Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/008ECF48FD626A41A4EAACDA7B40100DE0F0C1A4FD1DBC752A00393F31237B39/0/3230302e31302e3134312e302f32342d3234203d3e20323634363333.roa
File:                     3230302e31302e3134312e302f32342d3234203d3e20323634363333.roa (raw, json)
Hash identifier:          nY9naKOhZNKm2ov1ZQ9aWE36AApGaSS/8NvcNJ7T/9Q=
Subject key identifier:   77:0C:EF:14:B7:62:72:03:8B:89:A1:2F:2B:4A:CB:44:C5:2B:BE:A1
Certificate issuer:       /CN=2535F6210FBE389C540F5A5DE954C9CFF7EBF7FC
Certificate serial:       38B89441E5BA9E28A0351B21E6B4DB37735D6730
Authority key identifier: 25:35:F6:21:0F:BE:38:9C:54:0F:5A:5D:E9:54:C9:CF:F7:EB:F7:FC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2535F6210FBE389C540F5A5DE954C9CFF7EBF7FC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/008ECF48FD626A41A4EAACDA7B40100DE0F0C1A4FD1DBC752A00393F31237B39/0/3230302e31302e3134312e302f32342d3234203d3e20323634363333.roa
Signing time:             Tue 04 Feb 2025 18:31:49 +0000
ROA not before:           Tue 04 Feb 2025 18:26:49 +0000
ROA not after:            Tue 03 Feb 2026 18:31:49 +0000
asID:                     264633
IP address blocks:        200.10.141.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:b8:94:41:e5:ba:9e:28:a0:35:1b:21:e6:b4:db:37:73:5d:67:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2535F6210FBE389C540F5A5DE954C9CFF7EBF7FC
        Validity
            Not Before: Feb  4 18:26:49 2025 GMT
            Not After : Feb  3 18:31:49 2026 GMT
        Subject: CN=770CEF14B76272038B89A12F2B4ACB44C52BBEA1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:e2:20:e4:19:46:ad:fb:a7:09:83:97:ba:59:
                    f3:94:e3:ef:42:9a:54:0c:2e:87:9c:7b:8a:72:1b:
                    63:10:57:9b:f9:98:63:63:09:46:1f:5c:e6:58:ea:
                    5a:a8:8f:d4:bf:04:2a:e5:de:1a:b0:6e:31:c8:a2:
                    19:b9:fb:9b:9e:7a:c1:6f:92:9b:1f:90:d3:4a:3a:
                    e6:c2:f3:b9:d6:d3:cf:59:e6:db:87:23:29:8b:7e:
                    48:96:34:e8:66:22:ab:bd:d7:7d:3f:c2:57:93:de:
                    e8:25:71:08:ad:c1:a8:f0:42:0f:7e:95:94:7c:9d:
                    bc:f8:c8:17:9a:f7:22:64:aa:e6:d7:94:d8:62:cf:
                    0f:b0:ba:aa:4c:7d:a5:76:35:d4:da:89:09:d9:57:
                    27:f4:0b:6d:06:b1:15:49:5c:6b:2f:b3:7f:61:68:
                    cf:63:93:6a:13:9a:17:79:76:c0:00:a3:6a:ab:0f:
                    8c:77:f8:ed:43:d5:79:55:7b:aa:ef:bd:69:d3:8f:
                    d7:9f:db:f9:ba:d1:54:3d:b4:ae:d6:e4:81:81:d2:
                    5d:2b:f6:13:8a:dc:8c:db:b2:62:9a:b5:f5:54:24:
                    62:aa:6f:76:4c:a1:4d:06:fb:00:43:2c:3b:b2:90:
                    cc:3d:b2:55:6a:76:ed:d1:58:fe:98:cc:dc:ff:79:
                    61:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:0C:EF:14:B7:62:72:03:8B:89:A1:2F:2B:4A:CB:44:C5:2B:BE:A1
            X509v3 Authority Key Identifier:
                keyid:25:35:F6:21:0F:BE:38:9C:54:0F:5A:5D:E9:54:C9:CF:F7:EB:F7:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/008ECF48FD626A41A4EAACDA7B40100DE0F0C1A4FD1DBC752A00393F31237B39/0/2535F6210FBE389C540F5A5DE954C9CFF7EBF7FC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2535F6210FBE389C540F5A5DE954C9CFF7EBF7FC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/008ECF48FD626A41A4EAACDA7B40100DE0F0C1A4FD1DBC752A00393F31237B39/0/3230302e31302e3134312e302f32342d3234203d3e20323634363333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.10.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:16:06:99:9a:11:85:94:8f:68:03:0a:bc:79:1d:7e:0d:4d:
         4a:42:d2:91:a8:1e:b6:b0:89:1f:40:66:f7:d9:78:80:7e:82:
         87:7f:e0:0d:3c:ac:8d:01:b4:20:12:32:eb:9d:57:cb:14:4b:
         91:28:7f:f6:fa:37:e5:07:13:fb:fc:68:68:4e:5e:be:f9:73:
         fe:9a:85:9d:ad:b1:a0:e0:bd:d1:f6:88:7d:a9:48:e9:8f:b4:
         dd:d0:af:f9:f5:d1:8c:09:b2:60:4b:f5:b6:e3:09:76:c0:22:
         8e:c3:40:cd:ed:b8:d7:c8:80:5c:4e:ad:d0:66:2f:b7:15:61:
         09:2f:79:49:d6:6d:61:3c:89:54:39:5b:32:36:a4:c5:96:a8:
         a2:6d:3d:08:47:4d:38:23:db:fa:22:18:5a:47:28:ff:6a:68:
         bd:47:13:44:b4:21:db:82:a9:d3:dd:4f:46:05:d8:96:3d:3a:
         8d:98:92:a0:ed:85:7f:93:be:6e:b8:39:35:12:ed:04:e1:d4:
         16:84:0c:8c:4a:bc:01:e3:5e:58:7b:35:b9:6e:a9:a1:21:d2:
         28:0f:05:d6:2e:1e:ac:5d:0a:7b:10:6a:fe:41:3d:70:aa:6d:
         ea:ff:b9:0e:c1:a8:af:a1:9b:e6:8a:9c:ed:97:d3:63:f3:40:
         11:eb:4a:9c
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUOLiUQeW6niigNRsh5rTbN3NdZzAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjUzNUY2MjEwRkJFMzg5QzU0MEY1QTVERTk1NEM5Q0ZG
N0VCRjdGQzAeFw0yNTAyMDQxODI2NDlaFw0yNjAyMDMxODMxNDlaMDMxMTAvBgNV
BAMTKDc3MENFRjE0Qjc2MjcyMDM4Qjg5QTEyRjJCNEFDQjQ0QzUyQkJFQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS4iDkGUat+6cJg5e6WfOU4+9C
mlQMLoece4pyG2MQV5v5mGNjCUYfXOZY6lqoj9S/BCrl3hqwbjHIohm5+5ueesFv
kpsfkNNKOubC87nW089Z5tuHIymLfkiWNOhmIqu9130/wleT3uglcQitwajwQg9+
lZR8nbz4yBea9yJkqubXlNhizw+wuqpMfaV2NdTaiQnZVyf0C20GsRVJXGsvs39h
aM9jk2oTmhd5dsAAo2qrD4x3+O1D1XlVe6rvvWnTj9ef2/m60VQ9tK7W5IGB0l0r
9hOK3IzbsmKatfVUJGKqb3ZMoU0G+wBDLDuykMw9slVqdu3RWP6YzNz/eWHtAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUdwzvFLdicgOLiaEvK0rLRMUrvqEwHwYDVR0j
BBgwFoAUJTX2IQ++OJxUD1pd6VTJz/fr9/wwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMDhFQ0Y0OEZENjI2QTQxQTRFQUFDREE3QjQwMTAwREUw
RjBDMUE0RkQxREJDNzUyQTAwMzkzRjMxMjM3QjM5LzAvMjUzNUY2MjEwRkJFMzg5
QzU0MEY1QTVERTk1NEM5Q0ZGN0VCRjdGQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNTM1RjYyMTBGQkUzODlDNTQw
RjVBNURFOTU0QzlDRkY3RUJGN0ZDLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDA4RUNGNDhGRDYyNkE0MUE0RUFBQ0RBN0I0MDEwMERFMEYwQzFBNEZE
MURCQzc1MkEwMDM5M0YzMTIzN0IzOS8wLzMyMzAzMDJlMzEzMDJlMzEzNDMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM0MzYzMzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyAqN
MA0GCSqGSIb3DQEBCwUAA4IBAQC9FgaZmhGFlI9oAwq8eR1+DU1KQtKRqB62sIkf
QGb32XiAfoKHf+ANPKyNAbQgEjLrnVfLFEuRKH/2+jflBxP7/GhoTl6++XP+moWd
rbGg4L3R9oh9qUjpj7Td0K/59dGMCbJgS/W24wl2wCKOw0DN7bjXyIBcTq3QZi+3
FWEJL3lJ1m1hPIlUOVsyNqTFlqiibT0IR004I9v6IhhaRyj/ami9RxNEtCHbgqnT
3U9GBdiWPTqNmJKg7YV/k75uuDk1Eu0E4dQWhAyMSrwB415YezW5bqmhIdIoDwXW
Lh6sXQp7EGr+QT1wqm3q/7kOwaivoZvmipztl9Nj80AR60qc
-----END CERTIFICATE-----