Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3232302e302f32332d3234203d3e203232313232.roa
File:                     3134382e3230392e3232302e302f32332d3234203d3e203232313232.roa (raw, json)
Hash identifier:          jfqN+gBRjJLrnxHQuBXw6suY6LGhObudRk1vqk+T8z8=
Subject key identifier:   3E:45:CE:AE:CF:8C:DA:48:93:6E:8C:AE:5C:65:73:35:2D:E3:EE:23
Certificate issuer:       /CN=8D67A138567146B2E89E0918237CB2D076D67AFA
Certificate serial:       3A7135AFC1F56DD32CAB2D30408445C86F29B013
Authority key identifier: 8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3232302e302f32332d3234203d3e203232313232.roa
Signing time:             Tue 04 Feb 2025 18:38:54 +0000
ROA not before:           Tue 04 Feb 2025 18:33:54 +0000
ROA not after:            Tue 03 Feb 2026 18:38:54 +0000
asID:                     22122
IP address blocks:        148.209.220.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:71:35:af:c1:f5:6d:d3:2c:ab:2d:30:40:84:45:c8:6f:29:b0:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D67A138567146B2E89E0918237CB2D076D67AFA
        Validity
            Not Before: Feb  4 18:33:54 2025 GMT
            Not After : Feb  3 18:38:54 2026 GMT
        Subject: CN=3E45CEAECF8CDA48936E8CAE5C6573352DE3EE23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:f2:ad:3c:4c:4d:f3:f5:e5:b7:51:56:3a:2c:
                    0e:26:9f:cb:e3:27:36:c1:9f:a5:06:bd:2b:f0:16:
                    ef:1f:4d:cb:07:2d:6f:db:c8:09:00:67:e1:ef:8e:
                    d5:66:6d:57:5e:bc:9a:e5:0c:e0:70:c4:b2:f2:79:
                    99:43:42:61:03:99:20:6e:86:f1:0a:ab:fa:e6:4e:
                    ed:bf:64:5c:e4:30:71:fa:14:b8:d8:6e:2e:bf:9b:
                    3e:7c:73:50:af:4b:68:18:a9:b8:01:fd:f2:8d:57:
                    b0:17:7c:63:14:23:32:fd:96:17:e2:68:07:8e:c0:
                    ab:48:68:ff:49:78:9d:a2:51:0f:a8:07:4b:08:63:
                    5e:0b:6f:de:1d:30:73:d4:4e:c6:ca:cf:02:0e:20:
                    ee:62:ab:f6:9c:be:b1:c4:68:03:e6:b1:87:21:2c:
                    ad:c1:54:00:6f:91:1b:90:4a:5f:2c:f9:07:96:0d:
                    ec:5f:28:cd:e6:7d:4a:25:b8:df:de:76:45:37:68:
                    f9:0e:eb:c3:eb:3e:0b:63:32:75:ad:4f:3d:08:19:
                    c5:23:1d:6c:68:fb:11:de:52:93:0e:60:4c:5e:4a:
                    b9:28:ae:9c:16:ee:8a:d8:c7:12:95:17:77:11:13:
                    33:fc:6a:c5:e4:bc:cf:16:ad:c3:29:3d:b3:af:e7:
                    32:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:45:CE:AE:CF:8C:DA:48:93:6E:8C:AE:5C:65:73:35:2D:E3:EE:23
            X509v3 Authority Key Identifier:
                keyid:8D:67:A1:38:56:71:46:B2:E8:9E:09:18:23:7C:B2:D0:76:D6:7A:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/8D67A138567146B2E89E0918237CB2D076D67AFA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8D67A138567146B2E89E0918237CB2D076D67AFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/56FD67D89D96D39A39724C4AD614F457C08FA2784415BE3952C491BEBE4BE207/0/3134382e3230392e3232302e302f32332d3234203d3e203232313232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.209.220.0/23

    Signature Algorithm: sha256WithRSAEncryption
         29:1f:2a:46:6d:e2:02:fc:53:c2:70:79:85:10:de:75:a6:0c:
         db:b6:2a:d1:b2:04:7b:a7:6b:0a:be:50:1e:aa:86:cb:b6:8e:
         45:34:23:ef:7c:f6:97:ad:b5:a8:d1:ba:64:63:b8:65:5b:df:
         15:51:57:2b:89:47:38:5c:45:b5:9f:01:a8:9c:be:6c:34:92:
         78:44:80:01:3a:4d:0d:18:06:60:43:18:27:49:b0:cc:01:24:
         f2:53:67:27:ce:59:a7:ca:d6:be:ed:5e:f8:f6:7a:80:7a:1d:
         e9:e9:9a:6b:08:43:53:79:56:e9:6f:d7:c9:2e:26:b6:c5:25:
         94:e3:61:83:79:5b:aa:a6:c2:21:59:ec:3b:2a:53:0f:3f:65:
         f3:8a:ec:f5:1a:d9:90:38:2f:7a:da:0d:0e:78:ab:23:c8:95:
         9a:e6:ef:ae:7f:9b:40:91:14:08:43:de:a0:d4:9a:76:38:67:
         cf:65:0c:0e:b9:78:9a:14:21:2a:97:f4:d4:fb:c3:ff:e5:ec:
         2e:b6:88:4c:1d:96:74:b7:98:cd:85:f7:82:8f:7c:12:bc:ce:
         44:3d:4c:43:93:f2:e0:75:dd:22:8f:de:de:98:0a:29:80:b8:
         47:e5:e9:05:4d:91:e2:5c:5e:dd:18:09:6d:7a:74:01:ac:d5:
         75:74:2b:78
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUOnE1r8H1bdMsqy0wQIRFyG8psBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ2N0ExMzg1NjcxNDZCMkU4OUUwOTE4MjM3Q0IyRDA3
NkQ2N0FGQTAeFw0yNTAyMDQxODMzNTRaFw0yNjAyMDMxODM4NTRaMDMxMTAvBgNV
BAMTKDNFNDVDRUFFQ0Y4Q0RBNDg5MzZFOENBRTVDNjU3MzM1MkRFM0VFMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN8q08TE3z9eW3UVY6LA4mn8vj
JzbBn6UGvSvwFu8fTcsHLW/byAkAZ+HvjtVmbVdevJrlDOBwxLLyeZlDQmEDmSBu
hvEKq/rmTu2/ZFzkMHH6FLjYbi6/mz58c1CvS2gYqbgB/fKNV7AXfGMUIzL9lhfi
aAeOwKtIaP9JeJ2iUQ+oB0sIY14Lb94dMHPUTsbKzwIOIO5iq/acvrHEaAPmsYch
LK3BVABvkRuQSl8s+QeWDexfKM3mfUoluN/edkU3aPkO68PrPgtjMnWtTz0IGcUj
HWxo+xHeUpMOYExeSrkorpwW7orYxxKVF3cREzP8asXkvM8WrcMpPbOv5zIhAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUPkXOrs+M2kiTboyuXGVzNS3j7iMwHwYDVR0j
BBgwFoAUjWehOFZxRrLongkYI3yy0HbWevowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NkZENjdEODlEOTZEMzlBMzk3MjRDNEFENjE0RjQ1N0Mw
OEZBMjc4NDQxNUJFMzk1MkM0OTFCRUJFNEJFMjA3LzAvOEQ2N0ExMzg1NjcxNDZC
MkU4OUUwOTE4MjM3Q0IyRDA3NkQ2N0FGQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84RDY3QTEzODU2NzE0NkIyRTg5
RTA5MTgyMzdDQjJEMDc2RDY3QUZBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTZGRDY3RDg5RDk2RDM5QTM5NzI0QzRBRDYxNEY0NTdDMDhGQTI3ODQ0
MTVCRTM5NTJDNDkxQkVCRTRCRTIwNy8wLzMxMzQzODJlMzIzMDM5MmUzMjMyMzAy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjMyMzEzMjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBlNHc
MA0GCSqGSIb3DQEBCwUAA4IBAQApHypGbeIC/FPCcHmFEN51pgzbtirRsgR7p2sK
vlAeqobLto5FNCPvfPaXrbWo0bpkY7hlW98VUVcriUc4XEW1nwGonL5sNJJ4RIAB
Ok0NGAZgQxgnSbDMASTyU2cnzlmnyta+7V749nqAeh3p6ZprCENTeVbpb9fJLia2
xSWU42GDeVuqpsIhWew7KlMPP2Xziuz1GtmQOC962g0OeKsjyJWa5u+uf5tAkRQI
Q96g1Jp2OGfPZQwOuXiaFCEql/TU+8P/5ewutohMHZZ0t5jNhfeCj3wSvM5EPUxD
k/Lgdd0ij97emAopgLhH5ekFTZHiXF7dGAltenQBrNV1dCt4
-----END CERTIFICATE-----