Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e33312e302f32342d3234203d3e20323637363939.roa
File:                     3137302e3235342e33312e302f32342d3234203d3e20323637363939.roa (raw, json)
Hash identifier:          e17R1RtdNojJfca79hlvQQXit26l7LTqwlpd9f3MVHI=
Subject key identifier:   13:EE:D9:FC:89:AF:90:7F:A7:32:42:04:BB:7A:0F:02:D9:24:DF:4B
Certificate issuer:       /CN=DF4F03C5770C7BA39912813367B5E868005CCD99
Certificate serial:       3004D042941ACB5A2B8332C75E7C783843CCC7A5
Authority key identifier: DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e33312e302f32342d3234203d3e20323637363939.roa
Signing time:             Tue 04 Feb 2025 20:04:49 +0000
ROA not before:           Tue 04 Feb 2025 19:59:49 +0000
ROA not after:            Tue 03 Feb 2026 20:04:49 +0000
asID:                     267699
IP address blocks:        170.254.31.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:04:d0:42:94:1a:cb:5a:2b:83:32:c7:5e:7c:78:38:43:cc:c7:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DF4F03C5770C7BA39912813367B5E868005CCD99
        Validity
            Not Before: Feb  4 19:59:49 2025 GMT
            Not After : Feb  3 20:04:49 2026 GMT
        Subject: CN=13EED9FC89AF907FA7324204BB7A0F02D924DF4B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b9:d1:8e:04:87:70:6d:c1:e1:cc:94:1c:9d:
                    7f:60:4e:3f:b7:40:ce:4f:97:ef:85:42:39:f8:e0:
                    1d:db:68:e2:59:4d:71:35:4a:04:4c:3e:e9:31:6f:
                    ff:b2:da:3c:01:a9:34:7c:f2:a4:9a:d9:d7:08:4a:
                    39:e3:b0:91:41:6c:8d:ca:9e:2b:1c:58:75:2f:47:
                    90:20:df:7c:d7:69:36:f7:d4:6f:29:2e:06:4e:9d:
                    19:01:63:0c:ec:af:b2:d0:f3:33:06:80:f7:cb:6c:
                    6e:48:e0:61:15:a4:af:0b:ca:56:ab:b9:e8:85:7f:
                    09:3f:d0:ef:cf:26:7c:41:d3:04:b8:2d:a9:a8:43:
                    e3:c4:bb:a7:08:31:d4:40:d0:11:cb:ce:a5:28:d6:
                    14:8d:d0:97:ec:3b:03:e2:1f:1f:de:3a:ea:15:de:
                    04:15:b4:b0:68:7c:1d:57:93:3f:45:20:9c:bb:f5:
                    93:ab:d7:75:6c:d6:26:e5:c1:39:bf:2d:84:84:80:
                    88:5e:f6:4a:49:9c:90:dc:a4:8a:16:27:a9:02:f6:
                    50:0e:fe:56:2b:67:82:1d:5c:0a:d0:d2:e9:5a:61:
                    e8:f6:73:90:78:37:89:b8:10:e8:cc:6a:90:ce:a6:
                    57:d1:33:38:82:37:50:af:5f:21:9b:78:75:f6:aa:
                    e7:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:EE:D9:FC:89:AF:90:7F:A7:32:42:04:BB:7A:0F:02:D9:24:DF:4B
            X509v3 Authority Key Identifier:
                keyid:DF:4F:03:C5:77:0C:7B:A3:99:12:81:33:67:B5:E8:68:00:5C:CD:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/DF4F03C5770C7BA39912813367B5E868005CCD99.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF4F03C5770C7BA39912813367B5E868005CCD99.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E08D933682F688ED8C36D0FC1F34B68315053D3F371F684B9A387A5FA6709F17/0/3137302e3235342e33312e302f32342d3234203d3e20323637363939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:55:34:d7:e2:6c:dc:4f:ea:d5:34:65:b1:4f:c6:16:57:89:
         e6:74:71:38:76:02:76:27:d9:36:c7:4d:f0:a9:96:b1:6f:0f:
         67:3f:80:0b:eb:a4:3f:49:2a:55:c0:81:17:5b:48:ce:cf:38:
         c2:46:69:99:c6:79:d0:5b:b9:ca:8b:9b:36:b1:ef:f3:eb:b2:
         20:fc:08:96:66:f2:a0:22:ea:7d:1c:e5:ca:3c:66:69:81:70:
         06:82:9d:d7:ba:b8:c0:ff:2d:dc:72:e1:24:5e:03:3a:21:e3:
         a0:a1:67:69:93:7a:f8:19:3a:e4:92:14:ab:2f:da:aa:aa:61:
         11:69:70:1d:57:50:22:9b:81:fc:a9:2d:07:09:c3:ab:61:e9:
         c6:d0:1c:0f:7c:8b:ef:0f:0d:03:56:7b:93:76:4c:1d:1c:65:
         fc:27:d5:3a:74:5e:3a:c2:e1:79:e1:0d:19:c5:9b:a7:86:50:
         ee:04:23:b1:a1:eb:41:40:8b:1f:dd:12:cc:8b:98:b7:34:e6:
         c8:7a:54:50:73:cd:08:34:ba:ad:8e:d4:f7:e0:57:86:aa:5c:
         39:79:d0:93:57:46:c5:fa:f7:c5:60:58:9a:d7:0d:95:38:c0:
         58:b6:33:10:7d:8e:70:b4:5b:7e:31:48:7b:de:25:32:07:4c:
         17:3b:3f:e9
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUMATQQpQay1orgzLHXnx4OEPMx6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREY0RjAzQzU3NzBDN0JBMzk5MTI4MTMzNjdCNUU4Njgw
MDVDQ0Q5OTAeFw0yNTAyMDQxOTU5NDlaFw0yNjAyMDMyMDA0NDlaMDMxMTAvBgNV
BAMTKDEzRUVEOUZDODlBRjkwN0ZBNzMyNDIwNEJCN0EwRjAyRDkyNERGNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyudGOBIdwbcHhzJQcnX9gTj+3
QM5Pl++FQjn44B3baOJZTXE1SgRMPukxb/+y2jwBqTR88qSa2dcISjnjsJFBbI3K
niscWHUvR5Ag33zXaTb31G8pLgZOnRkBYwzsr7LQ8zMGgPfLbG5I4GEVpK8Lylar
ueiFfwk/0O/PJnxB0wS4LamoQ+PEu6cIMdRA0BHLzqUo1hSN0JfsOwPiHx/eOuoV
3gQVtLBofB1Xkz9FIJy79ZOr13Vs1iblwTm/LYSEgIhe9kpJnJDcpIoWJ6kC9lAO
/lYrZ4IdXArQ0ulaYej2c5B4N4m4EOjMapDOplfRMziCN1CvXyGbeHX2quevAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUE+7Z/ImvkH+nMkIEu3oPAtkk30swHwYDVR0j
BBgwFoAU308DxXcMe6OZEoEzZ7XoaABczZkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FMDhEOTMzNjgyRjY4OEVEOEMzNkQwRkMxRjM0QjY4MzE1
MDUzRDNGMzcxRjY4NEI5QTM4N0E1RkE2NzA5RjE3LzAvREY0RjAzQzU3NzBDN0JB
Mzk5MTI4MTMzNjdCNUU4NjgwMDVDQ0Q5OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERjRGMDNDNTc3MEM3QkEzOTkx
MjgxMzM2N0I1RTg2ODAwNUNDRDk5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTA4RDkzMzY4MkY2ODhFRDhDMzZEMEZDMUYzNEI2ODMxNTA1M0QzRjM3
MUY2ODRCOUEzODdBNUZBNjcwOUYxNy8wLzMxMzczMDJlMzIzNTM0MmUzMzMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM3MzYzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqv4f
MA0GCSqGSIb3DQEBCwUAA4IBAQA+VTTX4mzcT+rVNGWxT8YWV4nmdHE4dgJ2J9k2
x03wqZaxbw9nP4AL66Q/SSpVwIEXW0jOzzjCRmmZxnnQW7nKi5s2se/z67Ig/AiW
ZvKgIup9HOXKPGZpgXAGgp3XurjA/y3ccuEkXgM6IeOgoWdpk3r4GTrkkhSrL9qq
qmERaXAdV1Aim4H8qS0HCcOrYenG0BwPfIvvDw0DVnuTdkwdHGX8J9U6dF46wuF5
4Q0ZxZunhlDuBCOxoetBQIsf3RLMi5i3NObIelRQc80INLqtjtT34FeGqlw5edCT
V0bF+vfFYFia1w2VOMBYtjMQfY5wtFt+MUh73iUyB0wXOz/p
-----END CERTIFICATE-----