:21:92:07:a0:97:46:2f:3f:
                    9c:97:d2:70:f5:01:71:82:c8:a8:fb:84:5d:d5:5d:
                    df:e8:b5:e7:4e:be:36:6f:47:d9:9b:e8:de:97:6f:
                    53:c0:2f:a2:81:c1:9f:88:d8:f1:db:f4:f3:1f:c2:
                    65:13:96:bb:44:72:e9:98:79:cd:aa:d9:33:77:52:
                    bc:10:59:ed:46:a8:17:f5:c1:fe:9d:f9:84:d1:97:
                    81:e4:70:a2:ce:c8:f3:b0:c2:f7:e9:a0:fc:10:9f:
                    20:41:06:53:fa:47:b4:82:c7:86:18:70:cc:54:08:
                    c7:29:61:b4:18:db:a2:59:28:55:8e:9b:9a:ec:8b:
                    09:54:e3:b5:12:29:68:17:82:00:fd:0f:73:ea:85:
                    9e:60:0d:86:80:f1:e9:8c:4e:03:e5:e6:3b:a3:4f:
                    e3:24:57:f0:06:d3:8c:7b:41:99:c9:d2:35:a5:e4:
                    3f:5c:72:bd:78:87:5f:12:0b:54:86:fd:24:9a:65:
                    b7:2f:c7:fa:d8:59:28:46:b0:3e:64:c4:5d:39:58:
                    cc:a4:ae:28:73:b5:55:80:0f:d5:b2:d2:6e:b1:3c:
                    ba:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:BF:88:16:C1:A8:E9:D0:46:70:59:40:55:F2:DF:0F:9F:D3:53:C9
            X509v3 Authority Key Identifier:
                keyid:17:1F:14:D5:AE:EC:89:F4:AE:41:04:C0:F6:09:DE:27:7D:1D:3C:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3139302e3231302e3133312e302f32342d3234203d3e203631343532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.210.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:65:6b:a4:ca:ea:ce:2e:4e:ed:34:c8:5a:d3:51:bf:ce:c1:
         da:5c:34:03:69:66:de:ab:ee:0b:d4:90:63:55:c9:32:07:4b:
         2c:c3:d1:39:fc:b8:ed:da:00:d5:9a:f6:3b:f9:d8:f8:74:aa:
         66:ba:eb:a1:f1:e9:01:01:98:b3:3a:ca:ae:10:5a:e0:20:85:
         78:bb:65:90:a0:e6:2c:00:f1:c5:a9:73:bb:e4:d6:74:e9:2a:
         99:51:2c:6e:46:3d:4c:12:a3:fd:73:96:de:0e:04:3d:b4:87:
         6c:c1:68:14:b7:b3:6a:64:19:27:fc:26:f6:c1:66:24:20:39:
         d7:d2:8f:c3:ee:b9:f7:b0:f6:cb:10:0d:87:91:d1:64:83:b0:
         ef:9a:67:4c:71:98:f2:ca:02:0b:f1:55:96:76:74:5e:03:05:
         7d:3f:4d:e2:39:74:b3:df:c9:2b:a1:89:bf:de:8f:50:66:c9:
         e5:ea:2e:d1:5e:a9:c6:64:72:85:dd:d6:c1:f2:f2:90:f6:fb:
         5a:da:e9:26:58:6e:f3:86:4f:93:ae:d9:b3:85:33:f8:68:aa:
         e1:a0:4d:09:93:13:71:aa:ac:fd:43:7c:eb:0e:ea:3a:2b:0b:
         f5:1b:e3:d2:9f:ea:7e:8f:e0:d7:c7:89:01:64:ba:02:c3:9a:
         f2:60:be:f8
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUfOqSMZUK6myNLwAcLiN6PxzIZuswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTcxRjE0RDVBRUVDODlGNEFFNDEwNEMwRjYwOURFMjc3
RDFEM0NENzAeFw0yNTAyMDQxOTU5MDdaFw0yNjAyMDMyMDA0MDdaMDMxMTAvBgNV
BAMTKEUwQkY4ODE2QzFBOEU5RDA0NjcwNTk0MDU1RjJERjBGOUZEMzUzQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj6cvmhJ4ybWkitgn7A7748hFf
tJ5iDRiSlhIagIuAkpvkhnIhkgegl0YvP5yX0nD1AXGCyKj7hF3VXd/otedOvjZv
R9mb6N6Xb1PAL6KBwZ+I2PHb9PMfwmUTlrtEcumYec2q2TN3UrwQWe1GqBf1wf6d
+YTRl4HkcKLOyPOwwvfpoPwQnyBBBlP6R7SCx4YYcMxUCMcpYbQY26JZKFWOm5rs
iwlU47USKWgXggD9D3PqhZ5gDYaA8emMTgPl5jujT+MkV/AG04x7QZnJ0jWl5D9c
cr14h18SC1SG/SSaZbcvx/rYWShGsD5kxF05WMykrihztVWAD9Wy0m6xPLoTAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU4L+IFsGo6dBGcFlAVfLfD5/TU8kwHwYDVR0j
BBgwFoAUFx8U1a7sifSuQQTA9gneJ30dPNcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMTM4MkIxQTRDQ0FCNjZEQTYxOEIxRUY5QUI0QzYzMDg2
RUFBQTE4RTdGMEM5NUJEOTQxODAzQzQ2RjVENTY3LzAvMTcxRjE0RDVBRUVDODlG
NEFFNDEwNEMwRjYwOURFMjc3RDFEM0NENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNzFGMTRENUFFRUM4OUY0QUU0
MTA0QzBGNjA5REUyNzdEMUQzQ0Q3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzEzODJCMUE0Q0NBQjY2REE2MThCMUVGOUFCNEM2MzA4NkVBQUExOEU3
RjBDOTVCRDk0MTgwM0M0NkY1RDU2Ny8wLzMxMzkzMDJlMzIzMTMwMmUzMTMzMzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzQzNTMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvtKD
MA0GCSqGSIb3DQEBCwUAA4IBAQBpZWukyurOLk7tNMha01G/zsHaXDQDaWbeq+4L
1JBjVckyB0ssw9E5/Ljt2gDVmvY7+dj4dKpmuuuh8ekBAZizOsquEFrgIIV4u2WQ
oOYsAPHFqXO75NZ06SqZUSxuRj1MEqP9c5beDgQ9tIdswWgUt7NqZBkn/Cb2wWYk
IDnX0o/D7rn3sPbLEA2HkdFkg7DvmmdMcZjyygIL8VWWdnReAwV9P03iOXSz38kr
oYm/3o9QZsnl6i7RXqnGZHKF3dbB8vKQ9vta2ukmWG7zhk+TrtmzhTP4aKrhoE0J
kxNxqqz9Q3zrDuo6Kwv1G+PSn+p+j+DXx4kBZLoCw5ryYL74
-----END CERTIFICATE-----