Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e34312e382e302f32342d3234203d3e2033333536.roa
File:                     3230302e34312e382e302f32342d3234203d3e2033333536.roa (raw, json)
Hash identifier:          bb3nsfN16Eb2cbJ7nIRlhYIrRWkEDJGR4D1ZcF88MCs=
Subject key identifier:   6A:62:A2:AF:6C:F7:97:1B:23:F9:D8:9B:54:F0:97:95:F3:33:35:85
Certificate issuer:       /CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
Certificate serial:       5BCABF56FE4C6A26EE3C258E4ED85F323C353F84
Authority key identifier: C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e34312e382e302f32342d3234203d3e2033333536.roa
Signing time:             Tue 04 Feb 2025 18:41:29 +0000
ROA not before:           Tue 04 Feb 2025 18:36:29 +0000
ROA not after:            Tue 03 Feb 2026 18:41:29 +0000
asID:                     3356
IP address blocks:        200.41.8.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:ca:bf:56:fe:4c:6a:26:ee:3c:25:8e:4e:d8:5f:32:3c:35:3f:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C87C55A4481F19C9B6184944B187B3813B7CEC56
        Validity
            Not Before: Feb  4 18:36:29 2025 GMT
            Not After : Feb  3 18:41:29 2026 GMT
        Subject: CN=6A62A2AF6CF7971B23F9D89B54F09795F3333585
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:45:e5:9b:2e:5b:e6:90:69:1f:cd:70:95:95:
                    b1:68:d5:5e:df:f1:e8:85:1d:56:a0:b3:f8:60:97:
                    3d:04:9b:32:74:0c:ba:2c:d7:51:fa:16:8d:c1:48:
                    40:ea:17:10:14:7a:ed:9e:71:3d:ca:f1:dd:4b:2a:
                    77:e4:96:25:83:1a:d5:88:32:c9:67:8d:3b:e6:8a:
                    ed:9b:09:d0:54:ec:f7:92:58:af:cc:76:ac:36:ee:
                    38:71:55:13:2a:62:76:ce:d6:27:ac:97:ff:1b:94:
                    f8:fc:0c:80:31:27:99:0b:12:d1:d8:c1:c9:df:71:
                    e9:a4:81:d2:c7:f0:4f:14:72:d8:76:9c:92:62:61:
                    6f:39:26:bf:1a:2f:b3:f9:90:ad:b8:8f:e2:1b:ae:
                    c8:82:a4:95:70:a1:08:ec:fa:1d:9b:c1:cd:02:8d:
                    68:be:06:56:1d:75:89:96:58:22:e4:17:1f:bb:07:
                    4d:5c:5a:10:23:20:94:10:a2:12:10:20:60:45:1a:
                    54:28:9c:d3:5c:74:15:91:f7:5f:60:7a:90:06:dc:
                    3c:74:a6:26:e8:79:49:61:be:42:83:db:8e:3a:fa:
                    71:2a:8e:da:1a:a8:64:70:0e:7d:37:d5:bc:fa:52:
                    68:fe:bd:15:15:03:48:e6:d3:b3:39:63:55:47:63:
                    d8:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:62:A2:AF:6C:F7:97:1B:23:F9:D8:9B:54:F0:97:95:F3:33:35:85
            X509v3 Authority Key Identifier:
                keyid:C8:7C:55:A4:48:1F:19:C9:B6:18:49:44:B1:87:B3:81:3B:7C:EC:56

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C87C55A4481F19C9B6184944B187B3813B7CEC56.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/00A66A6A2A6CFE93C0F6E3DFC20DD331B580FB20383B62FE4B26C0294B4687C7/0/3230302e34312e382e302f32342d3234203d3e2033333536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.41.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:81:84:e7:d1:08:ee:02:46:c1:e5:23:b2:f3:02:43:c6:54:
         e4:36:35:bb:c4:92:3c:ce:ff:c0:91:18:ff:8b:ec:45:63:92:
         4d:5c:ca:30:1b:66:b8:a7:60:89:da:cb:19:e0:2c:ef:7d:ad:
         7e:21:ef:17:92:c1:fc:61:55:56:e8:17:e6:a8:47:22:1d:82:
         3a:93:5c:60:c6:1c:02:15:34:20:d9:c4:8f:b5:e9:60:21:8e:
         93:b3:d3:f4:ec:50:b2:d8:e3:fd:54:df:9d:32:d1:73:ca:7c:
         25:73:1f:20:e4:55:36:58:42:d7:bf:21:ff:19:d7:fc:e8:12:
         39:8a:17:46:0f:78:96:f5:1b:1e:63:fc:07:f2:71:04:a0:b9:
         27:e0:c6:8c:51:4c:32:a3:bf:bb:68:76:c4:e5:5b:38:24:7c:
         aa:c3:a3:73:3b:9f:7b:d7:50:d5:ee:cf:c5:17:cd:38:3a:d2:
         88:eb:f3:b6:46:30:e9:f1:51:61:a4:84:e1:12:2c:33:59:21:
         d0:6a:9d:0c:9b:77:2a:38:00:fd:06:47:36:3d:58:63:f0:60:
         80:ec:b0:58:6e:69:db:4f:08:17:86:32:a0:94:38:80:f2:66:
         a9:19:3f:32:02:39:3b:ea:88:0e:a0:e9:79:73:9e:7f:0a:42:
         d0:1a:45:cd
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIUW8q/Vv5MaibuPCWOTthfMjw1P4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzg3QzU1QTQ0ODFGMTlDOUI2MTg0OTQ0QjE4N0IzODEz
QjdDRUM1NjAeFw0yNTAyMDQxODM2MjlaFw0yNjAyMDMxODQxMjlaMDMxMTAvBgNV
BAMTKDZBNjJBMkFGNkNGNzk3MUIyM0Y5RDg5QjU0RjA5Nzk1RjMzMzM1ODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9ReWbLlvmkGkfzXCVlbFo1V7f
8eiFHVags/hglz0EmzJ0DLos11H6Fo3BSEDqFxAUeu2ecT3K8d1LKnfkliWDGtWI
MslnjTvmiu2bCdBU7PeSWK/Mdqw27jhxVRMqYnbO1iesl/8blPj8DIAxJ5kLEtHY
wcnfcemkgdLH8E8Ucth2nJJiYW85Jr8aL7P5kK24j+IbrsiCpJVwoQjs+h2bwc0C
jWi+BlYddYmWWCLkFx+7B01cWhAjIJQQohIQIGBFGlQonNNcdBWR919gepAG3Dx0
piboeUlhvkKD2446+nEqjtoaqGRwDn031bz6Umj+vRUVA0jm07M5Y1VHY9ijAgMB
AAGjggLCMIICvjAdBgNVHQ4EFgQUamKir2z3lxsj+dibVPCXlfMzNYUwHwYDVR0j
BBgwFoAUyHxVpEgfGcm2GElEsYezgTt87FYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wMEE2NkE2QTJBNkNGRTkzQzBGNkUzREZDMjBERDMzMUI1
ODBGQjIwMzgzQjYyRkU0QjI2QzAyOTRCNDY4N0M3LzAvQzg3QzU1QTQ0ODFGMTlD
OUI2MTg0OTQ0QjE4N0IzODEzQjdDRUM1Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DODdDNTVBNDQ4MUYxOUM5QjYx
ODQ5NDRCMTg3QjM4MTNCN0NFQzU2LmNlcjCBwQYIKwYBBQUHAQsEgbQwgbEwga4G
CCsGAQUFBzALhoGhcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDBBNjZBNkEyQTZDRkU5M0MwRjZFM0RGQzIwREQzMzFCNTgwRkIyMDM4
M0I2MkZFNEIyNkMwMjk0QjQ2ODdDNy8wLzMyMzAzMDJlMzQzMTJlMzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMzMzMzUzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgpCDANBgkqhkiG
9w0BAQsFAAOCAQEAEIGE59EI7gJGweUjsvMCQ8ZU5DY1u8SSPM7/wJEY/4vsRWOS
TVzKMBtmuKdgidrLGeAs732tfiHvF5LB/GFVVugX5qhHIh2COpNcYMYcAhU0INnE
j7XpYCGOk7PT9OxQstjj/VTfnTLRc8p8JXMfIORVNlhC178h/xnX/OgSOYoXRg94
lvUbHmP8B/JxBKC5J+DGjFFMMqO/u2h2xOVbOCR8qsOjczufe9dQ1e7PxRfNODrS
iOvztkYw6fFRYaSE4RIsM1kh0GqdDJt3KjgA/QZHNj1YY/BggOywWG5p208IF4Yy
oJQ4gPJmqRk/MgI5O+qIDqDpeXOefwpC0BpFzQ==
-----END CERTIFICATE-----