Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CAD0D6640D544384565625F127F41C9A542CF313BE7B088181DA3D59E282AA08/0/3139302e3131302e3232392e302f32342d3234203d3e20323732393238.roa
File:                     3139302e3131302e3232392e302f32342d3234203d3e20323732393238.roa (raw, json)
Hash identifier:          GrzoFnwvA8Rzwi/gyxn2BUwVABgQ/5TfHtsTFLI9ulY=
Subject key identifier:   1E:C1:67:72:96:45:19:7B:BB:3B:99:71:AA:A9:86:BC:C7:27:43:48
Certificate issuer:       /CN=EB69B49D4076EBC1D441EA77CCE80EA12A89991D
Certificate serial:       0B6311B08E8ECE02594AB2B563A6D835443C2053
Authority key identifier: EB:69:B4:9D:40:76:EB:C1:D4:41:EA:77:CC:E8:0E:A1:2A:89:99:1D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EB69B49D4076EBC1D441EA77CCE80EA12A89991D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CAD0D6640D544384565625F127F41C9A542CF313BE7B088181DA3D59E282AA08/0/3139302e3131302e3232392e302f32342d3234203d3e20323732393238.roa
Signing time:             Wed 12 Feb 2025 21:09:41 +0000
ROA not before:           Wed 12 Feb 2025 21:04:41 +0000
ROA not after:            Wed 11 Feb 2026 21:09:41 +0000
asID:                     272928
IP address blocks:        190.110.229.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:63:11:b0:8e:8e:ce:02:59:4a:b2:b5:63:a6:d8:35:44:3c:20:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB69B49D4076EBC1D441EA77CCE80EA12A89991D
        Validity
            Not Before: Feb 12 21:04:41 2025 GMT
            Not After : Feb 11 21:09:41 2026 GMT
        Subject: CN=1EC167729645197BBB3B9971AAA986BCC7274348
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:85:a2:2b:fd:32:d7:f6:59:b4:fc:df:8d:c2:
                    e3:ce:be:35:a1:ad:65:c6:b1:e2:aa:53:78:5e:4d:
                    70:80:43:52:4b:da:23:c0:7b:e2:24:09:8c:a6:fe:
                    84:82:f3:1b:a4:10:32:fd:fc:d5:f1:84:9d:3f:35:
                    fa:52:30:01:95:5e:c6:4d:67:8d:e0:db:8c:4b:63:
                    6d:68:af:6d:ee:f0:3c:40:7e:93:8b:f7:81:ac:f6:
                    cf:5b:6b:63:e1:0f:a0:dd:51:9f:ba:38:73:20:b2:
                    96:3f:2f:63:a1:ee:59:f8:9c:ab:74:96:67:c8:95:
                    a4:32:8b:95:b7:38:9f:5b:23:14:32:b1:2e:0b:de:
                    ef:55:bd:94:46:dd:df:ff:5c:db:06:57:a4:e2:7e:
                    25:75:97:21:cc:32:d3:f0:d4:c2:9e:95:6c:81:ff:
                    ca:77:03:f4:ca:44:1a:ad:2d:6f:c5:bc:27:f5:58:
                    47:f8:74:66:e4:95:ae:d3:15:6a:43:64:61:79:c2:
                    fb:01:4c:ce:31:e5:06:60:01:26:25:74:78:1c:de:
                    77:ec:af:8c:0f:3c:e8:54:33:88:10:c1:ff:e5:f0:
                    64:fd:c2:94:c0:46:45:9f:09:67:00:01:94:d3:13:
                    b0:3e:88:9b:ad:6a:bd:a7:b2:eb:26:8b:f6:3e:05:
                    e1:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:C1:67:72:96:45:19:7B:BB:3B:99:71:AA:A9:86:BC:C7:27:43:48
            X509v3 Authority Key Identifier:
                keyid:EB:69:B4:9D:40:76:EB:C1:D4:41:EA:77:CC:E8:0E:A1:2A:89:99:1D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CAD0D6640D544384565625F127F41C9A542CF313BE7B088181DA3D59E282AA08/0/EB69B49D4076EBC1D441EA77CCE80EA12A89991D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EB69B49D4076EBC1D441EA77CCE80EA12A89991D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CAD0D6640D544384565625F127F41C9A542CF313BE7B088181DA3D59E282AA08/0/3139302e3131302e3232392e302f32342d3234203d3e20323732393238.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.110.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:81:08:43:84:5d:69:6a:4e:a3:54:1a:ee:7c:07:be:31:38:
         e5:ed:03:e1:23:1f:a7:bd:ec:73:72:9f:60:b7:17:4d:ba:fa:
         a1:c4:a3:6b:d5:d7:33:bf:2a:13:4b:76:8d:93:18:49:09:08:
         8d:09:3e:94:31:f2:10:78:e4:e2:ed:69:39:62:fa:ce:53:90:
         55:47:af:fd:ea:e0:c4:33:97:ae:ef:fd:42:da:bd:7b:c0:6a:
         fc:94:05:a3:c8:e7:2b:98:bb:eb:85:f8:13:6f:c1:34:cb:fc:
         44:f6:8b:9f:ad:5d:f2:ef:aa:7b:9d:b0:69:ba:20:48:34:c4:
         f7:ce:3b:e3:71:cf:57:b1:2f:d9:9e:8e:3e:51:56:76:69:91:
         c0:8b:f8:a2:e4:54:bd:16:7b:d0:62:ec:f5:85:53:e5:c4:de:
         48:a6:04:73:f0:fc:ac:34:78:86:66:bd:52:7a:ff:d2:33:43:
         96:5c:59:2f:ca:8c:a1:a3:6e:26:9c:ab:cf:1d:e6:89:74:0f:
         89:36:0b:e3:d5:37:88:78:b6:94:58:c9:58:d6:36:75:2b:6c:
         e6:1f:7b:58:d5:0d:45:b1:1b:27:18:79:95:74:58:26:9a:1b:
         ea:d1:aa:d4:1c:19:94:30:b0:c8:94:d8:5c:0e:73:a5:59:f6:
         82:8a:f6:7f
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUC2MRsI6OzgJZSrK1Y6bYNUQ8IFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUI2OUI0OUQ0MDc2RUJDMUQ0NDFFQTc3Q0NFODBFQTEy
QTg5OTkxRDAeFw0yNTAyMTIyMTA0NDFaFw0yNjAyMTEyMTA5NDFaMDMxMTAvBgNV
BAMTKDFFQzE2NzcyOTY0NTE5N0JCQjNCOTk3MUFBQTk4NkJDQzcyNzQzNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0haIr/TLX9lm0/N+NwuPOvjWh
rWXGseKqU3heTXCAQ1JL2iPAe+IkCYym/oSC8xukEDL9/NXxhJ0/NfpSMAGVXsZN
Z43g24xLY21or23u8DxAfpOL94Gs9s9ba2PhD6DdUZ+6OHMgspY/L2Oh7ln4nKt0
lmfIlaQyi5W3OJ9bIxQysS4L3u9VvZRG3d//XNsGV6TifiV1lyHMMtPw1MKelWyB
/8p3A/TKRBqtLW/FvCf1WEf4dGbkla7TFWpDZGF5wvsBTM4x5QZgASYldHgc3nfs
r4wPPOhUM4gQwf/l8GT9wpTARkWfCWcAAZTTE7A+iJutar2nsusmi/Y+BeFhAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUHsFncpZFGXu7O5lxqqmGvMcnQ0gwHwYDVR0j
BBgwFoAU62m0nUB268HUQep3zOgOoSqJmR0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DQUQwRDY2NDBENTQ0Mzg0NTY1NjI1RjEyN0Y0MUM5QTU0
MkNGMzEzQkU3QjA4ODE4MURBM0Q1OUUyODJBQTA4LzAvRUI2OUI0OUQ0MDc2RUJD
MUQ0NDFFQTc3Q0NFODBFQTEyQTg5OTkxRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQjY5QjQ5RDQwNzZFQkMxRDQ0
MUVBNzdDQ0U4MEVBMTJBODk5OTFELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0FEMEQ2NjQwRDU0NDM4NDU2NTYyNUYxMjdGNDFDOUE1NDJDRjMxM0JF
N0IwODgxODFEQTNENTlFMjgyQUEwOC8wLzMxMzkzMDJlMzEzMTMwMmUzMjMyMzky
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzIzOTMyMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC+
buUwDQYJKoZIhvcNAQELBQADggEBAEuBCEOEXWlqTqNUGu58B74xOOXtA+EjH6e9
7HNyn2C3F026+qHEo2vV1zO/KhNLdo2TGEkJCI0JPpQx8hB45OLtaTli+s5TkFVH
r/3q4MQzl67v/ULavXvAavyUBaPI5yuYu+uF+BNvwTTL/ET2i5+tXfLvqnudsGm6
IEg0xPfOO+Nxz1exL9mejj5RVnZpkcCL+KLkVL0We9Bi7PWFU+XE3kimBHPw/Kw0
eIZmvVJ6/9IzQ5ZcWS/KjKGjbiacq88d5ol0D4k2C+PVN4h4tpRYyVjWNnUrbOYf
e1jVDUWxGycYeZV0WCaaG+rRqtQcGZQwsMiU2FwOc6VZ9oKK9n8=
-----END CERTIFICATE-----