Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0C966AF2D667C71DB8F7DC6CBE7AA3B54C9A1341ACA871B57B438DF8EAC761DC/0/3230302e3139322e3233362e302f32322d3234203d3e203233343536.roa
File:                     3230302e3139322e3233362e302f32322d3234203d3e203233343536.roa (raw, json)
Hash identifier:          TNiCy3O+Kg+PDwzaBnUsKfWZiAvxRsy3VcEVtjE3S0M=
Subject key identifier:   F7:D2:F9:DB:FB:F1:79:A6:AD:C4:E1:E8:4B:02:94:A2:EA:E2:A5:5A
Certificate issuer:       /CN=A4EC8475F98014B965F34B25A2A68F58AAEE199B
Certificate serial:       06D436C538E2F88E60D72AF03284483D04FB2219
Authority key identifier: A4:EC:84:75:F9:80:14:B9:65:F3:4B:25:A2:A6:8F:58:AA:EE:19:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A4EC8475F98014B965F34B25A2A68F58AAEE199B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0C966AF2D667C71DB8F7DC6CBE7AA3B54C9A1341ACA871B57B438DF8EAC761DC/0/3230302e3139322e3233362e302f32322d3234203d3e203233343536.roa
Signing time:             Tue 04 Feb 2025 18:14:12 +0000
ROA not before:           Tue 04 Feb 2025 18:09:12 +0000
ROA not after:            Tue 03 Feb 2026 18:14:12 +0000
asID:                     23456
IP address blocks:        200.192.236.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:d4:36:c5:38:e2:f8:8e:60:d7:2a:f0:32:84:48:3d:04:fb:22:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A4EC8475F98014B965F34B25A2A68F58AAEE199B
        Validity
            Not Before: Feb  4 18:09:12 2025 GMT
            Not After : Feb  3 18:14:12 2026 GMT
        Subject: CN=F7D2F9DBFBF179A6ADC4E1E84B0294A2EAE2A55A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:92:92:e0:5a:29:40:8f:48:f3:85:a8:0c:1b:
                    1b:4c:e1:11:16:44:ac:b8:c9:be:1c:b5:ad:9f:3e:
                    1c:85:7e:65:72:50:3c:50:b0:89:bc:ca:8d:8d:d3:
                    87:e8:82:72:48:9f:eb:10:1f:1e:0d:0d:d1:46:81:
                    c8:d8:e5:3b:d8:c6:07:0c:46:f3:60:43:1d:93:a0:
                    c3:b8:56:d0:6c:b7:49:25:56:3b:1d:1b:0f:cb:9f:
                    8c:53:a1:45:14:4e:07:e3:f9:58:28:ab:87:c5:a0:
                    6e:f3:40:3c:d3:ff:d6:45:ea:8f:66:37:39:77:32:
                    5a:fa:06:b1:7c:e5:3d:14:c6:cc:d7:a8:9c:b9:a4:
                    47:c3:58:b0:20:b8:d7:32:c4:cb:c4:f2:0d:2c:ed:
                    30:c3:d3:cd:4c:8e:1d:2a:9e:c6:bf:3b:a6:95:cb:
                    65:5a:18:37:03:95:53:ef:f0:ce:1f:9c:4c:e7:e8:
                    ab:ab:d8:de:d5:cc:15:82:66:57:f7:b8:fd:7c:0b:
                    8d:c9:91:40:70:a3:08:28:b3:a2:0c:af:6a:3b:e5:
                    d3:f0:9e:7c:4b:f4:4b:db:e1:e7:51:d8:c2:4e:ef:
                    fc:91:e8:35:d1:db:1c:42:6a:29:0f:4a:d2:32:5d:
                    73:ab:db:b8:37:1e:09:9c:c8:de:56:6f:a0:40:2c:
                    01:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:D2:F9:DB:FB:F1:79:A6:AD:C4:E1:E8:4B:02:94:A2:EA:E2:A5:5A
            X509v3 Authority Key Identifier:
                keyid:A4:EC:84:75:F9:80:14:B9:65:F3:4B:25:A2:A6:8F:58:AA:EE:19:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0C966AF2D667C71DB8F7DC6CBE7AA3B54C9A1341ACA871B57B438DF8EAC761DC/0/A4EC8475F98014B965F34B25A2A68F58AAEE199B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A4EC8475F98014B965F34B25A2A68F58AAEE199B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0C966AF2D667C71DB8F7DC6CBE7AA3B54C9A1341ACA871B57B438DF8EAC761DC/0/3230302e3139322e3233362e302f32322d3234203d3e203233343536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.192.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b2:63:b7:c9:d1:70:77:c4:1c:a4:ee:3c:7e:2d:fe:11:c2:06:
         a5:9e:22:d5:58:28:0d:67:bb:50:23:37:c4:f5:91:27:87:4c:
         c0:4c:c2:f6:99:d8:cb:b2:96:6d:e2:c5:e5:17:25:4e:97:67:
         12:82:92:8c:56:ea:8b:e8:0e:cb:2c:a7:39:9c:85:a2:31:93:
         49:f2:32:60:48:6e:e6:82:66:cf:f4:5d:22:ce:f8:00:8e:5f:
         56:76:d2:8e:a2:85:5e:ad:d0:b7:07:6a:a7:56:19:53:21:31:
         bf:70:82:c7:e7:8c:16:06:4b:4c:00:33:2b:0d:22:85:3d:ea:
         10:94:52:2c:e9:81:57:5c:1c:54:0a:23:63:d6:21:58:1f:4a:
         7a:cc:c5:70:38:c1:c5:49:4e:0f:f9:39:e1:ae:e8:42:5e:9e:
         40:c3:b5:b1:20:7c:b0:c4:33:8b:b1:d8:ef:05:fe:41:32:77:
         74:76:22:48:55:f1:92:3f:9d:ed:a0:87:52:33:9b:4e:28:40:
         66:d2:37:dd:cf:12:bc:10:78:80:de:85:51:b3:10:18:bb:1a:
         25:d3:db:0e:50:06:ad:86:d6:47:3a:01:d6:ac:88:5e:c8:0b:
         98:15:f9:51:54:49:2c:64:28:59:79:2f:f3:17:0c:54:a7:ed:
         56:e8:95:b3
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUBtQ2xTji+I5g1yrwMoRIPQT7IhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTRFQzg0NzVGOTgwMTRCOTY1RjM0QjI1QTJBNjhGNThB
QUVFMTk5QjAeFw0yNTAyMDQxODA5MTJaFw0yNjAyMDMxODE0MTJaMDMxMTAvBgNV
BAMTKEY3RDJGOURCRkJGMTc5QTZBREM0RTFFODRCMDI5NEEyRUFFMkE1NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDekpLgWilAj0jzhagMGxtM4REW
RKy4yb4cta2fPhyFfmVyUDxQsIm8yo2N04fognJIn+sQHx4NDdFGgcjY5TvYxgcM
RvNgQx2ToMO4VtBst0klVjsdGw/Ln4xToUUUTgfj+Vgoq4fFoG7zQDzT/9ZF6o9m
Nzl3Mlr6BrF85T0UxszXqJy5pEfDWLAguNcyxMvE8g0s7TDD081Mjh0qnsa/O6aV
y2VaGDcDlVPv8M4fnEzn6Kur2N7VzBWCZlf3uP18C43JkUBwowgos6IMr2o75dPw
nnxL9Evb4edR2MJO7/yR6DXR2xxCaikPStIyXXOr27g3HgmcyN5Wb6BALAFJAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU99L52/vxeaatxOHoSwKUouripVowHwYDVR0j
BBgwFoAUpOyEdfmAFLll80sloqaPWKruGZswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wQzk2NkFGMkQ2NjdDNzFEQjhGN0RDNkNCRTdBQTNCNTRD
OUExMzQxQUNBODcxQjU3QjQzOERGOEVBQzc2MURDLzAvQTRFQzg0NzVGOTgwMTRC
OTY1RjM0QjI1QTJBNjhGNThBQUVFMTk5Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNEVDODQ3NUY5ODAxNEI5NjVG
MzRCMjVBMkE2OEY1OEFBRUUxOTlCLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEM5NjZBRjJENjY3QzcxREI4RjdEQzZDQkU3QUEzQjU0QzlBMTM0MUFD
QTg3MUI1N0I0MzhERjhFQUM3NjFEQy8wLzMyMzAzMDJlMzEzOTMyMmUzMjMzMzYy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMzMzQzNTM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyMDs
MA0GCSqGSIb3DQEBCwUAA4IBAQCyY7fJ0XB3xByk7jx+Lf4RwgalniLVWCgNZ7tQ
IzfE9ZEnh0zATML2mdjLspZt4sXlFyVOl2cSgpKMVuqL6A7LLKc5nIWiMZNJ8jJg
SG7mgmbP9F0izvgAjl9WdtKOooVerdC3B2qnVhlTITG/cILH54wWBktMADMrDSKF
PeoQlFIs6YFXXBxUCiNj1iFYH0p6zMVwOMHFSU4P+TnhruhCXp5Aw7WxIHywxDOL
sdjvBf5BMnd0diJIVfGSP53toIdSM5tOKEBm0jfdzxK8EHiA3oVRsxAYuxol09sO
UAathtZHOgHWrIheyAuYFflRVEksZChZeS/zFwxUp+1W6JWz
-----END CERTIFICATE-----