Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A25E89F4F69E20A98D165507397EBBC5063527E2190D90A37E39F6982AC91AD7/0/3137302e3235342e3232382e302f32322d3234203d3e203237393531.roa
File:                     3137302e3235342e3232382e302f32322d3234203d3e203237393531.roa (raw, json)
Hash identifier:          Xt498TQDVd4biSd4ytUoNVvVqAGAE3FHs7Wgmzp//sk=
Subject key identifier:   11:2F:E7:18:0B:F0:0E:C1:14:1F:08:F2:AF:27:7D:A6:01:1F:3B:31
Certificate issuer:       /CN=B5EDDA57DBA25BBD4052D6AE0DECF740EA27B57C
Certificate serial:       37EDC70E19EFF7F84900FD19D8C39D082ACE3FC2
Authority key identifier: B5:ED:DA:57:DB:A2:5B:BD:40:52:D6:AE:0D:EC:F7:40:EA:27:B5:7C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B5EDDA57DBA25BBD4052D6AE0DECF740EA27B57C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A25E89F4F69E20A98D165507397EBBC5063527E2190D90A37E39F6982AC91AD7/0/3137302e3235342e3232382e302f32322d3234203d3e203237393531.roa
Signing time:             Tue 04 Feb 2025 19:56:56 +0000
ROA not before:           Tue 04 Feb 2025 19:51:56 +0000
ROA not after:            Tue 03 Feb 2026 19:56:56 +0000
asID:                     27951
IP address blocks:        170.254.228.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:ed:c7:0e:19:ef:f7:f8:49:00:fd:19:d8:c3:9d:08:2a:ce:3f:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B5EDDA57DBA25BBD4052D6AE0DECF740EA27B57C
        Validity
            Not Before: Feb  4 19:51:56 2025 GMT
            Not After : Feb  3 19:56:56 2026 GMT
        Subject: CN=112FE7180BF00EC1141F08F2AF277DA6011F3B31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:bd:ad:21:9b:37:c5:4f:79:93:2d:70:fc:3c:
                    c3:e2:96:d8:6f:be:20:eb:87:c4:6b:06:36:ab:53:
                    3b:d6:17:99:ee:9f:fc:9c:47:c9:04:d6:19:f9:f7:
                    9b:6b:c6:00:ee:7c:c4:7d:bc:dd:f5:56:66:60:08:
                    89:ad:2c:0b:e0:2f:2d:8c:00:d4:ea:a5:4d:ce:7c:
                    15:4e:94:1d:4d:b1:cc:e7:14:fe:9d:c3:31:d4:18:
                    11:3e:f2:28:02:dc:15:25:37:98:97:73:a7:74:ec:
                    23:70:d7:b0:a6:3d:68:13:6c:26:c5:0c:a7:41:5a:
                    2b:09:12:cb:de:cc:1f:1f:9c:19:f7:b9:64:91:a0:
                    5f:95:2e:84:06:3c:9c:62:46:36:59:03:56:d3:32:
                    1c:72:68:32:e9:44:49:d1:11:d8:94:fc:d9:50:0b:
                    82:c4:95:d9:f6:94:28:fc:21:13:e6:64:8b:07:b0:
                    5b:b0:5e:19:8b:13:ea:9e:d2:c3:8f:b2:36:91:1b:
                    db:e8:d8:75:57:5d:44:99:3e:1e:95:01:3a:94:34:
                    24:e1:28:8b:7e:73:41:b4:74:01:46:2c:d3:5b:12:
                    20:75:3b:d3:61:2c:0c:9e:0e:cb:53:be:16:95:81:
                    1e:d8:4b:5f:63:e9:24:e0:f7:b9:96:a1:46:a1:43:
                    11:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:2F:E7:18:0B:F0:0E:C1:14:1F:08:F2:AF:27:7D:A6:01:1F:3B:31
            X509v3 Authority Key Identifier:
                keyid:B5:ED:DA:57:DB:A2:5B:BD:40:52:D6:AE:0D:EC:F7:40:EA:27:B5:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A25E89F4F69E20A98D165507397EBBC5063527E2190D90A37E39F6982AC91AD7/0/B5EDDA57DBA25BBD4052D6AE0DECF740EA27B57C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B5EDDA57DBA25BBD4052D6AE0DECF740EA27B57C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A25E89F4F69E20A98D165507397EBBC5063527E2190D90A37E39F6982AC91AD7/0/3137302e3235342e3232382e302f32322d3234203d3e203237393531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:f2:53:99:d9:0e:2a:9d:47:73:19:e7:45:99:4b:2a:d3:7a:
         81:0b:cc:94:67:19:ac:70:14:f1:b6:78:e0:97:ac:f2:78:6f:
         b6:c5:b7:a7:cb:e3:0a:0b:fe:21:45:29:a9:6d:4b:fd:6c:65:
         70:9b:ac:ea:39:66:16:3d:47:84:0a:80:74:3f:f6:9c:2d:18:
         d1:81:6e:87:6e:0d:16:ce:5a:0c:71:f5:e8:3d:66:14:d1:06:
         fe:69:ab:39:d7:ce:5f:1b:b9:ae:09:c6:cb:f7:f1:63:ba:25:
         38:a3:34:89:ab:a2:5b:23:c0:c2:3e:56:86:0c:a4:28:5a:81:
         7c:c9:21:6b:ba:db:53:89:3b:60:c1:cb:f6:62:c5:78:27:28:
         fa:54:36:0c:81:4c:a0:df:88:59:07:5e:f7:76:22:30:98:78:
         a4:a4:f0:03:7b:a5:bc:c1:26:aa:78:a9:6e:1e:8b:5a:4d:10:
         c8:73:98:8c:d9:1d:28:43:89:ee:47:22:fc:2f:c4:29:d9:51:
         87:9b:bf:b0:24:d5:f8:7c:cb:be:2f:f0:62:57:4b:3a:02:f4:
         93:c8:2e:58:5f:25:b5:02:a4:61:30:6d:e1:7e:7c:7b:54:57:
         e8:2d:f3:4b:a6:cb:f6:4b:8f:8b:78:c2:6c:25:50:3b:8c:63:
         81:22:32:2b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUN+3HDhnv9/hJAP0Z2MOdCCrOP8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjVFRERBNTdEQkEyNUJCRDQwNTJENkFFMERFQ0Y3NDBF
QTI3QjU3QzAeFw0yNTAyMDQxOTUxNTZaFw0yNjAyMDMxOTU2NTZaMDMxMTAvBgNV
BAMTKDExMkZFNzE4MEJGMDBFQzExNDFGMDhGMkFGMjc3REE2MDExRjNCMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfva0hmzfFT3mTLXD8PMPilthv
viDrh8RrBjarUzvWF5nun/ycR8kE1hn595trxgDufMR9vN31VmZgCImtLAvgLy2M
ANTqpU3OfBVOlB1NscznFP6dwzHUGBE+8igC3BUlN5iXc6d07CNw17CmPWgTbCbF
DKdBWisJEsvezB8fnBn3uWSRoF+VLoQGPJxiRjZZA1bTMhxyaDLpREnREdiU/NlQ
C4LEldn2lCj8IRPmZIsHsFuwXhmLE+qe0sOPsjaRG9vo2HVXXUSZPh6VATqUNCTh
KIt+c0G0dAFGLNNbEiB1O9NhLAyeDstTvhaVgR7YS19j6STg97mWoUahQxFpAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUES/nGAvwDsEUHwjyryd9pgEfOzEwHwYDVR0j
BBgwFoAUte3aV9uiW71AUtauDez3QOontXwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMjVFODlGNEY2OUUyMEE5OEQxNjU1MDczOTdFQkJDNTA2
MzUyN0UyMTkwRDkwQTM3RTM5RjY5ODJBQzkxQUQ3LzAvQjVFRERBNTdEQkEyNUJC
RDQwNTJENkFFMERFQ0Y3NDBFQTI3QjU3Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNUVEREE1N0RCQTI1QkJENDA1
MkQ2QUUwREVDRjc0MEVBMjdCNTdDLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTI1RTg5RjRGNjlFMjBBOThEMTY1NTA3Mzk3RUJCQzUwNjM1MjdFMjE5
MEQ5MEEzN0UzOUY2OTgyQUM5MUFENy8wLzMxMzczMDJlMzIzNTM0MmUzMjMyMzgy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM3MzkzNTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqv7k
MA0GCSqGSIb3DQEBCwUAA4IBAQAh8lOZ2Q4qnUdzGedFmUsq03qBC8yUZxmscBTx
tnjgl6zyeG+2xbeny+MKC/4hRSmpbUv9bGVwm6zqOWYWPUeECoB0P/acLRjRgW6H
bg0WzloMcfXoPWYU0Qb+aas5185fG7muCcbL9/FjuiU4ozSJq6JbI8DCPlaGDKQo
WoF8ySFruttTiTtgwcv2YsV4Jyj6VDYMgUyg34hZB173diIwmHikpPADe6W8wSaq
eKluHotaTRDIc5iM2R0oQ4nuRyL8L8Qp2VGHm7+wJNX4fMu+L/BiV0s6AvSTyC5Y
XyW1AqRhMG3hfnx7VFfoLfNLpsv2S4+LeMJsJVA7jGOBIjIr
-----END CERTIFICATE-----