Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/54C44F39A16EA01F4700CA77DC5F9303139D23448EB7171A35A2AD0B08FF0371/0/3138312e3233332e38382e302f32322d3234203d3e20323731393037.roa
File:                     3138312e3233332e38382e302f32322d3234203d3e20323731393037.roa (raw, json)
Hash identifier:          pZZbyKODxiBVLPht0nE7g7zin63gpX31BEs1Ptu14P8=
Subject key identifier:   11:DC:7F:12:44:9D:01:1E:86:7F:99:83:E2:7F:A2:05:27:3D:D7:95
Certificate issuer:       /CN=2240B644D1FD422B45BF149B24CCCE788AE6DF25
Certificate serial:       7D3FDB59A6795DBFD24043C14CF47B42CFBDB71D
Authority key identifier: 22:40:B6:44:D1:FD:42:2B:45:BF:14:9B:24:CC:CE:78:8A:E6:DF:25
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2240B644D1FD422B45BF149B24CCCE788AE6DF25.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/54C44F39A16EA01F4700CA77DC5F9303139D23448EB7171A35A2AD0B08FF0371/0/3138312e3233332e38382e302f32322d3234203d3e20323731393037.roa
Signing time:             Tue 04 Feb 2025 18:54:49 +0000
ROA not before:           Tue 04 Feb 2025 18:49:49 +0000
ROA not after:            Tue 03 Feb 2026 18:54:49 +0000
asID:                     271907
IP address blocks:        181.233.88.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:3f:db:59:a6:79:5d:bf:d2:40:43:c1:4c:f4:7b:42:cf:bd:b7:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2240B644D1FD422B45BF149B24CCCE788AE6DF25
        Validity
            Not Before: Feb  4 18:49:49 2025 GMT
            Not After : Feb  3 18:54:49 2026 GMT
        Subject: CN=11DC7F12449D011E867F9983E27FA205273DD795
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:84:7d:0f:7f:40:8f:59:ed:bf:1d:7b:83:d3:
                    64:94:98:1d:c5:d8:ca:d7:9f:dd:7e:d3:98:57:e8:
                    d2:5b:a3:82:07:02:dc:37:4e:52:0e:40:7a:a6:27:
                    fe:40:bd:e1:7c:3f:1a:c8:72:f8:83:16:68:72:d1:
                    94:b2:4c:5d:f3:bf:41:16:cb:00:b2:21:37:0e:b2:
                    68:d1:db:c5:1e:35:7d:26:01:0d:82:96:6e:24:23:
                    3e:dc:96:c8:ba:49:bc:5d:6b:90:2e:7f:b7:33:24:
                    28:e6:10:7a:50:02:ea:65:44:3f:56:36:ae:c3:44:
                    44:a1:50:fa:50:a7:63:f2:65:e1:d0:d1:2a:ea:99:
                    e9:ff:9e:90:bc:02:d8:07:81:6d:d2:99:79:41:9c:
                    f7:9d:b0:4f:5b:03:77:a8:32:ce:47:d5:0f:af:a2:
                    df:b8:57:fb:cf:e6:7a:2b:3c:3d:b5:5b:4d:d1:c0:
                    0a:cd:1f:90:07:e9:34:dc:5d:20:d2:b2:7a:8b:9e:
                    ab:43:0d:52:6d:43:8c:39:95:2d:9f:f8:66:3d:97:
                    62:0c:5a:7c:ad:5c:24:63:cd:9a:2f:ee:9f:c9:40:
                    3a:9b:7a:57:88:63:5a:15:27:7a:fe:13:1b:f2:6c:
                    f5:97:29:f7:0b:74:29:d8:14:24:aa:9c:1e:66:d2:
                    b8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:DC:7F:12:44:9D:01:1E:86:7F:99:83:E2:7F:A2:05:27:3D:D7:95
            X509v3 Authority Key Identifier:
                keyid:22:40:B6:44:D1:FD:42:2B:45:BF:14:9B:24:CC:CE:78:8A:E6:DF:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/54C44F39A16EA01F4700CA77DC5F9303139D23448EB7171A35A2AD0B08FF0371/0/2240B644D1FD422B45BF149B24CCCE788AE6DF25.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2240B644D1FD422B45BF149B24CCCE788AE6DF25.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/54C44F39A16EA01F4700CA77DC5F9303139D23448EB7171A35A2AD0B08FF0371/0/3138312e3233332e38382e302f32322d3234203d3e20323731393037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.233.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:4b:86:5f:ab:08:e8:85:e0:ef:fb:51:3e:9d:85:bc:aa:75:
         48:d7:75:ab:d9:dc:ec:26:c2:db:1b:8e:58:94:af:c2:6b:c8:
         4f:37:b6:7b:f3:eb:4e:67:1a:04:37:f3:7d:9d:a0:cf:f3:dc:
         ec:52:2f:45:d5:c1:1c:ac:a6:3a:74:c9:0a:66:5c:4e:77:97:
         56:f7:34:c0:3b:52:28:80:c9:71:a3:83:0f:5d:bf:6b:43:81:
         79:50:18:b5:56:5e:40:27:35:3f:d9:8c:e1:60:67:f8:28:61:
         6a:d0:b5:9f:b2:13:a5:99:a9:45:e9:48:f6:d3:2c:14:fc:de:
         d7:63:17:9e:b9:26:d5:33:34:f9:97:9e:49:bd:92:90:cb:34:
         72:26:5d:74:14:70:a1:16:2d:70:43:79:2b:67:c5:d1:f8:71:
         2b:a9:b5:f7:16:67:10:4c:3f:55:69:71:9e:bb:18:4d:7a:da:
         b5:e6:49:b4:0a:30:16:c1:99:14:f9:1c:5b:98:77:06:f2:b9:
         88:86:14:42:e0:a2:d5:9d:11:a4:8d:40:a1:63:e0:73:08:cc:
         e2:56:bb:19:1d:0f:80:94:de:d1:26:b4:cc:42:20:fd:d3:2c:
         ae:7b:9f:59:d3:b9:8c:f6:c9:d4:79:32:f8:bb:c3:31:37:ff:
         b1:7c:08:71
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUfT/bWaZ5Xb/SQEPBTPR7Qs+9tx0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI0MEI2NDREMUZENDIyQjQ1QkYxNDlCMjRDQ0NFNzg4
QUU2REYyNTAeFw0yNTAyMDQxODQ5NDlaFw0yNjAyMDMxODU0NDlaMDMxMTAvBgNV
BAMTKDExREM3RjEyNDQ5RDAxMUU4NjdGOTk4M0UyN0ZBMjA1MjczREQ3OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjhH0Pf0CPWe2/HXuD02SUmB3F
2MrXn91+05hX6NJbo4IHAtw3TlIOQHqmJ/5AveF8PxrIcviDFmhy0ZSyTF3zv0EW
ywCyITcOsmjR28UeNX0mAQ2Clm4kIz7clsi6Sbxda5Auf7czJCjmEHpQAuplRD9W
Nq7DREShUPpQp2PyZeHQ0Srqmen/npC8AtgHgW3SmXlBnPedsE9bA3eoMs5H1Q+v
ot+4V/vP5norPD21W03RwArNH5AH6TTcXSDSsnqLnqtDDVJtQ4w5lS2f+GY9l2IM
WnytXCRjzZov7p/JQDqbeleIY1oVJ3r+ExvybPWXKfcLdCnYFCSqnB5m0rjdAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUEdx/EkSdAR6Gf5mD4n+iBSc915UwHwYDVR0j
BBgwFoAUIkC2RNH9QitFvxSbJMzOeIrm3yUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NEM0NEYzOUExNkVBMDFGNDcwMENBNzdEQzVGOTMwMzEz
OUQyMzQ0OEVCNzE3MUEzNUEyQUQwQjA4RkYwMzcxLzAvMjI0MEI2NDREMUZENDIy
QjQ1QkYxNDlCMjRDQ0NFNzg4QUU2REYyNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMjQwQjY0NEQxRkQ0MjJCNDVC
RjE0OUIyNENDQ0U3ODhBRTZERjI1LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTRDNDRGMzlBMTZFQTAxRjQ3MDBDQTc3REM1RjkzMDMxMzlEMjM0NDhF
QjcxNzFBMzVBMkFEMEIwOEZGMDM3MS8wLzMxMzgzMTJlMzIzMzMzMmUzODM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzMxMzkzMDM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCtelY
MA0GCSqGSIb3DQEBCwUAA4IBAQBxS4ZfqwjoheDv+1E+nYW8qnVI13Wr2dzsJsLb
G45YlK/Ca8hPN7Z78+tOZxoEN/N9naDP89zsUi9F1cEcrKY6dMkKZlxOd5dW9zTA
O1IogMlxo4MPXb9rQ4F5UBi1Vl5AJzU/2YzhYGf4KGFq0LWfshOlmalF6Uj20ywU
/N7XYxeeuSbVMzT5l55JvZKQyzRyJl10FHChFi1wQ3krZ8XR+HErqbX3FmcQTD9V
aXGeuxhNetq15km0CjAWwZkU+RxbmHcG8rmIhhRC4KLVnRGkjUChY+BzCMziVrsZ
HQ+AlN7RJrTMQiD90yyue59Z07mM9snUeTL4u8MxN/+xfAhx
-----END CERTIFICATE-----