Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9701C431A529EA20E951CCF098725BEC7F05D8173A405C1A9DEB640BA97BEE5A/0/3136382e3230352e3136302e302f32322d3232203d3e20323633373430.roa
File:                     3136382e3230352e3136302e302f32322d3232203d3e20323633373430.roa (raw, json)
Hash identifier:          VzgYbfJ2elNxCexFcxIsiBmFVkEuQmPDsiWJmju4Cz8=
Subject key identifier:   A7:5F:DB:C5:A4:AD:49:D9:63:58:CD:B2:7B:93:D9:5A:6F:94:96:35
Certificate issuer:       /CN=305370A1998C6AEF9B94283517F4B1E6BB5AD0BC
Certificate serial:       908E5A314F267137E769FDF6F3AFB354682867
Authority key identifier: 30:53:70:A1:99:8C:6A:EF:9B:94:28:35:17:F4:B1:E6:BB:5A:D0:BC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/305370A1998C6AEF9B94283517F4B1E6BB5AD0BC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9701C431A529EA20E951CCF098725BEC7F05D8173A405C1A9DEB640BA97BEE5A/0/3136382e3230352e3136302e302f32322d3232203d3e20323633373430.roa
Signing time:             Tue 04 Feb 2025 18:49:26 +0000
ROA not before:           Tue 04 Feb 2025 18:44:26 +0000
ROA not after:            Tue 03 Feb 2026 18:49:26 +0000
asID:                     263740
IP address blocks:        168.205.160.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            90:8e:5a:31:4f:26:71:37:e7:69:fd:f6:f3:af:b3:54:68:28:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=305370A1998C6AEF9B94283517F4B1E6BB5AD0BC
        Validity
            Not Before: Feb  4 18:44:26 2025 GMT
            Not After : Feb  3 18:49:26 2026 GMT
        Subject: CN=A75FDBC5A4AD49D96358CDB27B93D95A6F949635
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:37:4c:66:f0:4b:8b:ad:56:6a:9a:2b:87:02:
                    3f:39:74:59:30:9e:ef:6b:f8:21:41:17:c5:c4:0a:
                    27:d9:87:d3:03:81:df:54:c3:e1:77:03:a2:4c:e9:
                    1e:d1:ef:4e:9e:49:5e:67:3a:34:09:fe:0f:72:3e:
                    bd:0b:42:03:bd:31:97:86:df:c9:42:bd:c0:2b:54:
                    60:90:7b:d7:e5:a5:b8:91:3c:ba:25:f2:06:13:03:
                    38:9f:b8:53:66:7b:4e:d3:f4:76:c0:a3:32:b4:8f:
                    90:3b:38:24:67:f1:a9:a9:33:ee:2d:2d:ad:cf:36:
                    93:58:d4:ad:f7:2b:8e:82:44:62:75:00:3f:b5:04:
                    1e:a0:b9:bc:ce:ac:d7:c3:ea:d0:fe:36:21:f2:e5:
                    67:28:28:9e:61:ec:6d:a9:ec:7c:66:5d:32:bc:50:
                    ed:8a:62:8f:1f:9e:2f:77:f6:1b:0b:72:cc:cc:d5:
                    a6:22:f0:c7:2d:50:f2:f2:48:39:e8:59:87:b3:76:
                    c6:f6:7d:bd:5c:49:79:08:c2:a9:e0:e6:4b:fc:ed:
                    9e:41:4a:85:85:ed:e4:33:03:8d:04:94:da:16:27:
                    3c:f0:cd:22:a9:fe:74:6c:2d:26:f4:cf:57:19:a9:
                    3d:ae:16:08:96:03:47:87:72:f9:63:d0:ea:80:08:
                    48:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:5F:DB:C5:A4:AD:49:D9:63:58:CD:B2:7B:93:D9:5A:6F:94:96:35
            X509v3 Authority Key Identifier:
                keyid:30:53:70:A1:99:8C:6A:EF:9B:94:28:35:17:F4:B1:E6:BB:5A:D0:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9701C431A529EA20E951CCF098725BEC7F05D8173A405C1A9DEB640BA97BEE5A/0/305370A1998C6AEF9B94283517F4B1E6BB5AD0BC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/305370A1998C6AEF9B94283517F4B1E6BB5AD0BC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9701C431A529EA20E951CCF098725BEC7F05D8173A405C1A9DEB640BA97BEE5A/0/3136382e3230352e3136302e302f32322d3232203d3e20323633373430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.205.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1f:85:a7:80:1e:c0:6d:3e:4e:8e:77:f2:14:d3:5b:71:f1:80:
         cb:22:e4:85:30:06:59:ea:a6:27:99:0c:d4:cd:92:48:f5:47:
         e0:fa:b3:83:41:d9:ab:7d:32:1a:bb:31:9b:d1:6f:9e:0c:3e:
         48:da:ad:0e:51:76:63:08:4f:99:1d:31:d3:8a:da:55:26:f3:
         f8:2b:a1:9f:29:7d:02:bd:1e:29:12:9c:80:bc:40:f1:09:26:
         44:63:a4:8a:2b:3c:3e:b3:96:31:ae:a3:ff:2b:c5:d4:66:d5:
         70:a3:c1:81:64:55:95:1d:a1:31:04:81:de:2e:00:49:b6:b7:
         02:11:99:29:0c:32:a0:df:60:d5:6a:31:ed:a8:34:a2:2f:1d:
         d2:f0:81:ef:62:75:90:cb:3c:a0:66:02:6b:f5:75:e4:50:a5:
         35:bf:ae:9e:c5:5e:67:25:73:ab:61:65:db:bc:8e:da:d7:6c:
         84:60:14:c7:c4:0a:9e:43:04:ee:f5:f6:50:0b:75:9c:fd:e7:
         01:4b:f3:f9:2a:76:bf:0d:16:3f:5d:bf:fe:03:80:0d:ff:2d:
         80:92:91:53:7e:99:0f:73:64:ae:e9:1c:8f:50:19:cd:af:51:
         e5:da:35:ed:1d:fd:58:06:38:a2:4c:2d:b8:19:51:a8:e4:e0:
         1e:5d:af:0a
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUAJCOWjFPJnE352n99vOvs1RoKGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzA1MzcwQTE5OThDNkFFRjlCOTQyODM1MTdGNEIxRTZC
QjVBRDBCQzAeFw0yNTAyMDQxODQ0MjZaFw0yNjAyMDMxODQ5MjZaMDMxMTAvBgNV
BAMTKEE3NUZEQkM1QTRBRDQ5RDk2MzU4Q0RCMjdCOTNEOTVBNkY5NDk2MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqN0xm8EuLrVZqmiuHAj85dFkw
nu9r+CFBF8XECifZh9MDgd9Uw+F3A6JM6R7R706eSV5nOjQJ/g9yPr0LQgO9MZeG
38lCvcArVGCQe9flpbiRPLol8gYTAzifuFNme07T9HbAozK0j5A7OCRn8ampM+4t
La3PNpNY1K33K46CRGJ1AD+1BB6gubzOrNfD6tD+NiHy5WcoKJ5h7G2p7HxmXTK8
UO2KYo8fni939hsLcszM1aYi8MctUPLySDnoWYezdsb2fb1cSXkIwqng5kv87Z5B
SoWF7eQzA40ElNoWJzzwzSKp/nRsLSb0z1cZqT2uFgiWA0eHcvlj0OqACEgdAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQUp1/bxaStSdljWM2ye5PZWm+UljUwHwYDVR0j
BBgwFoAUMFNwoZmMau+blCg1F/Sx5rta0LwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85NzAxQzQzMUE1MjlFQTIwRTk1MUNDRjA5ODcyNUJFQzdG
MDVEODE3M0E0MDVDMUE5REVCNjQwQkE5N0JFRTVBLzAvMzA1MzcwQTE5OThDNkFF
RjlCOTQyODM1MTdGNEIxRTZCQjVBRDBCQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMDUzNzBBMTk5OEM2QUVGOUI5
NDI4MzUxN0Y0QjFFNkJCNUFEMEJDLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTcwMUM0MzFBNTI5RUEyMEU5NTFDQ0YwOTg3MjVCRUM3RjA1RDgxNzNB
NDA1QzFBOURFQjY0MEJBOTdCRUU1QS8wLzMxMzYzODJlMzIzMDM1MmUzMTM2MzAy
ZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM2MzMzNzM0MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKo
zaAwDQYJKoZIhvcNAQELBQADggEBAB+Fp4AewG0+To538hTTW3HxgMsi5IUwBlnq
pieZDNTNkkj1R+D6s4NB2at9Mhq7MZvRb54MPkjarQ5RdmMIT5kdMdOK2lUm8/gr
oZ8pfQK9HikSnIC8QPEJJkRjpIorPD6zljGuo/8rxdRm1XCjwYFkVZUdoTEEgd4u
AEm2twIRmSkMMqDfYNVqMe2oNKIvHdLwge9idZDLPKBmAmv1deRQpTW/rp7FXmcl
c6thZdu8jtrXbIRgFMfECp5DBO719lALdZz95wFL8/kqdr8NFj9dv/4DgA3/LYCS
kVN+mQ9zZK7pHI9QGc2vUeXaNe0d/VgGOKJMLbgZUajk4B5drwo=
-----END CERTIFICATE-----