Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0023B76248CCE07DA25B146284D499148051C29A42F304266149914C14A10507/0/3230312e3232322e34342e302f32322d3234203d3e20323731373833.roa
File:                     3230312e3232322e34342e302f32322d3234203d3e20323731373833.roa (raw, json)
Hash identifier:          UB06OG3u54ejuMHICSAOGSQB+Csnsw3S/5F2l8VqOvQ=
Subject key identifier:   23:7E:C7:C8:1F:45:AB:69:D9:B1:FE:BA:AC:B4:DB:4E:95:44:05:C9
Certificate issuer:       /CN=C3D02995E170CE622F60579EB13D9DD037B46A52
Certificate serial:       54294D483B825680A65B85C7881600A71A9B73F7
Authority key identifier: C3:D0:29:95:E1:70:CE:62:2F:60:57:9E:B1:3D:9D:D0:37:B4:6A:52
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C3D02995E170CE622F60579EB13D9DD037B46A52.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0023B76248CCE07DA25B146284D499148051C29A42F304266149914C14A10507/0/3230312e3232322e34342e302f32322d3234203d3e20323731373833.roa
Signing time:             Tue 04 Feb 2025 18:22:11 +0000
ROA not before:           Tue 04 Feb 2025 18:17:11 +0000
ROA not after:            Tue 03 Feb 2026 18:22:11 +0000
asID:                     271783
IP address blocks:        201.222.44.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:29:4d:48:3b:82:56:80:a6:5b:85:c7:88:16:00:a7:1a:9b:73:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3D02995E170CE622F60579EB13D9DD037B46A52
        Validity
            Not Before: Feb  4 18:17:11 2025 GMT
            Not After : Feb  3 18:22:11 2026 GMT
        Subject: CN=237EC7C81F45AB69D9B1FEBAACB4DB4E954405C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:77:4a:fa:a0:25:4d:f8:21:1d:e9:f9:a1:9c:
                    1d:47:b1:2d:6f:13:db:2b:f6:ff:df:ae:d8:e6:44:
                    96:0a:32:bd:48:00:b1:99:cd:99:54:b0:56:cf:6d:
                    a3:fe:81:35:b9:fe:9a:7e:d9:ad:d7:59:33:20:28:
                    b2:61:e4:f8:c4:03:7e:13:fe:59:49:00:ce:80:e0:
                    b6:bd:4a:bd:6a:a9:0a:2f:96:62:d8:9f:2d:cd:6e:
                    d0:e4:a2:1b:fe:4f:cb:76:45:64:e6:a2:71:5e:e8:
                    fb:21:7b:ca:31:3c:68:2a:aa:37:2b:ed:da:4e:40:
                    9e:65:67:34:5e:f3:38:11:a7:0e:13:17:43:c7:18:
                    05:7b:4d:bb:ba:4a:52:0e:fc:99:c4:ca:17:3c:6b:
                    de:2c:76:df:a0:ee:83:51:e8:b8:f2:b2:8a:a9:fa:
                    f4:a1:07:3c:bd:db:d4:4c:73:df:ba:de:da:d9:c9:
                    d5:6d:15:3e:ea:1e:25:91:5b:c3:8d:55:55:c9:05:
                    6c:e1:33:e3:aa:98:e3:26:d4:52:33:33:9f:5a:c9:
                    48:59:61:8d:a4:6b:2d:33:b3:f8:38:72:ff:a1:2b:
                    8f:34:1a:9d:55:99:3a:dc:6f:fb:3d:3a:c6:42:07:
                    c9:e1:b3:f7:39:57:de:74:65:70:0b:71:ea:1d:83:
                    1f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:7E:C7:C8:1F:45:AB:69:D9:B1:FE:BA:AC:B4:DB:4E:95:44:05:C9
            X509v3 Authority Key Identifier:
                keyid:C3:D0:29:95:E1:70:CE:62:2F:60:57:9E:B1:3D:9D:D0:37:B4:6A:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0023B76248CCE07DA25B146284D499148051C29A42F304266149914C14A10507/0/C3D02995E170CE622F60579EB13D9DD037B46A52.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C3D02995E170CE622F60579EB13D9DD037B46A52.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0023B76248CCE07DA25B146284D499148051C29A42F304266149914C14A10507/0/3230312e3232322e34342e302f32322d3234203d3e20323731373833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.222.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         96:5b:4e:c6:d4:84:10:81:84:fa:85:ad:28:f3:3e:ef:66:d7:
         2a:59:eb:76:02:57:62:de:52:cf:e1:e6:4a:90:9d:84:7f:67:
         33:a4:c4:7f:f8:9a:75:42:69:d1:b1:8c:e3:d4:a4:72:a9:aa:
         40:25:c5:7f:29:25:2f:d8:3a:2f:17:95:64:75:11:fb:bb:70:
         48:09:20:d5:3c:94:26:04:d8:6d:9f:2a:60:89:43:7d:98:43:
         15:51:0a:8f:08:5e:54:93:f5:d7:dd:d2:0d:e2:be:b2:0c:b9:
         78:67:96:71:a2:cf:f2:96:e8:92:b1:42:b9:42:e2:c3:71:9b:
         56:1d:82:16:b3:b6:56:69:f9:93:cb:82:ef:58:7b:af:37:08:
         88:fa:91:98:51:4a:e2:5b:d9:88:f4:db:62:33:2d:ce:dc:c2:
         74:5a:76:67:c2:99:c7:eb:2c:98:f2:60:7b:2c:aa:fb:ea:22:
         3c:df:59:02:be:09:9a:d4:69:5c:ee:9d:13:b6:93:1c:c2:9e:
         06:74:07:9e:bb:b4:da:c9:91:aa:8a:0f:88:4d:11:f5:b4:9c:
         c6:34:8f:cd:59:93:58:a9:78:66:26:56:e2:fe:7c:92:ff:5c:
         93:c9:ae:a4:7f:f8:4d:58:37:99:08:b1:96:a1:9e:cb:ff:f3:
         78:34:23:1a
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUVClNSDuCVoCmW4XHiBYApxqbc/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNEMDI5OTVFMTcwQ0U2MjJGNjA1NzlFQjEzRDlERDAz
N0I0NkE1MjAeFw0yNTAyMDQxODE3MTFaFw0yNjAyMDMxODIyMTFaMDMxMTAvBgNV
BAMTKDIzN0VDN0M4MUY0NUFCNjlEOUIxRkVCQUFDQjREQjRFOTU0NDA1QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0d0r6oCVN+CEd6fmhnB1HsS1v
E9sr9v/frtjmRJYKMr1IALGZzZlUsFbPbaP+gTW5/pp+2a3XWTMgKLJh5PjEA34T
/llJAM6A4La9Sr1qqQovlmLYny3NbtDkohv+T8t2RWTmonFe6Pshe8oxPGgqqjcr
7dpOQJ5lZzRe8zgRpw4TF0PHGAV7Tbu6SlIO/JnEyhc8a94sdt+g7oNR6Ljysoqp
+vShBzy929RMc9+63trZydVtFT7qHiWRW8ONVVXJBWzhM+OqmOMm1FIzM59ayUhZ
YY2kay0zs/g4cv+hK480Gp1VmTrcb/s9OsZCB8nhs/c5V950ZXALceodgx8DAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUI37HyB9Fq2nZsf66rLTbTpVEBckwHwYDVR0j
BBgwFoAUw9ApleFwzmIvYFeesT2d0De0alIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMDIzQjc2MjQ4Q0NFMDdEQTI1QjE0NjI4NEQ0OTkxNDgw
NTFDMjlBNDJGMzA0MjY2MTQ5OTE0QzE0QTEwNTA3LzAvQzNEMDI5OTVFMTcwQ0U2
MjJGNjA1NzlFQjEzRDlERDAzN0I0NkE1Mi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DM0QwMjk5NUUxNzBDRTYyMkY2
MDU3OUVCMTNEOUREMDM3QjQ2QTUyLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDAyM0I3NjI0OENDRTA3REEyNUIxNDYyODRENDk5MTQ4MDUxQzI5QTQy
RjMwNDI2NjE0OTkxNEMxNEExMDUwNy8wLzMyMzAzMTJlMzIzMjMyMmUzNDM0MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzMxMzczODMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyd4s
MA0GCSqGSIb3DQEBCwUAA4IBAQCWW07G1IQQgYT6ha0o8z7vZtcqWet2Aldi3lLP
4eZKkJ2Ef2czpMR/+Jp1QmnRsYzj1KRyqapAJcV/KSUv2DovF5VkdRH7u3BICSDV
PJQmBNhtnypgiUN9mEMVUQqPCF5Uk/XX3dIN4r6yDLl4Z5Zxos/yluiSsUK5QuLD
cZtWHYIWs7ZWafmTy4LvWHuvNwiI+pGYUUriW9mI9NtiMy3O3MJ0WnZnwpnH6yyY
8mB7LKr76iI831kCvgma1Glc7p0TtpMcwp4GdAeeu7TayZGqig+ITRH1tJzGNI/N
WZNYqXhmJlbi/nyS/1yTya6kf/hNWDeZCLGWoZ7L//N4NCMa
-----END CERTIFICATE-----