Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/3230312e3231372e32322e302f32332d3234203d3e203237373638.roa
File:                     3230312e3231372e32322e302f32332d3234203d3e203237373638.roa (raw, json)
Hash identifier:          EPlSbenXvT/Wn46Voo7rctn6sfsdiiu24Xx6gltgT0k=
Subject key identifier:   12:DD:36:5B:39:4E:9C:D2:C1:6A:26:C5:80:26:9C:EA:84:CC:66:78
Certificate issuer:       /CN=EC2EAE5BF883D3DFD8B270D082FF89DD81090C53
Certificate serial:       44285EB5C354901515CB5D3FD0F70F91276EA1B4
Authority key identifier: EC:2E:AE:5B:F8:83:D3:DF:D8:B2:70:D0:82:FF:89:DD:81:09:0C:53
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC2EAE5BF883D3DFD8B270D082FF89DD81090C53.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/3230312e3231372e32322e302f32332d3234203d3e203237373638.roa
Signing time:             Tue 04 Feb 2025 18:31:15 +0000
ROA not before:           Tue 04 Feb 2025 18:26:15 +0000
ROA not after:            Tue 03 Feb 2026 18:31:15 +0000
asID:                     27768
IP address blocks:        201.217.22.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:28:5e:b5:c3:54:90:15:15:cb:5d:3f:d0:f7:0f:91:27:6e:a1:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EC2EAE5BF883D3DFD8B270D082FF89DD81090C53
        Validity
            Not Before: Feb  4 18:26:15 2025 GMT
            Not After : Feb  3 18:31:15 2026 GMT
        Subject: CN=12DD365B394E9CD2C16A26C580269CEA84CC6678
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:5c:cc:d2:89:0b:d6:4c:a3:cf:c6:8f:d0:c8:
                    3a:43:d3:9b:70:ce:da:a5:2e:b4:07:b0:56:9b:2f:
                    b7:f3:83:fe:bf:f8:b0:ef:42:8c:f6:11:2b:de:a4:
                    1a:e9:82:31:cb:8d:84:12:e1:0c:d9:c0:ef:47:ae:
                    61:07:f7:a2:4b:15:56:ae:94:56:a0:90:34:1e:0c:
                    95:a9:f4:95:cc:e4:e8:53:09:3a:2d:f1:65:cc:c7:
                    a0:45:ef:c4:6d:0d:2e:59:18:6a:8c:0d:66:cb:f0:
                    a5:5f:5d:60:65:46:20:e4:4f:85:90:de:24:ee:78:
                    a9:e1:2f:83:e6:2f:ec:ec:51:dd:eb:44:13:54:e8:
                    d6:2d:81:0b:cf:d5:6a:24:90:81:9e:b0:e7:dc:8c:
                    ae:7b:3b:3d:38:d6:21:cd:19:f0:7c:af:df:e2:7a:
                    c7:67:c9:72:44:8a:03:a3:87:ab:f3:23:4b:8b:69:
                    fe:38:bf:bd:92:8b:13:38:a7:bc:ae:62:1d:a5:9a:
                    b6:13:55:eb:b9:28:84:be:c2:06:34:01:b2:ce:3c:
                    6b:60:3b:57:55:e9:67:0b:2f:ff:43:34:a5:dc:15:
                    36:54:4f:3a:4f:73:0d:43:22:d3:f5:e5:16:48:32:
                    e4:7b:34:9a:14:89:c2:2c:60:86:8f:d0:8d:23:6e:
                    61:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:DD:36:5B:39:4E:9C:D2:C1:6A:26:C5:80:26:9C:EA:84:CC:66:78
            X509v3 Authority Key Identifier:
                keyid:EC:2E:AE:5B:F8:83:D3:DF:D8:B2:70:D0:82:FF:89:DD:81:09:0C:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/EC2EAE5BF883D3DFD8B270D082FF89DD81090C53.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EC2EAE5BF883D3DFD8B270D082FF89DD81090C53.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A3A4E0D18D97D39C5390FFDE26FC78BE4AB5068967B888AD988E4BB0D48F9819/0/3230312e3231372e32322e302f32332d3234203d3e203237373638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.217.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         93:17:4e:49:8b:01:05:21:ff:4c:48:cc:e0:66:c9:1a:21:3c:
         b5:f5:b3:c3:9c:d2:08:75:b1:22:b3:83:4d:9e:ce:03:dd:04:
         47:a9:8d:26:88:41:d1:98:31:dd:ff:8a:2b:96:bb:58:0d:33:
         70:08:cf:fe:28:d9:fd:9e:f2:5d:96:74:25:a0:4b:1c:d0:48:
         43:e7:55:51:fb:d8:59:f1:8c:ad:a0:b4:31:1e:14:05:f8:96:
         7d:ba:52:bb:f8:c8:58:c5:dc:f2:3c:84:11:b1:20:98:ab:95:
         87:4b:f3:f8:12:11:3a:a3:4e:bc:1e:21:93:28:df:72:06:30:
         2b:c7:d3:ff:d4:b9:19:50:b2:be:87:9e:96:2e:80:24:c9:94:
         64:ec:95:6e:4d:28:17:23:b4:7e:5b:cc:1a:51:ec:05:24:a7:
         f2:c8:cd:4c:05:a8:77:ad:d1:23:ed:ab:01:38:c2:fa:12:4a:
         09:fb:c8:0a:79:87:fe:68:ab:20:27:e6:5d:a7:35:68:f9:53:
         fa:7f:3a:a9:79:4e:42:8c:80:c4:c0:8d:06:b1:a0:73:0d:c6:
         a8:14:74:e8:80:85:f9:c7:c0:6b:82:e2:f7:e2:87:fd:dd:95:
         94:c0:d9:1e:6c:30:7d:23:1f:75:17:4d:97:47:79:d4:29:f1:
         e2:96:cf:fb
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIURChetcNUkBUVy10/0PcPkSduobQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUMyRUFFNUJGODgzRDNERkQ4QjI3MEQwODJGRjg5REQ4
MTA5MEM1MzAeFw0yNTAyMDQxODI2MTVaFw0yNjAyMDMxODMxMTVaMDMxMTAvBgNV
BAMTKDEyREQzNjVCMzk0RTlDRDJDMTZBMjZDNTgwMjY5Q0VBODRDQzY2NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNXMzSiQvWTKPPxo/QyDpD05tw
ztqlLrQHsFabL7fzg/6/+LDvQoz2ESvepBrpgjHLjYQS4QzZwO9HrmEH96JLFVau
lFagkDQeDJWp9JXM5OhTCTot8WXMx6BF78RtDS5ZGGqMDWbL8KVfXWBlRiDkT4WQ
3iTueKnhL4PmL+zsUd3rRBNU6NYtgQvP1WokkIGesOfcjK57Oz041iHNGfB8r9/i
esdnyXJEigOjh6vzI0uLaf44v72SixM4p7yuYh2lmrYTVeu5KIS+wgY0AbLOPGtg
O1dV6WcLL/9DNKXcFTZUTzpPcw1DItP15RZIMuR7NJoUicIsYIaP0I0jbmE/AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUEt02WzlOnNLBaibFgCac6oTMZngwHwYDVR0j
BBgwFoAU7C6uW/iD09/YsnDQgv+J3YEJDFMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BM0E0RTBEMThEOTdEMzlDNTM5MEZGREUyNkZDNzhCRTRB
QjUwNjg5NjdCODg4QUQ5ODhFNEJCMEQ0OEY5ODE5LzAvRUMyRUFFNUJGODgzRDNE
RkQ4QjI3MEQwODJGRjg5REQ4MTA5MEM1My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQzJFQUU1QkY4ODNEM0RGRDhC
MjcwRDA4MkZGODlERDgxMDkwQzUzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTNBNEUwRDE4RDk3RDM5QzUzOTBGRkRFMjZGQzc4QkU0QUI1MDY4OTY3
Qjg4OEFEOTg4RTRCQjBENDhGOTgxOS8wLzMyMzAzMTJlMzIzMTM3MmUzMjMyMmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNzM3MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcnZFjAN
BgkqhkiG9w0BAQsFAAOCAQEAkxdOSYsBBSH/TEjM4GbJGiE8tfWzw5zSCHWxIrOD
TZ7OA90ER6mNJohB0Zgx3f+KK5a7WA0zcAjP/ijZ/Z7yXZZ0JaBLHNBIQ+dVUfvY
WfGMraC0MR4UBfiWfbpSu/jIWMXc8jyEEbEgmKuVh0vz+BIROqNOvB4hkyjfcgYw
K8fT/9S5GVCyvoeeli6AJMmUZOyVbk0oFyO0flvMGlHsBSSn8sjNTAWod63RI+2r
ATjC+hJKCfvICnmH/mirICfmXac1aPlT+n86qXlOQoyAxMCNBrGgcw3GqBR06ICF
+cfAa4Li9+KH/d2VlMDZHmwwfSMfdRdNl0d51Cnx4pbP+w==
-----END CERTIFICATE-----