Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C71E9B6EEE78F12B15E3BEBF954942DBC0CDCA94DA317B83F0CD62B2FDB26ECE/0/3139302e3130362e3234302e302f32302d3234203d3e203237383339.roa
File:                     3139302e3130362e3234302e302f32302d3234203d3e203237383339.roa (raw, json)
Hash identifier:          DGnmTtxw6+vTN/FRnmus3B4gzPh2/oDStj8la9G9E4Q=
Subject key identifier:   A2:03:AE:CE:5A:E6:DA:99:12:F2:AF:6F:85:91:63:6D:3F:7A:8A:62
Certificate issuer:       /CN=21B4A6594D293307A54FC67EA972CF9E807930DF
Certificate serial:       076E2B5E7E58A7706B454BEB8536F73E93261634
Authority key identifier: 21:B4:A6:59:4D:29:33:07:A5:4F:C6:7E:A9:72:CF:9E:80:79:30:DF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/21B4A6594D293307A54FC67EA972CF9E807930DF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C71E9B6EEE78F12B15E3BEBF954942DBC0CDCA94DA317B83F0CD62B2FDB26ECE/0/3139302e3130362e3234302e302f32302d3234203d3e203237383339.roa
Signing time:             Tue 04 Feb 2025 18:16:43 +0000
ROA not before:           Tue 04 Feb 2025 18:11:43 +0000
ROA not after:            Tue 03 Feb 2026 18:16:43 +0000
asID:                     27839
IP address blocks:        190.106.240.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:6e:2b:5e:7e:58:a7:70:6b:45:4b:eb:85:36:f7:3e:93:26:16:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21B4A6594D293307A54FC67EA972CF9E807930DF
        Validity
            Not Before: Feb  4 18:11:43 2025 GMT
            Not After : Feb  3 18:16:43 2026 GMT
        Subject: CN=A203AECE5AE6DA9912F2AF6F8591636D3F7A8A62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:bc:1d:11:d5:bb:20:6d:88:d4:4e:48:11:ea:
                    28:73:bb:da:a1:27:46:94:d6:4b:ec:22:8b:81:de:
                    f3:78:68:6c:56:b4:3a:93:fc:a2:ab:d6:aa:62:5c:
                    53:46:26:91:92:f1:d9:7f:a8:d6:50:5a:57:d9:da:
                    e4:83:b0:39:35:ce:5c:eb:49:8f:5b:a7:07:46:f1:
                    06:59:79:9b:d6:b2:73:ed:fa:ab:19:ae:8e:7c:64:
                    2d:9a:50:fc:62:d8:d8:53:68:b9:9e:e3:a9:f5:d4:
                    fc:58:e9:12:d6:3f:92:ec:36:2d:c5:2c:30:3f:be:
                    bd:ca:d3:9c:5b:2f:72:8c:6a:38:82:b4:95:6d:a0:
                    ee:e3:af:5d:14:bc:39:67:2a:8c:30:80:8b:89:4e:
                    1e:3c:6d:71:25:b4:b3:7f:31:e7:0c:63:c4:ad:56:
                    8b:25:a2:ca:6a:d9:60:a3:96:29:f4:f5:c0:9b:5e:
                    38:00:20:15:4d:a7:03:02:be:dc:19:ec:28:e6:de:
                    93:0d:8e:3d:2f:52:36:1c:c6:39:5f:0b:70:79:c2:
                    b7:6b:ab:6d:39:d1:f4:88:8e:06:ee:3b:f2:dc:61:
                    02:38:f2:dc:9a:b8:74:db:74:12:07:3e:c8:5f:e0:
                    99:a4:fc:32:a5:1f:13:48:b2:7f:84:5f:7a:6b:ee:
                    b9:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:03:AE:CE:5A:E6:DA:99:12:F2:AF:6F:85:91:63:6D:3F:7A:8A:62
            X509v3 Authority Key Identifier:
                keyid:21:B4:A6:59:4D:29:33:07:A5:4F:C6:7E:A9:72:CF:9E:80:79:30:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C71E9B6EEE78F12B15E3BEBF954942DBC0CDCA94DA317B83F0CD62B2FDB26ECE/0/21B4A6594D293307A54FC67EA972CF9E807930DF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/21B4A6594D293307A54FC67EA972CF9E807930DF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C71E9B6EEE78F12B15E3BEBF954942DBC0CDCA94DA317B83F0CD62B2FDB26ECE/0/3139302e3130362e3234302e302f32302d3234203d3e203237383339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.106.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         5d:3b:54:05:42:e1:25:03:7e:4e:90:fa:46:60:33:e7:d7:9c:
         d5:61:3b:b4:01:94:d5:44:55:c8:cf:c3:98:06:07:cb:74:99:
         e0:bc:9d:fe:33:14:d3:5a:a2:ee:80:66:a9:2b:20:07:9f:f5:
         18:3e:f3:33:0f:39:79:12:7f:b9:d1:dd:3c:75:20:f5:e5:bd:
         eb:e8:29:3d:bc:c2:18:92:76:fa:2e:a9:d7:2b:e2:7e:45:67:
         a6:90:bd:9f:22:e7:34:7b:93:64:bd:91:63:6b:90:a4:55:c7:
         44:c0:ab:04:5a:94:79:cc:66:3c:56:9f:60:b3:c3:ea:1b:fb:
         c2:bc:6b:77:7d:f9:01:84:13:82:36:ef:1d:e8:a5:8e:4d:35:
         70:c9:50:e0:e8:3d:8f:46:5f:fc:78:1a:54:4e:a3:c5:4c:17:
         52:c7:72:3f:b1:82:81:14:59:a4:a8:c9:af:aa:77:e4:36:83:
         74:1a:69:07:d6:83:96:f7:8f:62:3c:95:ea:02:ea:f0:fa:a1:
         f3:27:cb:c6:d9:f3:16:08:7c:ac:11:e0:94:c0:bc:58:55:a9:
         9b:1c:2e:51:02:68:4a:2b:0e:5d:22:69:d5:23:ab:5c:cd:62:
         e0:60:14:e5:41:d7:55:48:8d:40:ef:0b:62:53:ab:1e:42:18:
         54:73:fa:f0
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUB24rXn5Yp3BrRUvrhTb3PpMmFjQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjFCNEE2NTk0RDI5MzMwN0E1NEZDNjdFQTk3MkNGOUU4
MDc5MzBERjAeFw0yNTAyMDQxODExNDNaFw0yNjAyMDMxODE2NDNaMDMxMTAvBgNV
BAMTKEEyMDNBRUNFNUFFNkRBOTkxMkYyQUY2Rjg1OTE2MzZEM0Y3QThBNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnvB0R1bsgbYjUTkgR6ihzu9qh
J0aU1kvsIouB3vN4aGxWtDqT/KKr1qpiXFNGJpGS8dl/qNZQWlfZ2uSDsDk1zlzr
SY9bpwdG8QZZeZvWsnPt+qsZro58ZC2aUPxi2NhTaLme46n11PxY6RLWP5LsNi3F
LDA/vr3K05xbL3KMajiCtJVtoO7jr10UvDlnKowwgIuJTh48bXEltLN/MecMY8St
Voslospq2WCjlin09cCbXjgAIBVNpwMCvtwZ7Cjm3pMNjj0vUjYcxjlfC3B5wrdr
q2050fSIjgbuO/LcYQI48tyauHTbdBIHPshf4Jmk/DKlHxNIsn+EX3pr7rlFAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUogOuzlrm2pkS8q9vhZFjbT96imIwHwYDVR0j
BBgwFoAUIbSmWU0pMwelT8Z+qXLPnoB5MN8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DNzFFOUI2RUVFNzhGMTJCMTVFM0JFQkY5NTQ5NDJEQkMw
Q0RDQTk0REEzMTdCODNGMENENjJCMkZEQjI2RUNFLzAvMjFCNEE2NTk0RDI5MzMw
N0E1NEZDNjdFQTk3MkNGOUU4MDc5MzBERi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMUI0QTY1OTREMjkzMzA3QTU0
RkM2N0VBOTcyQ0Y5RTgwNzkzMERGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzcxRTlCNkVFRTc4RjEyQjE1RTNCRUJGOTU0OTQyREJDMENEQ0E5NERB
MzE3QjgzRjBDRDYyQjJGREIyNkVDRS8wLzMxMzkzMDJlMzEzMDM2MmUzMjM0MzAy
ZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjM3MzgzMzM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEvmrw
MA0GCSqGSIb3DQEBCwUAA4IBAQBdO1QFQuElA35OkPpGYDPn15zVYTu0AZTVRFXI
z8OYBgfLdJngvJ3+MxTTWqLugGapKyAHn/UYPvMzDzl5En+50d08dSD15b3r6Ck9
vMIYknb6LqnXK+J+RWemkL2fIuc0e5NkvZFja5CkVcdEwKsEWpR5zGY8Vp9gs8Pq
G/vCvGt3ffkBhBOCNu8d6KWOTTVwyVDg6D2PRl/8eBpUTqPFTBdSx3I/sYKBFFmk
qMmvqnfkNoN0GmkH1oOW949iPJXqAurw+qHzJ8vG2fMWCHysEeCUwLxYVambHC5R
AmhKKw5dImnVI6tczWLgYBTlQddVSI1A7wtiU6seQhhUc/rw
-----END CERTIFICATE-----