Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/EA25BBBAA8D21295B831FB8B5E2F6823069D1B1D89B74619D7445222985CB189/0/3139312e3130322e3233382e302f32332d3234203d3e20323730303537.roa
File:                     3139312e3130322e3233382e302f32332d3234203d3e20323730303537.roa (raw, json)
Hash identifier:          rTnXscU9AyYwGOVoF25bcj0QhVFWtk2jT4H0oEIrdHc=
Subject key identifier:   6A:6C:4A:AD:F9:75:CB:55:11:8E:83:44:53:FD:B9:2E:48:21:96:44
Certificate issuer:       /CN=076991290F5B947E0E07A8223FE219EC05478D0F
Certificate serial:       3C6BA029359B9774C0985626F79D36B60FFE7E2B
Authority key identifier: 07:69:91:29:0F:5B:94:7E:0E:07:A8:22:3F:E2:19:EC:05:47:8D:0F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/076991290F5B947E0E07A8223FE219EC05478D0F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/EA25BBBAA8D21295B831FB8B5E2F6823069D1B1D89B74619D7445222985CB189/0/3139312e3130322e3233382e302f32332d3234203d3e20323730303537.roa
Signing time:             Tue 04 Feb 2025 18:46:34 +0000
ROA not before:           Tue 04 Feb 2025 18:41:34 +0000
ROA not after:            Tue 03 Feb 2026 18:46:34 +0000
asID:                     270057
IP address blocks:        191.102.238.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:6b:a0:29:35:9b:97:74:c0:98:56:26:f7:9d:36:b6:0f:fe:7e:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=076991290F5B947E0E07A8223FE219EC05478D0F
        Validity
            Not Before: Feb  4 18:41:34 2025 GMT
            Not After : Feb  3 18:46:34 2026 GMT
        Subject: CN=6A6C4AADF975CB55118E834453FDB92E48219644
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:32:0f:5b:e3:62:7d:41:35:55:ec:e3:9d:11:
                    01:68:e8:9d:ff:84:f9:23:1e:78:6f:27:3c:b9:ec:
                    59:58:57:20:4a:5a:a9:74:90:d1:8e:3e:9c:63:94:
                    11:b7:bb:e9:90:9c:d1:bf:ee:c4:ca:e5:be:95:98:
                    1c:bd:d7:54:7b:d9:45:d1:d7:db:00:06:67:44:df:
                    f4:95:f2:e1:02:0f:31:51:26:0c:4d:31:ef:9d:99:
                    2b:ee:cd:7b:69:57:13:4e:64:0d:cf:a6:76:d5:30:
                    36:2f:46:08:0f:3e:cb:65:5a:ee:f5:b0:8a:ae:73:
                    75:c7:1d:46:3e:4f:00:84:ef:21:bb:28:13:80:ed:
                    c6:0c:5f:09:dd:f6:bc:b0:1d:35:d0:e6:e8:26:0b:
                    93:aa:e1:23:20:d6:a9:ae:d3:76:74:bd:9f:e2:91:
                    be:9e:9a:c2:a6:42:9b:0f:3e:1c:fe:de:5d:88:ef:
                    b3:c6:d0:62:cd:eb:79:e8:ef:0e:b3:56:a9:70:99:
                    0c:26:ca:24:4a:f7:ba:38:17:7e:a5:a4:54:4d:66:
                    da:30:9a:d0:2c:c1:24:32:79:ce:74:c9:7c:bc:41:
                    f6:68:47:e0:cb:e8:9d:6a:76:95:35:08:6f:b5:c9:
                    55:80:1f:8e:ae:00:2d:7c:f4:67:72:4b:1e:55:b0:
                    fc:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:6C:4A:AD:F9:75:CB:55:11:8E:83:44:53:FD:B9:2E:48:21:96:44
            X509v3 Authority Key Identifier:
                keyid:07:69:91:29:0F:5B:94:7E:0E:07:A8:22:3F:E2:19:EC:05:47:8D:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/EA25BBBAA8D21295B831FB8B5E2F6823069D1B1D89B74619D7445222985CB189/0/076991290F5B947E0E07A8223FE219EC05478D0F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/076991290F5B947E0E07A8223FE219EC05478D0F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/EA25BBBAA8D21295B831FB8B5E2F6823069D1B1D89B74619D7445222985CB189/0/3139312e3130322e3233382e302f32332d3234203d3e20323730303537.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.102.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         14:fd:eb:e7:28:ca:13:b7:ac:e2:ff:c3:61:70:15:a7:16:a0:
         f5:87:41:71:ae:0c:c2:1e:0d:28:ea:a2:15:c4:43:07:c5:cd:
         06:56:6d:43:21:c3:6a:56:c2:dc:fd:38:fb:a2:bb:76:98:4b:
         ce:e1:28:ca:3d:08:61:46:e5:26:c8:70:5e:3f:d2:9e:b3:14:
         09:27:bd:cb:59:a6:9d:fb:3c:e7:7e:83:28:9c:67:f5:d3:ee:
         df:41:5b:02:7b:a3:6f:4e:4a:b3:97:36:e5:89:9f:0a:eb:b2:
         3a:f2:4e:73:ad:96:5e:db:3f:36:bd:96:7f:07:6e:e4:76:5d:
         44:da:99:e2:9b:32:fa:5c:e8:7e:ba:f2:b5:99:4a:52:a6:0a:
         b1:9d:9a:7c:f0:0a:51:b5:f9:be:85:28:6d:f2:71:6b:24:de:
         f8:b2:26:1e:5a:63:97:a8:43:3d:7b:6d:24:00:de:13:1e:e9:
         2f:31:59:8a:1e:04:a9:fd:62:03:a1:12:d4:04:94:58:2d:d9:
         bf:5d:4d:2c:47:7d:3f:e0:e3:4a:2b:17:c0:bb:a7:e8:b8:9a:
         98:f1:9e:d4:3b:ba:eb:dd:e0:a8:dd:d2:76:d4:66:b0:5e:0d:
         1e:b8:3e:41:0b:8d:7b:da:31:67:74:5e:88:9a:d2:6b:49:6e:
         62:bd:de:81
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUPGugKTWbl3TAmFYm9502tg/+fiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDc2OTkxMjkwRjVCOTQ3RTBFMDdBODIyM0ZFMjE5RUMw
NTQ3OEQwRjAeFw0yNTAyMDQxODQxMzRaFw0yNjAyMDMxODQ2MzRaMDMxMTAvBgNV
BAMTKDZBNkM0QUFERjk3NUNCNTUxMThFODM0NDUzRkRCOTJFNDgyMTk2NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbMg9b42J9QTVV7OOdEQFo6J3/
hPkjHnhvJzy57FlYVyBKWql0kNGOPpxjlBG3u+mQnNG/7sTK5b6VmBy911R72UXR
19sABmdE3/SV8uECDzFRJgxNMe+dmSvuzXtpVxNOZA3PpnbVMDYvRggPPstlWu71
sIquc3XHHUY+TwCE7yG7KBOA7cYMXwnd9rywHTXQ5ugmC5Oq4SMg1qmu03Z0vZ/i
kb6emsKmQpsPPhz+3l2I77PG0GLN63no7w6zVqlwmQwmyiRK97o4F36lpFRNZtow
mtAswSQyec50yXy8QfZoR+DL6J1qdpU1CG+1yVWAH46uAC189GdySx5VsPzjAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUamxKrfl1y1URjoNEU/25LkghlkQwHwYDVR0j
BBgwFoAUB2mRKQ9blH4OB6giP+IZ7AVHjQ8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FQTI1QkJCQUE4RDIxMjk1QjgzMUZCOEI1RTJGNjgyMzA2
OUQxQjFEODlCNzQ2MTlENzQ0NTIyMjk4NUNCMTg5LzAvMDc2OTkxMjkwRjVCOTQ3
RTBFMDdBODIyM0ZFMjE5RUMwNTQ3OEQwRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wNzY5OTEyOTBGNUI5NDdFMEUw
N0E4MjIzRkUyMTlFQzA1NDc4RDBGLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRUEyNUJCQkFBOEQyMTI5NUI4MzFGQjhCNUUyRjY4MjMwNjlEMUIxRDg5
Qjc0NjE5RDc0NDUyMjI5ODVDQjE4OS8wLzMxMzkzMTJlMzEzMDMyMmUzMjMzMzgy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjM3MzAzMDM1Mzcucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG/
Zu4wDQYJKoZIhvcNAQELBQADggEBABT96+coyhO3rOL/w2FwFacWoPWHQXGuDMIe
DSjqohXEQwfFzQZWbUMhw2pWwtz9OPuiu3aYS87hKMo9CGFG5SbIcF4/0p6zFAkn
vctZpp37POd+gyicZ/XT7t9BWwJ7o29OSrOXNuWJnwrrsjryTnOtll7bPza9ln8H
buR2XUTameKbMvpc6H668rWZSlKmCrGdmnzwClG1+b6FKG3ycWsk3viyJh5aY5eo
Qz17bSQA3hMe6S8xWYoeBKn9YgOhEtQElFgt2b9dTSxHfT/g40orF8C7p+i4mpjx
ntQ7uuvd4Kjd0nbUZrBeDR64PkELjXvaMWd0Xoia0mtJbmK93oE=
-----END CERTIFICATE-----