Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C71E9B6EEE78F12B15E3BEBF954942DBC0CDCA94DA317B83F0CD62B2FDB26ECE/0/3139302e31312e36342e302f31392d3234203d3e203237383339.roa
File:                     3139302e31312e36342e302f31392d3234203d3e203237383339.roa (raw, json)
Hash identifier:          oRzyUJlCpMARsgfXtug3ieo0i6o+G7AvZIisrUnaBos=
Subject key identifier:   D1:46:4C:9E:DD:2A:6E:81:98:26:05:20:CE:0F:B0:C6:A1:A4:0C:D5
Certificate issuer:       /CN=21B4A6594D293307A54FC67EA972CF9E807930DF
Certificate serial:       2319D443EF754414407BB79E5C4E7A38BC2208FD
Authority key identifier: 21:B4:A6:59:4D:29:33:07:A5:4F:C6:7E:A9:72:CF:9E:80:79:30:DF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/21B4A6594D293307A54FC67EA972CF9E807930DF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C71E9B6EEE78F12B15E3BEBF954942DBC0CDCA94DA317B83F0CD62B2FDB26ECE/0/3139302e31312e36342e302f31392d3234203d3e203237383339.roa
Signing time:             Tue 04 Feb 2025 18:16:40 +0000
ROA not before:           Tue 04 Feb 2025 18:11:40 +0000
ROA not after:            Tue 03 Feb 2026 18:16:40 +0000
asID:                     27839
IP address blocks:        190.11.64.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:19:d4:43:ef:75:44:14:40:7b:b7:9e:5c:4e:7a:38:bc:22:08:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21B4A6594D293307A54FC67EA972CF9E807930DF
        Validity
            Not Before: Feb  4 18:11:40 2025 GMT
            Not After : Feb  3 18:16:40 2026 GMT
        Subject: CN=D1464C9EDD2A6E8198260520CE0FB0C6A1A40CD5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:a7:1b:f7:a6:ee:c1:97:a5:66:c5:36:cb:43:
                    11:f9:ef:e7:d9:57:cd:14:62:0b:cd:02:ab:b3:4e:
                    b9:b3:0d:76:33:e9:49:12:49:1c:41:5b:b2:56:f5:
                    7e:02:53:b1:7c:94:1b:59:ca:1b:fa:17:c6:a8:6a:
                    bf:1b:16:53:90:79:81:61:ed:26:83:ee:50:90:d7:
                    91:3c:ea:3c:a8:bb:a9:5e:e9:55:9c:ed:1f:9d:a4:
                    61:ee:8c:41:af:38:fe:e1:a9:63:db:fc:d4:c9:17:
                    0e:09:6e:97:86:0c:47:23:88:4f:8c:76:de:6a:4b:
                    f3:06:f1:4c:1b:1e:36:60:2a:46:81:17:09:2b:e5:
                    eb:43:59:de:ad:95:12:b2:f4:76:7e:8f:de:18:7d:
                    86:dc:74:5e:17:bf:13:35:b7:d6:f0:e3:5a:e3:60:
                    65:87:3d:f6:88:93:35:c7:e7:e7:02:2e:4a:c3:0c:
                    41:76:4e:46:a3:68:d6:79:cb:e3:34:5f:ca:21:f4:
                    0f:ad:f7:2e:51:df:7a:fd:ba:1b:c1:72:e9:81:36:
                    98:cf:28:4a:8e:9e:4f:96:10:39:4f:9a:28:3f:b3:
                    d9:e9:a0:a2:07:74:6d:41:7e:e7:07:e5:9b:aa:45:
                    7c:5a:55:ea:be:bc:1b:60:a9:e2:53:02:c5:3d:6d:
                    91:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:46:4C:9E:DD:2A:6E:81:98:26:05:20:CE:0F:B0:C6:A1:A4:0C:D5
            X509v3 Authority Key Identifier:
                keyid:21:B4:A6:59:4D:29:33:07:A5:4F:C6:7E:A9:72:CF:9E:80:79:30:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C71E9B6EEE78F12B15E3BEBF954942DBC0CDCA94DA317B83F0CD62B2FDB26ECE/0/21B4A6594D293307A54FC67EA972CF9E807930DF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/21B4A6594D293307A54FC67EA972CF9E807930DF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C71E9B6EEE78F12B15E3BEBF954942DBC0CDCA94DA317B83F0CD62B2FDB26ECE/0/3139302e31312e36342e302f31392d3234203d3e203237383339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.11.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         55:98:80:e0:55:09:fd:b7:5f:4e:9b:f0:39:73:f5:cf:42:09:
         34:34:ef:df:cd:37:ae:30:64:28:70:17:8a:28:be:9d:df:20:
         81:5f:99:73:98:6e:f6:87:41:1b:c0:04:d6:ff:d8:20:2f:35:
         8a:de:88:3f:17:99:d5:15:de:9e:de:22:ce:b1:3f:6c:3f:cc:
         d4:00:48:aa:f2:88:d9:06:57:df:04:cb:b1:a7:43:2a:82:9e:
         fb:b8:81:96:90:66:9e:3f:66:3a:ca:21:fb:43:6d:8f:7f:be:
         9e:d5:42:0b:52:7e:73:08:49:b2:90:65:9d:e1:bb:99:11:cc:
         8c:87:cc:e8:8c:38:6d:7a:a4:17:ca:ab:ff:df:df:b4:94:40:
         4c:9d:7a:c8:85:b7:61:e6:e9:1a:f4:0d:fb:2c:6e:3b:e4:b1:
         be:2c:09:74:0b:9f:f0:30:1f:73:94:8c:3c:b8:80:dd:3f:0f:
         43:f4:89:bf:c8:d1:51:59:5f:a9:21:a5:3f:ad:36:54:ac:ff:
         c9:92:af:69:f5:25:5a:c7:03:70:d9:01:77:2a:4e:6a:f8:e1:
         15:8a:1b:88:e7:1c:2a:5f:ca:32:45:ff:86:13:a5:1e:43:cd:
         24:94:8d:81:93:6a:79:25:e3:6d:7c:79:42:89:f5:65:00:60:
         94:58:e4:2a
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUIxnUQ+91RBRAe7eeXE56OLwiCP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjFCNEE2NTk0RDI5MzMwN0E1NEZDNjdFQTk3MkNGOUU4
MDc5MzBERjAeFw0yNTAyMDQxODExNDBaFw0yNjAyMDMxODE2NDBaMDMxMTAvBgNV
BAMTKEQxNDY0QzlFREQyQTZFODE5ODI2MDUyMENFMEZCMEM2QTFBNDBDRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXpxv3pu7Bl6VmxTbLQxH57+fZ
V80UYgvNAquzTrmzDXYz6UkSSRxBW7JW9X4CU7F8lBtZyhv6F8aoar8bFlOQeYFh
7SaD7lCQ15E86jyou6le6VWc7R+dpGHujEGvOP7hqWPb/NTJFw4JbpeGDEcjiE+M
dt5qS/MG8UwbHjZgKkaBFwkr5etDWd6tlRKy9HZ+j94YfYbcdF4XvxM1t9bw41rj
YGWHPfaIkzXH5+cCLkrDDEF2TkajaNZ5y+M0X8oh9A+t9y5R33r9uhvBcumBNpjP
KEqOnk+WEDlPmig/s9npoKIHdG1BfucH5ZuqRXxaVeq+vBtgqeJTAsU9bZGfAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU0UZMnt0qboGYJgUgzg+wxqGkDNUwHwYDVR0j
BBgwFoAUIbSmWU0pMwelT8Z+qXLPnoB5MN8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DNzFFOUI2RUVFNzhGMTJCMTVFM0JFQkY5NTQ5NDJEQkMw
Q0RDQTk0REEzMTdCODNGMENENjJCMkZEQjI2RUNFLzAvMjFCNEE2NTk0RDI5MzMw
N0E1NEZDNjdFQTk3MkNGOUU4MDc5MzBERi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMUI0QTY1OTREMjkzMzA3QTU0
RkM2N0VBOTcyQ0Y5RTgwNzkzMERGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzcxRTlCNkVFRTc4RjEyQjE1RTNCRUJGOTU0OTQyREJDMENEQ0E5NERB
MzE3QjgzRjBDRDYyQjJGREIyNkVDRS8wLzMxMzkzMDJlMzEzMTJlMzYzNDJlMzAy
ZjMxMzkyZDMyMzQyMDNkM2UyMDMyMzczODMzMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAW+C0AwDQYJ
KoZIhvcNAQELBQADggEBAFWYgOBVCf23X06b8Dlz9c9CCTQ079/NN64wZChwF4oo
vp3fIIFfmXOYbvaHQRvABNb/2CAvNYreiD8XmdUV3p7eIs6xP2w/zNQASKryiNkG
V98Ey7GnQyqCnvu4gZaQZp4/ZjrKIftDbY9/vp7VQgtSfnMISbKQZZ3hu5kRzIyH
zOiMOG16pBfKq//f37SUQEydesiFt2Hm6Rr0Dfssbjvksb4sCXQLn/AwH3OUjDy4
gN0/D0P0ib/I0VFZX6khpT+tNlSs/8mSr2n1JVrHA3DZAXcqTmr44RWKG4jnHCpf
yjJF/4YTpR5DzSSUjYGTankl4218eUKJ9WUAYJRY5Co=
-----END CERTIFICATE-----