Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0D4370C5419038DFAFE42339E6D2362DBF9F48F5A1A225DFD8EDC70969C1C230/0/3137302e3235342e3231362e302f32322d3232203d3e20323634373730.roa
File:                     3137302e3235342e3231362e302f32322d3232203d3e20323634373730.roa (raw, json)
Hash identifier:          t/tUMGZekjvaiRgV7aJ8u6zNX4mYCyVIiQDhCigtaAI=
Subject key identifier:   B2:37:BE:46:78:80:A7:E9:AF:31:CD:F8:93:49:95:53:60:71:60:46
Certificate issuer:       /CN=F7AC0CE553F93FC5CE942F12360E6A144723F82D
Certificate serial:       1D892ED5079D293CEA66E268792EE1EACF1B2DF9
Authority key identifier: F7:AC:0C:E5:53:F9:3F:C5:CE:94:2F:12:36:0E:6A:14:47:23:F8:2D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F7AC0CE553F93FC5CE942F12360E6A144723F82D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0D4370C5419038DFAFE42339E6D2362DBF9F48F5A1A225DFD8EDC70969C1C230/0/3137302e3235342e3231362e302f32322d3232203d3e20323634373730.roa
Signing time:             Tue 04 Feb 2025 18:01:34 +0000
ROA not before:           Tue 04 Feb 2025 17:56:34 +0000
ROA not after:            Tue 03 Feb 2026 18:01:34 +0000
asID:                     264770
IP address blocks:        170.254.216.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:89:2e:d5:07:9d:29:3c:ea:66:e2:68:79:2e:e1:ea:cf:1b:2d:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F7AC0CE553F93FC5CE942F12360E6A144723F82D
        Validity
            Not Before: Feb  4 17:56:34 2025 GMT
            Not After : Feb  3 18:01:34 2026 GMT
        Subject: CN=B237BE467880A7E9AF31CDF89349955360716046
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ce:55:43:6a:8e:2a:5c:d7:61:f2:a8:ac:0a:
                    f5:3e:3b:78:24:51:be:00:64:26:ec:59:77:da:0f:
                    86:56:5d:0d:c4:8e:0d:26:b4:9d:97:e1:e0:9b:34:
                    d6:8e:ec:05:90:72:7d:0e:dc:48:49:d7:ca:e1:07:
                    e6:66:dd:44:fa:b2:f1:ce:e0:8a:59:5f:12:57:b6:
                    2a:c3:e2:2d:8c:40:7d:51:31:1a:7a:83:3c:dc:84:
                    e6:d1:dc:d2:ce:43:21:e2:96:af:d3:14:a9:d6:e6:
                    6e:60:50:e8:59:ac:3a:85:7e:ea:2a:36:d3:6c:01:
                    d5:76:f7:9d:27:0b:81:8c:f0:a9:6c:8f:9f:70:b4:
                    14:ad:da:92:61:6b:c6:1d:22:f1:30:fa:82:72:3a:
                    c7:8e:d3:17:ed:89:00:7b:07:87:df:eb:a4:45:8e:
                    c7:a6:09:0b:c6:cb:1e:a4:99:fc:67:ff:75:9b:5d:
                    3e:d1:99:65:84:fd:fc:49:37:1b:69:52:b1:44:ed:
                    1c:c6:28:c1:e5:ab:8b:da:75:41:da:b1:48:40:3f:
                    d1:b7:7c:89:0a:9e:01:cb:03:2f:bd:4e:f9:4b:3b:
                    d1:d9:0d:04:79:94:b5:6c:86:65:93:97:b3:25:ee:
                    bf:30:47:a2:72:45:4e:59:bb:7f:8a:09:89:70:64:
                    6a:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:37:BE:46:78:80:A7:E9:AF:31:CD:F8:93:49:95:53:60:71:60:46
            X509v3 Authority Key Identifier:
                keyid:F7:AC:0C:E5:53:F9:3F:C5:CE:94:2F:12:36:0E:6A:14:47:23:F8:2D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0D4370C5419038DFAFE42339E6D2362DBF9F48F5A1A225DFD8EDC70969C1C230/0/F7AC0CE553F93FC5CE942F12360E6A144723F82D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F7AC0CE553F93FC5CE942F12360E6A144723F82D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0D4370C5419038DFAFE42339E6D2362DBF9F48F5A1A225DFD8EDC70969C1C230/0/3137302e3235342e3231362e302f32322d3232203d3e20323634373730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:57:55:e0:70:26:4a:31:7e:15:72:bf:fc:70:04:35:b2:07:
         22:d1:e0:01:42:66:9a:7e:87:9b:ea:49:51:bf:ce:15:e1:76:
         8d:0d:47:b5:4f:5f:b9:45:d1:53:e1:b8:c2:21:42:f6:af:73:
         23:23:50:83:e7:7f:31:a9:a0:23:3c:9b:2c:46:af:b9:a6:94:
         c7:eb:72:d8:40:87:57:ac:29:67:81:77:5b:34:6d:d0:cd:9d:
         00:60:e2:5b:69:dd:78:16:ac:17:af:47:0e:07:b5:4a:73:5e:
         ff:ab:8b:18:97:b5:05:0d:25:58:07:fa:7d:67:dd:74:74:00:
         8d:bc:a9:d7:82:04:89:cd:e1:07:48:3d:01:11:00:88:b5:3d:
         3f:5d:0a:3f:48:41:57:7b:07:0a:97:6f:58:12:59:4d:c3:52:
         a3:a2:11:56:3f:d8:7a:9e:db:52:4c:7f:e2:17:c5:5f:cd:b6:
         df:16:79:3b:7b:60:60:16:f8:6e:f2:30:ac:73:8e:ac:9a:b8:
         8d:74:01:6c:00:05:8e:e6:bd:e8:ed:64:7b:4f:fd:89:24:0b:
         08:34:24:09:cf:1b:c8:1a:32:11:28:62:ec:91:fa:3d:91:4c:
         1c:c6:eb:42:15:24:4d:2d:67:d6:b6:72:c1:e7:8c:28:ab:a2:
         d0:0b:bd:fa
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUHYku1QedKTzqZuJoeS7h6s8bLfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjdBQzBDRTU1M0Y5M0ZDNUNFOTQyRjEyMzYwRTZBMTQ0
NzIzRjgyRDAeFw0yNTAyMDQxNzU2MzRaFw0yNjAyMDMxODAxMzRaMDMxMTAvBgNV
BAMTKEIyMzdCRTQ2Nzg4MEE3RTlBRjMxQ0RGODkzNDk5NTUzNjA3MTYwNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7zlVDao4qXNdh8qisCvU+O3gk
Ub4AZCbsWXfaD4ZWXQ3Ejg0mtJ2X4eCbNNaO7AWQcn0O3EhJ18rhB+Zm3UT6svHO
4IpZXxJXtirD4i2MQH1RMRp6gzzchObR3NLOQyHilq/TFKnW5m5gUOhZrDqFfuoq
NtNsAdV2950nC4GM8Klsj59wtBSt2pJha8YdIvEw+oJyOseO0xftiQB7B4ff66RF
jsemCQvGyx6kmfxn/3WbXT7RmWWE/fxJNxtpUrFE7RzGKMHlq4vadUHasUhAP9G3
fIkKngHLAy+9TvlLO9HZDQR5lLVshmWTl7Ml7r8wR6JyRU5Zu3+KCYlwZGrPAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUsje+RniAp+mvMc34k0mVU2BxYEYwHwYDVR0j
BBgwFoAU96wM5VP5P8XOlC8SNg5qFEcj+C0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wRDQzNzBDNTQxOTAzOERGQUZFNDIzMzlFNkQyMzYyREJG
OUY0OEY1QTFBMjI1REZEOEVEQzcwOTY5QzFDMjMwLzAvRjdBQzBDRTU1M0Y5M0ZD
NUNFOTQyRjEyMzYwRTZBMTQ0NzIzRjgyRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GN0FDMENFNTUzRjkzRkM1Q0U5
NDJGMTIzNjBFNkExNDQ3MjNGODJELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEQ0MzcwQzU0MTkwMzhERkFGRTQyMzM5RTZEMjM2MkRCRjlGNDhGNUEx
QTIyNURGRDhFREM3MDk2OUMxQzIzMC8wLzMxMzczMDJlMzIzNTM0MmUzMjMxMzYy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM2MzQzNzM3MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKq
/tgwDQYJKoZIhvcNAQELBQADggEBADhXVeBwJkoxfhVyv/xwBDWyByLR4AFCZpp+
h5vqSVG/zhXhdo0NR7VPX7lF0VPhuMIhQvavcyMjUIPnfzGpoCM8myxGr7mmlMfr
cthAh1esKWeBd1s0bdDNnQBg4ltp3XgWrBevRw4HtUpzXv+rixiXtQUNJVgH+n1n
3XR0AI28qdeCBInN4QdIPQERAIi1PT9dCj9IQVd7BwqXb1gSWU3DUqOiEVY/2Hqe
21JMf+IXxV/Ntt8WeTt7YGAW+G7yMKxzjqyauI10AWwABY7mvejtZHtP/YkkCwg0
JAnPG8gaMhEoYuyR+j2RTBzG60IVJE0tZ9a2csHnjCirotALvfo=
-----END CERTIFICATE-----