Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2E372117B61F3171E3797A9F6840DFB41554D1345CCA827C14FE88BBF42FF66C/0/3230302e31302e3139362e302f32342d3234203d3e20323632323636.roa
File:                     3230302e31302e3139362e302f32342d3234203d3e20323632323636.roa (raw, json)
Hash identifier:          +0qop7Ilf9Isuak762oOoJinzztVUgOiRadVElgbPMc=
Subject key identifier:   D8:F8:BF:9B:C4:1D:91:7F:7F:78:90:E4:C2:8C:B6:84:E2:BB:DA:72
Certificate issuer:       /CN=AA4598D83DBC142A164AD72F5DD9036AAEDB0A1B
Certificate serial:       27BE4E60FCBB3DBF583B9B55C4E7031164914DCA
Authority key identifier: AA:45:98:D8:3D:BC:14:2A:16:4A:D7:2F:5D:D9:03:6A:AE:DB:0A:1B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AA4598D83DBC142A164AD72F5DD9036AAEDB0A1B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2E372117B61F3171E3797A9F6840DFB41554D1345CCA827C14FE88BBF42FF66C/0/3230302e31302e3139362e302f32342d3234203d3e20323632323636.roa
Signing time:             Tue 04 Feb 2025 19:59:58 +0000
ROA not before:           Tue 04 Feb 2025 19:54:58 +0000
ROA not after:            Tue 03 Feb 2026 19:59:58 +0000
asID:                     262266
IP address blocks:        200.10.196.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:be:4e:60:fc:bb:3d:bf:58:3b:9b:55:c4:e7:03:11:64:91:4d:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AA4598D83DBC142A164AD72F5DD9036AAEDB0A1B
        Validity
            Not Before: Feb  4 19:54:58 2025 GMT
            Not After : Feb  3 19:59:58 2026 GMT
        Subject: CN=D8F8BF9BC41D917F7F7890E4C28CB684E2BBDA72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:41:17:72:23:ec:a7:e0:69:9b:49:95:95:f5:
                    7b:25:4d:1d:9d:4d:93:d0:79:d8:81:7d:d4:1c:a8:
                    d0:af:16:2d:75:ea:73:c9:cc:2f:7b:0b:f2:2c:30:
                    5e:91:2a:8f:4a:37:5b:4d:27:e3:4a:e2:8c:bf:6a:
                    8a:8a:ed:d8:ad:ab:85:9e:f2:da:f3:54:ba:30:71:
                    95:e5:5f:ea:f7:c9:b0:48:fe:80:bc:17:74:24:10:
                    a3:dd:13:33:4d:24:59:72:1f:ef:6f:8f:77:05:87:
                    cc:0e:55:11:cc:1f:f7:31:18:88:e0:86:d5:93:1e:
                    d3:45:36:19:bb:41:36:a1:48:5c:89:d0:18:e1:10:
                    7b:e0:81:af:37:ea:02:01:b5:6c:5d:de:e2:82:04:
                    3f:54:a9:93:01:f4:dc:68:49:72:54:66:e6:84:32:
                    78:1b:4b:6c:89:a1:41:1d:32:b7:66:6b:21:bc:45:
                    1f:fa:52:16:fc:c6:8d:f6:9b:9f:e1:04:04:d3:d7:
                    3a:db:b0:d8:5d:94:19:86:79:f2:72:d1:0e:a7:ed:
                    6d:06:45:5a:c2:b0:47:30:bd:23:aa:08:3e:0e:37:
                    cc:8a:0c:d9:91:55:f3:45:9d:71:5b:3d:cb:94:30:
                    d9:8e:cd:87:f4:4d:59:5c:5f:38:9e:48:43:e8:88:
                    5c:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:F8:BF:9B:C4:1D:91:7F:7F:78:90:E4:C2:8C:B6:84:E2:BB:DA:72
            X509v3 Authority Key Identifier:
                keyid:AA:45:98:D8:3D:BC:14:2A:16:4A:D7:2F:5D:D9:03:6A:AE:DB:0A:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2E372117B61F3171E3797A9F6840DFB41554D1345CCA827C14FE88BBF42FF66C/0/AA4598D83DBC142A164AD72F5DD9036AAEDB0A1B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AA4598D83DBC142A164AD72F5DD9036AAEDB0A1B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2E372117B61F3171E3797A9F6840DFB41554D1345CCA827C14FE88BBF42FF66C/0/3230302e31302e3139362e302f32342d3234203d3e20323632323636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.10.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:ee:f3:02:94:f9:83:4f:cf:7d:09:11:81:40:11:23:b0:8d:
         fe:42:76:df:50:15:b2:be:31:e3:8b:e4:67:80:58:df:fc:36:
         d0:de:51:f7:cc:40:02:3e:84:6b:02:ad:a4:84:de:8d:83:81:
         3c:69:c8:81:3a:c1:e6:ff:0d:51:f2:85:47:75:af:52:82:cc:
         9f:8f:91:11:cc:d8:98:ef:5b:e2:22:67:2a:53:f6:e0:2f:dd:
         e3:86:00:5a:27:5b:df:93:f3:09:63:40:9b:85:e6:97:84:29:
         b4:cf:e4:11:43:3c:b8:38:c2:4b:96:eb:bd:48:8a:09:f2:b2:
         96:67:58:ec:df:3a:40:b7:47:96:80:05:92:a8:23:8d:9c:0d:
         c6:7d:a1:5c:86:f4:35:42:ce:6b:aa:f5:5b:7b:f9:3e:66:99:
         46:05:b1:80:8d:67:3e:63:4a:d5:8b:7f:d5:7f:28:fc:0b:7c:
         98:04:e4:a8:8f:a2:58:b3:12:41:4d:cf:30:bf:72:5b:cd:76:
         79:60:ff:44:60:b2:21:f3:82:22:70:b8:a8:9c:60:61:ff:0e:
         72:c8:51:42:55:62:6c:1a:a7:f8:e5:dd:41:bb:d1:33:65:64:
         c8:a8:85:4b:b2:41:c1:e0:3f:57:cb:0a:12:f2:01:5e:61:59:
         a2:cb:27:9b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUJ75OYPy7Pb9YO5tVxOcDEWSRTcowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUE0NTk4RDgzREJDMTQyQTE2NEFENzJGNUREOTAzNkFB
RURCMEExQjAeFw0yNTAyMDQxOTU0NThaFw0yNjAyMDMxOTU5NThaMDMxMTAvBgNV
BAMTKEQ4RjhCRjlCQzQxRDkxN0Y3Rjc4OTBFNEMyOENCNjg0RTJCQkRBNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiQRdyI+yn4GmbSZWV9XslTR2d
TZPQediBfdQcqNCvFi116nPJzC97C/IsMF6RKo9KN1tNJ+NK4oy/aoqK7ditq4We
8trzVLowcZXlX+r3ybBI/oC8F3QkEKPdEzNNJFlyH+9vj3cFh8wOVRHMH/cxGIjg
htWTHtNFNhm7QTahSFyJ0BjhEHvgga836gIBtWxd3uKCBD9UqZMB9NxoSXJUZuaE
MngbS2yJoUEdMrdmayG8RR/6Uhb8xo32m5/hBATT1zrbsNhdlBmGefJy0Q6n7W0G
RVrCsEcwvSOqCD4ON8yKDNmRVfNFnXFbPcuUMNmOzYf0TVlcXzieSEPoiFyLAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU2Pi/m8QdkX9/eJDkwoy2hOK72nIwHwYDVR0j
BBgwFoAUqkWY2D28FCoWStcvXdkDaq7bChswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yRTM3MjExN0I2MUYzMTcxRTM3OTdBOUY2ODQwREZCNDE1
NTREMTM0NUNDQTgyN0MxNEZFODhCQkY0MkZGNjZDLzAvQUE0NTk4RDgzREJDMTQy
QTE2NEFENzJGNUREOTAzNkFBRURCMEExQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BQTQ1OThEODNEQkMxNDJBMTY0
QUQ3MkY1REQ5MDM2QUFFREIwQTFCLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkUzNzIxMTdCNjFGMzE3MUUzNzk3QTlGNjg0MERGQjQxNTU0RDEzNDVD
Q0E4MjdDMTRGRTg4QkJGNDJGRjY2Qy8wLzMyMzAzMDJlMzEzMDJlMzEzOTM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMyMzIzNjM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyArE
MA0GCSqGSIb3DQEBCwUAA4IBAQCE7vMClPmDT899CRGBQBEjsI3+QnbfUBWyvjHj
i+RngFjf/DbQ3lH3zEACPoRrAq2khN6Ng4E8aciBOsHm/w1R8oVHda9Sgsyfj5ER
zNiY71viImcqU/bgL93jhgBaJ1vfk/MJY0CbheaXhCm0z+QRQzy4OMJLluu9SIoJ
8rKWZ1js3zpAt0eWgAWSqCONnA3GfaFchvQ1Qs5rqvVbe/k+ZplGBbGAjWc+Y0rV
i3/Vfyj8C3yYBOSoj6JYsxJBTc8wv3JbzXZ5YP9EYLIh84IicLionGBh/w5yyFFC
VWJsGqf45d1Bu9EzZWTIqIVLskHB4D9XywoS8gFeYVmiyyeb
-----END CERTIFICATE-----