Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3139302e39362e3134342e302f32302d3231203d3e2033383136.roa
File:                     3139302e39362e3134342e302f32302d3231203d3e2033383136.roa (raw, json)
Hash identifier:          E2qxJgWhqYfXDITSHh61xEkIHIN0p1ITyUWluHUBtdI=
Subject key identifier:   AE:41:4E:F6:A9:95:A8:2D:7E:61:FE:9A:1B:63:2B:47:BA:F3:D5:13
Certificate issuer:       /CN=DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B
Certificate serial:       403CD4C25F22253FF0FDB741D4A9A667FF5DBD63
Authority key identifier: DA:5A:37:1F:C0:19:89:AA:59:6F:E2:68:CE:70:A3:C4:DC:AA:7A:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3139302e39362e3134342e302f32302d3231203d3e2033383136.roa
Signing time:             Tue 04 Feb 2025 18:22:16 +0000
ROA not before:           Tue 04 Feb 2025 18:17:16 +0000
ROA not after:            Tue 03 Feb 2026 18:22:16 +0000
asID:                     3816
IP address blocks:        190.96.144.0/20 maxlen: 21
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:3c:d4:c2:5f:22:25:3f:f0:fd:b7:41:d4:a9:a6:67:ff:5d:bd:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B
        Validity
            Not Before: Feb  4 18:17:16 2025 GMT
            Not After : Feb  3 18:22:16 2026 GMT
        Subject: CN=AE414EF6A995A82D7E61FE9A1B632B47BAF3D513
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:82:c9:7b:12:81:2d:d1:32:d0:f8:f3:23:4e:
                    4b:3c:7b:d4:f3:f5:94:02:d1:65:71:48:f2:2a:61:
                    b1:cb:7c:51:0b:49:06:7c:be:2b:c8:07:6a:b1:d8:
                    92:ab:a7:67:94:37:0c:e6:fa:c3:52:ca:51:96:35:
                    4e:22:a0:2a:3b:ff:ed:3a:23:1d:b3:4d:b6:b9:a5:
                    a3:ae:96:ae:fc:f3:f1:0e:a2:15:3c:9a:a9:d3:7d:
                    fa:32:2b:61:02:7b:ac:5c:62:e2:af:fe:97:7d:bc:
                    3c:86:3a:a7:22:30:42:f1:e9:1e:1e:8e:9e:4a:33:
                    6c:90:74:21:a6:77:dc:dd:5d:fd:ac:9b:7e:bb:47:
                    ff:cf:b6:b1:aa:ab:b0:d3:ad:c3:0c:cb:60:a8:75:
                    15:25:ad:e0:60:dd:c1:29:69:41:5c:11:3e:96:e8:
                    a4:d7:8c:b6:2a:46:ed:40:46:99:60:f0:f6:21:cb:
                    28:23:ae:73:57:a3:cb:7a:8c:46:dd:bf:8c:43:0d:
                    93:6c:9f:fd:65:5a:92:94:d5:18:e6:1c:fb:2f:a7:
                    ed:15:02:06:98:2e:c3:40:de:3b:72:f2:bf:12:89:
                    4d:33:86:5f:b5:bf:55:43:4f:de:f4:5d:49:60:08:
                    2e:66:f9:26:75:43:e0:2b:04:71:a4:e7:10:73:d3:
                    e1:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:41:4E:F6:A9:95:A8:2D:7E:61:FE:9A:1B:63:2B:47:BA:F3:D5:13
            X509v3 Authority Key Identifier:
                keyid:DA:5A:37:1F:C0:19:89:AA:59:6F:E2:68:CE:70:A3:C4:DC:AA:7A:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3139302e39362e3134342e302f32302d3231203d3e2033383136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.96.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         82:f0:d7:ea:7a:d3:99:00:83:ab:35:f1:38:e0:11:f1:d4:5b:
         f5:05:49:47:5e:b4:40:e7:57:b5:18:c9:52:ba:90:e7:a4:cc:
         48:85:89:f6:9b:3a:d4:4f:53:c2:77:93:a5:fa:db:d9:31:aa:
         23:b8:44:6b:3a:78:00:6a:48:77:34:14:de:2d:79:14:b6:67:
         25:3f:30:f9:de:64:7e:71:48:d6:5b:be:a7:63:8c:82:c8:7f:
         28:d7:59:b8:09:c5:4e:2c:7b:5b:8a:82:70:18:b0:0f:53:94:
         db:07:52:21:58:39:97:bd:78:7f:38:2f:c6:ac:7f:f3:09:22:
         da:64:de:43:84:80:d8:f9:67:05:64:84:bc:af:9b:0e:1e:3b:
         c3:1c:5d:5d:18:38:b8:8d:93:d3:2c:e9:89:8f:fb:0c:4a:3c:
         81:07:92:00:cd:10:15:24:5c:eb:29:a9:be:28:7b:5f:d9:ff:
         d3:f8:79:d0:b5:08:4e:94:64:01:4b:3c:c6:e6:f5:80:11:ca:
         6f:fd:48:e7:0a:5e:1c:09:a8:f7:5b:1d:1a:2f:b5:c6:ed:dd:
         b9:80:0f:62:9f:a9:fb:ca:31:9f:00:3f:10:c1:39:9a:f6:3b:
         a1:73:32:45:d7:47:18:73:9e:a4:fb:70:5e:b5:a4:0a:3d:a1:
         99:9a:62:08
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUQDzUwl8iJT/w/bdB1KmmZ/9dvWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREE1QTM3MUZDMDE5ODlBQTU5NkZFMjY4Q0U3MEEzQzRE
Q0FBN0E5QjAeFw0yNTAyMDQxODE3MTZaFw0yNjAyMDMxODIyMTZaMDMxMTAvBgNV
BAMTKEFFNDE0RUY2QTk5NUE4MkQ3RTYxRkU5QTFCNjMyQjQ3QkFGM0Q1MTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6gsl7EoEt0TLQ+PMjTks8e9Tz
9ZQC0WVxSPIqYbHLfFELSQZ8vivIB2qx2JKrp2eUNwzm+sNSylGWNU4ioCo7/+06
Ix2zTba5paOulq788/EOohU8mqnTffoyK2ECe6xcYuKv/pd9vDyGOqciMELx6R4e
jp5KM2yQdCGmd9zdXf2sm367R//PtrGqq7DTrcMMy2CodRUlreBg3cEpaUFcET6W
6KTXjLYqRu1ARplg8PYhyygjrnNXo8t6jEbdv4xDDZNsn/1lWpKU1RjmHPsvp+0V
AgaYLsNA3jty8r8SiU0zhl+1v1VDT970XUlgCC5m+SZ1Q+ArBHGk5xBz0+HLAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUrkFO9qmVqC1+Yf6aG2MrR7rz1RMwHwYDVR0j
BBgwFoAU2lo3H8AZiapZb+JoznCjxNyqepswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMDYwNjQ1Rjk0NzQ4ODMyQTY1REFCNTRBMDFBNzI5QTAy
MDhFNDQ0NkM4MjMyQTE3QkE2RkUwNzNDRDQ2NUM1LzAvREE1QTM3MUZDMDE5ODlB
QTU5NkZFMjY4Q0U3MEEzQzREQ0FBN0E5Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQTVBMzcxRkMwMTk4OUFBNTk2
RkUyNjhDRTcwQTNDNERDQUE3QTlCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjA2MDY0NUY5NDc0ODgzMkE2NURBQjU0QTAxQTcyOUEwMjA4RTQ0NDZD
ODIzMkExN0JBNkZFMDczQ0Q0NjVDNS8wLzMxMzkzMDJlMzkzNjJlMzEzNDM0MmUz
MDJmMzIzMDJkMzIzMTIwM2QzZTIwMzMzODMxMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAS+YJAwDQYJ
KoZIhvcNAQELBQADggEBAILw1+p605kAg6s18TjgEfHUW/UFSUdetEDnV7UYyVK6
kOekzEiFifabOtRPU8J3k6X629kxqiO4RGs6eABqSHc0FN4teRS2ZyU/MPneZH5x
SNZbvqdjjILIfyjXWbgJxU4se1uKgnAYsA9TlNsHUiFYOZe9eH84L8asf/MJItpk
3kOEgNj5ZwVkhLyvmw4eO8McXV0YOLiNk9Ms6YmP+wxKPIEHkgDNEBUkXOspqb4o
e1/Z/9P4edC1CE6UZAFLPMbm9YARym/9SOcKXhwJqPdbHRovtcbt3bmAD2KfqfvK
MZ8APxDBOZr2O6FzMkXXRxhznqT7cF61pAo9oZmaYgg=
-----END CERTIFICATE-----