Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9EC3962FF26BE7872ABC4095A55F43A02AEDF0217C075928030DDF971A7C5A8F/0/3138372e38362e3136342e302f32322d3234203d3e20323730303638.roa
File:                     3138372e38362e3136342e302f32322d3234203d3e20323730303638.roa (raw, json)
Hash identifier:          gp4yKPjfI5AYMYxK0QtMHg1C2U8B57w8/ptwvMpe4pA=
Subject key identifier:   1B:75:BB:D8:AB:29:26:4A:E6:BC:6D:7A:B0:62:37:F3:82:B8:7E:66
Certificate issuer:       /CN=701AAE061E1228C91D250BAD56D2FDF00FB0E988
Certificate serial:       0751C3E0766928D3DF0BFBF8FD67CBB7B00CE0D9
Authority key identifier: 70:1A:AE:06:1E:12:28:C9:1D:25:0B:AD:56:D2:FD:F0:0F:B0:E9:88
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/701AAE061E1228C91D250BAD56D2FDF00FB0E988.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9EC3962FF26BE7872ABC4095A55F43A02AEDF0217C075928030DDF971A7C5A8F/0/3138372e38362e3136342e302f32322d3234203d3e20323730303638.roa
Signing time:             Tue 04 Feb 2025 18:39:48 +0000
ROA not before:           Tue 04 Feb 2025 18:34:48 +0000
ROA not after:            Tue 03 Feb 2026 18:39:48 +0000
asID:                     270068
IP address blocks:        187.86.164.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:51:c3:e0:76:69:28:d3:df:0b:fb:f8:fd:67:cb:b7:b0:0c:e0:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=701AAE061E1228C91D250BAD56D2FDF00FB0E988
        Validity
            Not Before: Feb  4 18:34:48 2025 GMT
            Not After : Feb  3 18:39:48 2026 GMT
        Subject: CN=1B75BBD8AB29264AE6BC6D7AB06237F382B87E66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:cf:10:bd:c9:ca:0d:91:f5:95:14:b0:57:78:
                    bb:8f:88:5e:45:d3:10:64:85:a8:85:dc:0d:ad:0c:
                    39:a7:04:72:87:fe:c7:b8:a4:65:23:bb:7c:31:52:
                    b1:2d:0d:6b:f6:a0:00:6f:21:61:ff:ba:9e:fe:6a:
                    ae:17:79:8f:4d:48:a0:37:a1:1d:60:99:80:6b:0f:
                    a4:99:be:bb:3e:b3:16:cd:f9:03:96:86:4f:55:1b:
                    8a:ee:79:ee:18:d8:71:09:e8:97:a7:40:b5:b3:91:
                    8b:ca:a1:69:70:05:c4:a8:eb:12:eb:fd:01:0a:d9:
                    28:22:18:02:63:e6:90:f5:07:06:ad:82:8e:6f:37:
                    4a:c8:32:99:0a:49:fb:c3:45:91:62:c6:9f:4e:fc:
                    fd:ba:b3:d9:42:42:0c:79:20:88:5b:c1:d4:4a:1f:
                    cd:28:8e:71:04:79:95:3b:c0:7b:5c:79:16:49:2c:
                    19:f1:bf:84:66:cc:ab:1d:91:66:fe:8e:a9:4c:a6:
                    21:60:2f:27:fa:f4:db:c1:ca:87:e7:c7:15:ac:0d:
                    e3:97:93:23:12:c6:49:b9:34:7d:9b:81:a6:a4:46:
                    cf:42:80:b3:2c:19:b9:c1:68:32:24:52:90:84:76:
                    12:dd:f0:21:a2:2c:04:3d:27:45:a1:d0:6f:b5:04:
                    75:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:75:BB:D8:AB:29:26:4A:E6:BC:6D:7A:B0:62:37:F3:82:B8:7E:66
            X509v3 Authority Key Identifier:
                keyid:70:1A:AE:06:1E:12:28:C9:1D:25:0B:AD:56:D2:FD:F0:0F:B0:E9:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9EC3962FF26BE7872ABC4095A55F43A02AEDF0217C075928030DDF971A7C5A8F/0/701AAE061E1228C91D250BAD56D2FDF00FB0E988.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/701AAE061E1228C91D250BAD56D2FDF00FB0E988.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9EC3962FF26BE7872ABC4095A55F43A02AEDF0217C075928030DDF971A7C5A8F/0/3138372e38362e3136342e302f32322d3234203d3e20323730303638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.86.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5d:99:cc:ae:44:bf:18:81:02:a7:e1:ac:f5:05:5c:79:4d:f6:
         b8:6c:ca:bf:d6:b8:6a:66:0a:07:b1:db:7b:38:df:be:9c:20:
         20:27:32:3e:70:9f:a7:8b:c2:f5:05:c5:40:f0:5f:06:4b:10:
         03:27:1e:4c:27:c6:e4:86:9a:b5:45:58:42:73:97:ad:1f:81:
         6a:3a:84:32:5b:e2:c5:4c:29:0a:15:fb:65:06:74:d2:b1:13:
         3b:dd:ef:12:00:3b:bf:f9:cd:2e:c7:4d:a3:00:27:b2:b6:df:
         43:be:ba:e4:50:52:7e:32:69:07:f3:00:d6:10:4c:86:7a:57:
         87:e6:c3:55:64:f0:8b:ed:10:01:7a:b3:26:aa:54:c7:31:d0:
         15:98:16:fd:8a:cd:80:35:6f:ab:ca:aa:f5:b6:30:1b:f6:00:
         c0:5f:d0:0e:c7:4a:8f:a4:fd:2c:6e:35:de:34:53:f8:1f:18:
         42:31:70:a2:6c:73:c2:cb:5e:b3:3c:d1:98:c1:01:92:c9:41:
         0d:2c:56:2c:12:b1:7b:e5:7e:c6:57:80:85:dc:87:8f:ab:1d:
         45:1f:ea:97:2a:cb:03:d9:f5:2c:44:57:ce:a6:b6:97:08:b6:
         55:a1:83:7f:51:ff:87:5c:60:4b:88:b4:f7:e8:7f:10:93:83:
         67:c6:d1:1d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUB1HD4HZpKNPfC/v4/WfLt7AM4NkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzAxQUFFMDYxRTEyMjhDOTFEMjUwQkFENTZEMkZERjAw
RkIwRTk4ODAeFw0yNTAyMDQxODM0NDhaFw0yNjAyMDMxODM5NDhaMDMxMTAvBgNV
BAMTKDFCNzVCQkQ4QUIyOTI2NEFFNkJDNkQ3QUIwNjIzN0YzODJCODdFNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKzxC9ycoNkfWVFLBXeLuPiF5F
0xBkhaiF3A2tDDmnBHKH/se4pGUju3wxUrEtDWv2oABvIWH/up7+aq4XeY9NSKA3
oR1gmYBrD6SZvrs+sxbN+QOWhk9VG4ruee4Y2HEJ6JenQLWzkYvKoWlwBcSo6xLr
/QEK2SgiGAJj5pD1Bwatgo5vN0rIMpkKSfvDRZFixp9O/P26s9lCQgx5IIhbwdRK
H80ojnEEeZU7wHtceRZJLBnxv4RmzKsdkWb+jqlMpiFgLyf69NvByofnxxWsDeOX
kyMSxkm5NH2bgaakRs9CgLMsGbnBaDIkUpCEdhLd8CGiLAQ9J0Wh0G+1BHWxAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUG3W72KspJkrmvG16sGI384K4fmYwHwYDVR0j
BBgwFoAUcBquBh4SKMkdJQutVtL98A+w6YgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85RUMzOTYyRkYyNkJFNzg3MkFCQzQwOTVBNTVGNDNBMDJB
RURGMDIxN0MwNzU5MjgwMzBEREY5NzFBN0M1QThGLzAvNzAxQUFFMDYxRTEyMjhD
OTFEMjUwQkFENTZEMkZERjAwRkIwRTk4OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MDFBQUUwNjFFMTIyOEM5MUQy
NTBCQUQ1NkQyRkRGMDBGQjBFOTg4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOUVDMzk2MkZGMjZCRTc4NzJBQkM0MDk1QTU1RjQzQTAyQUVERjAyMTdD
MDc1OTI4MDMwRERGOTcxQTdDNUE4Ri8wLzMxMzgzNzJlMzgzNjJlMzEzNjM0MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzMwMzAzNjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCu1ak
MA0GCSqGSIb3DQEBCwUAA4IBAQBdmcyuRL8YgQKn4az1BVx5Tfa4bMq/1rhqZgoH
sdt7ON++nCAgJzI+cJ+ni8L1BcVA8F8GSxADJx5MJ8bkhpq1RVhCc5etH4FqOoQy
W+LFTCkKFftlBnTSsRM73e8SADu/+c0ux02jACeytt9DvrrkUFJ+MmkH8wDWEEyG
eleH5sNVZPCL7RABerMmqlTHMdAVmBb9is2ANW+ryqr1tjAb9gDAX9AOx0qPpP0s
bjXeNFP4HxhCMXCibHPCy16zPNGYwQGSyUENLFYsErF75X7GV4CF3IePqx1FH+qX
KssD2fUsRFfOpraXCLZVoYN/Uf+HXGBLiLT36H8Qk4NnxtEd
-----END CERTIFICATE-----