Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DE025ADE63A9177898D7E1EF1103089E82D18CE0541050F4C849516A60F77423/0/3133382e3231392e35382e302f32332d3233203d3e203532353130.roa
File:                     3133382e3231392e35382e302f32332d3233203d3e203532353130.roa (raw, json)
Hash identifier:          4DphzCuHwaM0xxNPDKjEjoKNySbRAjPeCAhkMbqdHOo=
Subject key identifier:   62:46:F6:77:5D:15:94:78:27:28:FA:3B:C1:5D:F2:3C:A6:9B:76:A4
Certificate issuer:       /CN=2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D
Certificate serial:       2846A4B77897EF173BB3A4AD752466BDA8061C63
Authority key identifier: 26:36:D4:CB:ED:BE:7A:0F:4D:43:DC:16:21:DE:3D:19:36:64:5F:3D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DE025ADE63A9177898D7E1EF1103089E82D18CE0541050F4C849516A60F77423/0/3133382e3231392e35382e302f32332d3233203d3e203532353130.roa
Signing time:             Tue 04 Feb 2025 18:31:44 +0000
ROA not before:           Tue 04 Feb 2025 18:26:44 +0000
ROA not after:            Tue 03 Feb 2026 18:31:44 +0000
asID:                     52510
IP address blocks:        138.219.58.0/23 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:46:a4:b7:78:97:ef:17:3b:b3:a4:ad:75:24:66:bd:a8:06:1c:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D
        Validity
            Not Before: Feb  4 18:26:44 2025 GMT
            Not After : Feb  3 18:31:44 2026 GMT
        Subject: CN=6246F6775D1594782728FA3BC15DF23CA69B76A4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:40:48:d9:77:78:6e:9d:f3:33:74:a7:41:bb:
                    30:d3:db:6d:b9:96:3e:73:e9:71:d0:0d:61:a4:e5:
                    8a:56:fa:8d:23:ef:11:4f:38:2a:61:57:b2:e6:51:
                    6f:98:d0:31:2d:a9:8a:33:6f:f8:cb:4b:2d:ab:29:
                    d5:fe:d4:68:a4:d0:11:9d:32:88:9c:2e:16:ac:d7:
                    f3:7a:87:47:39:b4:61:28:7f:be:3c:12:c5:9d:69:
                    22:bb:6a:e4:c5:a6:e7:05:a0:63:eb:5c:66:e9:e3:
                    21:9d:e0:1d:9e:04:9f:bf:16:69:30:5e:4e:11:5a:
                    c0:f2:e7:a5:0d:2f:9e:c7:5b:5c:72:17:c5:cd:43:
                    4d:ab:36:c2:a7:80:31:da:d4:29:80:7c:88:63:aa:
                    54:36:39:e1:2d:ec:66:6e:2d:c8:93:cc:6f:16:98:
                    44:3b:a5:ba:fa:b3:9f:21:fd:9f:e5:a4:94:a9:27:
                    73:df:58:fb:17:9c:88:77:b3:5e:27:d0:95:12:68:
                    e7:b3:14:c9:5d:4c:57:7f:a5:2d:b8:f3:60:cf:ab:
                    4c:19:15:b2:3d:fc:01:02:d9:3e:74:46:1f:5c:48:
                    20:d8:4d:73:95:22:b9:c5:6a:71:c2:94:8b:27:b4:
                    fd:e5:b5:10:6a:46:ad:7b:5c:e6:8a:41:0b:4f:42:
                    a0:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:46:F6:77:5D:15:94:78:27:28:FA:3B:C1:5D:F2:3C:A6:9B:76:A4
            X509v3 Authority Key Identifier:
                keyid:26:36:D4:CB:ED:BE:7A:0F:4D:43:DC:16:21:DE:3D:19:36:64:5F:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DE025ADE63A9177898D7E1EF1103089E82D18CE0541050F4C849516A60F77423/0/2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2636D4CBEDBE7A0F4D43DC1621DE3D1936645F3D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DE025ADE63A9177898D7E1EF1103089E82D18CE0541050F4C849516A60F77423/0/3133382e3231392e35382e302f32332d3233203d3e203532353130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.219.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:ba:7b:db:75:7a:02:ac:dc:93:3a:1c:51:30:ba:58:2d:e4:
         dd:84:13:85:bb:be:01:8d:d5:2e:8b:1d:24:35:57:4f:49:1c:
         7b:d1:8c:50:a7:21:1e:4a:4b:ae:5a:42:01:ba:16:0d:6c:ec:
         ca:30:85:46:4a:1e:0a:ab:ae:80:05:67:05:41:a8:5e:27:a0:
         37:37:5d:1e:80:9a:8f:f0:c6:e8:89:75:5d:f7:3c:a1:5b:91:
         f8:d2:22:b1:8b:fa:3c:32:89:16:da:fe:d4:f0:e5:1a:58:84:
         c9:62:72:bf:34:e0:a6:58:88:d9:9d:40:91:67:9b:2e:85:d8:
         98:da:c2:5a:8d:52:12:51:d4:9a:3e:7e:b7:a3:a0:79:d2:da:
         49:e3:c5:e7:02:7d:4c:e3:94:86:1b:f8:52:49:dd:2c:82:92:
         82:5e:ad:b3:48:c3:c3:fb:ef:e9:74:2a:f3:48:e7:79:68:69:
         1e:2b:86:a4:81:e2:46:e8:5b:d4:cf:6f:b5:fa:0e:08:b6:d0:
         cb:96:ea:a7:91:48:e4:96:cb:4f:52:bb:4e:fe:8f:32:a5:b5:
         9b:09:4f:36:4f:56:bc:4f:e0:59:27:65:37:e6:e9:83:2f:be:
         0a:03:80:44:02:2c:c1:63:f7:d6:65:fd:de:c7:cd:86:2c:66:
         a1:cf:25:61
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUKEakt3iX7xc7s6StdSRmvagGHGMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjYzNkQ0Q0JFREJFN0EwRjRENDNEQzE2MjFERTNEMTkz
NjY0NUYzRDAeFw0yNTAyMDQxODI2NDRaFw0yNjAyMDMxODMxNDRaMDMxMTAvBgNV
BAMTKDYyNDZGNjc3NUQxNTk0NzgyNzI4RkEzQkMxNURGMjNDQTY5Qjc2QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpQEjZd3hunfMzdKdBuzDT2225
lj5z6XHQDWGk5YpW+o0j7xFPOCphV7LmUW+Y0DEtqYozb/jLSy2rKdX+1Gik0BGd
MoicLhas1/N6h0c5tGEof748EsWdaSK7auTFpucFoGPrXGbp4yGd4B2eBJ+/Fmkw
Xk4RWsDy56UNL57HW1xyF8XNQ02rNsKngDHa1CmAfIhjqlQ2OeEt7GZuLciTzG8W
mEQ7pbr6s58h/Z/lpJSpJ3PfWPsXnIh3s14n0JUSaOezFMldTFd/pS2482DPq0wZ
FbI9/AEC2T50Rh9cSCDYTXOVIrnFanHClIsntP3ltRBqRq17XOaKQQtPQqBnAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUYkb2d10VlHgnKPo7wV3yPKabdqQwHwYDVR0j
BBgwFoAUJjbUy+2+eg9NQ9wWId49GTZkXz0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ERTAyNUFERTYzQTkxNzc4OThEN0UxRUYxMTAzMDg5RTgy
RDE4Q0UwNTQxMDUwRjRDODQ5NTE2QTYwRjc3NDIzLzAvMjYzNkQ0Q0JFREJFN0Ew
RjRENDNEQzE2MjFERTNEMTkzNjY0NUYzRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNjM2RDRDQkVEQkU3QTBGNEQ0
M0RDMTYyMURFM0QxOTM2NjQ1RjNELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREUwMjVBREU2M0E5MTc3ODk4RDdFMUVGMTEwMzA4OUU4MkQxOENFMDU0
MTA1MEY0Qzg0OTUxNkE2MEY3NzQyMy8wLzMxMzMzODJlMzIzMTM5MmUzNTM4MmUz
MDJmMzIzMzJkMzIzMzIwM2QzZTIwMzUzMjM1MzEzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAYrbOjAN
BgkqhkiG9w0BAQsFAAOCAQEATbp723V6AqzckzocUTC6WC3k3YQThbu+AY3VLosd
JDVXT0kce9GMUKchHkpLrlpCAboWDWzsyjCFRkoeCquugAVnBUGoXiegNzddHoCa
j/DG6Il1Xfc8oVuR+NIisYv6PDKJFtr+1PDlGliEyWJyvzTgpliI2Z1AkWebLoXY
mNrCWo1SElHUmj5+t6OgedLaSePF5wJ9TOOUhhv4UkndLIKSgl6ts0jDw/vv6XQq
80jneWhpHiuGpIHiRuhb1M9vtfoOCLbQy5bqp5FI5JbLT1K7Tv6PMqW1mwlPNk9W
vE/gWSdlN+bpgy++CgOARAIswWP31mX93sfNhixmoc8lYQ==
-----END CERTIFICATE-----