Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3130362e302f32332d3233203d3e203232313232.roa
File:                     3134382e3230392e3130362e302f32332d3233203d3e203232313232.roa (raw, json)
Hash identifier:          yoeJaOivOvx3j1a1tpfz3VCjWYGaLDbzSoBsGyEhX5U=
Subject key identifier:   C9:DE:A5:52:38:6F:0F:CC:BB:5F:44:2A:04:B4:BE:24:B9:DB:93:DA
Certificate issuer:       /CN=8D67A138567146B2E89E0918237CB2D076D67AFA
Certificate serial:       6D61B547E4CC83A838C7D455498840C4A61D8A28
Authority key identifier: 8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3130362e302f32332d3233203d3e203232313232.roa
Signing time:             Tue 04 Feb 2025 18:38:51 +0000
ROA not before:           Tue 04 Feb 2025 18:33:51 +0000
ROA not after:            Tue 03 Feb 2026 18:38:51 +0000
asID:                     22122
IP address blocks:        148.209.106.0/23 maxlen: 23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:61:b5:47:e4:cc:83:a8:38:c7:d4:55:49:88:40:c4:a6:1d:8a:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D67A138567146B2E89E0918237CB2D076D67AFA
        Validity
            Not Before: Feb  4 18:33:51 2025 GMT
            Not After : Feb  3 18:38:51 2026 GMT
        Subject: CN=C9DEA552386F0FCCBB5F442A04B4BE24B9DB93DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:14:da:d5:44:d7:84:66:70:44:05:80:84:04:
                    8c:3f:f9:d7:69:8d:67:b3:22:49:c9:8a:5a:7b:02:
                    a4:fb:c0:2e:5a:62:20:5e:cc:6a:99:95:ae:5e:d0:
                    21:e4:41:82:fe:d1:f6:eb:c4:f1:da:fb:35:39:b5:
                    eb:6e:c0:67:21:f9:32:42:b8:f9:82:16:43:b8:ec:
                    b8:4e:4b:a0:79:33:c1:24:6e:ec:66:c5:af:05:44:
                    70:ef:b6:33:57:d6:b1:92:5a:77:75:cc:c5:d9:e7:
                    49:b3:eb:6c:45:55:05:7d:4b:f0:92:1c:18:8f:63:
                    dc:fa:ab:58:e6:ef:df:05:92:8d:9c:12:fa:f8:df:
                    25:c5:4b:b3:0b:a8:e8:22:e0:cf:ac:76:55:1e:62:
                    11:ae:ea:53:46:ac:e3:e8:3b:02:b8:30:e5:cd:59:
                    cb:1a:1f:3a:7c:f2:6b:5b:44:19:a5:b8:62:58:e1:
                    c8:85:0b:a6:75:d1:19:c1:dd:e3:cd:a2:d4:ba:12:
                    fa:80:9f:87:b9:d3:c6:77:03:16:41:8e:ed:f3:de:
                    56:27:66:a3:0e:65:36:8c:2e:2b:f5:64:78:29:de:
                    16:c6:df:6d:f2:a5:d0:ab:36:f5:cc:a7:e1:74:a5:
                    89:57:d6:ed:be:a8:68:e0:1e:3a:cb:4a:b2:8b:56:
                    b1:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:DE:A5:52:38:6F:0F:CC:BB:5F:44:2A:04:B4:BE:24:B9:DB:93:DA
            X509v3 Authority Key Identifier:
                keyid:8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3130362e302f32332d3233203d3e203232313232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.209.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         10:26:0b:c6:49:21:7c:7f:c7:50:58:74:63:14:c4:4b:4c:91:
         65:fa:7a:c0:37:46:9a:4e:53:da:4e:f0:e8:39:3a:19:3b:a4:
         9b:69:37:37:c9:47:9c:66:3c:4f:66:06:b6:ec:d1:a7:11:84:
         b4:9e:6c:77:84:c0:27:4e:2f:c3:b2:f4:a7:7c:f6:5f:b1:0c:
         ab:3b:ab:05:5e:f7:c7:7a:ff:8b:3c:b6:d9:55:81:73:df:56:
         af:94:c5:f3:9f:be:48:d5:3e:9d:18:13:d4:4b:0f:4b:87:59:
         2a:76:97:fe:da:64:ed:73:22:bc:9d:37:72:ae:2b:59:8d:ba:
         30:ae:2d:79:51:da:05:95:13:a9:14:b7:be:68:5e:ae:b3:56:
         19:cd:ed:ff:ed:4b:c5:67:c1:e4:87:bc:9a:1e:2c:18:d2:64:
         1b:2b:18:a8:76:8d:bf:36:c1:f7:cc:70:cf:9c:28:46:45:16:
         fb:3e:a0:ed:54:cf:99:32:ee:b6:75:39:0b:81:16:d7:f1:0c:
         c2:90:be:2c:c4:56:08:e4:a9:41:d1:18:e9:4d:3c:0e:fd:10:
         e7:29:e2:74:36:02:49:8d:61:09:5e:e8:39:33:09:c8:d3:80:
         bb:fc:92:0b:09:71:9d:b2:e0:f8:cc:0d:b3:1d:90:62:06:e8:
         73:43:55:4b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUbWG1R+TMg6g4x9RVSYhAxKYdiigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ2N0ExMzg1NjcxNDZCMkU4OUUwOTE4MjM3Q0IyRDA3
NkQ2N0FGQTAeFw0yNTAyMDQxODMzNTFaFw0yNjAyMDMxODM4NTFaMDMxMTAvBgNV
BAMTKEM5REVBNTUyMzg2RjBGQ0NCQjVGNDQyQTA0QjRCRTI0QjlEQjkzREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIFNrVRNeEZnBEBYCEBIw/+ddp
jWezIknJilp7AqT7wC5aYiBezGqZla5e0CHkQYL+0fbrxPHa+zU5tetuwGch+TJC
uPmCFkO47LhOS6B5M8Ekbuxmxa8FRHDvtjNX1rGSWnd1zMXZ50mz62xFVQV9S/CS
HBiPY9z6q1jm798Fko2cEvr43yXFS7MLqOgi4M+sdlUeYhGu6lNGrOPoOwK4MOXN
WcsaHzp88mtbRBmluGJY4ciFC6Z10RnB3ePNotS6EvqAn4e508Z3AxZBju3z3lYn
ZqMOZTaMLiv1ZHgp3hbG323ypdCrNvXMp+F0pYlX1u2+qGjgHjrLSrKLVrFdAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUyd6lUjhvD8y7X0QqBLS+JLnbk9owHwYDVR0j
BBgwFoAUjWehOFZxRrLongkYI3yy0HbWevowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NkZENjdEODlEOTZEMzlBMzk3MjRDNEFENjE0RjQ1N0Mw
OEZBMjc4NDQxNUJFMzk1MkM0OTFCRUJFNEJFMjA3LzAvOEQ2N0ExMzg1NjcxNDZC
MkU4OUUwOTE4MjM3Q0IyRDA3NkQ2N0FGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RDY3QTEzODU2NzE0NkIyRTg5
RTA5MTgyMzdDQjJEMDc2RDY3QUZBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTZGRDY3RDg5RDk2RDM5QTM5NzI0QzRBRDYxNEY0NTdDMDhGQTI3ODQ0
MTVCRTM5NTJDNDkxQkVCRTRCRTIwNy8wLzMxMzQzODJlMzIzMDM5MmUzMTMwMzYy
ZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjMyMzEzMjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBlNFq
MA0GCSqGSIb3DQEBCwUAA4IBAQAQJgvGSSF8f8dQWHRjFMRLTJFl+nrAN0aaTlPa
TvDoOToZO6SbaTc3yUecZjxPZga27NGnEYS0nmx3hMAnTi/DsvSnfPZfsQyrO6sF
XvfHev+LPLbZVYFz31avlMXzn75I1T6dGBPUSw9Lh1kqdpf+2mTtcyK8nTdyritZ
jbowri15UdoFlROpFLe+aF6us1YZze3/7UvFZ8Hkh7yaHiwY0mQbKxiodo2/NsH3
zHDPnChGRRb7PqDtVM+ZMu62dTkLgRbX8QzCkL4sxFYI5KlB0RjpTTwO/RDnKeJ0
NgJJjWEJXug5MwnI04C7/JILCXGdsuD4zA2zHZBiBuhzQ1VL
-----END CERTIFICATE-----