Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2FE61EDE0757F9F12935A5F3BE248079B7FE63272F85519D015CB07ED5234608/0/3230362e3232312e38302e302f32302d3234203d3e20323634373937.roa
File:                     3230362e3232312e38302e302f32302d3234203d3e20323634373937.roa (raw, json)
Hash identifier:          RPlSJwAa9hJihfh1yMG/936mXOrCgRuCAxGXhLPTmYA=
Subject key identifier:   4B:6E:49:9E:FA:BE:D1:A9:C5:1C:BD:16:D6:AE:6E:D2:2B:EE:D9:AB
Certificate issuer:       /CN=CDB934AA7B21EE8262A7F745BCC94BD4C479FAD3
Certificate serial:       3F91DEFEE3F8E3F7380E89FB0EF368AA38A35F89
Authority key identifier: CD:B9:34:AA:7B:21:EE:82:62:A7:F7:45:BC:C9:4B:D4:C4:79:FA:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CDB934AA7B21EE8262A7F745BCC94BD4C479FAD3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2FE61EDE0757F9F12935A5F3BE248079B7FE63272F85519D015CB07ED5234608/0/3230362e3232312e38302e302f32302d3234203d3e20323634373937.roa
Signing time:             Tue 04 Feb 2025 18:02:01 +0000
ROA not before:           Tue 04 Feb 2025 17:57:01 +0000
ROA not after:            Tue 03 Feb 2026 18:02:01 +0000
asID:                     264797
IP address blocks:        206.221.80.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:91:de:fe:e3:f8:e3:f7:38:0e:89:fb:0e:f3:68:aa:38:a3:5f:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CDB934AA7B21EE8262A7F745BCC94BD4C479FAD3
        Validity
            Not Before: Feb  4 17:57:01 2025 GMT
            Not After : Feb  3 18:02:01 2026 GMT
        Subject: CN=4B6E499EFABED1A9C51CBD16D6AE6ED22BEED9AB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:34:ad:3f:fb:77:40:42:8e:3a:75:b6:23:33:
                    5e:e4:70:68:5c:c8:e0:7f:a1:ff:0a:6c:92:1d:7b:
                    5c:86:5e:ec:7c:73:09:8a:26:4e:f5:84:53:98:90:
                    ad:22:e0:8b:65:33:f7:c1:01:45:95:7e:2a:75:4d:
                    91:ca:39:f6:23:40:40:89:e1:68:9d:8d:48:1b:0e:
                    76:f2:36:4f:5d:10:50:67:2b:e2:f7:b7:e8:08:50:
                    ee:5f:1a:e6:c5:dd:2c:5b:4c:c5:e6:47:e2:bd:ed:
                    d1:af:23:75:5d:69:91:4f:42:a8:05:d6:79:bc:61:
                    a1:f2:8a:77:15:63:94:9e:75:3a:6b:90:ce:66:d8:
                    ec:67:98:8d:4a:bb:ee:b2:44:c0:a9:9d:d2:94:a1:
                    b0:4e:ee:d7:9d:22:f0:ac:8f:6e:76:23:03:a7:d2:
                    8a:55:6f:1f:68:24:75:b8:1a:43:e4:34:00:fe:5d:
                    51:3d:86:d4:8b:37:5a:6e:2b:ae:21:4c:c3:aa:9f:
                    aa:ed:1a:fd:37:1a:80:e5:f7:18:00:ea:45:57:7f:
                    d9:24:ea:3a:49:96:94:40:62:67:93:21:55:5c:96:
                    0d:5d:3e:96:fe:6b:c2:77:f0:07:64:fa:4c:b3:fe:
                    2f:b2:ad:f9:1e:3b:fa:c4:9b:80:f3:57:6d:12:f8:
                    6f:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:6E:49:9E:FA:BE:D1:A9:C5:1C:BD:16:D6:AE:6E:D2:2B:EE:D9:AB
            X509v3 Authority Key Identifier:
                keyid:CD:B9:34:AA:7B:21:EE:82:62:A7:F7:45:BC:C9:4B:D4:C4:79:FA:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2FE61EDE0757F9F12935A5F3BE248079B7FE63272F85519D015CB07ED5234608/0/CDB934AA7B21EE8262A7F745BCC94BD4C479FAD3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CDB934AA7B21EE8262A7F745BCC94BD4C479FAD3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2FE61EDE0757F9F12935A5F3BE248079B7FE63272F85519D015CB07ED5234608/0/3230362e3232312e38302e302f32302d3234203d3e20323634373937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.221.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         ca:28:d2:fa:48:2d:36:bc:12:1e:2f:88:51:ed:05:28:1e:c8:
         ca:1d:dc:f3:9c:9d:78:3b:e1:a8:36:c5:b4:7e:c2:bf:5d:51:
         0c:fa:ac:03:7f:9f:27:b3:20:c8:3f:40:89:16:f0:93:80:f6:
         54:fa:a9:8c:83:79:90:ff:23:b5:4f:2f:ed:e7:cf:c8:ec:29:
         22:88:a1:b7:bd:ca:42:c6:53:8d:88:cb:f7:28:5b:8e:0b:af:
         68:43:0d:31:d6:87:c6:b4:0b:a4:10:65:33:fe:f5:a9:e6:82:
         63:d5:4b:95:01:81:06:21:64:1a:50:16:76:c6:c7:1e:a1:f3:
         53:bf:f9:d7:03:76:1b:20:8f:5b:01:37:49:98:ab:a0:f0:51:
         3c:78:ad:8b:23:aa:db:78:c7:fb:70:74:dc:0d:dd:89:8e:3b:
         d1:91:99:65:61:75:24:cc:57:4f:fd:f8:e3:16:45:39:9b:3a:
         55:04:f0:4d:22:48:33:c6:ab:88:7d:61:67:76:b6:09:63:24:
         e4:53:82:7a:ef:40:5d:9a:18:64:e8:32:c9:02:54:50:7a:7e:
         53:54:58:fe:21:a3:3c:34:bd:b4:83:c6:38:c3:82:c6:d8:3a:
         79:e5:91:b9:ff:c2:99:75:2e:1a:60:f9:48:fc:47:8a:ac:b2:
         ce:75:02:6f
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUP5He/uP44/c4Don7DvNoqjijX4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0RCOTM0QUE3QjIxRUU4MjYyQTdGNzQ1QkNDOTRCRDRD
NDc5RkFEMzAeFw0yNTAyMDQxNzU3MDFaFw0yNjAyMDMxODAyMDFaMDMxMTAvBgNV
BAMTKDRCNkU0OTlFRkFCRUQxQTlDNTFDQkQxNkQ2QUU2RUQyMkJFRUQ5QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcNK0/+3dAQo46dbYjM17kcGhc
yOB/of8KbJIde1yGXux8cwmKJk71hFOYkK0i4ItlM/fBAUWVfip1TZHKOfYjQECJ
4WidjUgbDnbyNk9dEFBnK+L3t+gIUO5fGubF3SxbTMXmR+K97dGvI3VdaZFPQqgF
1nm8YaHyincVY5SedTprkM5m2OxnmI1Ku+6yRMCpndKUobBO7tedIvCsj252IwOn
0opVbx9oJHW4GkPkNAD+XVE9htSLN1puK64hTMOqn6rtGv03GoDl9xgA6kVXf9kk
6jpJlpRAYmeTIVVclg1dPpb+a8J38Adk+kyz/i+yrfkeO/rEm4DzV20S+G/7AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUS25Jnvq+0anFHL0W1q5u0ivu2aswHwYDVR0j
BBgwFoAUzbk0qnsh7oJip/dFvMlL1MR5+tMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yRkU2MUVERTA3NTdGOUYxMjkzNUE1RjNCRTI0ODA3OUI3
RkU2MzI3MkY4NTUxOUQwMTVDQjA3RUQ1MjM0NjA4LzAvQ0RCOTM0QUE3QjIxRUU4
MjYyQTdGNzQ1QkNDOTRCRDRDNDc5RkFEMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DREI5MzRBQTdCMjFFRTgyNjJB
N0Y3NDVCQ0M5NEJENEM0NzlGQUQzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkZFNjFFREUwNzU3RjlGMTI5MzVBNUYzQkUyNDgwNzlCN0ZFNjMyNzJG
ODU1MTlEMDE1Q0IwN0VENTIzNDYwOC8wLzMyMzAzNjJlMzIzMjMxMmUzODMwMmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzIzNjM0MzczOTM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEzt1Q
MA0GCSqGSIb3DQEBCwUAA4IBAQDKKNL6SC02vBIeL4hR7QUoHsjKHdzznJ14O+Go
NsW0fsK/XVEM+qwDf58nsyDIP0CJFvCTgPZU+qmMg3mQ/yO1Ty/t58/I7CkiiKG3
vcpCxlONiMv3KFuOC69oQw0x1ofGtAukEGUz/vWp5oJj1UuVAYEGIWQaUBZ2xsce
ofNTv/nXA3YbII9bATdJmKug8FE8eK2LI6rbeMf7cHTcDd2JjjvRkZllYXUkzFdP
/fjjFkU5mzpVBPBNIkgzxquIfWFndrYJYyTkU4J670Bdmhhk6DLJAlRQen5TVFj+
IaM8NL20g8Y4w4LG2Dp55ZG5/8KZdS4aYPlI/EeKrLLOdQJv
-----END CERTIFICATE-----