Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DAC2BC754BFDD4535D49F99D0671743C3C0825A6B6D57B48E7350451BA87E9EF/0/3138312e3139392e3132382e302f32302d3230203d3e203332303334.roa
File:                     3138312e3139392e3132382e302f32302d3230203d3e203332303334.roa (raw, json)
Hash identifier:          Xkp7YgxMcsZAoAu98b4G9vcHnpb9tFZOHt9nlsZIR68=
Subject key identifier:   4A:D2:12:5E:9D:B4:0D:D2:FB:BC:C1:00:F8:2D:3C:34:17:D5:B3:BF
Certificate issuer:       /CN=DC553BD05B33548C342568566291E719B4FA73B9
Certificate serial:       793BDF34413C292F57EEF2A474C00831C51DA29E
Authority key identifier: DC:55:3B:D0:5B:33:54:8C:34:25:68:56:62:91:E7:19:B4:FA:73:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DC553BD05B33548C342568566291E719B4FA73B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DAC2BC754BFDD4535D49F99D0671743C3C0825A6B6D57B48E7350451BA87E9EF/0/3138312e3139392e3132382e302f32302d3230203d3e203332303334.roa
Signing time:             Tue 04 Feb 2025 18:19:45 +0000
ROA not before:           Tue 04 Feb 2025 18:14:45 +0000
ROA not after:            Tue 03 Feb 2026 18:19:45 +0000
asID:                     32034
IP address blocks:        181.199.128.0/20 maxlen: 20
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:3b:df:34:41:3c:29:2f:57:ee:f2:a4:74:c0:08:31:c5:1d:a2:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DC553BD05B33548C342568566291E719B4FA73B9
        Validity
            Not Before: Feb  4 18:14:45 2025 GMT
            Not After : Feb  3 18:19:45 2026 GMT
        Subject: CN=4AD2125E9DB40DD2FBBCC100F82D3C3417D5B3BF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:c7:bb:0e:52:51:83:98:b1:50:7c:dc:41:eb:
                    5c:09:74:29:26:c7:72:76:be:56:c9:86:c0:2d:6a:
                    a7:73:d1:de:41:89:fa:c6:5c:38:02:34:2a:b7:b3:
                    21:ee:10:70:d7:89:4a:de:44:0f:31:f6:dd:36:3a:
                    ea:b8:3b:fd:32:99:4a:fc:27:12:7a:f4:55:ba:b9:
                    96:70:30:39:c3:91:16:97:b2:8d:89:e7:b7:0b:4f:
                    5f:7f:87:58:da:68:29:16:61:87:6f:9f:07:ec:e5:
                    eb:32:66:79:09:64:97:98:5e:3e:b8:56:49:a4:a7:
                    2d:9a:6c:13:4a:2d:c8:a7:eb:cb:b5:61:6e:32:d6:
                    5e:d1:ba:07:8b:be:32:32:ff:56:34:cd:25:62:03:
                    07:73:d4:aa:2e:12:e5:b6:c6:37:cf:14:4d:48:9a:
                    25:ea:24:a7:e7:ce:8c:a0:7e:3d:cb:f5:d1:72:b8:
                    46:1b:50:1d:7a:56:6c:25:02:b9:60:10:23:b9:1f:
                    91:08:ec:be:0e:b7:6f:b7:2e:4c:2b:3a:60:33:50:
                    5f:52:de:7e:e4:98:88:c3:7b:cb:0c:b0:8d:77:36:
                    5c:ef:33:f6:5a:27:6b:1f:3f:fd:0b:8b:03:61:c2:
                    c6:a0:e3:40:06:c4:9a:88:83:82:d1:bc:7a:5b:00:
                    53:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:D2:12:5E:9D:B4:0D:D2:FB:BC:C1:00:F8:2D:3C:34:17:D5:B3:BF
            X509v3 Authority Key Identifier:
                keyid:DC:55:3B:D0:5B:33:54:8C:34:25:68:56:62:91:E7:19:B4:FA:73:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DAC2BC754BFDD4535D49F99D0671743C3C0825A6B6D57B48E7350451BA87E9EF/0/DC553BD05B33548C342568566291E719B4FA73B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DC553BD05B33548C342568566291E719B4FA73B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DAC2BC754BFDD4535D49F99D0671743C3C0825A6B6D57B48E7350451BA87E9EF/0/3138312e3139392e3132382e302f32302d3230203d3e203332303334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.199.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         55:bf:7e:1b:56:df:b3:6b:9f:71:66:c5:3e:ff:7d:56:23:12:
         af:13:3e:fa:f9:fd:98:72:15:cb:6d:4b:c7:0d:1a:99:72:8e:
         24:22:00:b9:35:0c:23:74:bf:e8:cb:ae:38:9f:43:6d:15:3b:
         15:cc:96:8a:61:7e:aa:43:01:04:0d:54:25:2d:05:c6:b9:02:
         2a:f7:ed:13:b1:5a:ff:cd:e7:e0:3b:3c:58:a0:db:a5:43:1b:
         40:c8:ce:6e:c8:bf:68:5c:ad:87:af:e7:5c:9b:82:53:8a:06:
         26:4f:7d:63:7c:8b:91:d4:65:db:8a:d3:46:24:35:81:4e:4b:
         ca:ee:07:7f:a4:e2:50:13:e7:ea:c4:8c:ad:14:e4:b9:15:25:
         5d:69:9d:9e:85:66:a3:5f:18:dc:c7:ab:3f:ab:7c:00:a1:cc:
         5b:d8:b8:98:c8:15:53:45:8a:34:a3:6f:31:da:8c:a3:49:0f:
         39:cc:70:1b:3d:00:84:92:7a:c9:f5:17:3b:5d:69:b0:09:09:
         64:66:81:e2:d0:f8:44:17:5d:b1:c9:e9:6f:a2:9f:fd:7c:d4:
         15:b7:b6:1b:9e:63:ef:17:65:e1:66:4a:ef:e4:65:67:df:d5:
         6a:8c:4c:62:17:e3:85:02:59:7c:8b:ee:6d:56:9b:87:35:a7:
         f3:49:6d:8d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUeTvfNEE8KS9X7vKkdMAIMcUdop4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREM1NTNCRDA1QjMzNTQ4QzM0MjU2ODU2NjI5MUU3MTlC
NEZBNzNCOTAeFw0yNTAyMDQxODE0NDVaFw0yNjAyMDMxODE5NDVaMDMxMTAvBgNV
BAMTKDRBRDIxMjVFOURCNDBERDJGQkJDQzEwMEY4MkQzQzM0MTdENUIzQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnx7sOUlGDmLFQfNxB61wJdCkm
x3J2vlbJhsAtaqdz0d5BifrGXDgCNCq3syHuEHDXiUreRA8x9t02Ouq4O/0ymUr8
JxJ69FW6uZZwMDnDkRaXso2J57cLT19/h1jaaCkWYYdvnwfs5esyZnkJZJeYXj64
Vkmkpy2abBNKLcin68u1YW4y1l7RugeLvjIy/1Y0zSViAwdz1KouEuW2xjfPFE1I
miXqJKfnzoygfj3L9dFyuEYbUB16VmwlArlgECO5H5EI7L4Ot2+3LkwrOmAzUF9S
3n7kmIjDe8sMsI13NlzvM/ZaJ2sfP/0LiwNhwsag40AGxJqIg4LRvHpbAFOjAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUStISXp20DdL7vMEA+C08NBfVs78wHwYDVR0j
BBgwFoAU3FU70FszVIw0JWhWYpHnGbT6c7kwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQUMyQkM3NTRCRkRENDUzNUQ0OUY5OUQwNjcxNzQzQzND
MDgyNUE2QjZENTdCNDhFNzM1MDQ1MUJBODdFOUVGLzAvREM1NTNCRDA1QjMzNTQ4
QzM0MjU2ODU2NjI5MUU3MTlCNEZBNzNCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQzU1M0JEMDVCMzM1NDhDMzQy
NTY4NTY2MjkxRTcxOUI0RkE3M0I5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREFDMkJDNzU0QkZERDQ1MzVENDlGOTlEMDY3MTc0M0MzQzA4MjVBNkI2
RDU3QjQ4RTczNTA0NTFCQTg3RTlFRi8wLzMxMzgzMTJlMzEzOTM5MmUzMTMyMzgy
ZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzMzMyMzAzMzM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEtceA
MA0GCSqGSIb3DQEBCwUAA4IBAQBVv34bVt+za59xZsU+/31WIxKvEz76+f2YchXL
bUvHDRqZco4kIgC5NQwjdL/oy644n0NtFTsVzJaKYX6qQwEEDVQlLQXGuQIq9+0T
sVr/zefgOzxYoNulQxtAyM5uyL9oXK2Hr+dcm4JTigYmT31jfIuR1GXbitNGJDWB
TkvK7gd/pOJQE+fqxIytFOS5FSVdaZ2ehWajXxjcx6s/q3wAocxb2LiYyBVTRYo0
o28x2oyjSQ85zHAbPQCEknrJ9Rc7XWmwCQlkZoHi0PhEF12xyelvop/9fNQVt7Yb
nmPvF2XhZkrv5GVn39VqjExiF+OFAll8i+5tVpuHNafzSW2N
-----END CERTIFICATE-----