Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/3133312e302e3139362e302f32322d3234203d3e203237383832.roa
File:                     3133312e302e3139362e302f32322d3234203d3e203237383832.roa (raw, json)
Hash identifier:          oTLs76FfB8xat1zLulXNCIwSEIq0PVpI2d6Wl61QfQ4=
Subject key identifier:   95:2A:1D:7B:9F:11:99:E3:37:7C:4A:AC:6E:F1:92:16:06:AA:4F:C1
Certificate issuer:       /CN=B3866813178FF550E6FCABCD492387DD1D0E08A5
Certificate serial:       224FF475EAAAA4952CBD1BF46CABEE5F80DD0D01
Authority key identifier: B3:86:68:13:17:8F:F5:50:E6:FC:AB:CD:49:23:87:DD:1D:0E:08:A5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3866813178FF550E6FCABCD492387DD1D0E08A5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/3133312e302e3139362e302f32322d3234203d3e203237383832.roa
Signing time:             Tue 04 Feb 2025 20:05:38 +0000
ROA not before:           Tue 04 Feb 2025 20:00:38 +0000
ROA not after:            Tue 03 Feb 2026 20:05:38 +0000
asID:                     27882
IP address blocks:        131.0.196.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:4f:f4:75:ea:aa:a4:95:2c:bd:1b:f4:6c:ab:ee:5f:80:dd:0d:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B3866813178FF550E6FCABCD492387DD1D0E08A5
        Validity
            Not Before: Feb  4 20:00:38 2025 GMT
            Not After : Feb  3 20:05:38 2026 GMT
        Subject: CN=952A1D7B9F1199E3377C4AAC6EF1921606AA4FC1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3a:63:42:ad:bd:2f:e7:7d:7f:2d:6e:97:4b:
                    36:68:05:90:96:32:30:c4:e0:38:11:ef:b5:4f:71:
                    d2:47:77:ec:25:50:41:4f:bb:7f:84:68:57:34:a5:
                    88:85:b5:2a:d5:26:86:b2:67:4f:17:81:68:20:2e:
                    c4:01:d5:cb:1d:25:59:52:10:f7:e3:94:e4:b3:54:
                    d6:08:63:91:a1:31:4f:84:61:dd:e1:03:5e:e6:21:
                    9c:67:7d:ec:b6:bd:8d:8b:1c:87:45:47:28:29:3b:
                    30:61:2d:ea:07:f4:27:d2:ae:03:bc:8d:de:ce:18:
                    6b:0c:fe:f1:58:b5:4a:8d:53:dc:08:e4:94:1b:40:
                    1e:fc:11:06:9a:c8:f0:9a:26:0d:45:9b:07:cc:aa:
                    01:7e:d5:bf:65:8e:57:bb:72:2a:e0:1e:13:ee:d1:
                    94:83:35:e3:fa:00:9a:4e:22:b3:ac:60:2d:fc:f2:
                    52:9f:8a:7e:6c:1e:c0:42:b2:45:e5:b1:43:c6:d5:
                    b9:5e:b0:8b:a0:e7:64:61:39:a6:d9:06:8d:71:e1:
                    5c:33:82:87:d1:e2:51:14:21:c6:1d:23:f4:32:62:
                    70:e6:b7:95:63:ec:eb:4b:9a:26:71:67:ee:c7:2e:
                    20:2f:a1:43:ca:31:f9:5b:90:3d:54:17:de:bb:2c:
                    2c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:2A:1D:7B:9F:11:99:E3:37:7C:4A:AC:6E:F1:92:16:06:AA:4F:C1
            X509v3 Authority Key Identifier:
                keyid:B3:86:68:13:17:8F:F5:50:E6:FC:AB:CD:49:23:87:DD:1D:0E:08:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/B3866813178FF550E6FCABCD492387DD1D0E08A5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3866813178FF550E6FCABCD492387DD1D0E08A5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/3133312e302e3139362e302f32322d3234203d3e203237383832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.0.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:d0:5f:59:8a:59:e8:19:9e:13:a9:a5:74:0e:14:3b:d3:55:
         8d:b9:8b:28:8a:31:7f:46:05:0e:22:f7:d4:85:98:88:0d:42:
         1c:1b:81:ac:35:b0:49:80:fb:71:30:39:c5:06:21:18:66:59:
         7b:0b:58:44:85:bc:ad:54:25:c9:af:41:e1:95:3f:06:fc:ba:
         59:fd:f8:91:81:30:7a:07:03:7c:a4:d5:13:e7:be:dd:18:5a:
         ed:eb:b7:71:f4:cb:df:0a:bc:0d:c1:c0:29:d3:e9:1d:97:42:
         7c:a3:d8:5a:0c:28:82:8c:41:f4:d8:91:2b:e2:94:fa:8b:c7:
         7d:3e:c4:41:d0:46:d1:06:3e:48:c3:d7:75:af:ac:7c:27:bc:
         f6:09:23:1e:44:08:a5:c3:13:6b:03:74:cd:ac:99:f0:d3:dd:
         bf:c5:eb:66:02:b0:3e:f7:54:50:c5:d1:e0:c0:db:35:37:4f:
         b7:4b:92:ed:a1:37:30:0c:db:a8:46:e7:ca:68:13:f4:a2:eb:
         0f:ca:3a:d4:d5:a3:07:e2:f7:63:75:c4:9d:7f:8a:eb:c4:54:
         da:e2:e3:92:b0:78:4d:a2:6a:c7:f4:b7:6f:e9:d0:f9:ca:00:
         16:3c:6f:bd:95:af:e1:ce:04:15:2a:74:45:a8:2c:ef:72:79:
         46:29:8c:12
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUIk/0deqqpJUsvRv0bKvuX4DdDQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjM4NjY4MTMxNzhGRjU1MEU2RkNBQkNENDkyMzg3REQx
RDBFMDhBNTAeFw0yNTAyMDQyMDAwMzhaFw0yNjAyMDMyMDA1MzhaMDMxMTAvBgNV
BAMTKDk1MkExRDdCOUYxMTk5RTMzNzdDNEFBQzZFRjE5MjE2MDZBQTRGQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjOmNCrb0v531/LW6XSzZoBZCW
MjDE4DgR77VPcdJHd+wlUEFPu3+EaFc0pYiFtSrVJoayZ08XgWggLsQB1csdJVlS
EPfjlOSzVNYIY5GhMU+EYd3hA17mIZxnfey2vY2LHIdFRygpOzBhLeoH9CfSrgO8
jd7OGGsM/vFYtUqNU9wI5JQbQB78EQaayPCaJg1FmwfMqgF+1b9ljle7cirgHhPu
0ZSDNeP6AJpOIrOsYC388lKfin5sHsBCskXlsUPG1blesIug52RhOabZBo1x4Vwz
gofR4lEUIcYdI/QyYnDmt5Vj7OtLmiZxZ+7HLiAvoUPKMflbkD1UF967LCybAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUlSode58RmeM3fEqsbvGSFgaqT8EwHwYDVR0j
BBgwFoAUs4ZoExeP9VDm/KvNSSOH3R0OCKUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMTU3QkQ1OURBQkNCNkQ5NjFBQzBGMkQwMEJBNTk2NzU5
RkFDODJBMEVBRURFN0QxMjlERjI0MUNCRUZCRjE5LzAvQjM4NjY4MTMxNzhGRjU1
MEU2RkNBQkNENDkyMzg3REQxRDBFMDhBNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CMzg2NjgxMzE3OEZGNTUwRTZG
Q0FCQ0Q0OTIzODdERDFEMEUwOEE1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjE1N0JENTlEQUJDQjZEOTYxQUMwRjJEMDBCQTU5Njc1OUZBQzgyQTBF
QUVERTdEMTI5REYyNDFDQkVGQkYxOS8wLzMxMzMzMTJlMzAyZTMxMzkzNjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzczODM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKDAMQwDQYJ
KoZIhvcNAQELBQADggEBAJLQX1mKWegZnhOppXQOFDvTVY25iyiKMX9GBQ4i99SF
mIgNQhwbgaw1sEmA+3EwOcUGIRhmWXsLWESFvK1UJcmvQeGVPwb8uln9+JGBMHoH
A3yk1RPnvt0YWu3rt3H0y98KvA3BwCnT6R2XQnyj2FoMKIKMQfTYkSvilPqLx30+
xEHQRtEGPkjD13WvrHwnvPYJIx5ECKXDE2sDdM2smfDT3b/F62YCsD73VFDF0eDA
2zU3T7dLku2hNzAM26hG58poE/Si6w/KOtTVowfi92N1xJ1/iuvEVNri45KweE2i
asf0t2/p0PnKABY8b72Vr+HOBBUqdEWoLO9yeUYpjBI=
-----END CERTIFICATE-----