Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DA9596D212E8B66A1192B768B89FF2DAE8E4961D3D9E226AC4978FC6E6AD9F56/0/3137392e36312e31322e302f32322d3234203d3e203239383032.roa
File:                     3137392e36312e31322e302f32322d3234203d3e203239383032.roa (raw, json)
Hash identifier:          0IIE8duEDgTHNZov/to1LQT9jfitc4RuZIE2xRNG9oc=
Subject key identifier:   25:87:C1:92:F3:7C:30:D4:37:81:08:39:FA:BE:4D:63:A8:F4:7B:49
Certificate issuer:       /CN=E95D7FD5CE56E96E336A6E85C6DE12078D92206F
Certificate serial:       74E7E50FBF54C1321D5439FE4DA7716FF1B394D3
Authority key identifier: E9:5D:7F:D5:CE:56:E9:6E:33:6A:6E:85:C6:DE:12:07:8D:92:20:6F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E95D7FD5CE56E96E336A6E85C6DE12078D92206F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DA9596D212E8B66A1192B768B89FF2DAE8E4961D3D9E226AC4978FC6E6AD9F56/0/3137392e36312e31322e302f32322d3234203d3e203239383032.roa
Signing time:             Tue 04 Feb 2025 18:17:43 +0000
ROA not before:           Tue 04 Feb 2025 18:12:43 +0000
ROA not after:            Tue 03 Feb 2026 18:17:43 +0000
asID:                     29802
IP address blocks:        179.61.12.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:e7:e5:0f:bf:54:c1:32:1d:54:39:fe:4d:a7:71:6f:f1:b3:94:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E95D7FD5CE56E96E336A6E85C6DE12078D92206F
        Validity
            Not Before: Feb  4 18:12:43 2025 GMT
            Not After : Feb  3 18:17:43 2026 GMT
        Subject: CN=2587C192F37C30D437810839FABE4D63A8F47B49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:49:b5:6f:2f:94:03:46:6e:51:13:dc:fc:b9:
                    9b:c4:73:02:d3:30:91:bc:22:40:fb:45:31:f4:a4:
                    19:38:79:2c:af:d3:e3:0f:e4:be:9c:b4:2e:ab:1c:
                    00:51:67:8b:5d:82:44:1f:16:3e:1b:ec:e5:28:cf:
                    2a:d0:9a:37:71:5e:e0:fe:1f:46:9a:2d:1e:c7:d9:
                    59:dd:67:36:63:d7:2f:cc:b3:08:99:b7:2a:c7:74:
                    df:ee:8f:b8:a3:3d:16:36:0f:85:bd:d0:ff:8e:58:
                    f0:38:07:03:9a:54:65:b5:2c:0a:32:1c:e5:81:4d:
                    ea:1e:c0:a8:4d:26:2c:8d:99:46:a9:95:18:81:22:
                    e9:60:f3:d0:74:d4:a6:77:73:f7:0e:b2:c3:a5:22:
                    01:5a:ae:ab:04:40:c7:52:a2:51:14:4d:48:c3:e7:
                    b6:d7:bd:52:52:2b:bc:e8:44:00:33:a3:09:fc:6f:
                    6f:7d:74:01:8e:5b:39:d9:15:a9:cc:91:40:e8:d0:
                    cc:36:92:17:a6:e0:fa:04:be:5b:83:3d:f2:54:71:
                    d6:52:79:6f:fd:c4:a5:4f:5d:95:4b:3f:51:0c:b5:
                    76:55:37:6b:df:f4:d7:91:97:1d:e3:38:cb:a2:bf:
                    54:e2:4a:f1:36:82:dd:7b:a6:80:be:13:4c:e3:06:
                    d8:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:87:C1:92:F3:7C:30:D4:37:81:08:39:FA:BE:4D:63:A8:F4:7B:49
            X509v3 Authority Key Identifier:
                keyid:E9:5D:7F:D5:CE:56:E9:6E:33:6A:6E:85:C6:DE:12:07:8D:92:20:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DA9596D212E8B66A1192B768B89FF2DAE8E4961D3D9E226AC4978FC6E6AD9F56/0/E95D7FD5CE56E96E336A6E85C6DE12078D92206F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E95D7FD5CE56E96E336A6E85C6DE12078D92206F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DA9596D212E8B66A1192B768B89FF2DAE8E4961D3D9E226AC4978FC6E6AD9F56/0/3137392e36312e31322e302f32322d3234203d3e203239383032.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:3c:2b:14:54:fa:d2:a6:fc:63:98:91:3c:52:f6:60:6c:f7:
         26:8b:df:ef:72:14:1c:5b:7d:19:66:c2:1b:09:c1:68:20:9f:
         60:75:65:90:fa:db:10:c5:06:64:91:90:75:da:6b:8a:71:0b:
         2e:31:bf:ac:41:ae:45:39:e5:8d:fb:34:7e:bf:7b:03:f3:87:
         93:77:c8:20:2b:50:37:8a:07:e6:1e:9b:a5:42:c1:ad:2a:76:
         3e:dd:dc:a6:6b:6a:b2:23:f5:d6:ff:10:e9:ea:c0:d6:a3:5e:
         9a:19:5e:ab:e0:5a:31:11:13:7e:4d:05:17:02:5e:01:9e:87:
         48:91:14:1d:4d:91:bc:86:81:aa:37:ec:5b:56:5a:d3:2c:1b:
         3a:fc:50:55:df:e1:8b:1b:4f:5b:1f:6a:b7:15:11:b4:0f:86:
         c4:ca:77:1f:51:41:82:ea:a2:aa:ae:d5:00:98:06:42:d8:d2:
         d6:c7:df:44:1b:36:0d:e2:8c:f1:98:ce:cb:a6:fc:b7:50:fb:
         e0:c0:a8:e8:b0:62:65:8a:9e:5f:94:73:97:b7:77:9e:80:af:
         29:3d:af:e9:57:4b:47:20:32:d6:3c:f1:36:c8:de:ca:21:1d:
         5d:13:b3:f0:44:1c:86:f3:4c:f4:c3:59:8e:d3:cc:7b:75:76:
         55:6d:45:17
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUdOflD79UwTIdVDn+Tadxb/GzlNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTk1RDdGRDVDRTU2RTk2RTMzNkE2RTg1QzZERTEyMDc4
RDkyMjA2RjAeFw0yNTAyMDQxODEyNDNaFw0yNjAyMDMxODE3NDNaMDMxMTAvBgNV
BAMTKDI1ODdDMTkyRjM3QzMwRDQzNzgxMDgzOUZBQkU0RDYzQThGNDdCNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxSbVvL5QDRm5RE9z8uZvEcwLT
MJG8IkD7RTH0pBk4eSyv0+MP5L6ctC6rHABRZ4tdgkQfFj4b7OUozyrQmjdxXuD+
H0aaLR7H2VndZzZj1y/MswiZtyrHdN/uj7ijPRY2D4W90P+OWPA4BwOaVGW1LAoy
HOWBTeoewKhNJiyNmUaplRiBIulg89B01KZ3c/cOssOlIgFarqsEQMdSolEUTUjD
57bXvVJSK7zoRAAzown8b299dAGOWznZFanMkUDo0Mw2khem4PoEvluDPfJUcdZS
eW/9xKVPXZVLP1EMtXZVN2vf9NeRlx3jOMuiv1TiSvE2gt17poC+E0zjBtjXAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUJYfBkvN8MNQ3gQg5+r5NY6j0e0kwHwYDVR0j
BBgwFoAU6V1/1c5W6W4zam6Fxt4SB42SIG8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQTk1OTZEMjEyRThCNjZBMTE5MkI3NjhCODlGRjJEQUU4
RTQ5NjFEM0Q5RTIyNkFDNDk3OEZDNkU2QUQ5RjU2LzAvRTk1RDdGRDVDRTU2RTk2
RTMzNkE2RTg1QzZERTEyMDc4RDkyMjA2Ri5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FOTVEN0ZENUNFNTZFOTZFMzM2
QTZFODVDNkRFMTIwNzhEOTIyMDZGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREE5NTk2RDIxMkU4QjY2QTExOTJCNzY4Qjg5RkYyREFFOEU0OTYxRDNE
OUUyMjZBQzQ5NzhGQzZFNkFEOUY1Ni8wLzMxMzczOTJlMzYzMTJlMzEzMjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKzPQwwDQYJ
KoZIhvcNAQELBQADggEBACE8KxRU+tKm/GOYkTxS9mBs9yaL3+9yFBxbfRlmwhsJ
wWggn2B1ZZD62xDFBmSRkHXaa4pxCy4xv6xBrkU55Y37NH6/ewPzh5N3yCArUDeK
B+Yem6VCwa0qdj7d3KZrarIj9db/EOnqwNajXpoZXqvgWjERE35NBRcCXgGeh0iR
FB1NkbyGgao37FtWWtMsGzr8UFXf4YsbT1sfarcVEbQPhsTKdx9RQYLqoqqu1QCY
BkLY0tbH30QbNg3ijPGYzsum/LdQ++DAqOiwYmWKnl+Uc5e3d56Aryk9r+lXS0cg
MtY88TbI3sohHV0Ts/BEHIbzTPTDWY7TzHt1dlVtRRc=
-----END CERTIFICATE-----