Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1707840DCF59A833F5F9735ABB7DAB9A31BC3A36A388719B238E79CBD285869B/0/3230302e33312e33322e302f31392d3234203d3e2036343239.roa
File:                     3230302e33312e33322e302f31392d3234203d3e2036343239.roa (raw, json)
Hash identifier:          sMgfqsisuSsWDJyubS6mBh4pRRmo1V9RePs719spsMc=
Subject key identifier:   7A:85:83:E3:53:B6:71:39:BC:C7:67:58:D0:0D:F9:24:89:68:38:1A
Certificate issuer:       /CN=CACAD70CF58B172E6D319A83D97EE37DB5B43E8B
Certificate serial:       2B371D462E48A1CC08E084B2698B20C464302BC0
Authority key identifier: CA:CA:D7:0C:F5:8B:17:2E:6D:31:9A:83:D9:7E:E3:7D:B5:B4:3E:8B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CACAD70CF58B172E6D319A83D97EE37DB5B43E8B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1707840DCF59A833F5F9735ABB7DAB9A31BC3A36A388719B238E79CBD285869B/0/3230302e33312e33322e302f31392d3234203d3e2036343239.roa
Signing time:             Tue 04 Feb 2025 20:03:29 +0000
ROA not before:           Tue 04 Feb 2025 19:58:29 +0000
ROA not after:            Tue 03 Feb 2026 20:03:29 +0000
asID:                     6429
IP address blocks:        200.31.32.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:37:1d:46:2e:48:a1:cc:08:e0:84:b2:69:8b:20:c4:64:30:2b:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CACAD70CF58B172E6D319A83D97EE37DB5B43E8B
        Validity
            Not Before: Feb  4 19:58:29 2025 GMT
            Not After : Feb  3 20:03:29 2026 GMT
        Subject: CN=7A8583E353B67139BCC76758D00DF9248968381A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:8a:a3:17:07:a1:9e:74:66:5c:71:d0:24:71:
                    25:a3:f6:c2:4c:35:f5:23:f0:c4:ce:6f:8a:67:6a:
                    ee:dd:c7:12:9c:0e:78:25:04:62:4c:d6:87:f3:8d:
                    fa:85:32:bc:81:f3:87:19:94:1e:14:ac:f1:d7:b3:
                    20:ef:ab:6a:29:85:ec:5c:7e:27:06:21:ed:8e:5f:
                    27:40:b3:f8:7a:0c:64:b1:c7:7d:64:1f:cc:3e:25:
                    9b:07:24:f1:c7:d9:e8:6d:53:be:4f:8d:9e:0b:24:
                    54:67:86:10:d4:a4:5e:ff:a8:12:af:ba:7c:8d:1a:
                    f4:77:1a:06:92:48:49:7c:af:41:69:28:33:40:84:
                    96:de:2f:ce:c2:41:12:04:df:16:15:86:70:b3:60:
                    b1:4d:ba:a4:1b:ca:46:e2:ab:4f:dd:29:75:09:ae:
                    02:63:53:c8:23:7c:cb:2e:f4:0f:30:b0:00:45:4e:
                    bc:80:44:33:77:61:92:d8:4b:97:1d:4e:4f:ed:4c:
                    85:e3:9d:9b:1d:6a:ab:7f:f5:09:98:a0:43:b4:71:
                    b7:c8:ab:8b:3b:cc:7b:93:49:6a:31:03:d6:7c:a1:
                    7a:80:e5:e5:db:7e:43:0d:c3:71:40:87:c7:5d:37:
                    8f:08:3e:10:8d:c0:8e:1d:6e:29:e8:c8:b7:d4:18:
                    38:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:85:83:E3:53:B6:71:39:BC:C7:67:58:D0:0D:F9:24:89:68:38:1A
            X509v3 Authority Key Identifier:
                keyid:CA:CA:D7:0C:F5:8B:17:2E:6D:31:9A:83:D9:7E:E3:7D:B5:B4:3E:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1707840DCF59A833F5F9735ABB7DAB9A31BC3A36A388719B238E79CBD285869B/0/CACAD70CF58B172E6D319A83D97EE37DB5B43E8B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CACAD70CF58B172E6D319A83D97EE37DB5B43E8B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1707840DCF59A833F5F9735ABB7DAB9A31BC3A36A388719B238E79CBD285869B/0/3230302e33312e33322e302f31392d3234203d3e2036343239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.31.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         77:45:6c:3b:1c:11:b9:4d:a8:4a:1c:a6:a6:d8:71:4a:25:96:
         3a:d7:f1:90:e6:1a:5f:62:52:d4:15:bc:76:c9:dd:b6:a6:82:
         65:97:93:b1:b6:fe:d2:24:fc:05:12:82:5a:c3:c4:36:77:48:
         51:4c:d7:74:a0:fe:ed:a2:b7:ac:9e:92:6f:bc:9c:93:02:ba:
         90:5e:47:89:c6:59:1d:3a:05:9a:ab:d1:3c:56:b5:20:c5:cc:
         99:98:06:b5:d7:29:38:89:63:36:77:ae:bd:b0:e0:20:1b:1b:
         72:9a:d5:d7:9f:7c:5c:02:5a:c2:04:53:f9:ae:1c:56:62:0e:
         d4:b5:33:a3:ae:e2:d4:78:88:61:f4:0e:88:34:4e:ad:99:c7:
         ba:34:91:b0:4c:25:89:90:d2:06:60:c8:5f:38:d3:4b:da:39:
         a6:14:09:92:f1:6b:84:e8:f3:8b:07:db:d7:c8:2a:38:54:37:
         62:70:af:bb:4e:74:8d:7a:28:5e:1b:90:c2:64:c7:23:f6:06:
         8c:b4:fe:8a:b3:01:19:ac:fe:91:09:4a:cb:8e:aa:d3:d9:35:
         b4:41:8c:ce:67:a4:65:03:d5:b8:68:25:eb:61:30:7c:b6:21:
         7a:1c:58:13:54:d8:4e:5a:b0:df:d6:bf:cb:92:1d:9f:78:82:
         4b:44:bc:21
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUKzcdRi5IocwI4ISyaYsgxGQwK8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0FDQUQ3MENGNThCMTcyRTZEMzE5QTgzRDk3RUUzN0RC
NUI0M0U4QjAeFw0yNTAyMDQxOTU4MjlaFw0yNjAyMDMyMDAzMjlaMDMxMTAvBgNV
BAMTKDdBODU4M0UzNTNCNjcxMzlCQ0M3Njc1OEQwMERGOTI0ODk2ODM4MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+iqMXB6GedGZccdAkcSWj9sJM
NfUj8MTOb4pnau7dxxKcDnglBGJM1ofzjfqFMryB84cZlB4UrPHXsyDvq2ophexc
ficGIe2OXydAs/h6DGSxx31kH8w+JZsHJPHH2ehtU75PjZ4LJFRnhhDUpF7/qBKv
unyNGvR3GgaSSEl8r0FpKDNAhJbeL87CQRIE3xYVhnCzYLFNuqQbykbiq0/dKXUJ
rgJjU8gjfMsu9A8wsABFTryARDN3YZLYS5cdTk/tTIXjnZsdaqt/9QmYoEO0cbfI
q4s7zHuTSWoxA9Z8oXqA5eXbfkMNw3FAh8ddN48IPhCNwI4dbinoyLfUGDgZAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUeoWD41O2cTm8x2dY0A35JIloOBowHwYDVR0j
BBgwFoAUysrXDPWLFy5tMZqD2X7jfbW0PoswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNzA3ODQwRENGNTlBODMzRjVGOTczNUFCQjdEQUI5QTMx
QkMzQTM2QTM4ODcxOUIyMzhFNzlDQkQyODU4NjlCLzAvQ0FDQUQ3MENGNThCMTcy
RTZEMzE5QTgzRDk3RUUzN0RCNUI0M0U4Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQUNBRDcwQ0Y1OEIxNzJFNkQz
MTlBODNEOTdFRTM3REI1QjQzRThCLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTcwNzg0MERDRjU5QTgzM0Y1Rjk3MzVBQkI3REFCOUEzMUJDM0EzNkEz
ODg3MTlCMjM4RTc5Q0JEMjg1ODY5Qi8wLzMyMzAzMDJlMzMzMTJlMzMzMjJlMzAy
ZjMxMzkyZDMyMzQyMDNkM2UyMDM2MzQzMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFyB8gMA0GCSqG
SIb3DQEBCwUAA4IBAQB3RWw7HBG5TahKHKam2HFKJZY61/GQ5hpfYlLUFbx2yd22
poJll5Oxtv7SJPwFEoJaw8Q2d0hRTNd0oP7toresnpJvvJyTArqQXkeJxlkdOgWa
q9E8VrUgxcyZmAa11yk4iWM2d669sOAgGxtymtXXn3xcAlrCBFP5rhxWYg7UtTOj
ruLUeIhh9A6INE6tmce6NJGwTCWJkNIGYMhfONNL2jmmFAmS8WuE6POLB9vXyCo4
VDdicK+7TnSNeiheG5DCZMcj9gaMtP6KswEZrP6RCUrLjqrT2TW0QYzOZ6RlA9W4
aCXrYTB8tiF6HFgTVNhOWrDf1r/Lkh2feIJLRLwh
-----END CERTIFICATE-----