Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/EE664F72D9B391E53BD233E258BF0C2E97193405A4F8BAC8A6D7BD823EA3C9A6/0/3133382e3131372e3134312e302f32342d3234203d3e203532343638.roa
File:                     3133382e3131372e3134312e302f32342d3234203d3e203532343638.roa (raw, json)
Hash identifier:          oJEI8lvlUMUAqk9yOJpKEzbaLfFPcg01ecElJMmwkxY=
Subject key identifier:   99:B8:BD:98:CD:68:B4:DE:86:0C:39:62:92:F9:10:D4:0D:9E:7C:36
Certificate issuer:       /CN=F279D661C4E03FF0C843C0E122E4839565933C7C
Certificate serial:       5F263BF7F15A6CE7C6AEB1A8D5838F741CC53D6E
Authority key identifier: F2:79:D6:61:C4:E0:3F:F0:C8:43:C0:E1:22:E4:83:95:65:93:3C:7C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F279D661C4E03FF0C843C0E122E4839565933C7C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/EE664F72D9B391E53BD233E258BF0C2E97193405A4F8BAC8A6D7BD823EA3C9A6/0/3133382e3131372e3134312e302f32342d3234203d3e203532343638.roa
Signing time:             Tue 25 Feb 2025 06:11:01 +0000
ROA not before:           Tue 25 Feb 2025 06:06:01 +0000
ROA not after:            Tue 24 Feb 2026 06:11:01 +0000
asID:                     52468
IP address blocks:        138.117.141.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:26:3b:f7:f1:5a:6c:e7:c6:ae:b1:a8:d5:83:8f:74:1c:c5:3d:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F279D661C4E03FF0C843C0E122E4839565933C7C
        Validity
            Not Before: Feb 25 06:06:01 2025 GMT
            Not After : Feb 24 06:11:01 2026 GMT
        Subject: CN=99B8BD98CD68B4DE860C396292F910D40D9E7C36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c6:93:bc:de:6e:36:e8:6c:99:5e:08:b5:ee:
                    e8:cb:a7:11:f1:6a:c6:0a:8a:9b:c4:7b:fa:00:d5:
                    ad:d2:5d:32:ef:3d:23:d9:8e:b5:b1:fe:5f:b2:bd:
                    d4:26:ba:ab:63:05:59:d5:7f:9e:75:16:c8:b6:ba:
                    c2:c3:82:56:5f:45:9b:ae:5b:b8:75:e6:27:43:45:
                    61:09:98:0f:8d:a2:11:38:3a:85:c5:ae:f6:b9:3f:
                    f8:f2:74:fe:ad:20:0d:ea:1b:ce:88:7d:d6:68:c3:
                    71:78:b5:cf:20:5d:48:cb:5f:f0:a8:6f:fd:ff:3a:
                    a7:3f:35:6a:09:c3:3e:1d:8b:a1:72:ca:1d:d3:1c:
                    5c:80:14:ab:49:c9:e5:a8:a2:5c:76:7d:23:60:b2:
                    48:b3:32:5e:9a:56:bc:2c:9f:57:ae:bc:49:7a:85:
                    6d:f4:ee:0f:70:a9:24:a3:fa:ed:19:e2:bc:32:75:
                    c5:3a:13:42:f9:0e:f2:5d:3b:f8:17:00:91:1e:52:
                    aa:68:e5:41:1d:ab:7f:f1:ef:05:34:9c:de:5e:b7:
                    67:19:99:a8:8c:90:1d:f8:4f:9a:c9:ce:ca:48:4e:
                    44:63:59:6b:94:11:e4:c6:91:e9:2a:99:e1:4f:b5:
                    ec:22:e1:cf:a0:49:60:d7:e9:92:9d:8d:3d:81:20:
                    bb:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:B8:BD:98:CD:68:B4:DE:86:0C:39:62:92:F9:10:D4:0D:9E:7C:36
            X509v3 Authority Key Identifier:
                keyid:F2:79:D6:61:C4:E0:3F:F0:C8:43:C0:E1:22:E4:83:95:65:93:3C:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/EE664F72D9B391E53BD233E258BF0C2E97193405A4F8BAC8A6D7BD823EA3C9A6/0/F279D661C4E03FF0C843C0E122E4839565933C7C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F279D661C4E03FF0C843C0E122E4839565933C7C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/EE664F72D9B391E53BD233E258BF0C2E97193405A4F8BAC8A6D7BD823EA3C9A6/0/3133382e3131372e3134312e302f32342d3234203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.117.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:74:d1:b8:a0:7c:3c:b7:20:64:3e:99:37:9f:86:56:f7:86:
         ee:e3:4e:1a:72:fe:a9:fb:65:0a:03:9f:04:5f:93:70:19:9f:
         2f:ab:31:e8:1c:d0:01:19:b4:ac:a0:65:b9:c3:90:fd:8f:9f:
         30:4c:9e:af:4c:a6:a5:a3:5c:a6:9c:dd:3b:d1:e2:7b:5b:9c:
         2f:da:2f:7b:37:ac:20:ea:8e:e8:3d:13:8b:b8:3e:4f:6c:39:
         9c:1c:e7:b6:44:bc:1e:93:1d:a3:76:5d:e6:e8:66:94:95:d2:
         0a:95:e0:4d:35:c0:bc:6b:60:a3:ee:9c:0a:e3:94:f1:dc:96:
         e6:e1:0c:0d:93:a6:13:5b:e2:18:19:92:e7:1a:55:9f:8f:65:
         49:2c:28:eb:69:08:fe:bc:aa:bd:0c:0b:0f:f5:05:9f:c9:c1:
         8a:a7:74:77:2d:dc:44:b7:2b:43:ce:84:72:ba:14:0a:9c:c8:
         9f:65:b9:40:ea:07:3e:c0:ac:41:06:34:b1:30:4d:5f:d1:6f:
         b1:7f:92:5a:61:75:40:74:4e:8b:23:98:83:7d:0b:d3:04:3b:
         ea:27:61:e7:ee:80:3e:1a:f4:70:e0:6b:28:66:a9:d3:bb:36:
         5f:45:14:68:22:74:8b:d6:e1:c5:69:73:54:ab:07:79:ba:3e:
         cb:95:84:92
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUXyY79/FabOfGrrGo1YOPdBzFPW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjI3OUQ2NjFDNEUwM0ZGMEM4NDNDMEUxMjJFNDgzOTU2
NTkzM0M3QzAeFw0yNTAyMjUwNjA2MDFaFw0yNjAyMjQwNjExMDFaMDMxMTAvBgNV
BAMTKDk5QjhCRDk4Q0Q2OEI0REU4NjBDMzk2MjkyRjkxMEQ0MEQ5RTdDMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0xpO83m426GyZXgi17ujLpxHx
asYKipvEe/oA1a3SXTLvPSPZjrWx/l+yvdQmuqtjBVnVf551Fsi2usLDglZfRZuu
W7h15idDRWEJmA+NohE4OoXFrva5P/jydP6tIA3qG86IfdZow3F4tc8gXUjLX/Co
b/3/Oqc/NWoJwz4di6Fyyh3THFyAFKtJyeWoolx2fSNgskizMl6aVrwsn1euvEl6
hW307g9wqSSj+u0Z4rwydcU6E0L5DvJdO/gXAJEeUqpo5UEdq3/x7wU0nN5et2cZ
maiMkB34T5rJzspITkRjWWuUEeTGkekqmeFPtewi4c+gSWDX6ZKdjT2BILsPAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUmbi9mM1otN6GDDlikvkQ1A2efDYwHwYDVR0j
BBgwFoAU8nnWYcTgP/DIQ8DhIuSDlWWTPHwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FRTY2NEY3MkQ5QjM5MUU1M0JEMjMzRTI1OEJGMEMyRTk3
MTkzNDA1QTRGOEJBQzhBNkQ3QkQ4MjNFQTNDOUE2LzAvRjI3OUQ2NjFDNEUwM0ZG
MEM4NDNDMEUxMjJFNDgzOTU2NTkzM0M3Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMjc5RDY2MUM0RTAzRkYwQzg0
M0MwRTEyMkU0ODM5NTY1OTMzQzdDLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRUU2NjRGNzJEOUIzOTFFNTNCRDIzM0UyNThCRjBDMkU5NzE5MzQwNUE0
RjhCQUM4QTZEN0JEODIzRUEzQzlBNi8wLzMxMzMzODJlMzEzMTM3MmUzMTM0MzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMyMzQzNjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAinWN
MA0GCSqGSIb3DQEBCwUAA4IBAQBrdNG4oHw8tyBkPpk3n4ZW94bu404acv6p+2UK
A58EX5NwGZ8vqzHoHNABGbSsoGW5w5D9j58wTJ6vTKalo1ymnN070eJ7W5wv2i97
N6wg6o7oPROLuD5PbDmcHOe2RLwekx2jdl3m6GaUldIKleBNNcC8a2Cj7pwK45Tx
3Jbm4QwNk6YTW+IYGZLnGlWfj2VJLCjraQj+vKq9DAsP9QWfycGKp3R3LdxEtytD
zoRyuhQKnMifZblA6gc+wKxBBjSxME1f0W+xf5JaYXVAdE6LI5iDfQvTBDvqJ2Hn
7oA+GvRw4GsoZqnTuzZfRRRoInSL1uHFaXNUqwd5uj7LlYSS
-----END CERTIFICATE-----