Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/3137302e3234342e3230382e302f32342d3234203d3e20323731383832.roa
File:                     3137302e3234342e3230382e302f32342d3234203d3e20323731383832.roa (raw, json)
Hash identifier:          0OSFx27uPB3bloHdY+39EBrnzcliZh0QgvjmUJFBajI=
Subject key identifier:   0B:F5:1E:DB:E2:B1:A7:65:CB:27:D8:EB:A3:EE:77:ED:AA:57:2F:3D
Certificate issuer:       /CN=089B798E1BD051786195E5F9D02238D550A5EAD7
Certificate serial:       68D6F98DC363620E48EE1000BD8B6A3629228BCF
Authority key identifier: 08:9B:79:8E:1B:D0:51:78:61:95:E5:F9:D0:22:38:D5:50:A5:EA:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/089B798E1BD051786195E5F9D02238D550A5EAD7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/3137302e3234342e3230382e302f32342d3234203d3e20323731383832.roa
Signing time:             Tue 04 Feb 2025 18:32:15 +0000
ROA not before:           Tue 04 Feb 2025 18:27:15 +0000
ROA not after:            Tue 03 Feb 2026 18:32:15 +0000
asID:                     271882
IP address blocks:        170.244.208.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:d6:f9:8d:c3:63:62:0e:48:ee:10:00:bd:8b:6a:36:29:22:8b:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=089B798E1BD051786195E5F9D02238D550A5EAD7
        Validity
            Not Before: Feb  4 18:27:15 2025 GMT
            Not After : Feb  3 18:32:15 2026 GMT
        Subject: CN=0BF51EDBE2B1A765CB27D8EBA3EE77EDAA572F3D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5a:65:8d:72:65:eb:88:a1:1e:4b:66:4d:00:
                    c0:d8:8e:40:5c:d0:73:bc:3d:05:34:c7:6d:be:ab:
                    58:8a:f1:f4:9e:6c:ef:47:b1:80:c2:7a:bd:77:41:
                    e7:9a:7b:c7:8e:e1:9c:b2:bc:b3:65:3a:c2:2c:44:
                    8e:de:bd:cc:d5:42:7b:a0:f3:62:cc:68:9d:1b:a9:
                    54:09:0c:06:22:79:a4:a1:1c:d8:5e:de:57:d1:d3:
                    7b:d6:12:d9:80:da:8e:15:0f:eb:00:12:19:ad:e2:
                    0d:66:27:67:fa:82:5b:16:18:b0:7a:1c:33:6d:47:
                    25:85:bd:86:3a:c3:5f:0b:01:c7:f6:de:be:51:ae:
                    94:54:6b:e1:a8:46:bb:60:10:63:e1:f2:0e:e6:34:
                    6c:2d:89:e6:f9:d3:30:f1:4d:a6:f9:8a:e0:03:3a:
                    0d:33:df:65:95:4f:4f:af:27:f3:f9:74:35:97:80:
                    f1:2c:48:5c:ad:78:64:2d:e8:ff:9a:70:81:07:a6:
                    1d:8c:cd:2c:a0:9b:e2:d6:53:6b:3f:9d:6b:dd:e4:
                    79:a9:f2:32:e5:81:8a:02:f4:43:87:72:53:1f:27:
                    42:b7:ad:e1:37:72:2f:bd:40:26:23:a7:68:c4:42:
                    e6:a2:b1:6f:b5:7a:3e:e0:74:58:fb:51:fd:c5:19:
                    f9:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:F5:1E:DB:E2:B1:A7:65:CB:27:D8:EB:A3:EE:77:ED:AA:57:2F:3D
            X509v3 Authority Key Identifier:
                keyid:08:9B:79:8E:1B:D0:51:78:61:95:E5:F9:D0:22:38:D5:50:A5:EA:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/089B798E1BD051786195E5F9D02238D550A5EAD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/089B798E1BD051786195E5F9D02238D550A5EAD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/91F3C1ECF874A453A4947E40E8F04A99F468AD3BF17A8132380702EE8748718C/0/3137302e3234342e3230382e302f32342d3234203d3e20323731383832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.244.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:d5:2d:23:99:79:4d:fd:d6:5f:7e:6a:62:b9:b4:98:6e:06:
         24:24:6b:31:e7:a2:7d:09:35:ec:9e:fa:84:87:87:95:c7:3b:
         b2:05:6d:b6:0c:8e:92:01:3a:5f:6b:4b:d1:e6:67:c6:c8:60:
         16:d5:f7:40:ec:84:ae:0f:d0:e2:62:a4:ab:77:98:db:43:09:
         ad:1e:de:c6:c4:be:25:3e:df:83:85:e1:d9:fb:37:47:a4:b3:
         e6:3a:13:20:a7:5b:01:f1:93:27:ed:7d:f0:37:bd:5d:d6:75:
         be:d1:e1:82:e2:5d:db:b5:93:0d:6b:e8:43:e3:55:64:f6:3c:
         30:91:c6:09:2f:03:41:9e:9c:c0:00:79:9f:1c:b3:64:15:a6:
         12:34:94:e7:b5:1f:c1:fd:5b:a6:11:4b:a2:28:9c:43:5c:cb:
         64:6e:d8:ee:ef:f4:1d:fe:98:d7:21:14:5b:dc:a4:4a:f8:f8:
         d2:b6:e4:fd:11:04:e4:d7:8e:c8:14:70:7f:2e:f7:97:86:fd:
         f1:30:84:b5:6d:97:97:d7:78:c3:be:0d:dc:9c:c8:74:94:68:
         b3:3e:47:35:c7:4f:8c:1d:00:f3:31:17:a2:15:1c:4a:73:d8:
         7a:d3:4b:da:8c:56:ee:9f:a8:56:a2:95:c2:22:2e:09:5c:d2:
         ff:df:e6:81
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUaNb5jcNjYg5I7hAAvYtqNikii88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg5Qjc5OEUxQkQwNTE3ODYxOTVFNUY5RDAyMjM4RDU1
MEE1RUFENzAeFw0yNTAyMDQxODI3MTVaFw0yNjAyMDMxODMyMTVaMDMxMTAvBgNV
BAMTKDBCRjUxRURCRTJCMUE3NjVDQjI3RDhFQkEzRUU3N0VEQUE1NzJGM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUWmWNcmXriKEeS2ZNAMDYjkBc
0HO8PQU0x22+q1iK8fSebO9HsYDCer13Qeeae8eO4ZyyvLNlOsIsRI7evczVQnug
82LMaJ0bqVQJDAYieaShHNhe3lfR03vWEtmA2o4VD+sAEhmt4g1mJ2f6glsWGLB6
HDNtRyWFvYY6w18LAcf23r5RrpRUa+GoRrtgEGPh8g7mNGwtieb50zDxTab5iuAD
Og0z32WVT0+vJ/P5dDWXgPEsSFyteGQt6P+acIEHph2MzSygm+LWU2s/nWvd5Hmp
8jLlgYoC9EOHclMfJ0K3reE3ci+9QCYjp2jEQuaisW+1ej7gdFj7Uf3FGfmVAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUC/Ue2+Kxp2XLJ9jro+537apXLz0wHwYDVR0j
BBgwFoAUCJt5jhvQUXhhleX50CI41VCl6tcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85MUYzQzFFQ0Y4NzRBNDUzQTQ5NDdFNDBFOEYwNEE5OUY0
NjhBRDNCRjE3QTgxMzIzODA3MDJFRTg3NDg3MThDLzAvMDg5Qjc5OEUxQkQwNTE3
ODYxOTVFNUY5RDAyMjM4RDU1MEE1RUFENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wODlCNzk4RTFCRDA1MTc4NjE5
NUU1RjlEMDIyMzhENTUwQTVFQUQ3LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTFGM0MxRUNGODc0QTQ1M0E0OTQ3RTQwRThGMDRBOTlGNDY4QUQzQkYx
N0E4MTMyMzgwNzAyRUU4NzQ4NzE4Qy8wLzMxMzczMDJlMzIzNDM0MmUzMjMwMzgy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzEzODM4MzIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACq
9NAwDQYJKoZIhvcNAQELBQADggEBAF/VLSOZeU391l9+amK5tJhuBiQkazHnon0J
Neye+oSHh5XHO7IFbbYMjpIBOl9rS9HmZ8bIYBbV90DshK4P0OJipKt3mNtDCa0e
3sbEviU+34OF4dn7N0eks+Y6EyCnWwHxkyftffA3vV3Wdb7R4YLiXdu1kw1r6EPj
VWT2PDCRxgkvA0GenMAAeZ8cs2QVphI0lOe1H8H9W6YRS6IonENcy2Ru2O7v9B3+
mNchFFvcpEr4+NK25P0RBOTXjsgUcH8u95eG/fEwhLVtl5fXeMO+DdycyHSUaLM+
RzXHT4wdAPMxF6IVHEpz2HrTS9qMVu6fqFailcIiLglc0v/f5oE=
-----END CERTIFICATE-----