Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/3230312e3231372e31362e302f32322d3234203d3e203237373638.roa
File:                     3230312e3231372e31362e302f32322d3234203d3e203237373638.roa (raw, json)
Hash identifier:          9IaKvum/ydxgtUsPpFPrd1qcs8aZLLdMj/z3NMCNfSY=
Subject key identifier:   44:D7:A9:B9:95:9B:60:D7:00:52:33:1D:96:7D:3E:E2:50:C3:2E:83
Certificate issuer:       /CN=EC2EAE5BF883D3DFD8B270D082FF89DD81090C53
Certificate serial:       7B5927481FAC350D674B302CCDEFECB8B553A29B
Authority key identifier: EC:2E:AE:5B:F8:83:D3:DF:D8:B2:70:D0:82:FF:89:DD:81:09:0C:53
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC2EAE5BF883D3DFD8B270D082FF89DD81090C53.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/3230312e3231372e31362e302f32322d3234203d3e203237373638.roa
Signing time:             Tue 04 Feb 2025 18:31:20 +0000
ROA not before:           Tue 04 Feb 2025 18:26:20 +0000
ROA not after:            Tue 03 Feb 2026 18:31:20 +0000
asID:                     27768
IP address blocks:        201.217.16.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:59:27:48:1f:ac:35:0d:67:4b:30:2c:cd:ef:ec:b8:b5:53:a2:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EC2EAE5BF883D3DFD8B270D082FF89DD81090C53
        Validity
            Not Before: Feb  4 18:26:20 2025 GMT
            Not After : Feb  3 18:31:20 2026 GMT
        Subject: CN=44D7A9B9959B60D70052331D967D3EE250C32E83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:32:e3:e1:e6:92:58:d6:ef:40:36:71:bf:1f:
                    68:9f:c8:91:9e:61:4c:a0:2e:5a:09:c0:76:29:a5:
                    d3:5b:72:cf:0b:14:90:88:5a:94:24:78:5f:7e:55:
                    8c:b9:87:09:38:cb:a3:9c:4a:10:77:21:c7:6e:ee:
                    64:9e:a0:88:b2:24:fe:54:f0:73:dd:ab:97:9c:39:
                    75:19:1a:5e:ab:02:a7:d9:ce:30:61:50:c8:eb:e1:
                    61:64:24:f7:9b:d1:d6:2c:b7:11:68:c7:94:ab:d8:
                    aa:1f:33:af:52:bb:9d:c5:5a:a9:e0:62:b0:52:16:
                    38:fd:70:1b:bd:3f:dd:e0:c5:03:04:b2:4b:44:03:
                    e0:ba:a2:a9:0a:ee:4e:f3:be:9e:68:b1:dd:28:d1:
                    1b:bb:04:0f:99:1f:3a:f9:b3:31:36:8b:1e:6d:dc:
                    0c:11:dd:3a:74:5b:d6:fb:f2:67:53:ac:4a:8a:03:
                    58:2d:39:07:da:3e:72:f6:88:4f:28:13:82:0c:d0:
                    71:17:53:c3:95:d6:9c:74:5b:e6:6d:32:d2:0b:e1:
                    05:cd:8f:05:45:e4:eb:7b:f9:fb:a7:f2:da:b0:27:
                    d9:a5:89:70:15:46:a7:ec:0c:6d:15:a3:f7:76:54:
                    11:d3:91:9d:e2:84:27:2b:8e:8c:42:32:9e:7f:7c:
                    94:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:D7:A9:B9:95:9B:60:D7:00:52:33:1D:96:7D:3E:E2:50:C3:2E:83
            X509v3 Authority Key Identifier:
                keyid:EC:2E:AE:5B:F8:83:D3:DF:D8:B2:70:D0:82:FF:89:DD:81:09:0C:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/EC2EAE5BF883D3DFD8B270D082FF89DD81090C53.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC2EAE5BF883D3DFD8B270D082FF89DD81090C53.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/3230312e3231372e31362e302f32322d3234203d3e203237373638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.217.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1e:93:3a:95:a0:8f:30:58:4a:31:2e:8a:2e:38:34:02:cc:93:
         75:17:c9:81:a1:ec:a2:58:4a:32:8b:0b:aa:e3:a5:fe:ba:d3:
         26:2d:55:ae:a8:cd:16:7a:c0:52:a9:75:34:1f:68:28:69:2b:
         98:58:8e:78:1a:ae:ca:19:10:61:21:fc:9d:26:73:cc:39:eb:
         a1:42:a2:f7:5a:c7:bf:72:07:05:73:a4:01:47:6f:8a:b7:e5:
         d5:27:24:68:3b:9e:be:1f:0e:80:83:00:a1:78:03:cb:da:87:
         43:f8:cb:d6:d8:9f:28:3b:3f:1e:14:b4:9e:e7:39:cb:0d:b1:
         94:bc:e8:8c:34:34:4c:0f:18:fc:2f:76:1e:7f:1a:68:a3:9b:
         10:d3:85:3b:22:01:77:64:1c:47:ce:b5:36:22:49:83:25:53:
         96:47:ac:f9:ca:56:f6:57:5f:b3:09:e6:69:fe:96:11:00:24:
         eb:bf:f6:0b:7a:a4:48:c2:c7:dc:54:df:09:3f:f2:b4:26:7f:
         a4:c7:af:e0:9f:f4:17:3e:67:e8:1e:07:ef:8b:d5:fd:de:61:
         cc:97:da:18:56:42:94:1f:39:20:94:3f:c0:09:e9:34:0b:0a:
         a0:e7:86:4d:bf:06:10:30:c6:0d:73:89:33:bb:1b:0d:83:15:
         70:e0:9a:88
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUe1knSB+sNQ1nSzAsze/suLVTopswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUMyRUFFNUJGODgzRDNERkQ4QjI3MEQwODJGRjg5REQ4
MTA5MEM1MzAeFw0yNTAyMDQxODI2MjBaFw0yNjAyMDMxODMxMjBaMDMxMTAvBgNV
BAMTKDQ0RDdBOUI5OTU5QjYwRDcwMDUyMzMxRDk2N0QzRUUyNTBDMzJFODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLMuPh5pJY1u9ANnG/H2ifyJGe
YUygLloJwHYppdNbcs8LFJCIWpQkeF9+VYy5hwk4y6OcShB3Icdu7mSeoIiyJP5U
8HPdq5ecOXUZGl6rAqfZzjBhUMjr4WFkJPeb0dYstxFox5Sr2KofM69Su53FWqng
YrBSFjj9cBu9P93gxQMEsktEA+C6oqkK7k7zvp5osd0o0Ru7BA+ZHzr5szE2ix5t
3AwR3Tp0W9b78mdTrEqKA1gtOQfaPnL2iE8oE4IM0HEXU8OV1px0W+ZtMtIL4QXN
jwVF5Ot7+fun8tqwJ9mliXAVRqfsDG0Vo/d2VBHTkZ3ihCcrjoxCMp5/fJTnAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQURNepuZWbYNcAUjMdln0+4lDDLoMwHwYDVR0j
BBgwFoAU7C6uW/iD09/YsnDQgv+J3YEJDFMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BM0E0RTBEMThEOTdEMzlDNTM5MEZGREUyNkZDNzhCRTRB
QjUwNjg5NjdCODg4QUQ5ODhFNEJCMEQ0OEY5ODE5LzAvRUMyRUFFNUJGODgzRDNE
RkQ4QjI3MEQwODJGRjg5REQ4MTA5MEM1My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQzJFQUU1QkY4ODNEM0RGRDhC
MjcwRDA4MkZGODlERDgxMDkwQzUzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTNBNEUwRDE4RDk3RDM5QzUzOTBGRkRFMjZGQzc4QkU0QUI1MDY4OTY3
Qjg4OEFEOTg4RTRCQjBENDhGOTgxOS8wLzMyMzAzMTJlMzIzMTM3MmUzMTM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzM3MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsnZEDAN
BgkqhkiG9w0BAQsFAAOCAQEAHpM6laCPMFhKMS6KLjg0AsyTdRfJgaHsolhKMosL
quOl/rrTJi1VrqjNFnrAUql1NB9oKGkrmFiOeBquyhkQYSH8nSZzzDnroUKi91rH
v3IHBXOkAUdvirfl1SckaDuevh8OgIMAoXgDy9qHQ/jL1tifKDs/HhS0nuc5yw2x
lLzojDQ0TA8Y/C92Hn8aaKObENOFOyIBd2QcR861NiJJgyVTlkes+cpW9ldfswnm
af6WEQAk67/2C3qkSMLH3FTfCT/ytCZ/pMev4J/0Fz5n6B4H74vV/d5hzJfaGFZC
lB85IJQ/wAnpNAsKoOeGTb8GEDDGDXOJM7sbDYMVcOCaiA==
-----END CERTIFICATE-----