Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3231302e302f32332d3234203d3e203232313232.roa
File:                     3134382e3230392e3231302e302f32332d3234203d3e203232313232.roa (raw, json)
Hash identifier:          TRZ7YyYmI6lD4J7MtCJuxLdwZ2VCZPNWOvMCvgVxAVc=
Subject key identifier:   0E:8E:22:C4:41:5A:7D:EF:6D:EA:31:F9:B8:53:21:DD:E8:EC:9D:2F
Certificate issuer:       /CN=8D67A138567146B2E89E0918237CB2D076D67AFA
Certificate serial:       1AC95AE69C414A3B66B6287B0B44CD7A13D19800
Authority key identifier: 8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3231302e302f32332d3234203d3e203232313232.roa
Signing time:             Tue 04 Feb 2025 18:38:52 +0000
ROA not before:           Tue 04 Feb 2025 18:33:52 +0000
ROA not after:            Tue 03 Feb 2026 18:38:52 +0000
asID:                     22122
IP address blocks:        148.209.210.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:c9:5a:e6:9c:41:4a:3b:66:b6:28:7b:0b:44:cd:7a:13:d1:98:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D67A138567146B2E89E0918237CB2D076D67AFA
        Validity
            Not Before: Feb  4 18:33:52 2025 GMT
            Not After : Feb  3 18:38:52 2026 GMT
        Subject: CN=0E8E22C4415A7DEF6DEA31F9B85321DDE8EC9D2F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:50:62:2f:20:f8:6e:0e:79:ec:59:f0:fb:b4:
                    0b:78:14:4f:75:04:dd:fd:42:da:ea:bd:87:68:92:
                    45:f2:b2:88:bd:15:f2:1d:f6:0d:b8:e6:2e:c7:04:
                    cf:93:63:d5:61:d0:20:03:57:b4:50:1a:29:3b:03:
                    16:3c:74:b1:94:af:ff:68:5d:fa:56:45:f8:a4:58:
                    18:d8:ff:21:2d:6d:f4:3e:92:3a:97:f3:82:5a:31:
                    4b:0e:91:b0:c3:82:bf:dd:70:a6:ea:00:6f:a5:16:
                    d3:94:c9:44:d3:bf:7f:b5:f8:e3:e2:e6:0d:52:06:
                    5b:ce:d7:87:b5:3d:1d:00:fb:79:79:ee:65:ba:cd:
                    4d:69:12:da:3e:b8:04:10:e9:9d:29:ab:82:ea:ca:
                    e5:97:d4:a7:7c:f4:47:1a:a6:37:fb:e2:40:dd:52:
                    b1:48:17:99:21:f0:29:fa:8f:ee:3d:c8:1f:f3:c0:
                    6e:57:93:5a:af:71:0a:85:d2:4a:ae:e9:2e:a3:c0:
                    88:af:9a:1b:94:00:28:1e:18:4a:60:a4:8d:46:3d:
                    40:20:2b:09:ad:b6:68:25:e8:90:34:3a:8d:61:b6:
                    ea:8d:a6:2d:4a:2d:4e:f0:6f:65:76:1d:76:da:27:
                    77:22:1a:ad:cb:71:2b:9f:87:a9:2a:82:64:60:f7:
                    59:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:8E:22:C4:41:5A:7D:EF:6D:EA:31:F9:B8:53:21:DD:E8:EC:9D:2F
            X509v3 Authority Key Identifier:
                keyid:8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3231302e302f32332d3234203d3e203232313232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.209.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         65:ea:87:9d:7e:11:85:6a:3c:c4:a2:d2:d8:f6:4c:dd:98:d7:
         85:b6:35:68:ed:01:cf:ef:21:5a:0d:9b:e7:eb:8f:c2:fb:89:
         0c:b0:8a:bd:09:42:28:db:a2:4c:17:63:d4:dc:f5:5d:32:ed:
         36:d2:f8:f8:ec:ec:31:5c:77:d3:3f:d8:aa:85:ea:f5:2b:51:
         3b:2e:df:f1:cc:e6:dd:c0:34:5c:c7:f4:59:e0:e6:51:4c:39:
         25:98:6c:37:30:7c:98:97:f5:41:2b:f6:f0:68:a1:d7:94:57:
         bc:69:3f:29:7e:d6:12:78:53:83:1f:ef:15:f7:30:ec:84:62:
         a7:1d:8d:41:20:8d:99:dc:96:b6:ec:d3:13:17:03:57:92:0b:
         55:60:37:d3:f4:ef:5b:a6:13:42:cc:06:87:17:20:8e:79:19:
         5e:89:40:bd:9c:c6:b0:d5:d8:de:a5:18:2c:28:eb:19:44:9f:
         c6:7f:2b:70:8e:30:ba:58:03:61:da:54:06:0d:1d:4a:27:ea:
         05:23:c2:88:22:1e:39:8f:c3:90:4e:e1:0b:5e:8d:de:27:32:
         0d:f9:6d:ee:61:c7:5f:cb:17:c5:70:c8:dd:98:28:8e:34:80:
         12:b0:8f:9f:7b:65:e5:03:0b:0e:8b:29:fd:40:54:62:16:2a:
         b2:d4:ad:ac
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUGsla5pxBSjtmtih7C0TNehPRmAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ2N0ExMzg1NjcxNDZCMkU4OUUwOTE4MjM3Q0IyRDA3
NkQ2N0FGQTAeFw0yNTAyMDQxODMzNTJaFw0yNjAyMDMxODM4NTJaMDMxMTAvBgNV
BAMTKDBFOEUyMkM0NDE1QTdERUY2REVBMzFGOUI4NTMyMURERThFQzlEMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxUGIvIPhuDnnsWfD7tAt4FE91
BN39QtrqvYdokkXysoi9FfId9g245i7HBM+TY9Vh0CADV7RQGik7AxY8dLGUr/9o
XfpWRfikWBjY/yEtbfQ+kjqX84JaMUsOkbDDgr/dcKbqAG+lFtOUyUTTv3+1+OPi
5g1SBlvO14e1PR0A+3l57mW6zU1pEto+uAQQ6Z0pq4LqyuWX1Kd89Ecapjf74kDd
UrFIF5kh8Cn6j+49yB/zwG5Xk1qvcQqF0kqu6S6jwIivmhuUACgeGEpgpI1GPUAg
Kwmttmgl6JA0Oo1htuqNpi1KLU7wb2V2HXbaJ3ciGq3LcSufh6kqgmRg91kTAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUDo4ixEFafe9t6jH5uFMh3ejsnS8wHwYDVR0j
BBgwFoAUjWehOFZxRrLongkYI3yy0HbWevowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NkZENjdEODlEOTZEMzlBMzk3MjRDNEFENjE0RjQ1N0Mw
OEZBMjc4NDQxNUJFMzk1MkM0OTFCRUJFNEJFMjA3LzAvOEQ2N0ExMzg1NjcxNDZC
MkU4OUUwOTE4MjM3Q0IyRDA3NkQ2N0FGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RDY3QTEzODU2NzE0NkIyRTg5
RTA5MTgyMzdDQjJEMDc2RDY3QUZBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTZGRDY3RDg5RDk2RDM5QTM5NzI0QzRBRDYxNEY0NTdDMDhGQTI3ODQ0
MTVCRTM5NTJDNDkxQkVCRTRCRTIwNy8wLzMxMzQzODJlMzIzMDM5MmUzMjMxMzAy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjMyMzEzMjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBlNHS
MA0GCSqGSIb3DQEBCwUAA4IBAQBl6oedfhGFajzEotLY9kzdmNeFtjVo7QHP7yFa
DZvn64/C+4kMsIq9CUIo26JMF2PU3PVdMu020vj47OwxXHfTP9iqher1K1E7Lt/x
zObdwDRcx/RZ4OZRTDklmGw3MHyYl/VBK/bwaKHXlFe8aT8pftYSeFODH+8V9zDs
hGKnHY1BII2Z3Ja27NMTFwNXkgtVYDfT9O9bphNCzAaHFyCOeRleiUC9nMaw1dje
pRgsKOsZRJ/GfytwjjC6WANh2lQGDR1KJ+oFI8KIIh45j8OQTuELXo3eJzIN+W3u
YcdfyxfFcMjdmCiONIASsI+fe2XlAwsOiyn9QFRiFiqy1K2s
-----END CERTIFICATE-----