Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1005151A74331E2681F5A411ED779F0C8D71174D4FD8D3E3A456FF0D37DB0840/0/3134332e3230322e3230382e302f32322d3234203d3e20323634363331.roa
File:                     3134332e3230322e3230382e302f32322d3234203d3e20323634363331.roa (raw, json)
Hash identifier:          ftH8XlR22QTjDumFyQQdXHV1t+L6rCnjJH4gquQFTX4=
Subject key identifier:   0B:58:D3:50:79:4C:2D:08:ED:07:D1:60:0E:D0:B0:82:99:DE:7D:DD
Certificate issuer:       /CN=D2A79FA2B820F7AACC9CE0BE099F24A553130FD7
Certificate serial:       320AFE0F6FAF4A860121D99A6F9203AD27AC0223
Authority key identifier: D2:A7:9F:A2:B8:20:F7:AA:CC:9C:E0:BE:09:9F:24:A5:53:13:0F:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2A79FA2B820F7AACC9CE0BE099F24A553130FD7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1005151A74331E2681F5A411ED779F0C8D71174D4FD8D3E3A456FF0D37DB0840/0/3134332e3230322e3230382e302f32322d3234203d3e20323634363331.roa
Signing time:             Tue 04 Feb 2025 19:58:20 +0000
ROA not before:           Tue 04 Feb 2025 19:53:20 +0000
ROA not after:            Tue 03 Feb 2026 19:58:20 +0000
asID:                     264631
IP address blocks:        143.202.208.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:0a:fe:0f:6f:af:4a:86:01:21:d9:9a:6f:92:03:ad:27:ac:02:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2A79FA2B820F7AACC9CE0BE099F24A553130FD7
        Validity
            Not Before: Feb  4 19:53:20 2025 GMT
            Not After : Feb  3 19:58:20 2026 GMT
        Subject: CN=0B58D350794C2D08ED07D1600ED0B08299DE7DDD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:4c:56:a4:d6:6e:44:80:f1:2f:d9:df:14:d8:
                    02:fc:ed:5f:23:70:71:50:c9:7d:4c:1b:92:84:3e:
                    59:89:0f:be:3a:eb:c4:ea:f8:60:6d:27:c2:c9:5c:
                    05:55:e8:0a:69:68:ca:2e:13:62:b8:2c:a9:58:df:
                    a6:4f:28:c9:4a:59:44:48:a2:4a:a4:14:ef:75:ff:
                    69:ee:c4:18:65:28:b0:0f:c7:d1:41:f1:1e:82:08:
                    f6:43:1b:74:46:02:f0:0e:32:bf:62:38:c4:70:74:
                    4c:4e:69:3b:27:c7:c7:4e:6c:e3:5a:09:f4:d5:14:
                    db:73:d1:75:85:09:61:14:96:bc:e3:6c:13:7e:67:
                    a7:fd:06:80:71:8b:2e:c8:9a:54:88:9d:f2:b7:68:
                    e6:6d:0c:c9:ca:13:35:5d:6f:72:25:51:8b:dd:c5:
                    77:d6:f0:61:6e:85:b0:e7:5f:db:69:50:06:79:e0:
                    b1:92:6b:d4:c6:e3:d4:8a:47:9c:19:98:14:a9:b4:
                    ce:de:85:c5:59:09:b4:c9:04:4e:8b:73:4e:25:10:
                    56:57:a3:e6:16:12:93:8b:c3:c1:94:77:9a:bc:8c:
                    bc:eb:5a:03:bd:f7:df:2a:f2:e5:7a:62:23:af:1b:
                    78:64:91:e3:ee:e9:09:b6:63:b2:bf:7c:29:ef:7e:
                    b0:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:58:D3:50:79:4C:2D:08:ED:07:D1:60:0E:D0:B0:82:99:DE:7D:DD
            X509v3 Authority Key Identifier:
                keyid:D2:A7:9F:A2:B8:20:F7:AA:CC:9C:E0:BE:09:9F:24:A5:53:13:0F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1005151A74331E2681F5A411ED779F0C8D71174D4FD8D3E3A456FF0D37DB0840/0/D2A79FA2B820F7AACC9CE0BE099F24A553130FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D2A79FA2B820F7AACC9CE0BE099F24A553130FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1005151A74331E2681F5A411ED779F0C8D71174D4FD8D3E3A456FF0D37DB0840/0/3134332e3230322e3230382e302f32322d3234203d3e20323634363331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.202.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         73:9a:63:f5:8c:20:b5:e2:ca:78:94:70:3d:d1:08:f5:3d:b4:
         99:c7:3a:18:7d:20:97:8a:7c:12:7a:95:c8:54:12:82:ea:ec:
         64:40:07:23:2a:ec:0c:50:57:50:5d:11:80:34:12:d1:e8:52:
         25:d9:80:dd:6e:0a:44:46:29:b8:46:87:b5:92:61:da:fb:b4:
         e4:89:57:df:5a:3e:54:e1:e5:11:d9:eb:de:6c:28:f1:36:84:
         16:81:05:78:4e:b8:c4:4e:30:44:26:71:c8:d0:ba:2a:ee:b4:
         03:65:12:82:d2:70:15:90:4e:6f:8f:ef:54:c7:a0:7b:72:70:
         0e:83:53:d7:25:e1:69:af:fc:1d:96:33:81:b2:7f:b7:37:f2:
         00:ef:2e:a1:79:9b:9c:d6:ce:06:89:6d:14:96:14:40:22:f0:
         06:97:0a:ff:41:fb:d3:4c:2c:c6:20:8e:c8:ed:de:1b:aa:7e:
         98:03:78:cd:49:f6:a0:0a:4d:bf:99:24:05:6d:63:e4:da:6d:
         da:27:34:92:5c:63:17:f8:45:0a:b9:fa:8b:80:51:29:5b:2b:
         25:b0:b5:d4:c6:8b:d7:66:af:68:67:b2:36:e7:73:a5:79:32:
         79:3e:c0:d6:91:77:82:fc:3f:a3:ca:f4:7d:2a:03:68:f4:b9:
         d6:27:0d:88
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUMgr+D2+vSoYBIdmab5IDrSesAiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJBNzlGQTJCODIwRjdBQUNDOUNFMEJFMDk5RjI0QTU1
MzEzMEZENzAeFw0yNTAyMDQxOTUzMjBaFw0yNjAyMDMxOTU4MjBaMDMxMTAvBgNV
BAMTKDBCNThEMzUwNzk0QzJEMDhFRDA3RDE2MDBFRDBCMDgyOTlERTdEREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzTFak1m5EgPEv2d8U2AL87V8j
cHFQyX1MG5KEPlmJD74668Tq+GBtJ8LJXAVV6AppaMouE2K4LKlY36ZPKMlKWURI
okqkFO91/2nuxBhlKLAPx9FB8R6CCPZDG3RGAvAOMr9iOMRwdExOaTsnx8dObONa
CfTVFNtz0XWFCWEUlrzjbBN+Z6f9BoBxiy7ImlSInfK3aOZtDMnKEzVdb3IlUYvd
xXfW8GFuhbDnX9tpUAZ54LGSa9TG49SKR5wZmBSptM7ehcVZCbTJBE6Lc04lEFZX
o+YWEpOLw8GUd5q8jLzrWgO9998q8uV6YiOvG3hkkePu6Qm2Y7K/fCnvfrCtAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUC1jTUHlMLQjtB9FgDtCwgpnefd0wHwYDVR0j
BBgwFoAU0qeforgg96rMnOC+CZ8kpVMTD9cwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMDA1MTUxQTc0MzMxRTI2ODFGNUE0MTFFRDc3OUYwQzhE
NzExNzRENEZEOEQzRTNBNDU2RkYwRDM3REIwODQwLzAvRDJBNzlGQTJCODIwRjdB
QUNDOUNFMEJFMDk5RjI0QTU1MzEzMEZENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMkE3OUZBMkI4MjBGN0FBQ0M5
Q0UwQkUwOTlGMjRBNTUzMTMwRkQ3LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTAwNTE1MUE3NDMzMUUyNjgxRjVBNDExRUQ3NzlGMEM4RDcxMTc0RDRG
RDhEM0UzQTQ1NkZGMEQzN0RCMDg0MC8wLzMxMzQzMzJlMzIzMDMyMmUzMjMwMzgy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzQzNjMzMzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKP
ytAwDQYJKoZIhvcNAQELBQADggEBAHOaY/WMILXiyniUcD3RCPU9tJnHOhh9IJeK
fBJ6lchUEoLq7GRAByMq7AxQV1BdEYA0EtHoUiXZgN1uCkRGKbhGh7WSYdr7tOSJ
V99aPlTh5RHZ695sKPE2hBaBBXhOuMROMEQmccjQuirutANlEoLScBWQTm+P71TH
oHtycA6DU9cl4Wmv/B2WM4Gyf7c38gDvLqF5m5zWzgaJbRSWFEAi8AaXCv9B+9NM
LMYgjsjt3huqfpgDeM1J9qAKTb+ZJAVtY+TabdonNJJcYxf4RQq5+ouAUSlbKyWw
tdTGi9dmr2hnsjbnc6V5Mnk+wNaRd4L8P6PK9H0qA2j0udYnDYg=
-----END CERTIFICATE-----