Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/13F91A3F3B2AFAB34132426852D564564D0065840841B775D82728FE6B41E60D/0/3230302e34322e3138392e302f32342d3234203d3e2037343138.roa
File:                     3230302e34322e3138392e302f32342d3234203d3e2037343138.roa (raw, json)
Hash identifier:          MLMA9EIe83OhyJS2uosa4RWxKhcWsbjrsdW3prHiDe0=
Subject key identifier:   72:2C:C1:97:AF:07:8E:45:EA:3C:BE:A1:6A:BF:70:17:70:7B:1D:43
Certificate issuer:       /CN=7F35EC316BDD1B834288C2E6F3481B3A2392506A
Certificate serial:       48BE1117A847A65B2CC44981FA93AB32601023D9
Authority key identifier: 7F:35:EC:31:6B:DD:1B:83:42:88:C2:E6:F3:48:1B:3A:23:92:50:6A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7F35EC316BDD1B834288C2E6F3481B3A2392506A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/13F91A3F3B2AFAB34132426852D564564D0065840841B775D82728FE6B41E60D/0/3230302e34322e3138392e302f32342d3234203d3e2037343138.roa
Signing time:             Tue 04 Feb 2025 20:00:51 +0000
ROA not before:           Tue 04 Feb 2025 19:55:51 +0000
ROA not after:            Tue 03 Feb 2026 20:00:51 +0000
asID:                     7418
IP address blocks:        200.42.189.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:be:11:17:a8:47:a6:5b:2c:c4:49:81:fa:93:ab:32:60:10:23:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7F35EC316BDD1B834288C2E6F3481B3A2392506A
        Validity
            Not Before: Feb  4 19:55:51 2025 GMT
            Not After : Feb  3 20:00:51 2026 GMT
        Subject: CN=722CC197AF078E45EA3CBEA16ABF7017707B1D43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ec:ab:71:16:a3:ba:09:c7:0c:85:88:74:12:
                    c0:8c:1b:69:cd:04:26:f4:7e:4e:14:6a:dc:1d:91:
                    df:47:5c:d1:28:84:a3:66:c6:52:94:b1:c7:c8:05:
                    8c:99:1a:cb:75:f7:7c:b2:a6:da:ac:d5:55:7e:12:
                    64:e7:74:c4:3e:91:30:2f:b0:a8:89:99:b8:b5:e8:
                    45:61:31:2c:5d:69:b4:15:5a:d3:a6:d8:76:7f:cc:
                    32:ef:7e:f3:da:e6:44:dc:5d:cc:1c:9a:09:94:ac:
                    81:53:4d:75:41:f0:9c:c3:76:1e:b9:87:61:2f:0b:
                    f5:84:46:6a:4a:b0:f0:f5:5b:9a:52:38:b2:87:b9:
                    11:3f:b1:22:96:8f:3c:c6:f9:e4:65:32:83:ce:b1:
                    20:71:19:35:e5:27:c1:c4:d7:ff:0b:f2:d2:73:38:
                    7b:51:1e:03:72:6e:84:63:d9:5a:e7:96:ec:ad:fb:
                    2a:06:50:98:62:f3:6f:8a:f8:29:bf:72:49:b3:37:
                    96:d3:96:46:98:4c:68:f2:5d:8b:27:a1:13:70:12:
                    c3:86:9d:e4:6c:8a:0f:d5:7d:28:ee:3b:89:23:8b:
                    58:3d:51:12:ea:80:03:28:3f:90:42:99:05:10:e3:
                    9a:6c:0c:92:ab:c2:6a:58:3d:c5:56:a0:f3:d1:65:
                    d0:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:2C:C1:97:AF:07:8E:45:EA:3C:BE:A1:6A:BF:70:17:70:7B:1D:43
            X509v3 Authority Key Identifier:
                keyid:7F:35:EC:31:6B:DD:1B:83:42:88:C2:E6:F3:48:1B:3A:23:92:50:6A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/13F91A3F3B2AFAB34132426852D564564D0065840841B775D82728FE6B41E60D/0/7F35EC316BDD1B834288C2E6F3481B3A2392506A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7F35EC316BDD1B834288C2E6F3481B3A2392506A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/13F91A3F3B2AFAB34132426852D564564D0065840841B775D82728FE6B41E60D/0/3230302e34322e3138392e302f32342d3234203d3e2037343138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.42.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d5:d4:8b:4a:cb:a0:79:31:1a:a2:45:b9:df:43:53:ff:78:d8:
         2c:0b:f8:be:55:1d:f6:f3:79:28:2c:96:4c:fe:f1:b0:6f:70:
         2c:73:f4:a1:0e:72:6d:ee:55:e5:76:29:ee:b1:e0:aa:10:ac:
         f4:0e:ba:65:87:ce:a3:bc:76:8a:e4:eb:75:9a:ae:80:e0:f3:
         c8:f8:b4:8e:f8:8c:36:ff:f6:18:ba:10:77:66:0a:52:9d:23:
         7c:6b:11:15:33:46:57:81:04:2e:94:3a:e2:5b:d8:bf:ea:d4:
         66:7b:77:cf:13:5e:ed:1f:df:22:f4:01:2c:0e:e2:25:82:ea:
         9a:81:cd:4a:a5:3f:0f:69:64:6a:78:40:73:d0:24:4c:c5:6c:
         79:40:03:64:cd:a5:6e:3d:f1:a2:a8:bc:3b:67:42:34:9c:18:
         92:26:55:ce:26:c4:cc:3c:2e:24:38:d5:cd:31:4a:0e:66:74:
         f6:74:2c:21:55:f1:61:29:3a:62:1d:cd:71:72:13:78:10:3c:
         f3:f9:ba:a5:f8:da:87:fe:60:66:86:c4:74:35:47:ab:a8:33:
         d3:f6:6b:5b:e3:1f:dd:3b:67:fc:4c:03:8f:f5:7c:02:33:41:
         2d:78:e6:6b:fc:fc:25:f2:1a:70:e7:da:d8:21:29:de:7b:76:
         66:0a:95:32
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUSL4RF6hHplssxEmB+pOrMmAQI9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0YzNUVDMzE2QkREMUI4MzQyODhDMkU2RjM0ODFCM0Ey
MzkyNTA2QTAeFw0yNTAyMDQxOTU1NTFaFw0yNjAyMDMyMDAwNTFaMDMxMTAvBgNV
BAMTKDcyMkNDMTk3QUYwNzhFNDVFQTNDQkVBMTZBQkY3MDE3NzA3QjFENDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI7KtxFqO6CccMhYh0EsCMG2nN
BCb0fk4Uatwdkd9HXNEohKNmxlKUscfIBYyZGst193yyptqs1VV+EmTndMQ+kTAv
sKiJmbi16EVhMSxdabQVWtOm2HZ/zDLvfvPa5kTcXcwcmgmUrIFTTXVB8JzDdh65
h2EvC/WERmpKsPD1W5pSOLKHuRE/sSKWjzzG+eRlMoPOsSBxGTXlJ8HE1/8L8tJz
OHtRHgNyboRj2Vrnluyt+yoGUJhi82+K+Cm/ckmzN5bTlkaYTGjyXYsnoRNwEsOG
neRsig/VfSjuO4kji1g9URLqgAMoP5BCmQUQ45psDJKrwmpYPcVWoPPRZdCvAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUcizBl68HjkXqPL6har9wF3B7HUMwHwYDVR0j
BBgwFoAUfzXsMWvdG4NCiMLm80gbOiOSUGowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xM0Y5MUEzRjNCMkFGQUIzNDEzMjQyNjg1MkQ1NjQ1NjRE
MDA2NTg0MDg0MUI3NzVEODI3MjhGRTZCNDFFNjBELzAvN0YzNUVDMzE2QkREMUI4
MzQyODhDMkU2RjM0ODFCM0EyMzkyNTA2QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83RjM1RUMzMTZCREQxQjgzNDI4
OEMyRTZGMzQ4MUIzQTIzOTI1MDZBLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTNGOTFBM0YzQjJBRkFCMzQxMzI0MjY4NTJENTY0NTY0RDAwNjU4NDA4
NDFCNzc1RDgyNzI4RkU2QjQxRTYwRC8wLzMyMzAzMDJlMzQzMjJlMzEzODM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzczNDMxMzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIKr0wDQYJ
KoZIhvcNAQELBQADggEBANXUi0rLoHkxGqJFud9DU/942CwL+L5VHfbzeSgslkz+
8bBvcCxz9KEOcm3uVeV2Ke6x4KoQrPQOumWHzqO8dork63WaroDg88j4tI74jDb/
9hi6EHdmClKdI3xrERUzRleBBC6UOuJb2L/q1GZ7d88TXu0f3yL0ASwO4iWC6pqB
zUqlPw9pZGp4QHPQJEzFbHlAA2TNpW498aKovDtnQjScGJImVc4mxMw8LiQ41c0x
Sg5mdPZ0LCFV8WEpOmIdzXFyE3gQPPP5uqX42of+YGaGxHQ1R6uoM9P2a1vjH907
Z/xMA4/1fAIzQS145mv8/CXyGnDn2tghKd57dmYKlTI=
-----END CERTIFICATE-----