Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/3137302e3231302e3136302e302f32312d3234203d3e203238313037.roa
File:                     3137302e3231302e3136302e302f32312d3234203d3e203238313037.roa (raw, json)
Hash identifier:          jczpiV4rcLe6qfveAZiDoj1dstAD5bwQYgx0DVtL9AM=
Subject key identifier:   DF:2D:B2:FF:63:8F:4B:9A:CC:12:9E:1A:53:65:CA:93:A5:97:06:82
Certificate issuer:       /CN=22D4B25C65781140A2B8DB968C7D0B813D457F0B
Certificate serial:       6D9C203750EC0E27CC082D5BA830C08750F7B605
Authority key identifier: 22:D4:B2:5C:65:78:11:40:A2:B8:DB:96:8C:7D:0B:81:3D:45:7F:0B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22D4B25C65781140A2B8DB968C7D0B813D457F0B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/3137302e3231302e3136302e302f32312d3234203d3e203238313037.roa
Signing time:             Tue 04 Feb 2025 18:27:06 +0000
ROA not before:           Tue 04 Feb 2025 18:22:06 +0000
ROA not after:            Tue 03 Feb 2026 18:27:06 +0000
asID:                     28107
IP address blocks:        170.210.160.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:9c:20:37:50:ec:0e:27:cc:08:2d:5b:a8:30:c0:87:50:f7:b6:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22D4B25C65781140A2B8DB968C7D0B813D457F0B
        Validity
            Not Before: Feb  4 18:22:06 2025 GMT
            Not After : Feb  3 18:27:06 2026 GMT
        Subject: CN=DF2DB2FF638F4B9ACC129E1A5365CA93A5970682
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:b0:f7:78:49:2a:7b:bd:5c:57:1c:72:d3:e4:
                    1c:9a:b5:13:09:4b:e4:3f:5c:01:06:60:98:cb:7e:
                    f6:d9:6b:0e:01:d2:0d:8e:4c:85:bd:e5:2c:50:2d:
                    bd:6f:7f:3b:89:01:51:8e:9b:32:24:a1:d8:55:b9:
                    34:99:5d:d4:5c:89:50:42:ae:19:45:c1:25:97:96:
                    82:e4:ca:89:77:65:06:6e:80:43:cd:c2:b4:68:62:
                    ed:59:40:a1:25:6a:f7:4d:3f:98:33:a0:61:e4:9d:
                    79:6a:a8:11:b0:b8:37:10:c7:5c:81:b4:88:7a:85:
                    82:4b:2e:1c:22:aa:76:57:86:20:03:e4:57:8f:33:
                    85:ea:a7:d4:dc:97:1d:a0:eb:90:08:57:96:64:7b:
                    c8:29:fc:b1:77:72:ce:ab:19:0a:23:29:d1:ce:d5:
                    1b:15:e2:59:94:9c:56:96:83:f5:3e:71:f5:97:ff:
                    81:1b:bb:86:10:48:5d:b0:20:2d:7d:75:8b:76:43:
                    88:52:92:a9:91:b3:31:50:10:bf:04:46:30:5c:07:
                    e0:84:71:1c:f8:88:01:09:a3:71:52:1a:69:cf:c2:
                    84:a7:59:02:d6:38:0a:40:96:c5:32:64:95:e3:df:
                    81:65:b2:7c:f5:e3:d7:cd:6f:15:a4:ce:07:b3:e6:
                    53:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:2D:B2:FF:63:8F:4B:9A:CC:12:9E:1A:53:65:CA:93:A5:97:06:82
            X509v3 Authority Key Identifier:
                keyid:22:D4:B2:5C:65:78:11:40:A2:B8:DB:96:8C:7D:0B:81:3D:45:7F:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/22D4B25C65781140A2B8DB968C7D0B813D457F0B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22D4B25C65781140A2B8DB968C7D0B813D457F0B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/3137302e3231302e3136302e302f32312d3234203d3e203238313037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.210.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         ba:72:c8:97:0a:17:13:cc:79:53:8b:6f:87:36:c7:a0:5e:88:
         be:51:a4:e4:df:bb:c0:46:72:22:df:ec:ca:4c:da:8b:00:a1:
         88:3f:d7:36:d1:ec:35:75:f2:cb:cb:0b:0f:fb:99:de:18:78:
         ef:19:ed:40:3a:39:f7:dc:e6:ff:c1:a1:e5:62:de:35:74:fd:
         b2:5a:53:89:3f:d9:7e:ba:8f:82:e5:75:fe:dd:c2:d8:84:09:
         45:d4:a3:a9:91:5f:31:3d:86:f2:ad:92:08:1a:78:9e:87:82:
         20:8a:fb:62:7a:f2:ad:94:b7:da:8c:6e:56:91:38:5a:f2:1c:
         24:2f:96:44:79:e0:cb:53:3a:17:4d:60:cb:43:b7:50:3b:09:
         53:d0:6a:09:68:f8:53:95:44:7d:f6:da:94:3e:54:bf:db:3c:
         5d:d1:72:9d:8f:90:3a:82:19:a2:79:92:69:14:b5:5c:d0:7d:
         60:3e:9d:9d:fc:84:01:50:a5:51:2e:e7:55:cf:5f:27:db:92:
         a5:28:2d:7f:16:90:8c:ad:a2:bb:9a:20:12:cc:dc:d5:4e:9c:
         8a:bb:2f:dc:5f:22:d8:d2:6a:96:2e:82:a9:a4:eb:32:8b:ae:
         f6:52:07:55:bc:c2:e8:cd:e3:05:98:5a:f3:4f:ac:d7:bf:89:
         16:4f:13:c3
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUbZwgN1DsDifMCC1bqDDAh1D3tgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJENEIyNUM2NTc4MTE0MEEyQjhEQjk2OEM3RDBCODEz
RDQ1N0YwQjAeFw0yNTAyMDQxODIyMDZaFw0yNjAyMDMxODI3MDZaMDMxMTAvBgNV
BAMTKERGMkRCMkZGNjM4RjRCOUFDQzEyOUUxQTUzNjVDQTkzQTU5NzA2ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcsPd4SSp7vVxXHHLT5ByatRMJ
S+Q/XAEGYJjLfvbZaw4B0g2OTIW95SxQLb1vfzuJAVGOmzIkodhVuTSZXdRciVBC
rhlFwSWXloLkyol3ZQZugEPNwrRoYu1ZQKElavdNP5gzoGHknXlqqBGwuDcQx1yB
tIh6hYJLLhwiqnZXhiAD5FePM4Xqp9Tclx2g65AIV5Zke8gp/LF3cs6rGQojKdHO
1RsV4lmUnFaWg/U+cfWX/4Ebu4YQSF2wIC19dYt2Q4hSkqmRszFQEL8ERjBcB+CE
cRz4iAEJo3FSGmnPwoSnWQLWOApAlsUyZJXj34Flsnz149fNbxWkzgez5lPXAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU3y2y/2OPS5rMEp4aU2XKk6WXBoIwHwYDVR0j
BBgwFoAUItSyXGV4EUCiuNuWjH0LgT1FfwswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84RkVDRDU3OThFMzI5NEMzRDQ2OTgxOEEwODBGRjVDRUNB
Nzc1RTYxNTU0MTkyREQ5ODdFMUVFNzM2M0RCNkY3LzAvMjJENEIyNUM2NTc4MTE0
MEEyQjhEQjk2OEM3RDBCODEzRDQ1N0YwQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMkQ0QjI1QzY1NzgxMTQwQTJC
OERCOTY4QzdEMEI4MTNENDU3RjBCLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEZFQ0Q1Nzk4RTMyOTRDM0Q0Njk4MThBMDgwRkY1Q0VDQTc3NUU2MTU1
NDE5MkREOTg3RTFFRTczNjNEQjZGNy8wLzMxMzczMDJlMzIzMTMwMmUzMTM2MzAy
ZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzMjM4MzEzMDM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDqtKg
MA0GCSqGSIb3DQEBCwUAA4IBAQC6csiXChcTzHlTi2+HNsegXoi+UaTk37vARnIi
3+zKTNqLAKGIP9c20ew1dfLLywsP+5neGHjvGe1AOjn33Ob/waHlYt41dP2yWlOJ
P9l+uo+C5XX+3cLYhAlF1KOpkV8xPYbyrZIIGnieh4IgivtievKtlLfajG5WkTha
8hwkL5ZEeeDLUzoXTWDLQ7dQOwlT0GoJaPhTlUR99tqUPlS/2zxd0XKdj5A6ghmi
eZJpFLVc0H1gPp2d/IQBUKVRLudVz18n25KlKC1/FpCMraK7miASzNzVTpyKuy/c
XyLY0mqWLoKppOsyi672UgdVvMLozeMFmFrzT6zXv4kWTxPD
-----END CERTIFICATE-----