Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0261522A7D1B1599601F0A1AAB8391A7D6EA0A5BDF95B045ABA001E79DD4B632/0/3134332e302e39362e302f32322d3232203d3e20323633373031.roa
File:                     3134332e302e39362e302f32322d3232203d3e20323633373031.roa (raw, json)
Hash identifier:          tsZvVUMvYCvYxdu9clFrq0rD+AY1dQwiqdbwpv2kB9g=
Subject key identifier:   AB:02:C0:86:B2:1B:B8:5A:62:F6:AB:33:81:48:81:40:46:74:BC:53
Certificate issuer:       /CN=2D8AB2848654D51664AC6F45A44E5407C6B35912
Certificate serial:       27835930C6F5FE2903080F3D7BBA24905E5E4A59
Authority key identifier: 2D:8A:B2:84:86:54:D5:16:64:AC:6F:45:A4:4E:54:07:C6:B3:59:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2D8AB2848654D51664AC6F45A44E5407C6B35912.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0261522A7D1B1599601F0A1AAB8391A7D6EA0A5BDF95B045ABA001E79DD4B632/0/3134332e302e39362e302f32322d3232203d3e20323633373031.roa
Signing time:             Tue 04 Feb 2025 18:21:04 +0000
ROA not before:           Tue 04 Feb 2025 18:16:04 +0000
ROA not after:            Tue 03 Feb 2026 18:21:04 +0000
asID:                     263701
IP address blocks:        143.0.96.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:83:59:30:c6:f5:fe:29:03:08:0f:3d:7b:ba:24:90:5e:5e:4a:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D8AB2848654D51664AC6F45A44E5407C6B35912
        Validity
            Not Before: Feb  4 18:16:04 2025 GMT
            Not After : Feb  3 18:21:04 2026 GMT
        Subject: CN=AB02C086B21BB85A62F6AB33814881404674BC53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:1c:91:ab:85:84:cc:60:9f:cb:28:84:8c:60:
                    fc:cb:e6:9c:b5:68:2e:23:69:40:d8:a8:8d:7e:60:
                    4a:ac:f4:d2:44:5f:d2:8e:71:1c:df:27:be:92:17:
                    46:fb:f7:1c:e1:16:c8:7f:21:79:84:05:eb:65:3b:
                    ec:64:06:57:eb:b8:c3:1f:90:27:40:a4:04:6b:13:
                    f3:d9:d9:57:a2:8c:30:df:1c:46:0a:75:3f:36:5e:
                    97:63:af:2a:de:d7:50:27:c2:b5:e1:0c:f7:ef:ba:
                    ab:58:57:79:c8:d4:2b:10:35:a9:83:fa:9a:24:f5:
                    ba:ca:91:eb:9f:36:5f:82:00:d8:e5:2d:b6:d4:b9:
                    58:42:07:43:69:09:0d:c1:a3:5d:2f:1c:06:f5:5f:
                    42:f9:6d:28:bd:91:0d:0d:c8:d1:fe:e4:50:9d:de:
                    f4:ba:f9:6c:6f:a4:fe:b1:4c:98:7a:8a:17:52:ff:
                    c1:7a:0a:14:28:9e:d7:88:0c:01:04:ba:cc:c7:de:
                    12:56:6e:32:0e:cd:6e:57:b1:3c:ec:69:82:db:d5:
                    b2:b0:15:2a:b9:74:16:a1:5a:be:96:08:c9:dd:5d:
                    88:32:a6:10:bc:c1:46:d8:29:2f:a8:f4:56:53:e7:
                    45:aa:95:a0:35:cc:c9:4b:2f:29:8d:62:72:f4:ad:
                    ee:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:02:C0:86:B2:1B:B8:5A:62:F6:AB:33:81:48:81:40:46:74:BC:53
            X509v3 Authority Key Identifier:
                keyid:2D:8A:B2:84:86:54:D5:16:64:AC:6F:45:A4:4E:54:07:C6:B3:59:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0261522A7D1B1599601F0A1AAB8391A7D6EA0A5BDF95B045ABA001E79DD4B632/0/2D8AB2848654D51664AC6F45A44E5407C6B35912.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2D8AB2848654D51664AC6F45A44E5407C6B35912.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0261522A7D1B1599601F0A1AAB8391A7D6EA0A5BDF95B045ABA001E79DD4B632/0/3134332e302e39362e302f32322d3232203d3e20323633373031.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.0.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a2:a3:99:c5:0e:a4:49:12:a0:86:41:e1:d8:11:de:6e:92:e0:
         cf:9e:a5:dd:7b:8c:de:1a:b4:a3:69:61:d6:dd:c3:be:4d:e8:
         9d:60:80:4e:38:c4:ed:08:ac:ea:11:0a:49:07:c7:8a:71:26:
         80:90:c8:c4:33:45:b4:23:c9:d4:01:92:36:cd:57:68:3e:df:
         ef:17:5c:81:6c:80:f0:dd:e6:34:0a:03:37:a5:01:87:27:01:
         76:eb:b9:b0:73:c7:4d:78:f1:07:32:d5:d8:7b:fe:c3:b5:a3:
         de:5d:34:94:84:06:24:7b:1a:ed:f8:bf:35:1c:68:cb:bb:21:
         7c:64:9e:54:6d:9e:e0:62:f0:cb:ec:c9:e0:7f:89:77:7f:87:
         d6:9e:05:a3:98:27:1f:81:c9:b3:96:fa:8c:cc:07:f0:9d:a4:
         86:4c:7c:ce:40:94:ae:ab:4b:d0:c7:16:b1:72:27:b8:3a:c1:
         f7:62:71:39:7a:aa:5c:05:bb:46:92:5b:06:b3:a0:44:30:5b:
         d3:60:48:f1:59:56:d2:c4:4d:d6:c7:cd:f6:8f:4c:c3:0f:34:
         80:5f:2a:f7:0b:ef:96:c1:3b:cc:69:be:d3:8e:21:05:9f:06:
         8e:66:53:57:2e:59:bc:88:97:b1:67:76:17:48:c9:69:e0:3e:
         0a:78:f6:91
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUJ4NZMMb1/ikDCA89e7okkF5eSlkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkQ4QUIyODQ4NjU0RDUxNjY0QUM2RjQ1QTQ0RTU0MDdD
NkIzNTkxMjAeFw0yNTAyMDQxODE2MDRaFw0yNjAyMDMxODIxMDRaMDMxMTAvBgNV
BAMTKEFCMDJDMDg2QjIxQkI4NUE2MkY2QUIzMzgxNDg4MTQwNDY3NEJDNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgHJGrhYTMYJ/LKISMYPzL5py1
aC4jaUDYqI1+YEqs9NJEX9KOcRzfJ76SF0b79xzhFsh/IXmEBetlO+xkBlfruMMf
kCdApARrE/PZ2VeijDDfHEYKdT82Xpdjryre11AnwrXhDPfvuqtYV3nI1CsQNamD
+pok9brKkeufNl+CANjlLbbUuVhCB0NpCQ3Bo10vHAb1X0L5bSi9kQ0NyNH+5FCd
3vS6+WxvpP6xTJh6ihdS/8F6ChQonteIDAEEuszH3hJWbjIOzW5XsTzsaYLb1bKw
FSq5dBahWr6WCMndXYgyphC8wUbYKS+o9FZT50WqlaA1zMlLLymNYnL0re7RAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUqwLAhrIbuFpi9qszgUiBQEZ0vFMwHwYDVR0j
BBgwFoAULYqyhIZU1RZkrG9FpE5UB8azWRIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMjYxNTIyQTdEMUIxNTk5NjAxRjBBMUFBQjgzOTFBN0Q2
RUEwQTVCREY5NUIwNDVBQkEwMDFFNzlERDRCNjMyLzAvMkQ4QUIyODQ4NjU0RDUx
NjY0QUM2RjQ1QTQ0RTU0MDdDNkIzNTkxMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yRDhBQjI4NDg2NTRENTE2NjRB
QzZGNDVBNDRFNTQwN0M2QjM1OTEyLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDI2MTUyMkE3RDFCMTU5OTYwMUYwQTFBQUI4MzkxQTdENkVBMEE1QkRG
OTVCMDQ1QUJBMDAxRTc5REQ0QjYzMi8wLzMxMzQzMzJlMzAyZTM5MzYyZTMwMmYz
MjMyMmQzMjMyMjAzZDNlMjAzMjM2MzMzNzMwMzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKPAGAwDQYJ
KoZIhvcNAQELBQADggEBAKKjmcUOpEkSoIZB4dgR3m6S4M+epd17jN4atKNpYdbd
w75N6J1ggE44xO0IrOoRCkkHx4pxJoCQyMQzRbQjydQBkjbNV2g+3+8XXIFsgPDd
5jQKAzelAYcnAXbrubBzx0148Qcy1dh7/sO1o95dNJSEBiR7Gu34vzUcaMu7IXxk
nlRtnuBi8MvsyeB/iXd/h9aeBaOYJx+BybOW+ozMB/CdpIZMfM5AlK6rS9DHFrFy
J7g6wfdicTl6qlwFu0aSWwazoEQwW9NgSPFZVtLETdbHzfaPTMMPNIBfKvcL75bB
O8xpvtOOIQWfBo5mU1cuWbyIl7FndhdIyWngPgp49pE=
-----END CERTIFICATE-----