Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/13F91A3F3B2AFAB34132426852D564564D0065840841B775D82728FE6B41E60D/0/3230302e34322e3136302e302f32312d3234203d3e2037343138.roa
File:                     3230302e34322e3136302e302f32312d3234203d3e2037343138.roa (raw, json)
Hash identifier:          Z7X+3LkSGHe85FN+wfYwtocQ5hYV3se41eIoC+dLGJM=
Subject key identifier:   B3:52:2B:87:AD:7C:4E:CF:0B:52:26:56:B0:ED:4A:5A:28:D1:56:8A
Certificate issuer:       /CN=7F35EC316BDD1B834288C2E6F3481B3A2392506A
Certificate serial:       66E7D6828CE22D93B28B4D2EA0A137D326DB04A4
Authority key identifier: 7F:35:EC:31:6B:DD:1B:83:42:88:C2:E6:F3:48:1B:3A:23:92:50:6A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7F35EC316BDD1B834288C2E6F3481B3A2392506A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/13F91A3F3B2AFAB34132426852D564564D0065840841B775D82728FE6B41E60D/0/3230302e34322e3136302e302f32312d3234203d3e2037343138.roa
Signing time:             Tue 04 Feb 2025 20:00:49 +0000
ROA not before:           Tue 04 Feb 2025 19:55:49 +0000
ROA not after:            Tue 03 Feb 2026 20:00:49 +0000
asID:                     7418
IP address blocks:        200.42.160.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:e7:d6:82:8c:e2:2d:93:b2:8b:4d:2e:a0:a1:37:d3:26:db:04:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7F35EC316BDD1B834288C2E6F3481B3A2392506A
        Validity
            Not Before: Feb  4 19:55:49 2025 GMT
            Not After : Feb  3 20:00:49 2026 GMT
        Subject: CN=B3522B87AD7C4ECF0B522656B0ED4A5A28D1568A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:9b:41:72:49:d5:20:2f:23:7e:63:bd:f9:16:
                    a6:d6:60:2a:86:1b:ae:01:5f:13:e5:b7:6f:e8:4c:
                    eb:eb:31:27:ca:35:4d:bb:ec:45:a7:ec:3f:32:57:
                    4a:28:18:c0:c5:5b:08:c7:38:0f:bd:b1:79:72:cd:
                    8c:a9:5a:f8:09:a8:e9:1e:fe:25:dc:e0:27:a2:e4:
                    b3:8a:dd:53:3e:95:03:5b:c9:d0:6d:86:03:5e:27:
                    2c:a6:ac:18:de:54:a0:d3:d6:c7:c0:56:63:30:bd:
                    0a:72:c6:77:e2:e5:a5:cf:a4:27:81:52:a0:3f:8c:
                    b6:63:bd:26:1e:a9:a5:39:d8:92:3b:2e:64:84:49:
                    0e:bb:84:a9:b7:61:61:4b:ab:de:06:f9:f5:3b:d6:
                    ef:2a:aa:5d:66:c5:7c:46:2a:42:8f:48:ee:f5:bd:
                    ab:92:89:40:dc:4c:7d:d9:7e:ef:40:d3:e4:89:65:
                    2b:f2:22:d3:b2:4e:f3:92:f3:8a:4f:af:bc:7f:34:
                    07:07:4d:7e:3b:f6:73:1c:28:76:9c:7c:87:73:b2:
                    ab:78:ba:ac:7a:c4:91:4c:9d:1a:45:ed:eb:cc:ed:
                    0b:ff:d2:4b:cc:79:ee:b9:15:13:72:78:db:8f:de:
                    3e:1c:72:a5:5b:70:a1:8a:e5:65:a4:56:62:6f:33:
                    c4:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:52:2B:87:AD:7C:4E:CF:0B:52:26:56:B0:ED:4A:5A:28:D1:56:8A
            X509v3 Authority Key Identifier:
                keyid:7F:35:EC:31:6B:DD:1B:83:42:88:C2:E6:F3:48:1B:3A:23:92:50:6A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/13F91A3F3B2AFAB34132426852D564564D0065840841B775D82728FE6B41E60D/0/7F35EC316BDD1B834288C2E6F3481B3A2392506A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7F35EC316BDD1B834288C2E6F3481B3A2392506A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/13F91A3F3B2AFAB34132426852D564564D0065840841B775D82728FE6B41E60D/0/3230302e34322e3136302e302f32312d3234203d3e2037343138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.42.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         d0:fd:38:b5:c9:e2:0a:94:81:d0:7c:75:ef:e4:8e:25:af:d3:
         c8:64:21:8d:d6:9a:be:f6:5e:f9:73:3f:45:f0:dd:39:07:98:
         56:4c:9e:ec:8d:33:ee:6f:1a:a3:ec:cb:a2:f0:b0:bb:a8:9c:
         57:35:6b:70:48:5e:da:3a:f3:b8:2a:e8:fc:b6:4d:45:79:aa:
         a5:5b:aa:8a:3a:bb:71:c7:75:0a:93:d8:c7:a5:0c:37:99:90:
         fb:9e:a2:ff:7e:e3:43:ad:ec:75:19:8b:be:70:5c:47:b4:cc:
         6b:13:1a:b9:d2:8d:6e:0a:72:9a:a9:87:7d:7c:8e:3b:d4:1f:
         d1:70:38:69:ff:04:d8:e4:d7:1d:ac:89:c3:fb:98:88:4a:73:
         c0:cd:ef:e2:ed:bb:d0:8d:f9:29:35:65:81:e0:3c:c3:16:82:
         99:d8:d7:81:32:42:53:f2:39:73:1e:db:9a:c3:d1:0d:77:c4:
         91:59:96:1e:da:f3:22:e2:d2:c6:80:9d:50:3b:f8:67:cc:e4:
         99:b0:44:18:18:30:ed:c0:92:bd:12:87:cb:04:c2:ad:3c:93:
         23:83:45:52:84:d0:04:0a:a3:ec:6f:1f:ed:31:c2:bc:58:a9:
         71:bb:c2:4b:9a:ab:94:a7:7d:5b:7c:ea:9f:98:56:9a:7f:be:
         57:89:37:93
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUZufWgoziLZOyi00uoKE30ybbBKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0YzNUVDMzE2QkREMUI4MzQyODhDMkU2RjM0ODFCM0Ey
MzkyNTA2QTAeFw0yNTAyMDQxOTU1NDlaFw0yNjAyMDMyMDAwNDlaMDMxMTAvBgNV
BAMTKEIzNTIyQjg3QUQ3QzRFQ0YwQjUyMjY1NkIwRUQ0QTVBMjhEMTU2OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQm0FySdUgLyN+Y735FqbWYCqG
G64BXxPlt2/oTOvrMSfKNU277EWn7D8yV0ooGMDFWwjHOA+9sXlyzYypWvgJqOke
/iXc4Cei5LOK3VM+lQNbydBthgNeJyymrBjeVKDT1sfAVmMwvQpyxnfi5aXPpCeB
UqA/jLZjvSYeqaU52JI7LmSESQ67hKm3YWFLq94G+fU71u8qql1mxXxGKkKPSO71
vauSiUDcTH3Zfu9A0+SJZSvyItOyTvOS84pPr7x/NAcHTX479nMcKHacfIdzsqt4
uqx6xJFMnRpF7evM7Qv/0kvMee65FRNyeNuP3j4ccqVbcKGK5WWkVmJvM8Q5AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUs1Irh618Ts8LUiZWsO1KWijRVoowHwYDVR0j
BBgwFoAUfzXsMWvdG4NCiMLm80gbOiOSUGowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xM0Y5MUEzRjNCMkFGQUIzNDEzMjQyNjg1MkQ1NjQ1NjRE
MDA2NTg0MDg0MUI3NzVEODI3MjhGRTZCNDFFNjBELzAvN0YzNUVDMzE2QkREMUI4
MzQyODhDMkU2RjM0ODFCM0EyMzkyNTA2QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83RjM1RUMzMTZCREQxQjgzNDI4
OEMyRTZGMzQ4MUIzQTIzOTI1MDZBLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTNGOTFBM0YzQjJBRkFCMzQxMzI0MjY4NTJENTY0NTY0RDAwNjU4NDA4
NDFCNzc1RDgyNzI4RkU2QjQxRTYwRC8wLzMyMzAzMDJlMzQzMjJlMzEzNjMwMmUz
MDJmMzIzMTJkMzIzNDIwM2QzZTIwMzczNDMxMzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPIKqAwDQYJ
KoZIhvcNAQELBQADggEBAND9OLXJ4gqUgdB8de/kjiWv08hkIY3Wmr72XvlzP0Xw
3TkHmFZMnuyNM+5vGqPsy6LwsLuonFc1a3BIXto687gq6Py2TUV5qqVbqoo6u3HH
dQqT2MelDDeZkPueov9+40Ot7HUZi75wXEe0zGsTGrnSjW4Kcpqph318jjvUH9Fw
OGn/BNjk1x2sicP7mIhKc8DN7+Ltu9CN+Sk1ZYHgPMMWgpnY14EyQlPyOXMe25rD
0Q13xJFZlh7a8yLi0saAnVA7+GfM5JmwRBgYMO3Akr0Sh8sEwq08kyODRVKE0AQK
o+xvH+0xwrxYqXG7wkuaq5SnfVt86p+YVpp/vleJN5M=
-----END CERTIFICATE-----