Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7DCDB5A680D4F8ECB74DA17E05A8671B343B411D9977CADEB12C4191E4F28E03/0/3133382e39372e35362e302f32322d3232203d3e203237363935.roa
File:                     3133382e39372e35362e302f32322d3232203d3e203237363935.roa (raw, json)
Hash identifier:          g/yXrLxhCGlfWj7/nIqQFrmxZAGGKgQVlz2l57upvlo=
Subject key identifier:   36:0E:56:94:7D:06:17:AC:17:64:61:DC:B0:EA:F0:0A:1A:74:06:1E
Certificate issuer:       /CN=29144D8070C44852403F550F31DEC53EBF48A61F
Certificate serial:       44628DD2DEA98ADF764B6736BAAA6890B34DBE92
Authority key identifier: 29:14:4D:80:70:C4:48:52:40:3F:55:0F:31:DE:C5:3E:BF:48:A6:1F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/29144D8070C44852403F550F31DEC53EBF48A61F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7DCDB5A680D4F8ECB74DA17E05A8671B343B411D9977CADEB12C4191E4F28E03/0/3133382e39372e35362e302f32322d3232203d3e203237363935.roa
Signing time:             Tue 05 Mar 2024 18:02:54 +0000
ROA not before:           Tue 05 Mar 2024 17:57:54 +0000
ROA not after:            Tue 04 Mar 2025 18:02:54 +0000
asID:                     27695
IP address blocks:        138.97.56.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:62:8d:d2:de:a9:8a:df:76:4b:67:36:ba:aa:68:90:b3:4d:be:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29144D8070C44852403F550F31DEC53EBF48A61F
        Validity
            Not Before: Mar  5 17:57:54 2024 GMT
            Not After : Mar  4 18:02:54 2025 GMT
        Subject: CN=360E56947D0617AC176461DCB0EAF00A1A74061E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:c3:f0:5d:29:d7:f8:2d:57:0d:f6:17:77:45:
                    3e:32:0e:fb:fd:ec:fb:9a:45:ac:91:4b:d6:eb:35:
                    98:6b:28:a3:a7:71:04:f1:60:57:87:b6:64:fb:ca:
                    88:1e:8e:29:98:df:57:f4:31:d1:24:8b:2b:94:02:
                    e2:e0:83:b1:6f:01:3f:ce:e7:19:50:dc:3d:3f:49:
                    37:21:6b:c2:f8:a6:bb:57:85:ff:74:78:7a:1b:35:
                    31:2b:5c:32:86:46:7f:b3:d2:28:bb:eb:2a:da:07:
                    f6:bc:9c:e4:c8:73:05:c6:5e:68:5a:fb:41:00:de:
                    10:ed:ae:55:6e:7e:fd:04:56:30:33:7f:89:08:5f:
                    6a:1b:ec:03:4e:ef:85:0d:c4:59:4f:88:5b:3b:25:
                    4f:61:f0:02:3b:8f:ae:bc:7a:f8:05:d4:fc:a0:98:
                    64:fc:d4:1d:e2:4f:93:97:44:77:59:9a:9a:1e:c9:
                    1d:f4:cb:f4:88:a7:dc:68:35:b2:8b:3d:cc:6f:17:
                    24:dc:d0:44:44:d1:56:17:89:ff:f2:9a:85:a9:11:
                    7b:ec:42:80:f5:3d:fb:fd:9b:e5:2f:a3:1f:95:6a:
                    9e:b6:f6:0a:64:6a:43:e9:a0:c8:f1:80:15:20:d4:
                    e4:be:93:f9:ca:23:2f:7d:26:75:b7:74:e3:fd:20:
                    50:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:0E:56:94:7D:06:17:AC:17:64:61:DC:B0:EA:F0:0A:1A:74:06:1E
            X509v3 Authority Key Identifier:
                keyid:29:14:4D:80:70:C4:48:52:40:3F:55:0F:31:DE:C5:3E:BF:48:A6:1F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7DCDB5A680D4F8ECB74DA17E05A8671B343B411D9977CADEB12C4191E4F28E03/0/29144D8070C44852403F550F31DEC53EBF48A61F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/29144D8070C44852403F550F31DEC53EBF48A61F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7DCDB5A680D4F8ECB74DA17E05A8671B343B411D9977CADEB12C4191E4F28E03/0/3133382e39372e35362e302f32322d3232203d3e203237363935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.97.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         24:87:99:86:09:08:81:7f:b5:81:ad:ed:58:45:58:d3:36:12:
         2f:17:a3:8d:8d:ff:38:34:2b:1f:3e:ef:0b:8b:e5:c8:a8:0c:
         1f:a3:53:01:13:38:95:48:de:ee:cb:94:f1:cd:12:43:b3:fe:
         fe:4c:59:31:20:f1:02:e4:b9:df:d8:66:9e:41:80:79:c5:b7:
         82:97:3a:4d:98:cb:b2:26:5c:32:f5:17:21:01:9a:d3:c8:90:
         19:01:df:c1:5d:62:90:58:11:1f:97:87:53:bc:d2:ec:8a:44:
         af:6f:a1:d7:1d:c4:28:88:ab:81:0e:8a:6b:d9:11:b5:cd:f8:
         49:0e:f7:1a:d4:65:36:e7:b3:f2:6d:86:8c:2c:70:e5:70:2f:
         b6:a7:5a:2d:cb:1e:73:69:ea:29:8e:e6:8c:97:f7:e9:46:2a:
         ac:11:9c:0e:44:2b:50:d0:9f:8a:8d:d8:0a:6b:65:2c:b4:20:
         ea:3b:1b:1d:8c:79:01:61:73:1f:e1:87:8d:cd:11:c1:28:db:
         b2:f0:a1:a8:a5:50:c0:c5:7b:3d:1d:0c:e8:18:fb:88:9a:c2:
         c1:32:80:ef:be:d1:fa:b8:6d:26:89:66:fd:55:37:9d:53:80:
         e7:27:5c:b0:e0:18:ed:e2:62:35:08:1c:9b:ac:66:60:0a:2d:
         e3:de:ab:85
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIURGKN0t6pit92S2c2uqpokLNNvpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjkxNDREODA3MEM0NDg1MjQwM0Y1NTBGMzFERUM1M0VC
RjQ4QTYxRjAeFw0yNDAzMDUxNzU3NTRaFw0yNTAzMDQxODAyNTRaMDMxMTAvBgNV
BAMTKDM2MEU1Njk0N0QwNjE3QUMxNzY0NjFEQ0IwRUFGMDBBMUE3NDA2MUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLw/BdKdf4LVcN9hd3RT4yDvv9
7PuaRayRS9brNZhrKKOncQTxYFeHtmT7yogejimY31f0MdEkiyuUAuLgg7FvAT/O
5xlQ3D0/STcha8L4prtXhf90eHobNTErXDKGRn+z0ii76yraB/a8nOTIcwXGXmha
+0EA3hDtrlVufv0EVjAzf4kIX2ob7ANO74UNxFlPiFs7JU9h8AI7j668evgF1Pyg
mGT81B3iT5OXRHdZmpoeyR30y/SIp9xoNbKLPcxvFyTc0ERE0VYXif/ymoWpEXvs
QoD1Pfv9m+Uvox+Vap629gpkakPpoMjxgBUg1OS+k/nKIy99JnW3dOP9IFANAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUNg5WlH0GF6wXZGHcsOrwChp0Bh4wHwYDVR0j
BBgwFoAUKRRNgHDESFJAP1UPMd7FPr9Iph8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83RENEQjVBNjgwRDRGOEVDQjc0REExN0UwNUE4NjcxQjM0
M0I0MTFEOTk3N0NBREVCMTJDNDE5MUU0RjI4RTAzLzAvMjkxNDREODA3MEM0NDg1
MjQwM0Y1NTBGMzFERUM1M0VCRjQ4QTYxRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yOTE0NEQ4MDcwQzQ0ODUyNDAz
RjU1MEYzMURFQzUzRUJGNDhBNjFGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvN0RDREI1QTY4MEQ0RjhFQ0I3NERBMTdFMDVBODY3MUIzNDNCNDExRDk5
NzdDQURFQjEyQzQxOTFFNEYyOEUwMy8wLzMxMzMzODJlMzkzNzJlMzUzNjJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzczNjM5MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKKYTgwDQYJ
KoZIhvcNAQELBQADggEBACSHmYYJCIF/tYGt7VhFWNM2Ei8Xo42N/zg0Kx8+7wuL
5cioDB+jUwETOJVI3u7LlPHNEkOz/v5MWTEg8QLkud/YZp5BgHnFt4KXOk2Yy7Im
XDL1FyEBmtPIkBkB38FdYpBYER+Xh1O80uyKRK9vodcdxCiIq4EOimvZEbXN+EkO
9xrUZTbns/JthowscOVwL7anWi3LHnNp6imO5oyX9+lGKqwRnA5EK1DQn4qN2Apr
ZSy0IOo7Gx2MeQFhcx/hh43NEcEo27LwoailUMDFez0dDOgY+4iawsEygO++0fq4
bSaJZv1VN51TgOcnXLDgGO3iYjUIHJusZmAKLePeq4U=
-----END CERTIFICATE-----