Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D6633A8732FC2FBB1FC821D3A7390B5E1B0220A07672532B53E32506040C0B44/0/3139302e36312e33362e302f32322d3234203d3e203532343638.roa
File:                     3139302e36312e33362e302f32322d3234203d3e203532343638.roa (raw, json)
Hash identifier:          TNYTHcTtdgJySuGVM31I3ZY+yLx3zgRQZLvngIjPjNs=
Subject key identifier:   A4:E7:44:CF:A7:A9:3E:1F:AE:61:4D:9A:70:80:D6:03:60:F6:07:8F
Certificate issuer:       /CN=8616AFEEE37AE6340A6524D920AA474EED6B6A70
Certificate serial:       2E36436D006ABC63FEFB781374EDC63190F6504C
Authority key identifier: 86:16:AF:EE:E3:7A:E6:34:0A:65:24:D9:20:AA:47:4E:ED:6B:6A:70
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8616AFEEE37AE6340A6524D920AA474EED6B6A70.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D6633A8732FC2FBB1FC821D3A7390B5E1B0220A07672532B53E32506040C0B44/0/3139302e36312e33362e302f32322d3234203d3e203532343638.roa
Signing time:             Tue 04 Feb 2025 20:04:16 +0000
ROA not before:           Tue 04 Feb 2025 19:59:16 +0000
ROA not after:            Tue 03 Feb 2026 20:04:16 +0000
asID:                     52468
IP address blocks:        190.61.36.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:36:43:6d:00:6a:bc:63:fe:fb:78:13:74:ed:c6:31:90:f6:50:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8616AFEEE37AE6340A6524D920AA474EED6B6A70
        Validity
            Not Before: Feb  4 19:59:16 2025 GMT
            Not After : Feb  3 20:04:16 2026 GMT
        Subject: CN=A4E744CFA7A93E1FAE614D9A7080D60360F6078F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:17:b1:6f:94:5e:72:18:bd:7a:53:0a:a4:ae:
                    48:67:32:a3:11:32:2d:e4:75:a5:68:4f:c7:b8:b1:
                    1c:72:9d:c4:1b:64:07:c8:94:fa:98:90:c4:17:25:
                    93:c4:85:41:11:de:89:16:b7:31:b8:f5:94:0b:39:
                    04:d9:eb:b0:fe:86:c6:b0:27:10:3f:22:2f:27:b4:
                    60:38:76:9e:e4:a7:d5:5b:25:7e:cc:d0:ce:55:dd:
                    bb:77:ae:4d:9e:7c:0f:f3:23:34:1c:9b:24:19:a4:
                    27:86:3a:72:5d:3e:46:16:3a:87:ab:08:9e:ca:be:
                    ab:fe:ba:36:ee:a6:c3:3a:e6:1d:f2:d8:a2:2b:19:
                    a0:91:81:27:cc:33:81:02:f6:92:0d:b3:ab:b5:b0:
                    c1:07:b8:0c:ad:33:28:b4:01:d3:60:6b:ab:2b:fb:
                    8e:e9:a0:62:f6:26:e5:8e:f3:58:fd:28:af:a3:7a:
                    ce:75:6c:59:2d:29:03:ec:0e:64:2f:7c:9d:97:77:
                    3c:7c:40:ae:d0:69:0f:79:69:ac:4b:f2:c1:6b:65:
                    32:ab:0b:b9:29:51:5b:0a:2f:30:51:2c:a3:17:b3:
                    63:20:52:bd:ef:b9:46:9b:d1:cb:dc:4a:fb:3e:6e:
                    4f:07:b4:e9:e1:d0:5c:f2:df:fb:38:96:da:5f:d7:
                    bd:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:E7:44:CF:A7:A9:3E:1F:AE:61:4D:9A:70:80:D6:03:60:F6:07:8F
            X509v3 Authority Key Identifier:
                keyid:86:16:AF:EE:E3:7A:E6:34:0A:65:24:D9:20:AA:47:4E:ED:6B:6A:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D6633A8732FC2FBB1FC821D3A7390B5E1B0220A07672532B53E32506040C0B44/0/8616AFEEE37AE6340A6524D920AA474EED6B6A70.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8616AFEEE37AE6340A6524D920AA474EED6B6A70.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D6633A8732FC2FBB1FC821D3A7390B5E1B0220A07672532B53E32506040C0B44/0/3139302e36312e33362e302f32322d3234203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.61.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8c:02:29:fa:66:71:d5:39:2c:8a:ee:06:64:7e:15:e4:b1:f0:
         5a:40:e4:1b:49:f2:12:77:6b:fc:6b:8c:c9:37:22:8d:ba:a1:
         66:81:51:4c:0a:80:82:3e:9d:1f:be:1d:97:65:2e:55:db:dc:
         b6:05:bb:a9:75:6e:75:f1:8d:07:df:6c:f8:b8:93:ed:07:a5:
         b0:b6:ba:30:d9:18:3f:1c:6d:3a:1a:cf:63:a7:8a:c2:f5:c7:
         65:01:96:fd:09:8a:24:cb:0b:3c:be:3f:72:dc:ad:98:6d:4c:
         e2:6d:76:e2:d6:92:a8:a1:78:4e:bf:e4:7b:5b:7b:d2:04:df:
         6b:81:fb:e8:76:f0:77:d9:fb:04:27:d4:5a:0f:6c:e2:b2:8e:
         a4:9b:c7:a4:ad:d5:3a:45:36:33:17:90:c3:3d:46:a5:39:44:
         26:de:46:aa:0b:63:e7:87:74:7c:c8:87:6d:8d:d4:ea:9a:eb:
         4b:b7:b0:1d:ed:43:e6:fa:ba:df:7c:3e:ec:bd:f4:59:bd:5d:
         ab:db:95:fb:49:6f:4d:fe:85:1a:f5:66:36:4e:10:c8:b2:2d:
         89:1e:26:9b:f6:d6:00:4f:db:cd:42:35:bc:6b:9a:b5:a0:08:
         cb:81:4f:1a:7f:08:9a:7b:24:a2:34:6e:91:5a:8e:a7:3e:e4:
         ec:fb:ad:ec
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIULjZDbQBqvGP++3gTdO3GMZD2UEwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODYxNkFGRUVFMzdBRTYzNDBBNjUyNEQ5MjBBQTQ3NEVF
RDZCNkE3MDAeFw0yNTAyMDQxOTU5MTZaFw0yNjAyMDMyMDA0MTZaMDMxMTAvBgNV
BAMTKEE0RTc0NENGQTdBOTNFMUZBRTYxNEQ5QTcwODBENjAzNjBGNjA3OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+F7FvlF5yGL16UwqkrkhnMqMR
Mi3kdaVoT8e4sRxyncQbZAfIlPqYkMQXJZPEhUER3okWtzG49ZQLOQTZ67D+hsaw
JxA/Ii8ntGA4dp7kp9VbJX7M0M5V3bt3rk2efA/zIzQcmyQZpCeGOnJdPkYWOoer
CJ7Kvqv+ujbupsM65h3y2KIrGaCRgSfMM4EC9pINs6u1sMEHuAytMyi0AdNga6sr
+47poGL2JuWO81j9KK+jes51bFktKQPsDmQvfJ2Xdzx8QK7QaQ95aaxL8sFrZTKr
C7kpUVsKLzBRLKMXs2MgUr3vuUab0cvcSvs+bk8HtOnh0Fzy3/s4ltpf1721AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUpOdEz6epPh+uYU2acIDWA2D2B48wHwYDVR0j
BBgwFoAUhhav7uN65jQKZSTZIKpHTu1ranAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ENjYzM0E4NzMyRkMyRkJCMUZDODIxRDNBNzM5MEI1RTFC
MDIyMEEwNzY3MjUzMkI1M0UzMjUwNjA0MEMwQjQ0LzAvODYxNkFGRUVFMzdBRTYz
NDBBNjUyNEQ5MjBBQTQ3NEVFRDZCNkE3MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NjE2QUZFRUUzN0FFNjM0MEE2
NTI0RDkyMEFBNDc0RUVENkI2QTcwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDY2MzNBODczMkZDMkZCQjFGQzgyMUQzQTczOTBCNUUxQjAyMjBBMDc2
NzI1MzJCNTNFMzI1MDYwNDBDMEI0NC8wLzMxMzkzMDJlMzYzMTJlMzMzNjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM1MzIzNDM2Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK+PSQwDQYJ
KoZIhvcNAQELBQADggEBAIwCKfpmcdU5LIruBmR+FeSx8FpA5BtJ8hJ3a/xrjMk3
Io26oWaBUUwKgII+nR++HZdlLlXb3LYFu6l1bnXxjQffbPi4k+0HpbC2ujDZGD8c
bToaz2OnisL1x2UBlv0JiiTLCzy+P3LcrZhtTOJtduLWkqiheE6/5Htbe9IE32uB
++h28HfZ+wQn1FoPbOKyjqSbx6St1TpFNjMXkMM9RqU5RCbeRqoLY+eHdHzIh22N
1Oqa60u3sB3tQ+b6ut98Puy99Fm9XavblftJb03+hRr1ZjZOEMiyLYkeJpv21gBP
281CNbxrmrWgCMuBTxp/CJp7JKI0bpFajqc+5Oz7rew=
-----END CERTIFICATE-----