Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/3137302e3231302e3135382e302f32342d3234203d3e20323730303333.roa
File:                     3137302e3231302e3135382e302f32342d3234203d3e20323730303333.roa (raw, json)
Hash identifier:          IkVhfiJTHpiwWi50SdR/1JZVOfUG2UkriPfFU2s4jao=
Subject key identifier:   D1:15:6A:E0:4B:00:EC:B8:E9:B2:E9:D7:E1:5A:F8:7F:F0:CE:FF:55
Certificate issuer:       /CN=22D4B25C65781140A2B8DB968C7D0B813D457F0B
Certificate serial:       38E2AF2E59494FD07E9BAF756E58D5196DD79E59
Authority key identifier: 22:D4:B2:5C:65:78:11:40:A2:B8:DB:96:8C:7D:0B:81:3D:45:7F:0B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22D4B25C65781140A2B8DB968C7D0B813D457F0B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/3137302e3231302e3135382e302f32342d3234203d3e20323730303333.roa
Signing time:             Tue 04 Feb 2025 18:27:03 +0000
ROA not before:           Tue 04 Feb 2025 18:22:03 +0000
ROA not after:            Tue 03 Feb 2026 18:27:03 +0000
asID:                     270033
IP address blocks:        170.210.158.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:e2:af:2e:59:49:4f:d0:7e:9b:af:75:6e:58:d5:19:6d:d7:9e:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22D4B25C65781140A2B8DB968C7D0B813D457F0B
        Validity
            Not Before: Feb  4 18:22:03 2025 GMT
            Not After : Feb  3 18:27:03 2026 GMT
        Subject: CN=D1156AE04B00ECB8E9B2E9D7E15AF87FF0CEFF55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:05:37:6e:fc:9e:6b:99:6a:7d:58:31:e8:3a:
                    3a:34:a5:13:d5:66:61:0c:3c:26:b4:36:fb:5b:1c:
                    a7:74:96:fa:41:53:d5:73:b5:97:a9:43:5e:7d:a1:
                    f6:2f:ef:b9:84:95:d2:3e:16:f2:b6:22:00:8e:d4:
                    b3:7b:20:08:e7:88:7c:2b:4f:0c:83:da:57:6f:bd:
                    7d:54:2b:ac:87:61:a6:bd:ab:b3:74:59:ad:85:7f:
                    db:c1:7a:55:73:33:24:f0:6f:8f:c4:de:85:27:7b:
                    e6:b4:a3:71:86:6c:1e:6c:9e:81:1b:59:7c:7e:29:
                    60:90:77:88:c0:6b:79:b9:3d:4f:d3:37:b8:50:de:
                    ba:b6:16:0c:f8:e2:86:3f:0e:24:cb:b7:e2:7f:7d:
                    69:18:64:4d:28:4f:ee:e3:c6:89:aa:99:41:d8:9c:
                    fe:f7:f5:32:be:09:32:fe:9e:d0:ee:1e:1f:76:a5:
                    82:4f:4b:86:1b:b7:16:cb:20:c0:c6:25:a0:b0:49:
                    24:97:7e:60:05:f2:7d:8a:2a:1f:2a:3f:48:0c:b0:
                    08:32:07:1f:17:60:cc:e1:1e:1b:a5:20:b6:b9:e0:
                    b9:e5:eb:62:7d:ee:40:71:4d:c6:c3:71:47:a4:ad:
                    da:66:36:b4:93:70:ee:20:a8:d8:46:66:4d:42:3e:
                    3e:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:15:6A:E0:4B:00:EC:B8:E9:B2:E9:D7:E1:5A:F8:7F:F0:CE:FF:55
            X509v3 Authority Key Identifier:
                keyid:22:D4:B2:5C:65:78:11:40:A2:B8:DB:96:8C:7D:0B:81:3D:45:7F:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/22D4B25C65781140A2B8DB968C7D0B813D457F0B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22D4B25C65781140A2B8DB968C7D0B813D457F0B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/3137302e3231302e3135382e302f32342d3234203d3e20323730303333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.210.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:23:99:fc:79:d4:53:75:bf:b4:3b:59:4d:cc:13:22:43:b5:
         c2:2b:41:db:67:70:d4:c7:32:be:e2:88:96:4f:cb:92:5e:53:
         be:6e:fd:46:bb:ef:ca:0d:d1:c6:51:c6:49:28:cb:26:3f:76:
         e4:70:59:69:90:69:bf:df:70:20:5a:38:c4:4e:91:2e:33:b7:
         97:eb:20:ba:e4:28:bc:dd:1d:96:e8:c4:19:17:8a:b1:b2:b3:
         dc:0b:42:6c:75:27:10:c8:84:82:49:6e:12:45:59:7c:e6:03:
         a2:b0:c9:6d:f2:98:63:09:b4:f5:7c:2b:e5:8d:2c:34:1c:85:
         5d:11:08:df:fd:30:57:9f:cd:2f:1c:4c:08:a2:51:de:13:46:
         61:ba:e8:e7:a9:97:85:ec:19:71:e9:a6:8c:89:31:45:34:1c:
         5f:22:47:5d:6f:f4:fa:5e:ec:1b:10:95:00:92:06:dc:f8:6e:
         4c:81:47:f2:ba:ff:0e:c8:c0:a2:d2:ba:d1:54:b1:4a:bc:7c:
         54:eb:d7:eb:3d:df:c0:c6:6a:f7:05:b6:d2:9e:d9:93:78:31:
         27:02:c9:58:1e:b7:22:ba:54:1a:04:0e:95:05:d5:c4:4b:87:
         3b:84:1d:d4:bb:88:ed:02:64:0a:83:17:3c:15:7c:de:b6:11:
         3a:e0:59:65
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUOOKvLllJT9B+m691bljVGW3XnlkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJENEIyNUM2NTc4MTE0MEEyQjhEQjk2OEM3RDBCODEz
RDQ1N0YwQjAeFw0yNTAyMDQxODIyMDNaFw0yNjAyMDMxODI3MDNaMDMxMTAvBgNV
BAMTKEQxMTU2QUUwNEIwMEVDQjhFOUIyRTlEN0UxNUFGODdGRjBDRUZGNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkBTdu/J5rmWp9WDHoOjo0pRPV
ZmEMPCa0NvtbHKd0lvpBU9VztZepQ159ofYv77mEldI+FvK2IgCO1LN7IAjniHwr
TwyD2ldvvX1UK6yHYaa9q7N0Wa2Ff9vBelVzMyTwb4/E3oUne+a0o3GGbB5snoEb
WXx+KWCQd4jAa3m5PU/TN7hQ3rq2Fgz44oY/DiTLt+J/fWkYZE0oT+7jxomqmUHY
nP739TK+CTL+ntDuHh92pYJPS4YbtxbLIMDGJaCwSSSXfmAF8n2KKh8qP0gMsAgy
Bx8XYMzhHhulILa54Lnl62J97kBxTcbDcUekrdpmNrSTcO4gqNhGZk1CPj69AgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU0RVq4EsA7LjpsunX4Vr4f/DO/1UwHwYDVR0j
BBgwFoAUItSyXGV4EUCiuNuWjH0LgT1FfwswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84RkVDRDU3OThFMzI5NEMzRDQ2OTgxOEEwODBGRjVDRUNB
Nzc1RTYxNTU0MTkyREQ5ODdFMUVFNzM2M0RCNkY3LzAvMjJENEIyNUM2NTc4MTE0
MEEyQjhEQjk2OEM3RDBCODEzRDQ1N0YwQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMkQ0QjI1QzY1NzgxMTQwQTJC
OERCOTY4QzdEMEI4MTNENDU3RjBCLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEZFQ0Q1Nzk4RTMyOTRDM0Q0Njk4MThBMDgwRkY1Q0VDQTc3NUU2MTU1
NDE5MkREOTg3RTFFRTczNjNEQjZGNy8wLzMxMzczMDJlMzIzMTMwMmUzMTM1Mzgy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzAzMDMzMzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACq
0p4wDQYJKoZIhvcNAQELBQADggEBAEMjmfx51FN1v7Q7WU3MEyJDtcIrQdtncNTH
Mr7iiJZPy5JeU75u/Ua778oN0cZRxkkoyyY/duRwWWmQab/fcCBaOMROkS4zt5fr
ILrkKLzdHZboxBkXirGys9wLQmx1JxDIhIJJbhJFWXzmA6KwyW3ymGMJtPV8K+WN
LDQchV0RCN/9MFefzS8cTAiiUd4TRmG66Oepl4XsGXHppoyJMUU0HF8iR11v9Ppe
7BsQlQCSBtz4bkyBR/K6/w7IwKLSutFUsUq8fFTr1+s938DGavcFttKe2ZN4MScC
yVgetyK6VBoEDpUF1cRLhzuEHdS7iO0CZAqDFzwVfN62ETrgWWU=
-----END CERTIFICATE-----