Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/456E2D69A942B33C7C481F08FD0E7AEA5DFAE44F485D07ED0A74064DDECA6333/0/3230302e31322e33342e302f32342d3234203d3e203233323433.roa
File:                     3230302e31322e33342e302f32342d3234203d3e203233323433.roa (raw, json)
Hash identifier:          Yq/U3XOL5jp9zshqRP4AR2qq+4AbjeEt9mXi1YHoz/I=
Subject key identifier:   FB:E2:2C:4F:15:48:A3:50:E7:99:D5:DA:8A:AB:30:D9:69:3C:F9:21
Certificate issuer:       /CN=54E41C0DADB12465AFF5CF7A38930582E4499083
Certificate serial:       1C70F008A7F9F43C7D796EFC3443E10FB4B7988F
Authority key identifier: 54:E4:1C:0D:AD:B1:24:65:AF:F5:CF:7A:38:93:05:82:E4:49:90:83
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/54E41C0DADB12465AFF5CF7A38930582E4499083.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/456E2D69A942B33C7C481F08FD0E7AEA5DFAE44F485D07ED0A74064DDECA6333/0/3230302e31322e33342e302f32342d3234203d3e203233323433.roa
Signing time:             Tue 04 Feb 2025 18:06:31 +0000
ROA not before:           Tue 04 Feb 2025 18:01:31 +0000
ROA not after:            Tue 03 Feb 2026 18:06:31 +0000
asID:                     23243
IP address blocks:        200.12.34.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:70:f0:08:a7:f9:f4:3c:7d:79:6e:fc:34:43:e1:0f:b4:b7:98:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54E41C0DADB12465AFF5CF7A38930582E4499083
        Validity
            Not Before: Feb  4 18:01:31 2025 GMT
            Not After : Feb  3 18:06:31 2026 GMT
        Subject: CN=FBE22C4F1548A350E799D5DA8AAB30D9693CF921
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:49:e2:86:d7:58:20:0c:8f:b4:c7:c0:61:0e:
                    0c:ae:6e:aa:fc:01:59:fa:33:77:b4:41:d3:5f:0d:
                    b1:65:e2:f6:a6:e1:60:06:87:0b:d3:8c:fe:de:4b:
                    6f:d7:e7:0c:16:c7:89:8b:14:49:80:79:3e:24:1e:
                    78:a4:27:89:08:2b:1a:d6:c9:40:7b:a1:04:d8:68:
                    bd:ca:4b:22:29:c6:d1:65:86:8e:b8:27:fb:30:03:
                    90:31:09:c8:a1:86:67:23:62:a1:dd:d2:5c:5c:ca:
                    d9:a7:57:02:82:62:fa:1c:5d:0c:23:1b:69:9d:35:
                    33:c3:84:6f:49:ad:3d:ee:78:a4:df:cb:0f:80:be:
                    5a:c2:8a:0d:ef:31:26:e9:89:e6:53:30:46:5c:85:
                    da:58:36:53:55:97:3b:61:ad:5c:90:f4:21:dc:cb:
                    35:c8:6d:55:59:86:16:0a:b5:97:a9:53:e7:5c:25:
                    bd:29:81:4a:0b:d8:88:e4:3a:02:a3:60:23:89:dd:
                    12:87:27:07:ff:1a:e6:1e:3f:35:ef:1a:6d:07:64:
                    70:a7:0f:92:50:59:bd:2f:28:6c:14:28:57:55:79:
                    b1:f9:ea:89:78:59:d6:46:44:fd:f7:18:8d:b1:35:
                    b8:f9:be:3d:44:a3:d0:81:91:f7:03:62:62:66:44:
                    e6:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:E2:2C:4F:15:48:A3:50:E7:99:D5:DA:8A:AB:30:D9:69:3C:F9:21
            X509v3 Authority Key Identifier:
                keyid:54:E4:1C:0D:AD:B1:24:65:AF:F5:CF:7A:38:93:05:82:E4:49:90:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/456E2D69A942B33C7C481F08FD0E7AEA5DFAE44F485D07ED0A74064DDECA6333/0/54E41C0DADB12465AFF5CF7A38930582E4499083.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/54E41C0DADB12465AFF5CF7A38930582E4499083.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/456E2D69A942B33C7C481F08FD0E7AEA5DFAE44F485D07ED0A74064DDECA6333/0/3230302e31322e33342e302f32342d3234203d3e203233323433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.12.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:58:a6:26:9f:90:c5:a2:fd:96:24:ae:46:49:07:f9:2d:84:
         b8:1c:e0:f0:51:a6:ef:34:d4:d5:c1:2a:f7:62:4a:57:81:4b:
         40:e6:b2:7e:60:9e:0d:cc:4c:ff:80:f4:fa:72:f9:5a:a3:2f:
         ff:d0:9a:52:94:09:7e:c5:ea:df:b0:fc:c1:ed:96:96:00:b6:
         5e:cf:ab:57:5f:83:2d:9c:21:8a:2f:bd:48:59:c0:58:46:02:
         7e:b7:a5:8c:50:26:56:e9:f1:93:7b:23:10:20:92:fd:42:dc:
         5e:2d:d5:49:7f:19:65:06:a4:25:dc:1c:5b:f9:cd:ba:94:b3:
         b4:f5:39:11:6b:16:45:63:6b:d7:18:f5:48:2c:8b:9a:e6:98:
         a7:c3:6c:59:4e:68:d3:41:0d:ce:57:77:41:c2:92:bf:df:42:
         4d:03:03:df:82:13:c8:e4:81:fe:60:33:3e:e7:f6:01:cf:4d:
         f9:1e:9a:46:39:81:0c:f2:a1:04:e1:12:6e:3b:e2:0b:04:8c:
         a8:52:62:b6:20:a5:91:3c:82:8d:f5:56:00:42:cf:10:6f:8f:
         7e:42:21:90:0d:74:db:11:80:9f:2b:f0:fe:03:d7:f3:b7:ac:
         8d:67:be:79:37:7b:ce:11:57:31:69:84:28:ed:53:37:6a:de:
         bf:b2:9e:af
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUHHDwCKf59Dx9eW78NEPhD7S3mI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTRFNDFDMERBREIxMjQ2NUFGRjVDRjdBMzg5MzA1ODJF
NDQ5OTA4MzAeFw0yNTAyMDQxODAxMzFaFw0yNjAyMDMxODA2MzFaMDMxMTAvBgNV
BAMTKEZCRTIyQzRGMTU0OEEzNTBFNzk5RDVEQThBQUIzMEQ5NjkzQ0Y5MjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6SeKG11ggDI+0x8BhDgyubqr8
AVn6M3e0QdNfDbFl4vam4WAGhwvTjP7eS2/X5wwWx4mLFEmAeT4kHnikJ4kIKxrW
yUB7oQTYaL3KSyIpxtFlho64J/swA5AxCcihhmcjYqHd0lxcytmnVwKCYvocXQwj
G2mdNTPDhG9JrT3ueKTfyw+AvlrCig3vMSbpieZTMEZchdpYNlNVlzthrVyQ9CHc
yzXIbVVZhhYKtZepU+dcJb0pgUoL2IjkOgKjYCOJ3RKHJwf/GuYePzXvGm0HZHCn
D5JQWb0vKGwUKFdVebH56ol4WdZGRP33GI2xNbj5vj1Eo9CBkfcDYmJmROaNAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU++IsTxVIo1DnmdXaiqsw2Wk8+SEwHwYDVR0j
BBgwFoAUVOQcDa2xJGWv9c96OJMFguRJkIMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NTZFMkQ2OUE5NDJCMzNDN0M0ODFGMDhGRDBFN0FFQTVE
RkFFNDRGNDg1RDA3RUQwQTc0MDY0RERFQ0E2MzMzLzAvNTRFNDFDMERBREIxMjQ2
NUFGRjVDRjdBMzg5MzA1ODJFNDQ5OTA4My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81NEU0MUMwREFEQjEyNDY1QUZG
NUNGN0EzODkzMDU4MkU0NDk5MDgzLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDU2RTJENjlBOTQyQjMzQzdDNDgxRjA4RkQwRTdBRUE1REZBRTQ0RjQ4
NUQwN0VEMEE3NDA2NERERUNBNjMzMy8wLzMyMzAzMDJlMzEzMjJlMzMzNDJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzMzMjM0MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIDCIwDQYJ
KoZIhvcNAQELBQADggEBAKNYpiafkMWi/ZYkrkZJB/kthLgc4PBRpu801NXBKvdi
SleBS0Dmsn5gng3MTP+A9Ppy+VqjL//QmlKUCX7F6t+w/MHtlpYAtl7Pq1dfgy2c
IYovvUhZwFhGAn63pYxQJlbp8ZN7IxAgkv1C3F4t1Ul/GWUGpCXcHFv5zbqUs7T1
ORFrFkVja9cY9Ugsi5rmmKfDbFlOaNNBDc5Xd0HCkr/fQk0DA9+CE8jkgf5gMz7n
9gHPTfkemkY5gQzyoQThEm474gsEjKhSYrYgpZE8go31VgBCzxBvj35CIZANdNsR
gJ8r8P4D1/O3rI1nvnk3e84RVzFphCjtUzdq3r+ynq8=
-----END CERTIFICATE-----