Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F0CDE723D82FA920B88EAAFDCC612A1728AAE76F6ECCBDAA52C3D699FF78D069/0/3139302e382e33322e302f32302d3234203d3e203237383936.roa
File:                     3139302e382e33322e302f32302d3234203d3e203237383936.roa (raw, json)
Hash identifier:          ML9ua8yvbx7O0GpZG3bnnZT3umLAS9p+jaCGJIMX1sY=
Subject key identifier:   98:85:60:D8:FB:85:F5:CA:5D:51:CE:14:D4:AE:97:BF:81:13:24:E7
Certificate issuer:       /CN=70B51DCC347573651055FC72DB19C170524018CC
Certificate serial:       1DD75F27381E579797222B1016DEF7EB7FC9AF0B
Authority key identifier: 70:B5:1D:CC:34:75:73:65:10:55:FC:72:DB:19:C1:70:52:40:18:CC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/70B51DCC347573651055FC72DB19C170524018CC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F0CDE723D82FA920B88EAAFDCC612A1728AAE76F6ECCBDAA52C3D699FF78D069/0/3139302e382e33322e302f32302d3234203d3e203237383936.roa
Signing time:             Tue 04 Feb 2025 18:15:46 +0000
ROA not before:           Tue 04 Feb 2025 18:10:46 +0000
ROA not after:            Tue 03 Feb 2026 18:15:46 +0000
asID:                     27896
IP address blocks:        190.8.32.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:d7:5f:27:38:1e:57:97:97:22:2b:10:16:de:f7:eb:7f:c9:af:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70B51DCC347573651055FC72DB19C170524018CC
        Validity
            Not Before: Feb  4 18:10:46 2025 GMT
            Not After : Feb  3 18:15:46 2026 GMT
        Subject: CN=988560D8FB85F5CA5D51CE14D4AE97BF811324E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ad:bb:45:25:93:23:0a:07:21:21:87:ef:52:
                    c4:39:68:c3:ac:c3:f3:26:ca:3b:3e:86:44:31:34:
                    4c:c2:bc:de:fe:73:c6:a3:b6:4d:df:cf:c1:50:86:
                    26:51:e5:6a:e9:e5:f1:f3:36:a2:37:6f:99:13:19:
                    60:a3:e1:03:46:f8:1c:cb:2e:0d:57:72:01:49:f4:
                    5e:17:36:cc:e7:6f:d9:cf:54:42:00:da:ab:82:a0:
                    50:c9:25:cc:ae:9c:f0:7e:38:b5:85:d0:ea:93:c4:
                    6f:49:95:72:e8:9b:5f:c3:32:8f:bf:06:9f:c2:aa:
                    2a:5a:8c:14:07:1f:c9:91:95:ef:13:07:7c:03:f9:
                    86:ed:81:c3:57:ca:aa:88:a0:18:1c:84:a9:e4:19:
                    9d:c9:aa:4f:cd:2b:6d:d3:df:9f:e3:11:c2:6a:bb:
                    1a:50:84:68:4f:5b:34:ab:b1:07:82:56:b1:aa:b5:
                    6b:74:97:f0:ca:e9:0c:88:41:63:a4:e3:0b:1b:25:
                    3f:ef:1c:eb:68:9d:fb:2f:6c:e3:f3:22:38:f9:46:
                    99:e7:53:2a:7f:c5:3d:bb:2f:2c:ef:ac:80:b8:23:
                    68:24:b3:1d:ce:74:67:0b:1b:08:da:28:27:6f:ec:
                    20:01:08:be:88:e6:23:70:4b:00:ed:68:63:d8:c0:
                    0c:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:85:60:D8:FB:85:F5:CA:5D:51:CE:14:D4:AE:97:BF:81:13:24:E7
            X509v3 Authority Key Identifier:
                keyid:70:B5:1D:CC:34:75:73:65:10:55:FC:72:DB:19:C1:70:52:40:18:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F0CDE723D82FA920B88EAAFDCC612A1728AAE76F6ECCBDAA52C3D699FF78D069/0/70B51DCC347573651055FC72DB19C170524018CC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/70B51DCC347573651055FC72DB19C170524018CC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F0CDE723D82FA920B88EAAFDCC612A1728AAE76F6ECCBDAA52C3D699FF78D069/0/3139302e382e33322e302f32302d3234203d3e203237383936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.8.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         02:7f:14:6f:87:48:36:e7:0c:fc:81:ec:ec:2d:c1:b3:c4:27:
         23:c1:f3:71:87:93:d9:ba:d1:fe:7e:a8:01:20:6e:8f:84:ad:
         ef:cd:45:de:cc:79:ab:45:b0:e5:88:61:61:e4:77:cd:f1:b0:
         44:a0:8a:6b:34:97:cd:71:d1:f7:0c:54:59:99:b0:67:7a:5b:
         a4:d9:93:2d:0c:23:1a:cf:00:82:e3:b6:b2:c6:fd:82:d8:33:
         c6:b8:9b:e3:4d:a6:8f:0c:16:b3:b0:e2:a3:2c:ab:2a:5e:2f:
         07:77:e6:da:d6:b4:64:b1:8f:96:29:9c:31:07:1e:4d:5b:51:
         60:ba:77:b9:d1:08:e3:cf:ab:4a:dd:09:29:95:b9:59:9a:66:
         51:a2:e8:df:a8:6d:77:80:dd:50:4a:4f:b9:44:2d:52:35:05:
         6b:8b:ca:fa:4d:df:59:d4:ec:1b:df:c7:0b:0a:3b:73:0d:d8:
         76:0d:f8:14:1b:5d:a9:81:60:29:14:45:72:f0:97:66:bc:59:
         12:56:eb:4f:7b:2e:df:89:7f:8b:98:d3:d4:66:33:1e:86:e9:
         c8:d2:e7:2e:0d:e7:f1:5a:85:e6:f0:fe:d4:32:f5:95:92:47:
         fd:7e:ea:75:6c:5d:08:ad:22:7c:ba:2b:51:f7:fe:1e:9d:d5:
         e3:09:5f:92
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUHddfJzgeV5eXIisQFt7363/JrwswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBCNTFEQ0MzNDc1NzM2NTEwNTVGQzcyREIxOUMxNzA1
MjQwMThDQzAeFw0yNTAyMDQxODEwNDZaFw0yNjAyMDMxODE1NDZaMDMxMTAvBgNV
BAMTKDk4ODU2MEQ4RkI4NUY1Q0E1RDUxQ0UxNEQ0QUU5N0JGODExMzI0RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPrbtFJZMjCgchIYfvUsQ5aMOs
w/Mmyjs+hkQxNEzCvN7+c8ajtk3fz8FQhiZR5Wrp5fHzNqI3b5kTGWCj4QNG+BzL
Lg1XcgFJ9F4XNsznb9nPVEIA2quCoFDJJcyunPB+OLWF0OqTxG9JlXLom1/DMo+/
Bp/CqipajBQHH8mRle8TB3wD+YbtgcNXyqqIoBgchKnkGZ3Jqk/NK23T35/jEcJq
uxpQhGhPWzSrsQeCVrGqtWt0l/DK6QyIQWOk4wsbJT/vHOtonfsvbOPzIjj5Rpnn
Uyp/xT27LyzvrIC4I2gksx3OdGcLGwjaKCdv7CABCL6I5iNwSwDtaGPYwAxRAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUmIVg2PuF9cpdUc4U1K6Xv4ETJOcwHwYDVR0j
BBgwFoAUcLUdzDR1c2UQVfxy2xnBcFJAGMwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMENERTcyM0Q4MkZBOTIwQjg4RUFBRkRDQzYxMkExNzI4
QUFFNzZGNkVDQ0JEQUE1MkMzRDY5OUZGNzhEMDY5LzAvNzBCNTFEQ0MzNDc1NzM2
NTEwNTVGQzcyREIxOUMxNzA1MjQwMThDQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MEI1MURDQzM0NzU3MzY1MTA1
NUZDNzJEQjE5QzE3MDUyNDAxOENDLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjBDREU3MjNEODJGQTkyMEI4OEVBQUZEQ0M2MTJBMTcyOEFBRTc2RjZF
Q0NCREFBNTJDM0Q2OTlGRjc4RDA2OS8wLzMxMzkzMDJlMzgyZTMzMzIyZTMwMmYz
MjMwMmQzMjM0MjAzZDNlMjAzMjM3MzgzOTM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEvgggMA0GCSqG
SIb3DQEBCwUAA4IBAQACfxRvh0g25wz8gezsLcGzxCcjwfNxh5PZutH+fqgBIG6P
hK3vzUXezHmrRbDliGFh5HfN8bBEoIprNJfNcdH3DFRZmbBneluk2ZMtDCMazwCC
47ayxv2C2DPGuJvjTaaPDBazsOKjLKsqXi8Hd+ba1rRksY+WKZwxBx5NW1Fgune5
0Qjjz6tK3QkplblZmmZRoujfqG13gN1QSk+5RC1SNQVri8r6Td9Z1Owb38cLCjtz
Ddh2DfgUG12pgWApFEVy8JdmvFkSVutPey7fiX+LmNPUZjMehunI0ucuDefxWoXm
8P7UMvWVkkf9fup1bF0IrSJ8uitR9/4endXjCV+S
-----END CERTIFICATE-----