Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/11812E0B04E360A066E6848201FEFCC655150BDCED2A3A00B2A0D4810497E382/0/3230302e312e3135342e302f32342d3234203d3e20323037303336.roa
File:                     3230302e312e3135342e302f32342d3234203d3e20323037303336.roa (raw, json)
Hash identifier:          9rl/e/vVaYdggZHBG9FRd33mhBWSmV0tbeN45VEm2ok=
Subject key identifier:   C1:1C:87:F5:9C:E5:56:A7:9C:39:78:91:8E:54:86:BB:F1:50:07:4B
Certificate issuer:       /CN=D7C81DA3772B5EEAE19752E755626DBDC73EDFDD
Certificate serial:       2A86934222720133429C701E4BFBF92BF9BEF486
Authority key identifier: D7:C8:1D:A3:77:2B:5E:EA:E1:97:52:E7:55:62:6D:BD:C7:3E:DF:DD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D7C81DA3772B5EEAE19752E755626DBDC73EDFDD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/11812E0B04E360A066E6848201FEFCC655150BDCED2A3A00B2A0D4810497E382/0/3230302e312e3135342e302f32342d3234203d3e20323037303336.roa
Signing time:             Tue 04 Feb 2025 18:22:55 +0000
ROA not before:           Tue 04 Feb 2025 18:17:55 +0000
ROA not after:            Tue 03 Feb 2026 18:22:55 +0000
asID:                     207036
IP address blocks:        200.1.154.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:86:93:42:22:72:01:33:42:9c:70:1e:4b:fb:f9:2b:f9:be:f4:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D7C81DA3772B5EEAE19752E755626DBDC73EDFDD
        Validity
            Not Before: Feb  4 18:17:55 2025 GMT
            Not After : Feb  3 18:22:55 2026 GMT
        Subject: CN=C11C87F59CE556A79C3978918E5486BBF150074B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:1d:cf:1d:22:0c:3e:44:6c:16:6c:13:bb:64:
                    64:da:3f:fe:29:62:29:4d:62:a7:d2:eb:8d:c2:9e:
                    49:47:f7:98:65:a0:91:0d:f6:36:23:36:6b:25:c2:
                    fe:1d:f6:cc:1f:b1:df:87:dc:95:a8:45:ee:f3:8a:
                    9c:ad:ae:08:c5:5c:81:94:e8:c8:67:d1:02:85:5b:
                    af:ea:67:d5:dc:b8:96:a0:d9:92:e1:23:0b:9f:7a:
                    1e:c1:b6:e3:28:50:c8:33:a4:38:45:c1:1e:3a:a6:
                    8d:d3:5a:e6:e4:95:cc:ea:ee:6c:ca:af:3a:b5:a1:
                    1a:4a:15:ab:a4:b8:3a:65:9e:c8:a2:43:05:12:fb:
                    56:eb:8a:e8:d7:a6:e0:82:94:6e:66:2b:bc:bc:1a:
                    a1:11:f6:a2:56:f4:46:fa:29:85:67:aa:ba:8e:1f:
                    d3:d7:6d:cb:63:db:bc:fe:b9:cf:35:83:4f:33:35:
                    6e:eb:68:ef:08:65:25:36:3e:6b:0c:10:b0:9c:53:
                    ce:28:7e:31:d5:8c:cd:a1:5f:e3:15:d1:ae:dd:67:
                    d9:05:20:67:8d:04:12:f2:6a:94:ad:ad:3e:fa:71:
                    4a:ba:fc:dd:12:5f:5a:be:92:d7:52:8e:d2:3d:a5:
                    7b:1d:b4:92:fc:6e:dd:29:08:85:cd:0b:1f:a6:f2:
                    ec:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:1C:87:F5:9C:E5:56:A7:9C:39:78:91:8E:54:86:BB:F1:50:07:4B
            X509v3 Authority Key Identifier:
                keyid:D7:C8:1D:A3:77:2B:5E:EA:E1:97:52:E7:55:62:6D:BD:C7:3E:DF:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/11812E0B04E360A066E6848201FEFCC655150BDCED2A3A00B2A0D4810497E382/0/D7C81DA3772B5EEAE19752E755626DBDC73EDFDD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D7C81DA3772B5EEAE19752E755626DBDC73EDFDD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/11812E0B04E360A066E6848201FEFCC655150BDCED2A3A00B2A0D4810497E382/0/3230302e312e3135342e302f32342d3234203d3e20323037303336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.1.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:82:34:97:f7:3f:80:ae:cc:52:d8:63:66:b4:5a:a8:34:6a:
         75:36:59:7b:48:4c:8e:d6:e4:8a:3b:f5:08:e8:d2:ac:18:2e:
         23:3b:ef:c3:d8:3b:24:b7:3d:7c:42:7b:22:5c:a4:22:c2:43:
         93:a2:b3:0f:39:d8:a2:37:e6:d9:6f:10:24:45:6a:87:e6:3a:
         16:60:70:8d:1c:bd:b3:56:0e:16:58:2a:3e:fa:5f:ec:ce:17:
         9e:63:ec:05:90:a4:6a:88:ef:46:5c:4f:d2:b3:71:4b:84:6e:
         d2:a1:98:83:42:11:34:3a:fc:48:92:07:f4:09:3e:8e:76:59:
         01:db:b9:0e:d8:3b:8e:d6:06:b1:0e:2c:8f:3c:33:e6:a1:1b:
         20:c6:59:0e:a1:3a:b9:be:2e:e5:b4:7b:aa:61:a2:d0:fc:ef:
         46:e4:97:5c:38:29:2e:10:e5:d7:93:d0:4b:1b:8b:62:5b:0e:
         ed:d5:86:46:3e:f5:e3:ba:aa:ec:59:9c:a6:ff:5e:66:08:69:
         63:42:16:92:ab:4c:01:36:30:7b:67:ca:0d:c6:f5:53:b2:a4:
         2c:6a:3b:bb:02:43:38:95:65:f7:2b:e5:63:2c:72:4b:87:01:
         3f:16:0d:43:09:02:64:48:34:16:19:2f:cd:a6:36:8a:7c:3c:
         e3:2d:ec:14
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUKoaTQiJyATNCnHAeS/v5K/m+9IYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDdDODFEQTM3NzJCNUVFQUUxOTc1MkU3NTU2MjZEQkRD
NzNFREZERDAeFw0yNTAyMDQxODE3NTVaFw0yNjAyMDMxODIyNTVaMDMxMTAvBgNV
BAMTKEMxMUM4N0Y1OUNFNTU2QTc5QzM5Nzg5MThFNTQ4NkJCRjE1MDA3NEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpHc8dIgw+RGwWbBO7ZGTaP/4p
YilNYqfS643CnklH95hloJEN9jYjNmslwv4d9swfsd+H3JWoRe7zipytrgjFXIGU
6Mhn0QKFW6/qZ9XcuJag2ZLhIwufeh7BtuMoUMgzpDhFwR46po3TWubklczq7mzK
rzq1oRpKFaukuDplnsiiQwUS+1briujXpuCClG5mK7y8GqER9qJW9Eb6KYVnqrqO
H9PXbctj27z+uc81g08zNW7raO8IZSU2PmsMELCcU84ofjHVjM2hX+MV0a7dZ9kF
IGeNBBLyapStrT76cUq6/N0SX1q+ktdSjtI9pXsdtJL8bt0pCIXNCx+m8uz3AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUwRyH9ZzlVqecOXiRjlSGu/FQB0swHwYDVR0j
BBgwFoAU18gdo3crXurhl1LnVWJtvcc+390wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMTgxMkUwQjA0RTM2MEEwNjZFNjg0ODIwMUZFRkNDNjU1
MTUwQkRDRUQyQTNBMDBCMkEwRDQ4MTA0OTdFMzgyLzAvRDdDODFEQTM3NzJCNUVF
QUUxOTc1MkU3NTU2MjZEQkRDNzNFREZERC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EN0M4MURBMzc3MkI1RUVBRTE5
NzUyRTc1NTYyNkRCREM3M0VERkRELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTE4MTJFMEIwNEUzNjBBMDY2RTY4NDgyMDFGRUZDQzY1NTE1MEJEQ0VE
MkEzQTAwQjJBMEQ0ODEwNDk3RTM4Mi8wLzMyMzAzMDJlMzEyZTMxMzUzNDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMwMzMzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgBmjAN
BgkqhkiG9w0BAQsFAAOCAQEAqYI0l/c/gK7MUthjZrRaqDRqdTZZe0hMjtbkijv1
COjSrBguIzvvw9g7JLc9fEJ7IlykIsJDk6KzDznYojfm2W8QJEVqh+Y6FmBwjRy9
s1YOFlgqPvpf7M4XnmPsBZCkaojvRlxP0rNxS4Ru0qGYg0IRNDr8SJIH9Ak+jnZZ
Adu5Dtg7jtYGsQ4sjzwz5qEbIMZZDqE6ub4u5bR7qmGi0PzvRuSXXDgpLhDl15PQ
SxuLYlsO7dWGRj7147qq7Fmcpv9eZghpY0IWkqtMATYwe2fKDcb1U7KkLGo7uwJD
OJVl9yvlYyxyS4cBPxYNQwkCZEg0FhkvzaY2inw84y3sFA==
-----END CERTIFICATE-----