Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3138362e36372e302e302f31362d3234203d3e203237363531.roa
File:                     3138362e36372e302e302f31362d3234203d3e203237363531.roa (raw, json)
Hash identifier:          Cp5C3RXsfTHxtoMS0KSqvpfLRpscvFAeMQo724iJZU0=
Subject key identifier:   4C:A4:F8:97:AF:C1:17:84:D9:0D:1E:38:0B:A9:FE:25:DE:F2:20:4A
Certificate issuer:       /CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
Certificate serial:       6A5E88023111D03081F7976029370644A2B02171
Authority key identifier: 3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3138362e36372e302e302f31362d3234203d3e203237363531.roa
Signing time:             Tue 04 Feb 2025 19:56:31 +0000
ROA not before:           Tue 04 Feb 2025 19:51:31 +0000
ROA not after:            Tue 03 Feb 2026 19:56:31 +0000
asID:                     27651
IP address blocks:        186.67.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:5e:88:02:31:11:d0:30:81:f7:97:60:29:37:06:44:a2:b0:21:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
        Validity
            Not Before: Feb  4 19:51:31 2025 GMT
            Not After : Feb  3 19:56:31 2026 GMT
        Subject: CN=4CA4F897AFC11784D90D1E380BA9FE25DEF2204A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ff:9b:9d:02:82:86:fe:ef:79:a8:c6:da:05:
                    96:32:ba:80:8e:a3:f2:5a:99:29:5e:43:c9:0e:c1:
                    fc:28:50:65:37:91:79:b8:26:ba:a5:a9:b6:1d:14:
                    13:66:11:53:07:dd:52:93:e9:76:60:3c:18:c6:77:
                    9d:2f:88:a3:7c:0e:59:99:04:f1:03:24:be:e6:4b:
                    35:c7:3c:0d:12:ba:a7:bb:cd:fd:dd:97:13:65:eb:
                    42:14:aa:f3:d1:b6:e3:6f:8d:c5:19:5e:17:ee:60:
                    cd:66:a6:81:23:ec:d2:6d:4a:89:1a:a5:a5:15:c8:
                    cc:cf:56:3c:24:6d:94:cd:fb:4c:63:94:13:4c:8c:
                    bb:a6:b0:47:d7:d0:98:ff:f4:c2:08:e9:ce:60:1d:
                    fd:8c:d3:e4:1f:aa:f2:db:02:1e:02:c8:ae:3c:56:
                    d9:f7:5f:29:ff:5e:70:a6:28:6d:48:56:7f:8d:8d:
                    fb:94:a3:32:8b:a1:ee:f3:7f:ea:d6:52:5b:85:5e:
                    76:5f:2a:47:e6:ca:a0:a9:03:27:8f:1e:17:95:ab:
                    9f:a0:e3:5c:44:d1:54:44:0a:d5:e3:70:b3:d9:3e:
                    da:25:22:fe:f0:8a:5f:37:b0:03:86:cc:4f:f0:d8:
                    15:48:2d:d4:00:07:44:7d:b0:98:97:10:22:dc:5a:
                    2a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:A4:F8:97:AF:C1:17:84:D9:0D:1E:38:0B:A9:FE:25:DE:F2:20:4A
            X509v3 Authority Key Identifier:
                keyid:3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3138362e36372e302e302f31362d3234203d3e203237363531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.67.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         17:c8:8a:f0:aa:21:fa:46:09:5d:5f:d4:88:a1:21:c3:f2:1a:
         5f:03:00:9f:c7:b5:6b:a7:b2:13:ce:f0:8e:5a:6c:6f:80:c0:
         e0:8a:d6:53:7b:1e:de:6a:2c:13:78:92:b9:35:aa:0a:4c:97:
         56:37:60:d5:df:8f:7c:a0:7a:49:2a:06:6e:72:3b:77:95:c4:
         4a:48:d0:3e:7f:9d:ff:05:f0:cf:cb:53:91:a8:d5:af:c5:93:
         96:98:06:b7:2e:8a:8c:b4:19:ed:c6:d5:d7:5b:b3:a7:c5:06:
         50:7c:c1:d8:d0:dd:98:56:a6:dc:83:27:f6:ab:cd:ec:e6:39:
         38:23:92:bc:fa:2e:c6:ca:64:3f:27:f8:df:19:8e:ba:72:aa:
         0d:70:79:15:48:87:2a:86:89:69:b1:eb:82:21:46:fc:14:c1:
         1b:53:ac:f2:ab:09:03:29:39:e0:e5:51:d5:3e:8b:79:04:97:
         f2:7c:21:b2:3f:9a:eb:e2:5e:cf:ce:0c:5e:1a:ca:4d:09:95:
         d1:a4:03:64:74:24:d6:d5:bd:14:9b:c4:c0:6e:d4:3f:b6:43:
         c7:43:0c:cb:4b:74:24:34:b1:94:a2:f8:87:c5:e7:92:2a:df:
         43:aa:62:4f:cd:09:3c:6d:ed:e7:27:c7:3f:90:68:db:08:b0:
         4e:7d:21:d9
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIUal6IAjER0DCB95dgKTcGRKKwIXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0ZEQjQ0RDE4QkMxNkFCMDM5QzJCMUI2QkQzODY2QUIy
OUUxMjJBNzAeFw0yNTAyMDQxOTUxMzFaFw0yNjAyMDMxOTU2MzFaMDMxMTAvBgNV
BAMTKDRDQTRGODk3QUZDMTE3ODREOTBEMUUzODBCQTlGRTI1REVGMjIwNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP/5udAoKG/u95qMbaBZYyuoCO
o/JamSleQ8kOwfwoUGU3kXm4JrqlqbYdFBNmEVMH3VKT6XZgPBjGd50viKN8DlmZ
BPEDJL7mSzXHPA0Suqe7zf3dlxNl60IUqvPRtuNvjcUZXhfuYM1mpoEj7NJtSoka
paUVyMzPVjwkbZTN+0xjlBNMjLumsEfX0Jj/9MII6c5gHf2M0+QfqvLbAh4CyK48
Vtn3Xyn/XnCmKG1IVn+NjfuUozKLoe7zf+rWUluFXnZfKkfmyqCpAyePHheVq5+g
41xE0VRECtXjcLPZPtolIv7wil83sAOGzE/w2BVILdQAB0R9sJiXECLcWioDAgMB
AAGjggLDMIICvzAdBgNVHQ4EFgQUTKT4l6/BF4TZDR44C6n+Jd7yIEowHwYDVR0j
BBgwFoAUP9tE0YvBarA5wrG2vThmqynhIqcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DODYyQzkyRkU3OTU3MUNEQ0U4MzRBNjA5MDUzMDAyQTEy
MTJDOUI3MDc5NkFGQUQwMUM2MTkzRDdGMERBQUFCLzAvM0ZEQjQ0RDE4QkMxNkFC
MDM5QzJCMUI2QkQzODY2QUIyOUUxMjJBNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRkRCNDREMThCQzE2QUIwMzlD
MkIxQjZCRDM4NjZBQjI5RTEyMkE3LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzg2MkM5MkZFNzk1NzFDRENFODM0QTYwOTA1MzAwMkExMjEyQzlCNzA3
OTZBRkFEMDFDNjE5M0Q3RjBEQUFBQi8wLzMxMzgzNjJlMzYzNzJlMzAyZTMwMmYz
MTM2MmQzMjM0MjAzZDNlMjAzMjM3MzYzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAukMwDQYJKoZI
hvcNAQELBQADggEBABfIivCqIfpGCV1f1IihIcPyGl8DAJ/HtWunshPO8I5abG+A
wOCK1lN7Ht5qLBN4krk1qgpMl1Y3YNXfj3ygekkqBm5yO3eVxEpI0D5/nf8F8M/L
U5Go1a/Fk5aYBrcuioy0Ge3G1ddbs6fFBlB8wdjQ3ZhWptyDJ/arzezmOTgjkrz6
LsbKZD8n+N8Zjrpyqg1weRVIhyqGiWmx64IhRvwUwRtTrPKrCQMpOeDlUdU+i3kE
l/J8IbI/muviXs/ODF4ayk0JldGkA2R0JNbVvRSbxMBu1D+2Q8dDDMtLdCQ0sZSi
+IfF55Iq30OqYk/NCTxt7ecnxz+QaNsIsE59Idk=
-----END CERTIFICATE-----