Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/43CC570423FAF8163D86CC21F1BA03D89502AE9C124FEF89AF61F402EAEE8B83/0/3230302e39332e302e302f31372d3234203d3e2038303438.roa
File:                     3230302e39332e302e302f31372d3234203d3e2038303438.roa (raw, json)
Hash identifier:          /Nd6GpC6g70pSjgsCka526eTBFth+Dpt6scGs0H/mlI=
Subject key identifier:   C1:A5:83:F6:56:E5:EB:BA:61:6F:A7:97:DA:85:86:D5:31:65:0B:73
Certificate issuer:       /CN=9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4
Certificate serial:       6478B062D0FDBA98B51EC2486A90DF86C9BB1FEC
Authority key identifier: 9F:56:FC:23:A8:C5:FC:06:7B:7D:0B:FD:60:5C:0F:5A:33:D0:36:B4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/43CC570423FAF8163D86CC21F1BA03D89502AE9C124FEF89AF61F402EAEE8B83/0/3230302e39332e302e302f31372d3234203d3e2038303438.roa
Signing time:             Tue 04 Feb 2025 18:55:38 +0000
ROA not before:           Tue 04 Feb 2025 18:50:38 +0000
ROA not after:            Tue 03 Feb 2026 18:55:38 +0000
asID:                     8048
IP address blocks:        200.93.0.0/17 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:78:b0:62:d0:fd:ba:98:b5:1e:c2:48:6a:90:df:86:c9:bb:1f:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4
        Validity
            Not Before: Feb  4 18:50:38 2025 GMT
            Not After : Feb  3 18:55:38 2026 GMT
        Subject: CN=C1A583F656E5EBBA616FA797DA8586D531650B73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:47:97:21:7b:56:39:37:4d:69:a0:bc:29:5b:
                    3f:63:e8:94:7d:7a:4a:5a:fd:14:ba:82:88:6e:69:
                    67:02:a1:9e:fd:8b:7d:c3:5e:4a:05:36:31:91:04:
                    74:50:76:25:9b:4b:2f:32:50:93:fe:50:01:7a:32:
                    3b:3f:21:6d:fa:63:ef:f2:d4:9f:c2:53:29:50:26:
                    52:55:c6:d4:94:f0:c5:21:ed:dc:04:80:e5:7b:c9:
                    42:87:4c:f7:af:80:28:6b:0d:f0:4d:39:c8:c6:4a:
                    c6:4c:3c:d4:26:c8:14:a9:71:5d:32:3b:2e:f4:07:
                    d8:6d:eb:5a:91:14:94:0e:4e:36:2d:7b:72:9f:41:
                    58:21:cd:ee:07:9c:b7:25:5f:8a:03:6a:9b:f0:6d:
                    3a:4a:81:3c:34:85:f7:90:54:8e:11:14:a1:3c:a5:
                    b0:d9:7b:8a:2d:5c:78:db:c4:9d:79:93:3d:4f:e3:
                    b9:a0:b9:45:bc:e0:62:93:79:0f:fd:44:15:a1:d0:
                    d9:d0:a9:71:5f:85:1d:94:f9:00:b1:61:92:03:06:
                    1d:22:21:30:95:43:64:35:d3:42:1a:2f:93:18:38:
                    42:4d:f7:17:5f:7b:a0:ca:82:74:ba:a8:2f:32:e3:
                    6e:34:30:de:06:60:fa:4f:95:17:4f:4c:49:d0:5d:
                    ab:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:A5:83:F6:56:E5:EB:BA:61:6F:A7:97:DA:85:86:D5:31:65:0B:73
            X509v3 Authority Key Identifier:
                keyid:9F:56:FC:23:A8:C5:FC:06:7B:7D:0B:FD:60:5C:0F:5A:33:D0:36:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/43CC570423FAF8163D86CC21F1BA03D89502AE9C124FEF89AF61F402EAEE8B83/0/9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9F56FC23A8C5FC067B7D0BFD605C0F5A33D036B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/43CC570423FAF8163D86CC21F1BA03D89502AE9C124FEF89AF61F402EAEE8B83/0/3230302e39332e302e302f31372d3234203d3e2038303438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.93.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         16:f6:d9:00:e6:e4:6f:cb:72:fe:c6:d7:9e:a4:91:b7:1c:21:
         05:6e:12:9b:68:c7:60:87:a0:70:bf:a8:6d:06:a6:47:b1:e5:
         91:d1:ee:3f:50:bc:34:0f:64:43:e1:0d:7a:a5:4f:3d:cd:d1:
         84:a7:25:bd:44:66:d3:b1:c5:7e:b7:84:df:d5:90:61:99:04:
         1a:3c:fc:b7:3d:f4:69:9e:e9:d3:55:45:46:ed:57:fb:17:2e:
         9a:43:07:3e:ab:bc:67:78:5b:ea:69:3d:b0:dc:e4:ed:54:06:
         de:0d:90:f1:1f:30:c3:9f:e3:98:47:9a:ea:f2:30:56:a2:b2:
         71:ca:99:93:53:27:f4:3d:6b:8f:b3:a8:b7:ad:4f:74:15:53:
         91:2d:8f:27:2f:8a:39:92:00:03:f4:ad:01:88:f5:87:93:1b:
         13:ed:a9:3f:df:37:ce:7d:9a:38:7a:3c:d4:8f:ad:56:4b:94:
         44:61:db:c2:c4:d8:7b:38:bf:3a:34:f0:31:38:90:1c:3d:51:
         be:c1:be:22:8d:c0:bd:e8:83:2b:f9:ae:e6:0c:f2:c1:56:f4:
         36:03:ec:78:ee:ac:28:0e:e3:30:7a:38:66:9e:03:22:7c:75:
         d0:cb:c0:04:97:ff:6a:7f:c8:33:a4:3d:2c:df:d3:5d:c9:d5:
         8b:ab:e1:63
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIUZHiwYtD9upi1HsJIapDfhsm7H+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUY1NkZDMjNBOEM1RkMwNjdCN0QwQkZENjA1QzBGNUEz
M0QwMzZCNDAeFw0yNTAyMDQxODUwMzhaFw0yNjAyMDMxODU1MzhaMDMxMTAvBgNV
BAMTKEMxQTU4M0Y2NTZFNUVCQkE2MTZGQTc5N0RBODU4NkQ1MzE2NTBCNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4R5che1Y5N01poLwpWz9j6JR9
ekpa/RS6gohuaWcCoZ79i33DXkoFNjGRBHRQdiWbSy8yUJP+UAF6Mjs/IW36Y+/y
1J/CUylQJlJVxtSU8MUh7dwEgOV7yUKHTPevgChrDfBNOcjGSsZMPNQmyBSpcV0y
Oy70B9ht61qRFJQOTjYte3KfQVghze4HnLclX4oDapvwbTpKgTw0hfeQVI4RFKE8
pbDZe4otXHjbxJ15kz1P47mguUW84GKTeQ/9RBWh0NnQqXFfhR2U+QCxYZIDBh0i
ITCVQ2Q100IaL5MYOEJN9xdfe6DKgnS6qC8y4240MN4GYPpPlRdPTEnQXatrAgMB
AAGjggLCMIICvjAdBgNVHQ4EFgQUwaWD9lbl67phb6eX2oWG1TFlC3MwHwYDVR0j
BBgwFoAUn1b8I6jF/AZ7fQv9YFwPWjPQNrQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80M0NDNTcwNDIzRkFGODE2M0Q4NkNDMjFGMUJBMDNEODk1
MDJBRTlDMTI0RkVGODlBRjYxRjQwMkVBRUU4QjgzLzAvOUY1NkZDMjNBOEM1RkMw
NjdCN0QwQkZENjA1QzBGNUEzM0QwMzZCNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85RjU2RkMyM0E4QzVGQzA2N0I3
RDBCRkQ2MDVDMEY1QTMzRDAzNkI0LmNlcjCBwQYIKwYBBQUHAQsEgbQwgbEwga4G
CCsGAQUFBzALhoGhcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDNDQzU3MDQyM0ZBRjgxNjNEODZDQzIxRjFCQTAzRDg5NTAyQUU5QzEy
NEZFRjg5QUY2MUY0MDJFQUVFOEI4My8wLzMyMzAzMDJlMzkzMzJlMzAyZTMwMmYz
MTM3MmQzMjM0MjAzZDNlMjAzODMwMzQzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8hdADANBgkqhkiG
9w0BAQsFAAOCAQEAFvbZAObkb8ty/sbXnqSRtxwhBW4Sm2jHYIegcL+obQamR7Hl
kdHuP1C8NA9kQ+ENeqVPPc3RhKclvURm07HFfreE39WQYZkEGjz8tz30aZ7p01VF
Ru1X+xcumkMHPqu8Z3hb6mk9sNzk7VQG3g2Q8R8ww5/jmEea6vIwVqKyccqZk1Mn
9D1rj7Oot61PdBVTkS2PJy+KOZIAA/StAYj1h5MbE+2pP983zn2aOHo81I+tVkuU
RGHbwsTYezi/OjTwMTiQHD1RvsG+Io3AveiDK/mu5gzywVb0NgPseO6sKA7jMHo4
Zp4DInx10MvABJf/an/IM6Q9LN/TXcnVi6vhYw==
-----END CERTIFICATE-----