Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3134302e302f32332d3234203d3e203232313232.roa
File:                     3134382e3230392e3134302e302f32332d3234203d3e203232313232.roa (raw, json)
Hash identifier:          MDhYhoWdExIxl+U2JBkpxteyGlHI9zyyeRoSnOfEy98=
Subject key identifier:   D5:31:0A:81:53:94:30:24:15:11:5D:60:96:1A:81:66:1C:57:76:84
Certificate issuer:       /CN=8D67A138567146B2E89E0918237CB2D076D67AFA
Certificate serial:       7C91A647344BF165C61C5ED19D52C9090E0F1751
Authority key identifier: 8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3134302e302f32332d3234203d3e203232313232.roa
Signing time:             Tue 04 Feb 2025 18:38:46 +0000
ROA not before:           Tue 04 Feb 2025 18:33:46 +0000
ROA not after:            Tue 03 Feb 2026 18:38:46 +0000
asID:                     22122
IP address blocks:        148.209.140.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:91:a6:47:34:4b:f1:65:c6:1c:5e:d1:9d:52:c9:09:0e:0f:17:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D67A138567146B2E89E0918237CB2D076D67AFA
        Validity
            Not Before: Feb  4 18:33:46 2025 GMT
            Not After : Feb  3 18:38:46 2026 GMT
        Subject: CN=D5310A815394302415115D60961A81661C577684
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:65:c9:93:5e:04:6e:29:97:f7:6e:d7:0c:c2:
                    39:37:d3:7b:41:b9:e5:a7:3e:44:f8:6b:c0:d0:4f:
                    1d:6e:4b:64:4f:90:0f:60:1b:b1:05:ba:5d:15:8c:
                    43:07:22:2a:85:b1:9b:53:d3:77:24:fb:16:9b:b7:
                    bc:79:a2:fc:cf:9b:90:c6:26:eb:94:c0:66:d9:3b:
                    d5:b0:9e:77:2e:f0:e0:06:24:33:91:5e:b9:65:30:
                    28:01:b1:c5:47:00:57:33:c0:76:91:07:d1:56:35:
                    e6:5d:eb:61:87:ef:01:fd:7e:53:43:d5:75:14:1e:
                    ea:a7:01:08:61:ec:da:f5:7a:c4:85:69:6e:8c:e9:
                    fc:cf:ea:ef:89:85:e4:42:9d:30:eb:ba:fa:8a:f7:
                    79:7a:6e:bb:21:9f:02:06:dd:76:94:54:79:ea:58:
                    1d:06:73:a0:e9:b7:b0:c7:50:6d:2e:04:7e:a4:21:
                    35:d8:68:a0:35:bd:a5:aa:47:e9:22:63:62:0d:fe:
                    61:bc:88:09:3c:ba:2c:8c:6c:3d:a9:56:37:8b:3f:
                    b3:75:b5:e4:b2:94:a6:e5:a5:85:32:ad:ee:31:0b:
                    90:97:bf:76:51:a8:d1:76:0e:34:76:9e:2a:49:4d:
                    59:cb:c7:f8:f3:a3:31:20:8a:d2:5b:dd:17:5a:4e:
                    87:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:31:0A:81:53:94:30:24:15:11:5D:60:96:1A:81:66:1C:57:76:84
            X509v3 Authority Key Identifier:
                keyid:8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3134302e302f32332d3234203d3e203232313232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.209.140.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7f:38:f1:36:61:0e:dc:d6:f4:4e:21:3b:bb:59:35:b4:1d:e4:
         31:57:d0:89:a9:4c:21:cc:ec:6c:8e:a2:9f:a2:7e:4c:48:99:
         31:50:42:69:cd:e9:9b:62:9e:20:08:66:73:d9:26:14:e4:e9:
         24:49:55:2b:03:fd:a6:1a:6f:ae:80:11:89:83:a2:90:8d:c4:
         78:1d:73:7a:95:7e:c8:6a:ec:f4:7b:bc:13:83:35:67:d2:b2:
         e3:7d:7e:ad:dd:32:91:63:c2:76:91:3b:70:7c:1f:1a:11:15:
         fe:2d:81:26:d5:a1:d6:cb:11:09:99:f0:6e:2a:69:70:40:30:
         aa:98:39:b8:46:b6:18:3d:ff:22:d7:d1:80:01:07:e2:02:67:
         a8:5e:c7:60:ee:62:d1:1b:e8:52:91:5a:b6:8d:67:2e:77:4c:
         cc:4f:08:e9:52:ae:23:a8:40:f4:39:82:18:78:fd:3c:c8:ca:
         ed:b2:94:60:52:af:57:a7:d5:4d:e5:9c:47:09:29:e0:65:eb:
         99:7c:cb:26:c3:b9:00:6d:aa:ae:1d:65:ca:2a:59:67:e0:f3:
         89:92:f0:28:08:b7:6d:af:0d:ec:78:1b:6a:7f:f6:b0:22:e7:
         72:42:97:3f:1f:38:7e:ed:07:c5:57:61:1b:ac:53:cf:2b:f4:
         52:75:ac:45
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUfJGmRzRL8WXGHF7RnVLJCQ4PF1EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ2N0ExMzg1NjcxNDZCMkU4OUUwOTE4MjM3Q0IyRDA3
NkQ2N0FGQTAeFw0yNTAyMDQxODMzNDZaFw0yNjAyMDMxODM4NDZaMDMxMTAvBgNV
BAMTKEQ1MzEwQTgxNTM5NDMwMjQxNTExNUQ2MDk2MUE4MTY2MUM1Nzc2ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ZcmTXgRuKZf3btcMwjk303tB
ueWnPkT4a8DQTx1uS2RPkA9gG7EFul0VjEMHIiqFsZtT03ck+xabt7x5ovzPm5DG
JuuUwGbZO9Wwnncu8OAGJDORXrllMCgBscVHAFczwHaRB9FWNeZd62GH7wH9flND
1XUUHuqnAQhh7Nr1esSFaW6M6fzP6u+JheRCnTDruvqK93l6brshnwIG3XaUVHnq
WB0Gc6Dpt7DHUG0uBH6kITXYaKA1vaWqR+kiY2IN/mG8iAk8uiyMbD2pVjeLP7N1
teSylKblpYUyre4xC5CXv3ZRqNF2DjR2nipJTVnLx/jzozEgitJb3RdaTofZAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU1TEKgVOUMCQVEV1glhqBZhxXdoQwHwYDVR0j
BBgwFoAUjWehOFZxRrLongkYI3yy0HbWevowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NkZENjdEODlEOTZEMzlBMzk3MjRDNEFENjE0RjQ1N0Mw
OEZBMjc4NDQxNUJFMzk1MkM0OTFCRUJFNEJFMjA3LzAvOEQ2N0ExMzg1NjcxNDZC
MkU4OUUwOTE4MjM3Q0IyRDA3NkQ2N0FGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RDY3QTEzODU2NzE0NkIyRTg5
RTA5MTgyMzdDQjJEMDc2RDY3QUZBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTZGRDY3RDg5RDk2RDM5QTM5NzI0QzRBRDYxNEY0NTdDMDhGQTI3ODQ0
MTVCRTM5NTJDNDkxQkVCRTRCRTIwNy8wLzMxMzQzODJlMzIzMDM5MmUzMTM0MzAy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjMyMzEzMjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBlNGM
MA0GCSqGSIb3DQEBCwUAA4IBAQB/OPE2YQ7c1vROITu7WTW0HeQxV9CJqUwhzOxs
jqKfon5MSJkxUEJpzembYp4gCGZz2SYU5OkkSVUrA/2mGm+ugBGJg6KQjcR4HXN6
lX7Iauz0e7wTgzVn0rLjfX6t3TKRY8J2kTtwfB8aERX+LYEm1aHWyxEJmfBuKmlw
QDCqmDm4RrYYPf8i19GAAQfiAmeoXsdg7mLRG+hSkVq2jWcud0zMTwjpUq4jqED0
OYIYeP08yMrtspRgUq9Xp9VN5ZxHCSngZeuZfMsmw7kAbaquHWXKKlln4POJkvAo
CLdtrw3seBtqf/awIudyQpc/Hzh+7QfFV2EbrFPPK/RSdaxF
-----END CERTIFICATE-----