Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2962DC2DCBE86602AE6A2E42393487E52AF5C6815D1236CAD110C8A6C878233D/0/3230302e302e32382e302f32322d3234203d3e203237383230.roa
File:                     3230302e302e32382e302f32322d3234203d3e203237383230.roa (raw, json)
Hash identifier:          Ojb9Lr8I/vZXqGUG1uDCzVier7aUd5JXTA/LmYzRwWA=
Subject key identifier:   23:4E:B5:4F:14:5C:65:8B:EC:2C:FA:68:B3:14:18:25:48:0A:26:AF
Certificate issuer:       /CN=004C78F3729207534118FFE002E2186FC5375901
Certificate serial:       22BB3A4AD2EEB909135A17004CD55181AFDF6975
Authority key identifier: 00:4C:78:F3:72:92:07:53:41:18:FF:E0:02:E2:18:6F:C5:37:59:01
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/004C78F3729207534118FFE002E2186FC5375901.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2962DC2DCBE86602AE6A2E42393487E52AF5C6815D1236CAD110C8A6C878233D/0/3230302e302e32382e302f32322d3234203d3e203237383230.roa
Signing time:             Tue 04 Feb 2025 20:02:32 +0000
ROA not before:           Tue 04 Feb 2025 19:57:32 +0000
ROA not after:            Tue 03 Feb 2026 20:02:32 +0000
asID:                     27820
IP address blocks:        200.0.28.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:bb:3a:4a:d2:ee:b9:09:13:5a:17:00:4c:d5:51:81:af:df:69:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=004C78F3729207534118FFE002E2186FC5375901
        Validity
            Not Before: Feb  4 19:57:32 2025 GMT
            Not After : Feb  3 20:02:32 2026 GMT
        Subject: CN=234EB54F145C658BEC2CFA68B3141825480A26AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:54:ea:26:1b:ab:6d:84:f7:39:bc:03:3f:72:
                    63:e4:27:73:25:a9:4c:91:f4:9e:f0:4f:d5:f3:6a:
                    35:03:93:30:5e:fb:e2:54:c0:26:0b:37:97:37:fa:
                    65:e3:86:99:b2:1b:a9:08:2f:e7:88:94:40:96:40:
                    85:9c:60:01:9a:3a:3a:9a:4f:01:c1:0b:d2:ac:34:
                    76:21:45:8b:c5:09:c4:31:0b:c9:38:6e:8f:e6:91:
                    b5:76:82:30:c7:a7:4e:61:7c:94:2b:48:6f:2c:b7:
                    bf:1e:42:79:b6:06:6e:20:9f:df:cc:39:81:5d:61:
                    f4:66:59:bd:4d:fa:e8:5a:57:d8:0d:b6:32:47:94:
                    5a:ff:fe:b3:01:83:79:a9:12:9b:fe:e6:bf:cc:72:
                    78:45:74:6b:d4:a0:b5:0e:71:46:bf:5a:54:da:54:
                    cb:c2:6f:18:87:b8:b9:0d:eb:c6:6d:36:51:19:23:
                    cb:0b:38:76:a3:ef:b5:82:ad:30:73:58:8d:80:a7:
                    51:5a:e6:48:93:e7:9a:ad:16:ef:ce:d5:eb:a7:aa:
                    c8:dc:f4:b0:0e:9f:cb:b9:51:9a:58:d3:10:e0:76:
                    01:5a:c7:af:fb:54:76:8f:e5:cc:8b:c1:b4:db:a4:
                    29:a9:f5:47:c9:d7:36:25:f6:e2:72:3f:94:74:57:
                    53:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:4E:B5:4F:14:5C:65:8B:EC:2C:FA:68:B3:14:18:25:48:0A:26:AF
            X509v3 Authority Key Identifier:
                keyid:00:4C:78:F3:72:92:07:53:41:18:FF:E0:02:E2:18:6F:C5:37:59:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2962DC2DCBE86602AE6A2E42393487E52AF5C6815D1236CAD110C8A6C878233D/0/004C78F3729207534118FFE002E2186FC5375901.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/004C78F3729207534118FFE002E2186FC5375901.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2962DC2DCBE86602AE6A2E42393487E52AF5C6815D1236CAD110C8A6C878233D/0/3230302e302e32382e302f32322d3234203d3e203237383230.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.0.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ee:de:ca:c0:55:94:b5:4d:d1:14:f7:fa:82:26:db:bf:c2:2c:
         72:2e:54:6e:19:40:ef:7b:dc:2b:d7:84:54:bf:c8:69:6c:63:
         ec:de:33:be:ef:8e:e3:93:15:56:e0:69:6f:dd:76:60:6f:d8:
         ea:04:f6:c1:da:b5:20:b1:f3:26:30:85:b1:a6:78:8c:71:84:
         98:ed:f3:5e:98:16:84:ad:2c:3d:82:d7:e2:9e:28:7a:43:c6:
         e1:b4:c2:1e:5e:c0:07:5c:ed:9f:f3:f3:a4:00:4e:72:04:00:
         b3:55:da:0f:db:c0:5d:5e:af:4d:f7:06:7f:d6:8d:97:6f:ab:
         a5:f3:39:c6:60:fa:b5:ee:57:e1:c6:d2:c3:79:d3:b9:5a:0f:
         fb:45:08:e7:25:fa:47:45:a8:9f:a2:a5:8e:0b:a9:61:e9:cb:
         b3:d4:6b:a8:28:6e:d0:9e:a5:8a:5c:ab:31:8a:0e:cd:1b:04:
         3e:cb:bc:ec:80:e9:a7:0a:ef:38:9d:85:ad:c2:d3:83:c9:19:
         2b:4e:3f:d8:9b:d8:1c:52:2f:00:a5:7d:d4:70:86:bc:80:ad:
         0d:5c:28:7f:2f:33:22:1f:fe:48:e9:ce:27:25:37:1e:dc:78:
         1a:44:0e:7b:ab:2d:8e:b4:79:81:b4:f1:8c:5d:9f:ab:52:e4:
         c7:87:99:e8
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUIrs6StLuuQkTWhcATNVRga/faXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDA0Qzc4RjM3MjkyMDc1MzQxMThGRkUwMDJFMjE4NkZD
NTM3NTkwMTAeFw0yNTAyMDQxOTU3MzJaFw0yNjAyMDMyMDAyMzJaMDMxMTAvBgNV
BAMTKDIzNEVCNTRGMTQ1QzY1OEJFQzJDRkE2OEIzMTQxODI1NDgwQTI2QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiVOomG6tthPc5vAM/cmPkJ3Ml
qUyR9J7wT9XzajUDkzBe++JUwCYLN5c3+mXjhpmyG6kIL+eIlECWQIWcYAGaOjqa
TwHBC9KsNHYhRYvFCcQxC8k4bo/mkbV2gjDHp05hfJQrSG8st78eQnm2Bm4gn9/M
OYFdYfRmWb1N+uhaV9gNtjJHlFr//rMBg3mpEpv+5r/McnhFdGvUoLUOcUa/WlTa
VMvCbxiHuLkN68ZtNlEZI8sLOHaj77WCrTBzWI2Ap1Fa5kiT55qtFu/O1eunqsjc
9LAOn8u5UZpY0xDgdgFax6/7VHaP5cyLwbTbpCmp9UfJ1zYl9uJyP5R0V1PDAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUI061TxRcZYvsLPposxQYJUgKJq8wHwYDVR0j
BBgwFoAUAEx483KSB1NBGP/gAuIYb8U3WQEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yOTYyREMyRENCRTg2NjAyQUU2QTJFNDIzOTM0ODdFNTJB
RjVDNjgxNUQxMjM2Q0FEMTEwQzhBNkM4NzgyMzNELzAvMDA0Qzc4RjM3MjkyMDc1
MzQxMThGRkUwMDJFMjE4NkZDNTM3NTkwMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wMDRDNzhGMzcyOTIwNzUzNDEx
OEZGRTAwMkUyMTg2RkM1Mzc1OTAxLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjk2MkRDMkRDQkU4NjYwMkFFNkEyRTQyMzkzNDg3RTUyQUY1QzY4MTVE
MTIzNkNBRDExMEM4QTZDODc4MjMzRC8wLzMyMzAzMDJlMzAyZTMyMzgyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMjM3MzgzMjMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyAAcMA0GCSqG
SIb3DQEBCwUAA4IBAQDu3srAVZS1TdEU9/qCJtu/wixyLlRuGUDve9wr14RUv8hp
bGPs3jO+747jkxVW4Glv3XZgb9jqBPbB2rUgsfMmMIWxpniMcYSY7fNemBaErSw9
gtfinih6Q8bhtMIeXsAHXO2f8/OkAE5yBACzVdoP28BdXq9N9wZ/1o2Xb6ul8znG
YPq17lfhxtLDedO5Wg/7RQjnJfpHRaifoqWOC6lh6cuz1GuoKG7QnqWKXKsxig7N
GwQ+y7zsgOmnCu84nYWtwtODyRkrTj/Ym9gcUi8ApX3UcIa8gK0NXCh/LzMiH/5I
6c4nJTce3HgaRA57qy2OtHmBtPGMXZ+rUuTHh5no
-----END CERTIFICATE-----