Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/FE4A5B16231DD3BC79FD12E6C963E06FDC24A235177CC43CA5B6A0FE4FCF4BB6/0/3133312e3136312e3233362e302f32342d3234203d3e20323633363837.roa
File:                     3133312e3136312e3233362e302f32342d3234203d3e20323633363837.roa (raw, json)
Hash identifier:          cag2irbr6ZtdEDDPhJ0Wzo5b54DTGE1Hs4kjF0/FxtE=
Subject key identifier:   E0:24:E2:1E:76:72:91:7F:FD:9F:B7:66:07:94:E4:89:C7:64:6E:80
Certificate issuer:       /CN=2ACB03DB51DDB7213E9AE44C07C6BB7B828B1343
Certificate serial:       52EC38F4B20FD392D1BCBE81FAB39C86EACA4637
Authority key identifier: 2A:CB:03:DB:51:DD:B7:21:3E:9A:E4:4C:07:C6:BB:7B:82:8B:13:43
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2ACB03DB51DDB7213E9AE44C07C6BB7B828B1343.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/FE4A5B16231DD3BC79FD12E6C963E06FDC24A235177CC43CA5B6A0FE4FCF4BB6/0/3133312e3136312e3233362e302f32342d3234203d3e20323633363837.roa
Signing time:             Tue 04 Feb 2025 18:00:36 +0000
ROA not before:           Tue 04 Feb 2025 17:55:36 +0000
ROA not after:            Tue 03 Feb 2026 18:00:36 +0000
asID:                     263687
IP address blocks:        131.161.236.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:ec:38:f4:b2:0f:d3:92:d1:bc:be:81:fa:b3:9c:86:ea:ca:46:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ACB03DB51DDB7213E9AE44C07C6BB7B828B1343
        Validity
            Not Before: Feb  4 17:55:36 2025 GMT
            Not After : Feb  3 18:00:36 2026 GMT
        Subject: CN=E024E21E7672917FFD9FB7660794E489C7646E80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:89:b1:77:7c:3f:a9:47:3f:88:2f:0f:9d:d1:
                    15:47:03:17:b0:6b:d7:c2:ca:a0:e0:0d:11:14:41:
                    8b:1c:3c:0e:64:60:13:ee:72:19:08:37:a0:48:01:
                    5d:38:52:da:73:b1:bb:b2:de:42:e2:cb:50:ad:ce:
                    59:3e:bc:6e:02:04:da:9d:89:00:96:c2:f8:92:74:
                    d1:9d:0e:97:39:b2:ee:94:07:2c:04:68:1c:a0:98:
                    b8:47:0d:af:0d:eb:ae:2e:1e:24:c8:7c:20:b8:3c:
                    41:0e:64:c3:98:02:c2:d2:87:79:7f:e4:29:5d:a1:
                    5c:ed:bd:44:7a:ff:98:3a:a1:16:27:af:d2:aa:fc:
                    4d:06:0e:f7:24:10:8b:08:c2:08:40:3e:f3:c5:b0:
                    a3:63:9e:79:0b:38:f1:f9:0c:61:04:a0:bd:69:07:
                    c4:72:d3:5c:7b:07:c0:cd:10:ef:ed:06:0b:c4:e7:
                    84:cb:02:5b:8a:92:96:7e:7b:7f:d4:8d:62:c8:51:
                    14:19:28:9b:f5:92:ff:39:2b:ee:4f:a8:27:0d:74:
                    9e:64:3f:33:b1:94:34:18:7e:4c:78:de:00:e7:f1:
                    dc:58:e5:4b:2e:f2:ad:ce:d5:4e:4a:3c:0d:7f:a4:
                    42:0f:a7:a2:a6:29:fe:b3:0a:43:e2:05:fa:90:5e:
                    42:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:24:E2:1E:76:72:91:7F:FD:9F:B7:66:07:94:E4:89:C7:64:6E:80
            X509v3 Authority Key Identifier:
                keyid:2A:CB:03:DB:51:DD:B7:21:3E:9A:E4:4C:07:C6:BB:7B:82:8B:13:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/FE4A5B16231DD3BC79FD12E6C963E06FDC24A235177CC43CA5B6A0FE4FCF4BB6/0/2ACB03DB51DDB7213E9AE44C07C6BB7B828B1343.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2ACB03DB51DDB7213E9AE44C07C6BB7B828B1343.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/FE4A5B16231DD3BC79FD12E6C963E06FDC24A235177CC43CA5B6A0FE4FCF4BB6/0/3133312e3136312e3233362e302f32342d3234203d3e20323633363837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.161.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:fc:89:1c:5d:ff:2e:cf:4a:8e:22:ed:d9:32:83:3e:3f:fd:
         bd:4b:2f:90:d1:5d:92:42:d6:02:ea:4a:b3:af:c9:24:06:5b:
         11:ee:40:6d:cc:54:96:0c:a8:ee:74:2c:2a:5b:62:5f:f2:24:
         d7:14:9d:07:bd:94:c1:d4:1f:49:a9:b3:dc:6a:00:5a:c9:bb:
         f9:a1:66:5d:a4:78:df:bf:ac:8d:54:e2:04:15:64:e6:24:c6:
         ea:ac:34:3c:61:27:86:e6:27:b6:eb:6b:5a:a0:c4:7f:34:1a:
         2f:33:b3:40:9c:05:2c:83:0e:5a:87:f0:1c:11:c6:27:4f:ea:
         22:4c:b8:92:e6:4d:a2:76:e4:9a:0e:be:56:97:7c:8f:a2:9f:
         d7:2d:4d:38:f3:37:50:30:62:d7:ff:24:9a:a4:81:12:d8:a3:
         a3:df:91:56:64:e9:96:c9:b0:1f:16:77:7a:ee:d9:c9:05:4c:
         70:92:40:97:dc:0d:43:f0:76:41:6a:a8:3d:45:34:58:5a:b4:
         12:82:82:28:bf:f4:e8:db:f6:5d:63:94:33:73:3a:d8:ad:4d:
         93:7e:75:75:a0:f2:76:a1:81:62:da:91:88:99:88:5e:7a:86:
         fe:50:08:dc:af:d0:3b:c7:c6:25:fa:89:3b:f2:fe:55:35:37:
         6b:33:5e:5c
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUUuw49LIP05LRvL6B+rOchurKRjcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkFDQjAzREI1MUREQjcyMTNFOUFFNDRDMDdDNkJCN0I4
MjhCMTM0MzAeFw0yNTAyMDQxNzU1MzZaFw0yNjAyMDMxODAwMzZaMDMxMTAvBgNV
BAMTKEUwMjRFMjFFNzY3MjkxN0ZGRDlGQjc2NjA3OTRFNDg5Qzc2NDZFODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbibF3fD+pRz+ILw+d0RVHAxew
a9fCyqDgDREUQYscPA5kYBPuchkIN6BIAV04Utpzsbuy3kLiy1Ctzlk+vG4CBNqd
iQCWwviSdNGdDpc5su6UBywEaBygmLhHDa8N664uHiTIfCC4PEEOZMOYAsLSh3l/
5CldoVztvUR6/5g6oRYnr9Kq/E0GDvckEIsIwghAPvPFsKNjnnkLOPH5DGEEoL1p
B8Ry01x7B8DNEO/tBgvE54TLAluKkpZ+e3/UjWLIURQZKJv1kv85K+5PqCcNdJ5k
PzOxlDQYfkx43gDn8dxY5Usu8q3O1U5KPA1/pEIPp6KmKf6zCkPiBfqQXkLhAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU4CTiHnZykX/9n7dmB5TkicdkboAwHwYDVR0j
BBgwFoAUKssD21HdtyE+muRMB8a7e4KLE0MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GRTRBNUIxNjIzMUREM0JDNzlGRDEyRTZDOTYzRTA2RkRD
MjRBMjM1MTc3Q0M0M0NBNUI2QTBGRTRGQ0Y0QkI2LzAvMkFDQjAzREI1MUREQjcy
MTNFOUFFNDRDMDdDNkJCN0I4MjhCMTM0My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yQUNCMDNEQjUxRERCNzIxM0U5
QUU0NEMwN0M2QkI3QjgyOEIxMzQzLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRkU0QTVCMTYyMzFERDNCQzc5RkQxMkU2Qzk2M0UwNkZEQzI0QTIzNTE3
N0NDNDNDQTVCNkEwRkU0RkNGNEJCNi8wLzMxMzMzMTJlMzEzNjMxMmUzMjMzMzYy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzMzNjM4Mzcucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACD
oewwDQYJKoZIhvcNAQELBQADggEBAKH8iRxd/y7PSo4i7dkygz4//b1LL5DRXZJC
1gLqSrOvySQGWxHuQG3MVJYMqO50LCpbYl/yJNcUnQe9lMHUH0mps9xqAFrJu/mh
Zl2keN+/rI1U4gQVZOYkxuqsNDxhJ4bmJ7bra1qgxH80Gi8zs0CcBSyDDlqH8BwR
xidP6iJMuJLmTaJ25JoOvlaXfI+in9ctTTjzN1AwYtf/JJqkgRLYo6PfkVZk6ZbJ
sB8Wd3ru2ckFTHCSQJfcDUPwdkFqqD1FNFhatBKCgii/9Ojb9l1jlDNzOtitTZN+
dXWg8nahgWLakYiZiF56hv5QCNyv0DvHxiX6iTvy/lU1N2szXlw=
-----END CERTIFICATE-----