Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e33322e36352e302f32342d3234203d3e203133353931.roa
File:                     3230302e33322e36352e302f32342d3234203d3e203133353931.roa (raw, json)
Hash identifier:          OdFs8asJQ6vOlm0P/wEM578da/iMb4YBPXU5FSBTaiM=
Subject key identifier:   C5:85:F4:C6:EE:53:4D:F1:5D:6C:C3:77:21:8D:B0:5B:99:10:54:5D
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       37CDC4F9114926B9AC00C4834FEE8340AC98CDCE
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e33322e36352e302f32342d3234203d3e203133353931.roa
Signing time:             Tue 04 Feb 2025 18:41:40 +0000
ROA not before:           Tue 04 Feb 2025 18:36:40 +0000
ROA not after:            Tue 03 Feb 2026 18:41:40 +0000
asID:                     13591
IP address blocks:        200.32.65.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:cd:c4:f9:11:49:26:b9:ac:00:c4:83:4f:ee:83:40:ac:98:cd:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Feb  4 18:36:40 2025 GMT
            Not After : Feb  3 18:41:40 2026 GMT
        Subject: CN=C585F4C6EE534DF15D6CC377218DB05B9910545D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:f6:67:19:cd:73:61:38:8e:9a:82:29:a9:03:
                    47:3d:58:4d:8e:a7:e0:a7:57:09:cc:2a:1f:bf:fa:
                    41:d8:48:e6:f5:8b:d5:e7:bd:8f:85:45:1e:6d:07:
                    14:71:b0:0e:4b:03:c1:3d:97:14:b8:9e:4b:8c:e3:
                    e1:8d:0c:cf:a1:cf:52:38:33:d3:14:79:68:ee:b5:
                    7a:a0:a3:73:50:c7:0a:49:3c:5e:a6:18:bc:3d:6b:
                    5f:a0:9d:73:69:1b:c4:fe:37:1f:dd:a1:9e:9f:4e:
                    10:11:65:84:2e:f5:ff:fe:74:d6:42:c1:6c:f1:8b:
                    d6:5c:67:94:5b:ee:b5:10:86:2c:8d:22:fb:a7:5c:
                    30:cc:4e:07:6c:55:0e:6a:07:2a:4f:f7:fb:c7:02:
                    88:73:b2:2a:06:fc:8a:91:79:43:fc:23:6c:e3:cd:
                    20:f6:82:1b:80:96:fd:38:32:85:90:96:18:92:a6:
                    77:83:8c:13:83:09:55:e4:ff:87:cf:8e:67:4a:7a:
                    6b:1b:c0:fa:70:12:cf:04:e8:74:5d:a2:e0:3f:61:
                    d1:a9:44:02:e1:b2:a1:8b:25:85:33:da:b3:13:79:
                    83:c6:58:2d:c7:13:5b:e9:86:64:a7:0b:e6:c9:e9:
                    5b:90:a6:7d:15:b1:52:62:32:ce:c7:c9:4c:d0:59:
                    75:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:85:F4:C6:EE:53:4D:F1:5D:6C:C3:77:21:8D:B0:5B:99:10:54:5D
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e33322e36352e302f32342d3234203d3e203133353931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.32.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:c7:5d:2c:8c:ab:78:03:64:75:dc:c0:e3:47:b2:04:e8:8a:
         d3:59:0f:b6:25:cd:d6:9b:a3:ef:32:02:30:bb:99:eb:e0:29:
         50:51:46:7d:62:89:5c:9f:70:ae:35:eb:60:b1:03:5b:e3:f3:
         4c:84:af:47:9f:24:67:02:01:0a:b1:f7:23:58:94:f7:6e:36:
         10:3d:12:b2:a2:d4:a2:08:79:23:3d:23:6b:ec:84:05:4f:ea:
         c3:e3:f9:de:2c:d5:41:c0:2a:89:d8:04:2b:ce:70:ab:0a:32:
         92:1f:f9:14:15:c4:e3:ac:bb:5d:48:7e:c3:c5:d9:8c:91:a3:
         a9:fe:ee:0e:b3:73:c8:e5:76:e3:fe:ce:87:a8:68:bf:22:17:
         95:93:fc:a9:67:a7:0c:77:27:bb:9e:da:76:ac:0e:20:97:86:
         3f:88:41:d6:72:11:35:be:ec:98:9d:97:46:f8:e4:b9:40:36:
         da:3e:00:d8:09:64:c9:5e:a3:7b:d9:c0:c6:d7:37:e1:48:5a:
         9f:cd:cd:a3:dd:3e:1a:8f:cf:f5:32:8f:2b:8a:0f:3c:05:15:
         30:d0:e0:e3:d2:9b:86:98:03:1f:4f:d8:92:2a:f2:b9:47:74:
         58:b6:b2:48:88:1a:5e:9e:f0:2b:12:57:c1:5c:bd:47:e0:22:
         c0:85:a7:40
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUN83E+RFJJrmsAMSDT+6DQKyYzc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNTAyMDQxODM2NDBaFw0yNjAyMDMxODQxNDBaMDMxMTAvBgNV
BAMTKEM1ODVGNEM2RUU1MzRERjE1RDZDQzM3NzIxOERCMDVCOTkxMDU0NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW9mcZzXNhOI6agimpA0c9WE2O
p+CnVwnMKh+/+kHYSOb1i9XnvY+FRR5tBxRxsA5LA8E9lxS4nkuM4+GNDM+hz1I4
M9MUeWjutXqgo3NQxwpJPF6mGLw9a1+gnXNpG8T+Nx/doZ6fThARZYQu9f/+dNZC
wWzxi9ZcZ5Rb7rUQhiyNIvunXDDMTgdsVQ5qBypP9/vHAohzsioG/IqReUP8I2zj
zSD2ghuAlv04MoWQlhiSpneDjBODCVXk/4fPjmdKemsbwPpwEs8E6HRdouA/YdGp
RALhsqGLJYUz2rMTeYPGWC3HE1vphmSnC+bJ6VuQpn0VsVJiMs7HyUzQWXWVAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUxYX0xu5TTfFdbMN3IY2wW5kQVF0wHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMyMzAzMDJlMzMzMjJlMzYzNTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNTM5MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIIEEwDQYJ
KoZIhvcNAQELBQADggEBAHTHXSyMq3gDZHXcwONHsgToitNZD7Ylzdabo+8yAjC7
mevgKVBRRn1iiVyfcK4162CxA1vj80yEr0efJGcCAQqx9yNYlPduNhA9ErKi1KII
eSM9I2vshAVP6sPj+d4s1UHAKonYBCvOcKsKMpIf+RQVxOOsu11IfsPF2YyRo6n+
7g6zc8jlduP+zoeoaL8iF5WT/Klnpwx3J7ue2nasDiCXhj+IQdZyETW+7Jidl0b4
5LlANto+ANgJZMleo3vZwMbXN+FIWp/NzaPdPhqPz/UyjyuKDzwFFTDQ4OPSm4aY
Ax9P2JIq8rlHdFi2skiIGl6e8CsSV8FcvUfgIsCFp0A=
-----END CERTIFICATE-----