Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D425E3D0D39D3B791BBAB46F7A1CA12216B2B3153818B7F5AC119883A15C3607/0/3139302e3231312e3133362e302f32322d3234203d3e203237383834.roa
File:                     3139302e3231312e3133362e302f32322d3234203d3e203237383834.roa (raw, json)
Hash identifier:          CcNHIpisfroWDtKPoqROEek/iHyCHAzLNtywP6VPWPs=
Subject key identifier:   BF:3F:A9:9E:10:F9:2A:CC:0F:30:B6:EE:49:96:8C:A3:5C:04:3A:7C
Certificate issuer:       /CN=4275A1F1BC69282CD0F4BD33F1201556C66CFD58
Certificate serial:       3C43639D9B1FC9B1FAAC9F1399807F05A23E5CE6
Authority key identifier: 42:75:A1:F1:BC:69:28:2C:D0:F4:BD:33:F1:20:15:56:C6:6C:FD:58
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4275A1F1BC69282CD0F4BD33F1201556C66CFD58.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D425E3D0D39D3B791BBAB46F7A1CA12216B2B3153818B7F5AC119883A15C3607/0/3139302e3231312e3133362e302f32322d3234203d3e203237383834.roa
Signing time:             Tue 04 Feb 2025 20:01:23 +0000
ROA not before:           Tue 04 Feb 2025 19:56:23 +0000
ROA not after:            Tue 03 Feb 2026 20:01:23 +0000
asID:                     27884
IP address blocks:        190.211.136.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:43:63:9d:9b:1f:c9:b1:fa:ac:9f:13:99:80:7f:05:a2:3e:5c:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4275A1F1BC69282CD0F4BD33F1201556C66CFD58
        Validity
            Not Before: Feb  4 19:56:23 2025 GMT
            Not After : Feb  3 20:01:23 2026 GMT
        Subject: CN=BF3FA99E10F92ACC0F30B6EE49968CA35C043A7C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c3:d9:63:84:c0:ee:29:f3:95:ee:27:30:16:
                    8b:bd:a0:5b:5f:0f:88:46:bc:ea:3f:4d:09:72:9c:
                    e9:71:fe:a6:fa:2d:14:b0:dd:9d:dc:05:a0:f3:27:
                    d9:67:1b:b8:38:9b:b5:a9:a0:b4:87:72:1d:d5:14:
                    4f:fb:0d:f7:4d:d6:1a:e6:a1:06:a9:d8:cd:5e:63:
                    f6:6f:46:43:94:91:4c:cf:ad:64:4d:6d:3e:be:49:
                    32:29:2d:8e:02:a6:56:40:ff:41:2d:90:99:26:9f:
                    e3:2d:39:74:69:6f:27:45:3c:0b:6c:ec:70:f9:89:
                    76:60:ff:5e:a3:7f:91:89:ca:1a:7c:01:89:b8:33:
                    fd:ff:92:82:b3:e5:48:57:12:f9:b4:b7:50:d3:e1:
                    01:89:db:24:22:b6:1a:67:6b:d6:33:08:7e:f1:21:
                    fb:06:86:2e:7d:cb:c9:00:75:93:0b:f8:98:27:37:
                    35:de:de:95:be:bf:78:8b:da:e0:a0:26:1f:81:5e:
                    65:4a:31:cf:48:7d:f0:0d:e5:d3:b6:10:0a:e7:4a:
                    a7:69:4d:2b:e8:cc:c9:dc:8c:da:96:27:45:60:7d:
                    83:28:db:b0:e5:e1:8b:c4:c8:da:05:aa:bd:f5:d3:
                    f8:29:6b:ff:a1:3e:a6:78:5b:6b:a9:06:df:bb:d8:
                    f3:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:3F:A9:9E:10:F9:2A:CC:0F:30:B6:EE:49:96:8C:A3:5C:04:3A:7C
            X509v3 Authority Key Identifier:
                keyid:42:75:A1:F1:BC:69:28:2C:D0:F4:BD:33:F1:20:15:56:C6:6C:FD:58

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D425E3D0D39D3B791BBAB46F7A1CA12216B2B3153818B7F5AC119883A15C3607/0/4275A1F1BC69282CD0F4BD33F1201556C66CFD58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4275A1F1BC69282CD0F4BD33F1201556C66CFD58.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D425E3D0D39D3B791BBAB46F7A1CA12216B2B3153818B7F5AC119883A15C3607/0/3139302e3231312e3133362e302f32322d3234203d3e203237383834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.211.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5d:dc:36:95:3a:ca:0f:49:e9:e2:81:08:6b:46:2a:2a:58:d2:
         fd:20:d9:32:2e:8f:2f:19:d1:18:fd:56:61:af:91:09:d1:16:
         74:26:e6:68:43:c7:3b:d2:3c:0c:e2:cf:1a:40:e1:d7:23:15:
         b1:86:c8:90:c4:8c:cd:90:c8:bf:43:4f:3f:a5:e4:52:6b:ee:
         dd:38:25:34:08:8e:5f:91:43:93:04:f6:b3:aa:5c:27:26:0f:
         df:86:4c:84:08:ef:4d:c9:8f:12:b1:14:8b:63:9e:cf:55:77:
         22:55:81:d4:3e:30:9b:e2:3f:dd:c6:c4:5b:b8:89:6d:9f:32:
         d9:e7:70:37:0b:b3:8d:5c:ac:1d:24:df:b0:50:db:4d:53:cd:
         a8:a4:24:43:eb:94:d0:27:ed:67:72:ba:4c:2e:0b:ac:1e:63:
         a2:56:6f:dd:a2:ae:4a:12:8e:cd:48:27:46:27:5d:bd:46:76:
         69:93:6f:e3:b7:c9:e9:f7:4e:05:65:c8:1c:4b:1a:77:88:aa:
         15:7d:c5:7b:cd:ed:9c:f1:6c:b8:c0:9e:f4:ce:16:49:77:c6:
         15:ab:9f:b9:4f:8e:24:5c:a6:60:45:21:0e:a6:db:50:ea:f9:
         cb:0c:6c:49:01:74:56:61:66:c9:a4:ad:cd:1d:ff:56:42:3d:
         df:1e:81:85
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUPENjnZsfybH6rJ8TmYB/BaI+XOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDI3NUExRjFCQzY5MjgyQ0QwRjRCRDMzRjEyMDE1NTZD
NjZDRkQ1ODAeFw0yNTAyMDQxOTU2MjNaFw0yNjAyMDMyMDAxMjNaMDMxMTAvBgNV
BAMTKEJGM0ZBOTlFMTBGOTJBQ0MwRjMwQjZFRTQ5OTY4Q0EzNUMwNDNBN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2w9ljhMDuKfOV7icwFou9oFtf
D4hGvOo/TQlynOlx/qb6LRSw3Z3cBaDzJ9lnG7g4m7WpoLSHch3VFE/7DfdN1hrm
oQap2M1eY/ZvRkOUkUzPrWRNbT6+STIpLY4CplZA/0EtkJkmn+MtOXRpbydFPAts
7HD5iXZg/16jf5GJyhp8AYm4M/3/koKz5UhXEvm0t1DT4QGJ2yQithpna9YzCH7x
IfsGhi59y8kAdZML+JgnNzXe3pW+v3iL2uCgJh+BXmVKMc9IffAN5dO2EArnSqdp
TSvozMncjNqWJ0VgfYMo27Dl4YvEyNoFqr310/gpa/+hPqZ4W2upBt+72POpAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUvz+pnhD5KswPMLbuSZaMo1wEOnwwHwYDVR0j
BBgwFoAUQnWh8bxpKCzQ9L0z8SAVVsZs/VgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ENDI1RTNEMEQzOUQzQjc5MUJCQUI0NkY3QTFDQTEyMjE2
QjJCMzE1MzgxOEI3RjVBQzExOTg4M0ExNUMzNjA3LzAvNDI3NUExRjFCQzY5Mjgy
Q0QwRjRCRDMzRjEyMDE1NTZDNjZDRkQ1OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80Mjc1QTFGMUJDNjkyODJDRDBG
NEJEMzNGMTIwMTU1NkM2NkNGRDU4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDQyNUUzRDBEMzlEM0I3OTFCQkFCNDZGN0ExQ0ExMjIxNkIyQjMxNTM4
MThCN0Y1QUMxMTk4ODNBMTVDMzYwNy8wLzMxMzkzMDJlMzIzMTMxMmUzMTMzMzYy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM3MzgzODM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvtOI
MA0GCSqGSIb3DQEBCwUAA4IBAQBd3DaVOsoPSenigQhrRioqWNL9INkyLo8vGdEY
/VZhr5EJ0RZ0JuZoQ8c70jwM4s8aQOHXIxWxhsiQxIzNkMi/Q08/peRSa+7dOCU0
CI5fkUOTBPazqlwnJg/fhkyECO9NyY8SsRSLY57PVXciVYHUPjCb4j/dxsRbuIlt
nzLZ53A3C7ONXKwdJN+wUNtNU82opCRD65TQJ+1ncrpMLgusHmOiVm/doq5KEo7N
SCdGJ129RnZpk2/jt8np904FZcgcSxp3iKoVfcV7ze2c8Wy4wJ70zhZJd8YVq5+5
T44kXKZgRSEOpttQ6vnLDGxJAXRWYWbJpK3NHf9WQj3fHoGF
-----END CERTIFICATE-----