Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2CCF978DE00466A1F41A9C761AEB2577E55690B00C4B3DDF339A23B95B311B93/0/3230302e322e3139362e302f32342d3234203d3e2034393935.roa
File:                     3230302e322e3139362e302f32342d3234203d3e2034393935.roa (raw, json)
Hash identifier:          gCavCqsFxdAgQlGF0U1q/kLh5WxhLFI5fLbxzR2vKk8=
Subject key identifier:   4F:87:11:86:7E:B6:BC:CF:20:AC:FE:99:59:3D:B5:FA:74:A2:53:39
Certificate issuer:       /CN=979E05FFEED48A9692454F668B83D49714C9FE39
Certificate serial:       2DD5C28AC0C14D8182A50D0D541D12710B02CCA2
Authority key identifier: 97:9E:05:FF:EE:D4:8A:96:92:45:4F:66:8B:83:D4:97:14:C9:FE:39
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/979E05FFEED48A9692454F668B83D49714C9FE39.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2CCF978DE00466A1F41A9C761AEB2577E55690B00C4B3DDF339A23B95B311B93/0/3230302e322e3139362e302f32342d3234203d3e2034393935.roa
Signing time:             Tue 04 Feb 2025 20:03:41 +0000
ROA not before:           Tue 04 Feb 2025 19:58:41 +0000
ROA not after:            Tue 03 Feb 2026 20:03:41 +0000
asID:                     4995
IP address blocks:        200.2.196.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:d5:c2:8a:c0:c1:4d:81:82:a5:0d:0d:54:1d:12:71:0b:02:cc:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=979E05FFEED48A9692454F668B83D49714C9FE39
        Validity
            Not Before: Feb  4 19:58:41 2025 GMT
            Not After : Feb  3 20:03:41 2026 GMT
        Subject: CN=4F8711867EB6BCCF20ACFE99593DB5FA74A25339
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:3f:56:98:92:ef:df:dc:a6:15:03:f1:9b:a6:
                    5b:42:05:72:5d:6f:c2:d6:06:c3:19:21:0a:73:ab:
                    53:c1:a1:7d:75:28:53:1f:3a:06:19:bf:6d:4a:83:
                    8f:9a:c0:bc:b4:a3:85:b7:10:8d:e5:ba:07:bf:7f:
                    1f:f0:03:50:cd:cd:a7:e5:bd:eb:7e:ee:84:d6:87:
                    fe:4a:99:2a:ac:c8:92:20:23:34:3a:1e:bc:55:8a:
                    98:fb:fb:cb:ad:a2:af:f3:4b:dd:59:bd:eb:59:d8:
                    17:6c:75:66:f3:1d:b2:09:c2:d7:ee:b8:ec:24:a1:
                    31:91:a9:4b:a4:a0:68:77:ae:b8:d9:63:6a:da:65:
                    2d:d0:4a:d1:01:83:0a:c3:0d:e2:49:68:c1:0c:22:
                    54:fe:f4:95:0f:6d:b7:8d:1f:8b:e9:96:67:73:cf:
                    e0:f5:1b:b9:4b:a4:90:6c:d6:12:1f:03:cc:9c:ef:
                    24:5d:8b:3d:0d:2a:f9:25:d3:56:6e:81:cb:f9:23:
                    87:19:8c:12:7b:05:40:9b:d0:b5:81:8a:11:c5:d6:
                    90:ba:cc:86:50:31:23:35:d5:09:56:35:f0:59:c6:
                    b3:7e:f7:91:0d:8e:53:93:f8:f9:e7:c9:7a:7e:ed:
                    b6:c2:ba:ec:72:a8:25:4f:6c:1c:fc:7e:a1:97:87:
                    bd:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:87:11:86:7E:B6:BC:CF:20:AC:FE:99:59:3D:B5:FA:74:A2:53:39
            X509v3 Authority Key Identifier:
                keyid:97:9E:05:FF:EE:D4:8A:96:92:45:4F:66:8B:83:D4:97:14:C9:FE:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2CCF978DE00466A1F41A9C761AEB2577E55690B00C4B3DDF339A23B95B311B93/0/979E05FFEED48A9692454F668B83D49714C9FE39.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/979E05FFEED48A9692454F668B83D49714C9FE39.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2CCF978DE00466A1F41A9C761AEB2577E55690B00C4B3DDF339A23B95B311B93/0/3230302e322e3139362e302f32342d3234203d3e2034393935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.2.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:3d:dd:87:49:91:0a:df:96:3b:dd:10:ab:64:d8:4b:3b:98:
         e0:bc:86:9b:1e:a3:b7:85:3d:d4:a7:4a:98:5a:f4:4f:be:79:
         9e:df:35:35:ac:b5:a3:3c:da:44:07:64:04:45:2d:0d:7b:ea:
         90:a0:5f:59:cf:34:8b:46:c4:4e:df:7e:28:bc:11:61:8e:a7:
         27:30:bb:1b:e8:97:51:27:7c:0f:2f:85:dd:4e:36:86:d3:47:
         6c:b4:6e:32:b5:fc:92:37:42:c3:0b:02:c4:7b:e0:d4:49:b9:
         78:ab:30:16:15:32:7d:38:91:c0:f7:f6:c6:b6:81:16:fa:d1:
         99:65:ac:93:23:ba:6c:d0:f4:5c:bd:7d:02:a2:95:9e:fe:d7:
         ab:46:86:a0:28:45:cc:01:70:bb:bf:ca:41:16:80:23:dd:35:
         94:21:4c:49:61:d6:33:27:0b:89:9a:df:5d:e9:90:3f:07:a5:
         f7:4d:d1:31:e0:e2:16:e7:96:26:76:5f:ee:f0:75:de:a4:05:
         fd:cf:e7:68:54:0b:4b:03:90:e3:21:31:55:ee:d4:01:46:c6:
         89:14:2e:79:4e:9e:37:9a:21:53:8d:ad:68:35:64:8e:c2:a9:
         90:8a:5a:e5:dc:5e:f3:11:90:5d:95:a6:11:ae:d4:1d:d4:02:
         fb:e9:ea:1d
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIULdXCisDBTYGCpQ0NVB0ScQsCzKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTc5RTA1RkZFRUQ0OEE5NjkyNDU0RjY2OEI4M0Q0OTcx
NEM5RkUzOTAeFw0yNTAyMDQxOTU4NDFaFw0yNjAyMDMyMDAzNDFaMDMxMTAvBgNV
BAMTKDRGODcxMTg2N0VCNkJDQ0YyMEFDRkU5OTU5M0RCNUZBNzRBMjUzMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaP1aYku/f3KYVA/GbpltCBXJd
b8LWBsMZIQpzq1PBoX11KFMfOgYZv21Kg4+awLy0o4W3EI3luge/fx/wA1DNzafl
vet+7oTWh/5KmSqsyJIgIzQ6HrxVipj7+8utoq/zS91ZvetZ2BdsdWbzHbIJwtfu
uOwkoTGRqUukoGh3rrjZY2raZS3QStEBgwrDDeJJaMEMIlT+9JUPbbeNH4vplmdz
z+D1G7lLpJBs1hIfA8yc7yRdiz0NKvkl01Zugcv5I4cZjBJ7BUCb0LWBihHF1pC6
zIZQMSM11QlWNfBZxrN+95ENjlOT+PnnyXp+7bbCuuxyqCVPbBz8fqGXh73VAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUT4cRhn62vM8grP6ZWT21+nSiUzkwHwYDVR0j
BBgwFoAUl54F/+7UipaSRU9mi4PUlxTJ/jkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yQ0NGOTc4REUwMDQ2NkExRjQxQTlDNzYxQUVCMjU3N0U1
NTY5MEIwMEM0QjNEREYzMzlBMjNCOTVCMzExQjkzLzAvOTc5RTA1RkZFRUQ0OEE5
NjkyNDU0RjY2OEI4M0Q0OTcxNEM5RkUzOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NzlFMDVGRkVFRDQ4QTk2OTI0
NTRGNjY4QjgzRDQ5NzE0QzlGRTM5LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkNDRjk3OERFMDA0NjZBMUY0MUE5Qzc2MUFFQjI1NzdFNTU2OTBCMDBD
NEIzRERGMzM5QTIzQjk1QjMxMUI5My8wLzMyMzAzMDJlMzIyZTMxMzkzNjJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzkzOTM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyALEMA0GCSqG
SIb3DQEBCwUAA4IBAQCWPd2HSZEK35Y73RCrZNhLO5jgvIabHqO3hT3Up0qYWvRP
vnme3zU1rLWjPNpEB2QERS0Ne+qQoF9ZzzSLRsRO334ovBFhjqcnMLsb6JdRJ3wP
L4XdTjaG00dstG4ytfySN0LDCwLEe+DUSbl4qzAWFTJ9OJHA9/bGtoEW+tGZZayT
I7ps0PRcvX0CopWe/terRoagKEXMAXC7v8pBFoAj3TWUIUxJYdYzJwuJmt9d6ZA/
B6X3TdEx4OIW55Ymdl/u8HXepAX9z+doVAtLA5DjITFV7tQBRsaJFC55Tp43miFT
ja1oNWSOwqmQilrl3F7zEZBdlaYRrtQd1AL76eod
-----END CERTIFICATE-----