Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/3230302e31342e3231362e302f32322d3234203d3e2036343239.roa
File:                     3230302e31342e3231362e302f32322d3234203d3e2036343239.roa (raw, json)
Hash identifier:          MaYLh4lldG2GColN4TaqL9MjLPBfTGv6cCfntZyxzIk=
Subject key identifier:   FA:7D:BF:51:15:7B:A1:CB:99:0C:41:28:E7:71:95:70:9F:34:84:34
Certificate issuer:       /CN=CC3826EC9313209DAC612BC5F2610CB33D33D0E6
Certificate serial:       5F7AB9B1E177519E19819851B99D49CF5C87E8EB
Authority key identifier: CC:38:26:EC:93:13:20:9D:AC:61:2B:C5:F2:61:0C:B3:3D:33:D0:E6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/3230302e31342e3231362e302f32322d3234203d3e2036343239.roa
Signing time:             Tue 04 Feb 2025 18:43:17 +0000
ROA not before:           Tue 04 Feb 2025 18:38:17 +0000
ROA not after:            Tue 03 Feb 2026 18:43:17 +0000
asID:                     6429
IP address blocks:        200.14.216.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:7a:b9:b1:e1:77:51:9e:19:81:98:51:b9:9d:49:cf:5c:87:e8:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CC3826EC9313209DAC612BC5F2610CB33D33D0E6
        Validity
            Not Before: Feb  4 18:38:17 2025 GMT
            Not After : Feb  3 18:43:17 2026 GMT
        Subject: CN=FA7DBF51157BA1CB990C4128E77195709F348434
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:5f:62:17:1d:81:41:69:d4:56:72:6a:30:13:
                    72:38:38:d0:6d:08:3d:84:12:7b:89:28:6c:7e:8c:
                    d0:2e:6b:92:16:ad:28:33:d6:1e:d2:28:86:5c:1f:
                    e4:92:92:a1:d2:ab:33:7d:fe:85:c2:33:df:f8:e0:
                    6c:8b:ce:64:86:45:4f:42:a5:43:dd:42:15:cc:54:
                    b4:ad:24:8c:3b:96:e2:da:a2:e5:10:a9:5f:32:7d:
                    c5:19:24:25:f2:e9:d8:52:05:b6:25:52:2f:0c:02:
                    5b:21:60:4d:58:df:bb:65:95:2c:1a:69:2a:88:e2:
                    d4:f7:33:5e:38:54:48:df:9a:12:5e:60:f9:8e:a4:
                    5b:f9:99:e8:f8:7a:b3:a4:59:83:00:9f:ba:6e:bf:
                    04:61:87:31:48:87:b5:08:aa:b6:22:a9:32:6c:58:
                    80:41:c9:78:09:68:12:8b:83:4d:b1:c9:fc:1f:d7:
                    00:a6:30:54:79:28:9b:00:3b:d3:e9:3f:38:1f:ff:
                    15:29:6e:2c:0e:ff:c0:7e:57:35:0e:45:0f:35:70:
                    5a:63:5f:60:77:7c:67:57:57:c9:b9:e0:67:b4:d1:
                    f8:c7:32:0b:5f:47:56:eb:48:77:c3:b2:71:a7:34:
                    c8:82:6a:ee:9b:8e:e3:45:44:fe:23:f2:d8:4b:9c:
                    b6:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:7D:BF:51:15:7B:A1:CB:99:0C:41:28:E7:71:95:70:9F:34:84:34
            X509v3 Authority Key Identifier:
                keyid:CC:38:26:EC:93:13:20:9D:AC:61:2B:C5:F2:61:0C:B3:3D:33:D0:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC3826EC9313209DAC612BC5F2610CB33D33D0E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2446CADE6AE4A71BC6561A7FCA4FB412DA7C4F856E18E5C66DD3242C98F196B3/0/3230302e31342e3231362e302f32322d3234203d3e2036343239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4c:76:e0:a5:ac:b3:cd:05:f9:e6:8d:4f:60:c5:68:e8:e8:ad:
         24:6e:e2:6e:96:c7:3a:64:23:6e:4a:51:1f:af:0f:85:a6:a0:
         20:8f:8b:0d:f8:3f:61:8d:ef:cf:9c:74:75:40:f0:68:1d:53:
         99:da:b6:c8:92:67:f5:1f:5a:8a:c3:d0:1e:5c:00:65:58:12:
         3e:84:b3:ef:4c:d0:18:b1:92:2e:b6:ca:b6:a5:54:a7:a7:c0:
         73:87:0c:7b:dc:97:43:13:b9:01:c4:a2:51:02:cc:a4:3b:a4:
         e5:2a:21:57:95:47:04:30:36:e6:96:6f:b1:42:e7:c8:65:2c:
         75:04:2e:e5:74:07:eb:81:6a:b0:6b:fc:66:e2:0c:35:bf:93:
         4f:7b:03:ce:ea:ea:89:4f:1e:e5:57:8c:bc:9a:f5:a1:53:40:
         27:58:35:03:fe:1f:78:3f:8e:a1:ad:14:0e:16:4e:fd:ed:66:
         a0:68:7e:49:83:37:d9:a7:07:a0:19:d4:ad:dd:24:c1:a7:11:
         70:95:aa:fb:17:e3:6f:a0:e9:ff:cf:fd:53:6f:1b:28:5d:dc:
         e0:75:1f:1e:dc:a8:9d:02:06:05:e0:30:c1:ba:ff:ee:ff:73:
         dc:90:1c:6e:fa:a1:7f:4f:91:5c:a3:8e:87:5e:d0:3d:d7:5d:
         23:c1:94:7e
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUX3q5seF3UZ4ZgZhRuZ1Jz1yH6OswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0MzODI2RUM5MzEzMjA5REFDNjEyQkM1RjI2MTBDQjMz
RDMzRDBFNjAeFw0yNTAyMDQxODM4MTdaFw0yNjAyMDMxODQzMTdaMDMxMTAvBgNV
BAMTKEZBN0RCRjUxMTU3QkExQ0I5OTBDNDEyOEU3NzE5NTcwOUYzNDg0MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcX2IXHYFBadRWcmowE3I4ONBt
CD2EEnuJKGx+jNAua5IWrSgz1h7SKIZcH+SSkqHSqzN9/oXCM9/44GyLzmSGRU9C
pUPdQhXMVLStJIw7luLaouUQqV8yfcUZJCXy6dhSBbYlUi8MAlshYE1Y37tllSwa
aSqI4tT3M144VEjfmhJeYPmOpFv5mej4erOkWYMAn7puvwRhhzFIh7UIqrYiqTJs
WIBByXgJaBKLg02xyfwf1wCmMFR5KJsAO9PpPzgf/xUpbiwO/8B+VzUORQ81cFpj
X2B3fGdXV8m54Ge00fjHMgtfR1brSHfDsnGnNMiCau6bjuNFRP4j8thLnLZzAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU+n2/URV7ocuZDEEo53GVcJ80hDQwHwYDVR0j
BBgwFoAUzDgm7JMTIJ2sYSvF8mEMsz0z0OYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yNDQ2Q0FERTZBRTRBNzFCQzY1NjFBN0ZDQTRGQjQxMkRB
N0M0Rjg1NkUxOEU1QzY2REQzMjQyQzk4RjE5NkIzLzAvQ0MzODI2RUM5MzEzMjA5
REFDNjEyQkM1RjI2MTBDQjMzRDMzRDBFNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQzM4MjZFQzkzMTMyMDlEQUM2
MTJCQzVGMjYxMENCMzNEMzNEMEU2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjQ0NkNBREU2QUU0QTcxQkM2NTYxQTdGQ0E0RkI0MTJEQTdDNEY4NTZF
MThFNUM2NkREMzI0MkM5OEYxOTZCMy8wLzMyMzAzMDJlMzEzNDJlMzIzMTM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzYzNDMyMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALIDtgwDQYJ
KoZIhvcNAQELBQADggEBAEx24KWss80F+eaNT2DFaOjorSRu4m6WxzpkI25KUR+v
D4WmoCCPiw34P2GN78+cdHVA8GgdU5natsiSZ/UfWorD0B5cAGVYEj6Es+9M0Bix
ki62yralVKenwHOHDHvcl0MTuQHEolECzKQ7pOUqIVeVRwQwNuaWb7FC58hlLHUE
LuV0B+uBarBr/GbiDDW/k097A87q6olPHuVXjLya9aFTQCdYNQP+H3g/jqGtFA4W
Tv3tZqBofkmDN9mnB6AZ1K3dJMGnEXCVqvsX42+g6f/P/VNvGyhd3OB1Hx7cqJ0C
BgXgMMG6/+7/c9yQHG76oX9PkVyjjode0D3XXSPBlH4=
-----END CERTIFICATE-----