Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137302e302f32342d3234203d3e203238343033.roa
File:                     3230302e36382e3137302e302f32342d3234203d3e203238343033.roa (raw, json)
Hash identifier:          j45QNyXgFxBdzlA5W8zQYni4TdSq9KqB5XHD+2EXv3Q=
Subject key identifier:   92:38:00:A9:A6:81:4E:1F:F9:DD:86:96:83:68:E0:E3:22:14:C9:1D
Certificate issuer:       /CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
Certificate serial:       50D2EDDAFAC43FE6F96327CC218D707A5EF71D0C
Authority key identifier: A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137302e302f32342d3234203d3e203238343033.roa
Signing time:             Wed 04 Sep 2024 16:05:00 +0000
ROA not before:           Wed 04 Sep 2024 16:00:00 +0000
ROA not after:            Wed 03 Sep 2025 16:05:00 +0000
asID:                     28403
IP address blocks:        200.68.170.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:d2:ed:da:fa:c4:3f:e6:f9:63:27:cc:21:8d:70:7a:5e:f7:1d:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0A6C878C4FF92E87C217B2CFAA02D0A995D0496
        Validity
            Not Before: Sep  4 16:00:00 2024 GMT
            Not After : Sep  3 16:05:00 2025 GMT
        Subject: CN=923800A9A6814E1FF9DD86968368E0E32214C91D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:49:b5:c7:84:cc:f2:1f:0a:f6:5a:0f:0b:e0:
                    13:34:68:58:ae:84:ba:ec:f2:57:dd:8e:67:fc:6c:
                    64:83:70:98:41:e0:df:27:97:54:3c:5b:a5:82:35:
                    2e:44:9d:a7:fe:2c:e9:03:aa:5a:eb:12:7b:1f:81:
                    9c:88:6d:34:cc:78:40:36:b2:c0:a4:c5:c6:8b:64:
                    f0:ec:a9:cf:76:f1:69:a1:5b:b4:5d:7a:1b:8b:f4:
                    fa:c3:65:7a:ce:9f:93:27:39:35:85:b1:3d:a6:b1:
                    5c:ef:0f:52:e8:f8:89:8c:57:23:17:04:fc:11:4d:
                    18:0f:7f:f4:ef:de:56:dc:2a:4c:55:3d:32:75:d6:
                    d8:01:31:c4:7d:1d:4d:6e:a9:e7:8e:5e:fc:3c:74:
                    14:e1:1c:2f:0d:3e:91:ec:f6:86:53:a4:cf:d1:1d:
                    29:8d:08:8e:a7:2a:f9:f6:c0:ef:9a:7e:e7:8c:5b:
                    e3:32:7d:3d:3f:d7:ae:da:64:de:af:f8:0d:4b:6f:
                    3c:b2:34:49:53:f9:f6:5c:a5:09:2e:58:c8:06:b0:
                    05:2e:3f:f9:fc:6b:0a:81:b8:b8:f3:51:91:21:c2:
                    8e:4e:b4:99:7d:ef:a8:e0:a7:63:c9:49:09:d8:5f:
                    89:a3:74:a6:cc:27:16:70:31:f7:c6:56:47:da:94:
                    58:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:38:00:A9:A6:81:4E:1F:F9:DD:86:96:83:68:E0:E3:22:14:C9:1D
            X509v3 Authority Key Identifier:
                keyid:A0:A6:C8:78:C4:FF:92:E8:7C:21:7B:2C:FA:A0:2D:0A:99:5D:04:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A0A6C878C4FF92E87C217B2CFAA02D0A995D0496.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/44F0982C6F950B9DDB1971CA7C58D4C69015CE120520A97C908513AE5C34CAEF/0/3230302e36382e3137302e302f32342d3234203d3e203238343033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.68.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:f2:01:f4:89:2c:bd:8b:80:85:ca:e5:da:12:2c:dc:36:b7:
         46:67:03:5f:e8:e7:29:a6:e9:bc:00:2b:cb:e8:12:1f:20:67:
         1a:7a:6f:2c:6f:bf:9b:2b:dc:2e:e2:06:ac:54:69:3e:7b:85:
         dc:bf:9f:b9:fe:13:4f:55:25:d9:36:4a:5e:3f:e2:8c:3c:eb:
         ae:e5:3f:95:ba:5e:ff:ef:92:59:fb:d4:34:25:cd:40:75:26:
         c3:28:d3:d5:a4:a0:b9:1d:eb:a1:a2:a1:f9:4b:3f:8b:e6:4c:
         d4:cd:e8:6a:c6:e5:c9:01:85:8f:80:7d:d7:16:c3:56:c5:e2:
         34:fc:30:fb:c6:11:fe:1f:6b:12:d8:25:42:35:2e:84:e3:e0:
         ad:90:21:c1:21:65:b9:30:ea:87:4b:dd:fe:5a:6e:25:e1:f7:
         9e:d6:0a:81:2d:bc:1a:57:6f:88:4b:7d:f3:6e:b8:96:12:12:
         bb:1c:23:5d:80:91:99:67:a4:06:d9:35:a3:1a:a1:2e:20:42:
         bf:37:a3:0e:db:6e:cd:af:e1:f0:97:99:33:cc:3f:5c:b0:8e:
         c1:95:0e:e8:a9:98:39:58:cd:fe:8b:3f:da:81:c1:f5:45:61:
         db:c3:78:02:e2:e8:f2:12:cd:4a:ec:8e:ca:cb:1f:79:99:d9:
         83:0c:f0:15
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUUNLt2vrEP+b5YyfMIY1wel73HQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBBNkM4NzhDNEZGOTJFODdDMjE3QjJDRkFBMDJEMEE5
OTVEMDQ5NjAeFw0yNDA5MDQxNjAwMDBaFw0yNTA5MDMxNjA1MDBaMDMxMTAvBgNV
BAMTKDkyMzgwMEE5QTY4MTRFMUZGOUREODY5NjgzNjhFMEUzMjIxNEM5MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxSbXHhMzyHwr2Wg8L4BM0aFiu
hLrs8lfdjmf8bGSDcJhB4N8nl1Q8W6WCNS5Enaf+LOkDqlrrEnsfgZyIbTTMeEA2
ssCkxcaLZPDsqc928WmhW7RdehuL9PrDZXrOn5MnOTWFsT2msVzvD1Lo+ImMVyMX
BPwRTRgPf/Tv3lbcKkxVPTJ11tgBMcR9HU1uqeeOXvw8dBThHC8NPpHs9oZTpM/R
HSmNCI6nKvn2wO+afueMW+MyfT0/167aZN6v+A1LbzyyNElT+fZcpQkuWMgGsAUu
P/n8awqBuLjzUZEhwo5OtJl976jgp2PJSQnYX4mjdKbMJxZwMffGVkfalFgRAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUkjgAqaaBTh/53YaWg2jg4yIUyR0wHwYDVR0j
BBgwFoAUoKbIeMT/kuh8IXss+qAtCpldBJYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NEYwOTgyQzZGOTUwQjlEREIxOTcxQ0E3QzU4RDRDNjkw
MTVDRTEyMDUyMEE5N0M5MDg1MTNBRTVDMzRDQUVGLzAvQTBBNkM4NzhDNEZGOTJF
ODdDMjE3QjJDRkFBMDJEMEE5OTVEMDQ5Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMEE2Qzg3OEM0RkY5MkU4N0My
MTdCMkNGQUEwMkQwQTk5NUQwNDk2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDRGMDk4MkM2Rjk1MEI5RERCMTk3MUNBN0M1OEQ0QzY5MDE1Q0UxMjA1
MjBBOTdDOTA4NTEzQUU1QzM0Q0FFRi8wLzMyMzAzMDJlMzYzODJlMzEzNzMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzODM0MzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhEqjAN
BgkqhkiG9w0BAQsFAAOCAQEANfIB9IksvYuAhcrl2hIs3Da3RmcDX+jnKabpvAAr
y+gSHyBnGnpvLG+/myvcLuIGrFRpPnuF3L+fuf4TT1Ul2TZKXj/ijDzrruU/lbpe
/++SWfvUNCXNQHUmwyjT1aSguR3roaKh+Us/i+ZM1M3oasblyQGFj4B91xbDVsXi
NPww+8YR/h9rEtglQjUuhOPgrZAhwSFluTDqh0vd/lpuJeH3ntYKgS28GldviEt9
8264lhISuxwjXYCRmWekBtk1oxqhLiBCvzejDttuza/h8JeZM8w/XLCOwZUO6KmY
OVjN/os/2oHB9UVh28N4AuLo8hLNSuyOyssfeZnZgwzwFQ==
-----END CERTIFICATE-----