Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32342d3234203d3e203336353131.roa
File:                     3137302e3233332e37322e302f32342d3234203d3e203336353131.roa (raw, json)
Hash identifier:          PD3gEV2bY9QvO9NRhq6W6FVSpn40niz/bluEiC5fbKo=
Subject key identifier:   31:05:4B:DC:0D:80:64:E7:26:86:D0:14:15:B6:60:58:F7:69:0B:E1
Certificate issuer:       /CN=9651F1E4B6480D19626E784CA1A8F0ABC94C1487
Certificate serial:       7D62D869860B4EA708E6E229CFD5E85B8809B648
Authority key identifier: 96:51:F1:E4:B6:48:0D:19:62:6E:78:4C:A1:A8:F0:AB:C9:4C:14:87
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32342d3234203d3e203336353131.roa
Signing time:             Tue 17 Dec 2024 15:10:00 +0000
ROA not before:           Tue 17 Dec 2024 15:05:00 +0000
ROA not after:            Tue 16 Dec 2025 15:10:00 +0000
asID:                     36511
IP address blocks:        170.233.72.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:62:d8:69:86:0b:4e:a7:08:e6:e2:29:cf:d5:e8:5b:88:09:b6:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9651F1E4B6480D19626E784CA1A8F0ABC94C1487
        Validity
            Not Before: Dec 17 15:05:00 2024 GMT
            Not After : Dec 16 15:10:00 2025 GMT
        Subject: CN=31054BDC0D8064E72686D01415B66058F7690BE1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:1a:93:9f:e3:70:70:3c:5f:b2:9f:89:3e:72:
                    d4:f0:89:be:b5:18:31:9b:2e:81:50:32:c4:d7:4f:
                    69:be:7a:f3:8e:54:1d:56:db:9f:d1:67:41:50:a8:
                    82:ec:1f:cf:90:06:d2:63:14:1f:c7:48:e3:dd:c4:
                    fb:9b:33:5a:8c:26:10:ae:4f:aa:d7:a3:40:89:5c:
                    41:7c:7f:1d:e7:4a:6a:eb:52:14:b0:3d:a9:24:03:
                    48:9b:e2:d3:40:5b:aa:d3:90:f2:7a:86:93:4d:56:
                    93:42:36:20:22:6d:d4:d8:7e:6b:d6:a5:d8:52:04:
                    e6:4f:ce:71:c9:6d:95:0a:e2:06:25:9a:27:be:42:
                    cf:c7:6a:10:78:6d:22:99:87:da:02:22:a7:bc:45:
                    e1:83:6d:ab:e7:d8:0c:e6:d1:3d:e8:5c:be:1a:18:
                    3b:06:8e:41:2b:02:e8:9a:eb:b4:94:53:13:b9:e0:
                    3e:89:93:0c:e8:5e:2a:42:3b:26:b2:c7:cf:42:42:
                    db:73:36:12:20:10:ab:21:81:d3:18:b8:78:a7:0a:
                    48:19:5f:25:69:12:81:07:99:83:11:df:3f:6f:2f:
                    9c:e8:1f:0f:27:ac:c2:a7:59:56:48:57:b7:eb:67:
                    e2:55:01:4c:26:97:bb:04:8d:46:e8:75:e7:89:42:
                    6e:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:05:4B:DC:0D:80:64:E7:26:86:D0:14:15:B6:60:58:F7:69:0B:E1
            X509v3 Authority Key Identifier:
                keyid:96:51:F1:E4:B6:48:0D:19:62:6E:78:4C:A1:A8:F0:AB:C9:4C:14:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9651F1E4B6480D19626E784CA1A8F0ABC94C1487.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F68E217F69DE99D52AB3B6385D134B93C3D4D8260F1E24C0231493E89C2FF10F/0/3137302e3233332e37322e302f32342d3234203d3e203336353131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:a5:31:82:67:e0:84:4b:27:43:f9:5d:e7:52:47:a0:a4:8c:
         e4:e1:4f:6b:23:4f:e8:88:cc:1f:92:f3:55:7e:3e:14:e3:19:
         0a:40:f0:46:08:f1:cc:b6:10:79:4a:33:64:9c:1e:d0:18:9b:
         c5:7b:77:44:58:3f:b2:d6:a0:0c:21:a5:d3:82:f7:00:69:88:
         db:d0:a7:91:be:5d:04:92:51:95:8d:9f:55:b8:78:73:f1:81:
         b5:40:d8:f5:71:93:9b:e6:73:29:00:d1:f2:e0:94:15:f8:06:
         19:a0:74:0d:dd:b6:1d:1c:6d:87:63:a9:f2:6b:10:c0:bb:66:
         1f:6d:d7:7b:cf:06:70:dc:63:f3:be:e0:c0:1e:99:21:d3:b6:
         da:ca:02:d9:f2:33:f3:99:84:c2:e6:5b:cc:e2:52:90:83:f4:
         26:ee:b1:8a:c7:44:1d:b5:c4:61:71:09:5e:14:20:1b:1a:3c:
         61:ef:46:e3:87:81:f3:a3:35:0c:81:50:ce:2d:e1:4b:22:27:
         ec:33:a1:d0:c2:1b:45:ce:17:54:22:80:ba:f8:06:e8:15:70:
         8c:9d:e6:c6:42:43:43:21:a3:74:c8:6d:89:1b:ce:46:04:23:
         d8:c8:08:b8:49:f4:81:d6:e2:62:05:d8:d5:fb:45:4c:7c:0f:
         b9:8d:bc:0e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUfWLYaYYLTqcI5uIpz9XoW4gJtkgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTY1MUYxRTRCNjQ4MEQxOTYyNkU3ODRDQTFBOEYwQUJD
OTRDMTQ4NzAeFw0yNDEyMTcxNTA1MDBaFw0yNTEyMTYxNTEwMDBaMDMxMTAvBgNV
BAMTKDMxMDU0QkRDMEQ4MDY0RTcyNjg2RDAxNDE1QjY2MDU4Rjc2OTBCRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyGpOf43BwPF+yn4k+ctTwib61
GDGbLoFQMsTXT2m+evOOVB1W25/RZ0FQqILsH8+QBtJjFB/HSOPdxPubM1qMJhCu
T6rXo0CJXEF8fx3nSmrrUhSwPakkA0ib4tNAW6rTkPJ6hpNNVpNCNiAibdTYfmvW
pdhSBOZPznHJbZUK4gYlmie+Qs/HahB4bSKZh9oCIqe8ReGDbavn2Azm0T3oXL4a
GDsGjkErAuia67SUUxO54D6JkwzoXipCOyayx89CQttzNhIgEKshgdMYuHinCkgZ
XyVpEoEHmYMR3z9vL5zoHw8nrMKnWVZIV7frZ+JVAUwml7sEjUbodeeJQm5pAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUMQVL3A2AZOcmhtAUFbZgWPdpC+EwHwYDVR0j
BBgwFoAUllHx5LZIDRlibnhMoajwq8lMFIcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GNjhFMjE3RjY5REU5OUQ1MkFCM0I2Mzg1RDEzNEI5M0Mz
RDREODI2MEYxRTI0QzAyMzE0OTNFODlDMkZGMTBGLzAvOTY1MUYxRTRCNjQ4MEQx
OTYyNkU3ODRDQTFBOEYwQUJDOTRDMTQ4Ny5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NjUxRjFFNEI2NDgwRDE5NjI2
RTc4NENBMUE4RjBBQkM5NEMxNDg3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjY4RTIxN0Y2OURFOTlENTJBQjNCNjM4NUQxMzRCOTNDM0Q0RDgyNjBG
MUUyNEMwMjMxNDkzRTg5QzJGRjEwRi8wLzMxMzczMDJlMzIzMzMzMmUzNzMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzNjM1MzEzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKrpSDAN
BgkqhkiG9w0BAQsFAAOCAQEAGqUxgmfghEsnQ/ld51JHoKSM5OFPayNP6IjMH5Lz
VX4+FOMZCkDwRgjxzLYQeUozZJwe0BibxXt3RFg/stagDCGl04L3AGmI29Cnkb5d
BJJRlY2fVbh4c/GBtUDY9XGTm+ZzKQDR8uCUFfgGGaB0Dd22HRxth2Op8msQwLtm
H23Xe88GcNxj877gwB6ZIdO22soC2fIz85mEwuZbzOJSkIP0Ju6xisdEHbXEYXEJ
XhQgGxo8Ye9G44eB86M1DIFQzi3hSyIn7DOh0MIbRc4XVCKAuvgG6BVwjJ3mxkJD
QyGjdMhtiRvORgQj2MgIuEn0gdbiYgXY1ftFTHwPuY28Dg==
-----END CERTIFICATE-----