Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DAFE3A1457ABBD6D75176B3D24D7025C8312489FF4C52CAE83B8A0D2D1D1BC7A/0/3138312e3131382e3139322e302f32302d3234203d3e203532343035.roa
File:                     3138312e3131382e3139322e302f32302d3234203d3e203532343035.roa (raw, json)
Hash identifier:          Xu+ehCw2pPwRjYhmJogkFdANB0VtESrHdaDxwPKwCTA=
Subject key identifier:   C6:2E:E9:18:BA:DF:58:FA:9C:4A:2C:6A:C2:32:5C:23:40:94:CE:E8
Certificate issuer:       /CN=C6BF9255E35CF2851ECFDFAC161E95CCC7E5C22F
Certificate serial:       786B168F35C545D7F8564494F533CCB7399F005C
Authority key identifier: C6:BF:92:55:E3:5C:F2:85:1E:CF:DF:AC:16:1E:95:CC:C7:E5:C2:2F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C6BF9255E35CF2851ECFDFAC161E95CCC7E5C22F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DAFE3A1457ABBD6D75176B3D24D7025C8312489FF4C52CAE83B8A0D2D1D1BC7A/0/3138312e3131382e3139322e302f32302d3234203d3e203532343035.roa
Signing time:             Tue 04 Feb 2025 18:05:56 +0000
ROA not before:           Tue 04 Feb 2025 18:00:56 +0000
ROA not after:            Tue 03 Feb 2026 18:05:56 +0000
asID:                     52405
IP address blocks:        181.118.192.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:6b:16:8f:35:c5:45:d7:f8:56:44:94:f5:33:cc:b7:39:9f:00:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C6BF9255E35CF2851ECFDFAC161E95CCC7E5C22F
        Validity
            Not Before: Feb  4 18:00:56 2025 GMT
            Not After : Feb  3 18:05:56 2026 GMT
        Subject: CN=C62EE918BADF58FA9C4A2C6AC2325C234094CEE8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:05:dd:30:44:ae:6d:e7:89:6a:c3:9e:be:cf:
                    d8:db:92:af:d9:9c:8d:c7:52:cf:bc:bf:2d:b8:27:
                    d0:fb:ef:78:23:b2:26:e6:41:ec:90:19:62:0b:04:
                    b5:3d:32:32:12:3d:23:3b:1b:4d:59:22:30:5a:e0:
                    01:7c:7f:4b:72:f6:f9:af:54:d9:19:e3:07:89:21:
                    33:4c:37:70:14:61:24:df:a3:64:cd:aa:7a:c4:eb:
                    c4:89:f1:18:34:6a:09:de:02:0c:78:0d:9d:ba:f8:
                    15:87:e8:28:49:49:07:51:8c:0c:a6:16:01:89:4b:
                    f8:07:85:2d:e6:7a:23:99:7d:0f:af:53:d2:42:17:
                    23:92:1b:61:13:38:8e:3f:3d:bb:98:fc:93:41:2b:
                    77:c5:64:2a:94:77:6e:25:9c:f8:c1:92:61:cd:36:
                    d5:f9:4a:3f:65:16:45:c2:6b:88:83:18:2e:c0:b5:
                    5e:37:49:fa:82:63:5d:ca:01:6c:7f:6c:26:67:a9:
                    2e:1e:96:98:57:81:45:6c:3d:b1:9c:6c:a5:77:df:
                    39:9f:a8:7f:06:77:b2:6b:c0:80:59:bb:53:c7:f5:
                    06:3e:8e:57:a1:64:1e:e1:c5:ca:ba:a2:6e:35:72:
                    56:25:cd:f8:13:32:23:ae:96:27:7e:74:a5:52:d5:
                    56:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:2E:E9:18:BA:DF:58:FA:9C:4A:2C:6A:C2:32:5C:23:40:94:CE:E8
            X509v3 Authority Key Identifier:
                keyid:C6:BF:92:55:E3:5C:F2:85:1E:CF:DF:AC:16:1E:95:CC:C7:E5:C2:2F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DAFE3A1457ABBD6D75176B3D24D7025C8312489FF4C52CAE83B8A0D2D1D1BC7A/0/C6BF9255E35CF2851ECFDFAC161E95CCC7E5C22F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C6BF9255E35CF2851ECFDFAC161E95CCC7E5C22F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DAFE3A1457ABBD6D75176B3D24D7025C8312489FF4C52CAE83B8A0D2D1D1BC7A/0/3138312e3131382e3139322e302f32302d3234203d3e203532343035.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.118.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         ae:c0:d8:57:e7:0f:0e:75:f2:74:7c:45:44:04:30:c9:42:c7:
         2e:a7:3a:48:f4:99:44:f8:04:e9:05:72:33:3b:ab:21:4e:7e:
         db:59:2b:21:5c:14:fa:7f:f1:42:59:35:2a:c2:3d:40:bb:3a:
         95:98:01:02:ee:7f:66:96:b9:e2:9b:d8:3f:ee:c4:f0:59:3e:
         3d:2d:ee:72:3a:71:d2:e6:d8:94:0f:fa:51:19:a4:c6:36:cf:
         85:e0:f7:8b:02:e5:5d:ab:13:da:38:45:ca:84:02:f4:bc:aa:
         aa:50:e4:28:b8:c5:8e:83:1b:1d:f1:3f:31:8d:74:98:7a:7f:
         1a:92:ab:46:e4:86:05:0e:b1:47:3f:51:aa:69:6f:f6:4d:f7:
         91:c5:30:de:b4:2c:32:26:d1:b5:d6:01:78:cf:d6:64:92:63:
         38:bc:b7:51:e0:45:1b:d0:90:bd:39:f0:25:6b:d3:45:ba:d7:
         6c:c2:83:db:9d:73:af:92:b8:ad:a8:1d:3d:74:71:51:ec:a5:
         83:19:9b:e0:d8:87:c3:d0:1f:b3:cf:9f:bf:63:15:5b:fd:8e:
         89:b3:27:11:c3:8c:06:a7:bd:82:18:1a:1d:e5:5a:7c:0c:44:
         7e:21:0d:74:74:3e:12:fc:f0:c9:fc:21:bf:6b:18:04:a6:c6:
         33:9e:15:b4
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUeGsWjzXFRdf4VkSU9TPMtzmfAFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzZCRjkyNTVFMzVDRjI4NTFFQ0ZERkFDMTYxRTk1Q0ND
N0U1QzIyRjAeFw0yNTAyMDQxODAwNTZaFw0yNjAyMDMxODA1NTZaMDMxMTAvBgNV
BAMTKEM2MkVFOTE4QkFERjU4RkE5QzRBMkM2QUMyMzI1QzIzNDA5NENFRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiBd0wRK5t54lqw56+z9jbkq/Z
nI3HUs+8vy24J9D773gjsibmQeyQGWILBLU9MjISPSM7G01ZIjBa4AF8f0ty9vmv
VNkZ4weJITNMN3AUYSTfo2TNqnrE68SJ8Rg0agneAgx4DZ26+BWH6ChJSQdRjAym
FgGJS/gHhS3meiOZfQ+vU9JCFyOSG2ETOI4/PbuY/JNBK3fFZCqUd24lnPjBkmHN
NtX5Sj9lFkXCa4iDGC7AtV43SfqCY13KAWx/bCZnqS4elphXgUVsPbGcbKV33zmf
qH8Gd7JrwIBZu1PH9QY+jlehZB7hxcq6om41clYlzfgTMiOulid+dKVS1VZzAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUxi7pGLrfWPqcSixqwjJcI0CUzugwHwYDVR0j
BBgwFoAUxr+SVeNc8oUez9+sFh6VzMflwi8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQUZFM0ExNDU3QUJCRDZENzUxNzZCM0QyNEQ3MDI1Qzgz
MTI0ODlGRjRDNTJDQUU4M0I4QTBEMkQxRDFCQzdBLzAvQzZCRjkyNTVFMzVDRjI4
NTFFQ0ZERkFDMTYxRTk1Q0NDN0U1QzIyRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DNkJGOTI1NUUzNUNGMjg1MUVD
RkRGQUMxNjFFOTVDQ0M3RTVDMjJGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREFGRTNBMTQ1N0FCQkQ2RDc1MTc2QjNEMjRENzAyNUM4MzEyNDg5RkY0
QzUyQ0FFODNCOEEwRDJEMUQxQkM3QS8wLzMxMzgzMTJlMzEzMTM4MmUzMTM5MzIy
ZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzNTMyMzQzMDM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEtXbA
MA0GCSqGSIb3DQEBCwUAA4IBAQCuwNhX5w8OdfJ0fEVEBDDJQscupzpI9JlE+ATp
BXIzO6shTn7bWSshXBT6f/FCWTUqwj1AuzqVmAEC7n9mlrnim9g/7sTwWT49Le5y
OnHS5tiUD/pRGaTGNs+F4PeLAuVdqxPaOEXKhAL0vKqqUOQouMWOgxsd8T8xjXSY
en8akqtG5IYFDrFHP1GqaW/2TfeRxTDetCwyJtG11gF4z9ZkkmM4vLdR4EUb0JC9
OfAla9NFutdswoPbnXOvkritqB09dHFR7KWDGZvg2IfD0B+zz5+/YxVb/Y6JsycR
w4wGp72CGBod5Vp8DER+IQ10dD4S/PDJ/CG/axgEpsYznhW0
-----END CERTIFICATE-----