Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/EB1E9375601F121810894F046B3D3CECEA4EC816CD530090A0E9717B093EBF47/0/3137302e38302e3130382e302f32322d3234203d3e20333935313631.roa
File:                     3137302e38302e3130382e302f32322d3234203d3e20333935313631.roa (raw, json)
Hash identifier:          awx3OQax9V/raOxOeaAR/d4JOg1GRTA267TqilF/Yno=
Subject key identifier:   12:8E:95:2E:74:54:B2:D6:16:F6:D2:EC:E9:C3:3D:E6:08:D7:B8:84
Certificate issuer:       /CN=DB097B1D95BB51C9F513FC53429F30EA207C1549
Certificate serial:       539D7B2BBC6ED3F1495C255288C10EF2A1B52E64
Authority key identifier: DB:09:7B:1D:95:BB:51:C9:F5:13:FC:53:42:9F:30:EA:20:7C:15:49
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DB097B1D95BB51C9F513FC53429F30EA207C1549.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/EB1E9375601F121810894F046B3D3CECEA4EC816CD530090A0E9717B093EBF47/0/3137302e38302e3130382e302f32322d3234203d3e20333935313631.roa
Signing time:             Tue 04 Feb 2025 18:52:35 +0000
ROA not before:           Tue 04 Feb 2025 18:47:35 +0000
ROA not after:            Tue 03 Feb 2026 18:52:35 +0000
asID:                     395161
IP address blocks:        170.80.108.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:9d:7b:2b:bc:6e:d3:f1:49:5c:25:52:88:c1:0e:f2:a1:b5:2e:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DB097B1D95BB51C9F513FC53429F30EA207C1549
        Validity
            Not Before: Feb  4 18:47:35 2025 GMT
            Not After : Feb  3 18:52:35 2026 GMT
        Subject: CN=128E952E7454B2D616F6D2ECE9C33DE608D7B884
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:2b:2e:1e:6b:2d:52:23:ff:e2:f0:e9:ed:6c:
                    bb:8f:6b:d7:43:b7:71:e2:25:21:d3:88:d1:a9:87:
                    c9:14:41:d6:49:95:1e:0b:1b:03:ed:7b:db:6c:93:
                    3e:e8:b9:18:64:e2:8f:23:7f:5e:07:94:8c:b7:6a:
                    db:ba:3e:62:61:9c:e5:03:51:91:e4:f5:14:3e:51:
                    a7:62:a5:56:22:ed:a1:fb:64:6e:b9:f5:a2:eb:75:
                    a5:91:a0:3e:b9:fb:bb:ac:f3:07:f5:52:ae:9a:18:
                    df:d2:65:67:09:fc:6b:0a:d5:41:60:9e:50:8e:f2:
                    de:84:8b:68:0c:a5:7e:ee:df:e5:c7:3f:8d:64:3d:
                    9c:f5:0f:47:cb:6a:56:48:b4:1b:1e:78:4b:cc:22:
                    92:10:be:f6:74:94:f9:f0:f7:94:2f:2e:6f:05:90:
                    3a:26:73:3a:0b:9b:3a:ac:0e:29:97:da:b3:a3:2a:
                    8b:29:1f:a4:f2:5c:9e:9d:73:40:7f:c7:2e:11:03:
                    2f:0c:d0:bc:75:41:8e:63:28:26:c9:94:99:d1:78:
                    11:33:3b:fb:b3:80:f0:2f:5e:a5:eb:93:d3:c3:d1:
                    1c:f4:e0:49:14:99:f8:3b:66:d6:ee:90:48:9e:52:
                    cd:50:0f:48:91:bc:21:f2:39:29:fd:e5:ef:04:9c:
                    15:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:8E:95:2E:74:54:B2:D6:16:F6:D2:EC:E9:C3:3D:E6:08:D7:B8:84
            X509v3 Authority Key Identifier:
                keyid:DB:09:7B:1D:95:BB:51:C9:F5:13:FC:53:42:9F:30:EA:20:7C:15:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/EB1E9375601F121810894F046B3D3CECEA4EC816CD530090A0E9717B093EBF47/0/DB097B1D95BB51C9F513FC53429F30EA207C1549.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DB097B1D95BB51C9F513FC53429F30EA207C1549.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/EB1E9375601F121810894F046B3D3CECEA4EC816CD530090A0E9717B093EBF47/0/3137302e38302e3130382e302f32322d3234203d3e20333935313631.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.80.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:e1:a1:3a:28:6f:d1:03:94:68:0a:25:f1:63:d1:26:63:11:
         01:01:d6:ac:7a:09:64:cc:5e:da:a7:03:19:8c:1a:8c:7a:8e:
         7d:eb:e3:18:a7:25:f0:41:a2:cd:6f:8a:cb:77:ce:34:7a:88:
         2b:0d:be:3f:97:ca:f1:ec:5b:df:71:74:20:be:63:78:3b:88:
         5a:ed:b6:9f:bf:ce:ad:c5:44:c6:2a:c7:a6:61:ba:de:db:6a:
         dc:dd:93:aa:0f:8c:35:cd:42:e7:51:68:4b:28:30:19:26:9e:
         42:86:d0:e5:2a:04:e2:be:3a:f3:8d:39:57:1c:29:c5:ee:9c:
         c9:82:3f:92:82:0c:fc:b7:7b:f2:64:a8:6b:5a:84:b6:62:f1:
         b4:b8:6c:24:7f:ad:ff:c8:d3:9c:83:fe:35:86:0d:31:61:fd:
         fe:7c:5f:30:8b:a7:a0:9f:6d:06:1f:19:4a:2f:f7:63:3c:8f:
         cd:80:91:4b:9d:c3:c8:69:a7:0d:0e:50:69:9c:e2:29:bf:57:
         d5:a2:ab:88:fc:5b:ce:01:a9:4d:6f:2a:6e:aa:50:ce:ad:bf:
         76:ac:24:0a:a5:a7:22:1f:36:f9:eb:b6:da:fc:7d:0f:11:14:
         32:6b:62:3c:0b:8a:85:bc:f9:27:a8:e6:d8:36:d9:4e:d5:a0:
         4e:41:be:d8
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUU517K7xu0/FJXCVSiMEO8qG1LmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREIwOTdCMUQ5NUJCNTFDOUY1MTNGQzUzNDI5RjMwRUEy
MDdDMTU0OTAeFw0yNTAyMDQxODQ3MzVaFw0yNjAyMDMxODUyMzVaMDMxMTAvBgNV
BAMTKDEyOEU5NTJFNzQ1NEIyRDYxNkY2RDJFQ0U5QzMzREU2MDhEN0I4ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXKy4eay1SI//i8OntbLuPa9dD
t3HiJSHTiNGph8kUQdZJlR4LGwPte9tskz7ouRhk4o8jf14HlIy3atu6PmJhnOUD
UZHk9RQ+UadipVYi7aH7ZG659aLrdaWRoD65+7us8wf1Uq6aGN/SZWcJ/GsK1UFg
nlCO8t6Ei2gMpX7u3+XHP41kPZz1D0fLalZItBseeEvMIpIQvvZ0lPnw95QvLm8F
kDomczoLmzqsDimX2rOjKospH6TyXJ6dc0B/xy4RAy8M0Lx1QY5jKCbJlJnReBEz
O/uzgPAvXqXrk9PD0Rz04EkUmfg7ZtbukEieUs1QD0iRvCHyOSn95e8EnBXlAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUEo6VLnRUstYW9tLs6cM95gjXuIQwHwYDVR0j
BBgwFoAU2wl7HZW7Ucn1E/xTQp8w6iB8FUkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FQjFFOTM3NTYwMUYxMjE4MTA4OTRGMDQ2QjNEM0NFQ0VB
NEVDODE2Q0Q1MzAwOTBBMEU5NzE3QjA5M0VCRjQ3LzAvREIwOTdCMUQ5NUJCNTFD
OUY1MTNGQzUzNDI5RjMwRUEyMDdDMTU0OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQjA5N0IxRDk1QkI1MUM5RjUx
M0ZDNTM0MjlGMzBFQTIwN0MxNTQ5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRUIxRTkzNzU2MDFGMTIxODEwODk0RjA0NkIzRDNDRUNFQTRFQzgxNkNE
NTMwMDkwQTBFOTcxN0IwOTNFQkY0Ny8wLzMxMzczMDJlMzgzMDJlMzEzMDM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzMzOTM1MzEzNjMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqlBs
MA0GCSqGSIb3DQEBCwUAA4IBAQAZ4aE6KG/RA5RoCiXxY9EmYxEBAdaseglkzF7a
pwMZjBqMeo596+MYpyXwQaLNb4rLd840eogrDb4/l8rx7FvfcXQgvmN4O4ha7baf
v86txUTGKsemYbre22rc3ZOqD4w1zULnUWhLKDAZJp5ChtDlKgTivjrzjTlXHCnF
7pzJgj+Sggz8t3vyZKhrWoS2YvG0uGwkf63/yNOcg/41hg0xYf3+fF8wi6egn20G
HxlKL/djPI/NgJFLncPIaacNDlBpnOIpv1fVoquI/FvOAalNbypuqlDOrb92rCQK
paciHzb567ba/H0PERQya2I8C4qFvPknqObYNtlO1aBOQb7Y
-----END CERTIFICATE-----